disinfectPL

Honorary Members

View Profile See their activity

Posts
31
Joined
December 29, 2012
Last visited
June 29, 2018

Content Type

All Activity

Events

Profiles

Forums

Topics
Posts

Everything posted by disinfectPL

OUT OF THE BLUE - 705 infections -all real! What did I do?

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

Thanks again! Much appreciated. Can close this.
- June 25, 2018
- 15 replies
OUT OF THE BLUE - 705 infections -all real! What did I do?

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

Ahem......maybe I spoke to soon. Why does my Mbam Web Protection getting turned off. When that happens I am unable to open my Mabam, although its in the tray and clickable. It keeps saying "real-time protection turned off". If I use task manager and quit all processes and then restart it works for some time and then whem I am browsing I get the message. Is there a known issue with Mbam?
- June 23, 2018
- 15 replies
OUT OF THE BLUE - 705 infections -all real! What did I do?

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

Malwarebytes shows its clean !! That's why I have Mbam on every device. Thank you so much for your help. Highly appreciated.
- June 23, 2018
- 15 replies
OUT OF THE BLUE - 705 infections -all real! What did I do?

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

Done. Here you go. Thanks ! Fixlog.txt
- June 23, 2018
- 15 replies
OUT OF THE BLUE - 705 infections -all real! What did I do?

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

Sorry for the lateness! I was having problems with my battery not being detected anymore, and my cpu is overheating. I hope this is not related to this virus crap. My new FRST is attached. FRST.txt Addition.txt
- June 21, 2018
- 15 replies
OUT OF THE BLUE - 705 infections -all real! What did I do?

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

Nobdy ???
- June 16, 2018
- 15 replies
OUT OF THE BLUE - 705 infections -all real! What did I do?

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

FRST log. FRST_15-06-2018 18.42.55.txt Addition_15-06-2018 18.42.55.txt
- June 15, 2018
- 15 replies
OUT OF THE BLUE - 705 infections -all real! What did I do?

disinfectPL posted a topic in Resolved Malware Removal Logs

They all seem real. In my 15+ years of computer-ing, I have never had this crop up so out of the blue. I may get 2-3 on occasional MBam scans, but the last scan had 705 !! Of course, that is counting component files of the programs/malwares. But now I really need help to figure out what is happening. I have saved the MBAm scan output. So that is attached. Any help to do a thorough comp clean would be highly appreciated !! Thanks! Mbam Scan 705.txt
- June 15, 2018
- 15 replies
Activation: There is problem with your license key.....

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

@AdvancedSetupSorry that I am so late !! I actually gave up trying to get MBAM going and forgot about getting back. But I am back to trying again. I ran the script, it did its thing, I rebooted and tried to activate again. The screenshot is attached.
- February 1, 2017
- 6 replies
Activation: There is problem with your license key.....

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

Hi AdvancedSetup, Thanks for the reply and help. The mbam_check log is in my previous post. The other two logs are attached. Addition.txt FRST.txt
- August 28, 2016
- 6 replies
Activation: There is problem with your license key.....

disinfectPL posted a topic in Resolved Malware Removal Logs

I have been using MBAM for quite sometime, but now on Windows 10 I get the following error: I have a lifetime key. "There is problem with your license key and we are unable to activate your license." 1. I entered the key manually - several times. No change. 2. I used MBAM clean ver 2.3 to completely clean MBAM. REBOOTED and reinstalled MBAM. Still same error with activation. 3. Clicking update seems to connect to server, since it says no new updates. 4. Disabled "Windows defender" - the only antivirus I have. No change. 5. Cleaned and re-installed after reboots multiple times - same error. Attached is the mbam_check output. Your help is appreciated. CheckResults.txt
- August 27, 2016
- 6 replies
MBAM Freezing

disinfectPL posted a topic in Malwarebytes for Windows Support Forum

I agree with greyowl. Ver 1.70 causes some really serious boot problems. I spent couple of weeks troubleshooting this here but to no avail. MBAM 1.70 hangs and completely freezes the computer. Only a restart works. Selective startup - done in safe mode - where I turned off MBAM start up fixes boot problems, but then scans always cause computer to freeze..... http://forums.malwarebytes.org/index.php?showtopic=120151&st=0
- January 27, 2013
- 1 reply
Locked out. Desktop hangs, no icons, stuck on spinning wheel -Safe Mode OK

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2012 (ATTENTION: FRST version is 29 days old) Ran by SYSTEM at 26-01-2013 14:32:03 Running from G:\ Windows 7 Home Premium (X64) OS Language: English(US) The current controlset is ControlSet003 ==================== Registry (Whitelisted) =================== HKLM\...\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [520760 2010-03-10] (Conexant Systems, Inc.) HKLM\...\Run: [MacDrive 8 application] "C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe" [193536 2010-10-08] (Mediafour Corporation) HKLM\...\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [Corel Photo Downloader] "C:\Program Files (x86)\Corel\Corel Photo Album 7\Corel Photo Downloader.exe" -startup [481608 2008-08-22] (Corel, Inc.) HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [926896 2012-09-23] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [36760 2010-10-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [821144 2010-10-25] (Adobe Systems Inc.) HKLM-x32\...\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Photo Album 7\CorelIOMonitor.exe [37888 2008-08-22] () HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] [x] HKLM-x32\...\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [356376 2012-12-29] (Kaspersky Lab ZAO) HKLM-x32\...\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup [336992 2012-05-30] (Power Software Ltd) HKU\Dibbs\...\Run: [Akamai NetSession Interface] "C:\Users\Dibbs\AppData\Local\Akamai\netsession_win.exe" [x] HKU\Dibbs\...\Run: [HP Officejet 4620 series (NET)] "C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN29S215PP05RT:NW" -scfn "HP Officejet 4620 series (NET)" -AutoStart 1 [2573416 2012-10-17] (Hewlett-Packard Co.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Belkin\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Users\All Users\Start Menu\Programs\Startup\NI Error Reporting.lnk ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation) Startup: C:\Users\Dibbs\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE () Startup: C:\Users\Dibbs\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 4620 series (Network).lnk ShortcutTarget: Monitor Ink Alerts - HP Officejet 4620 series (Network).lnk -> C:\Windows\System32\RunDll32.exe (Microsoft Corporation) ==================== Services (Whitelisted) =================== 2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r [356376 2012-12-29] (Kaspersky Lab ZAO) 2 Crypkey License; crypserv.exe [122880 2008-05-07] (CrypKey (Canada) Ltd.) 2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.) 2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [46192 2011-06-14] (National Instruments Corporation) 2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [56952 2011-06-14] (National Instruments Corporation) 2 M4LIC; "C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE" [205312 2010-07-20] (Mediafour Corporation) 4 MacDrive8Service; "C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe" [149504 2010-10-08] (Mediafour Corporation) 2 mxssvr; "C:\Program Files (x86)\National Instruments\MAX\nimxs.exe" [12696 2011-06-14] (National Instruments Corporation) 2 NIApplicationWebServer; "C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user [50336 2011-05-27] (National Instruments Corporation) 4 NIApplicationWebServer64; "C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user [68256 2011-05-27] (National Instruments Corporation) 2 NIDomainService; "C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe" [362104 2011-06-14] (National Instruments Corporation) 3 NILM License Manager; "C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe" [1427688 2010-08-02] (Macrovision Corporation) 2 nimDNSResponder; "C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe" [194224 2011-06-01] (National Instruments Corporation) 2 niSvcLoc; "C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe" -system [50328 2011-05-27] (National Instruments Corporation) 2 NITaggerService; "C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe" [676016 2011-06-14] (National Instruments Corporation) 2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2012-09-21] () 2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] () 2 SSUService; C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [370504 2012-03-14] (Splashtop Inc.) ==================== Drivers (Whitelisted) ===================== 3 BTWUSB; C:\Windows\System32\Drivers\BTWUSB.sys [63744 2006-06-07] (Broadcom Corporation.) 1 CBDisk; C:\Windows\System32\Drivers\CBDisk.sys [70344 2010-05-12] (EldoS Corporation) 1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [283200 2012-06-15] (DT Soft Ltd) 0 KL1; C:\Windows\System32\Drivers\KL1.sys [458584 2012-06-19] (Kaspersky Lab ZAO) 1 KLIF; C:\Windows\System32\Drivers\KLIF.sys [613720 2012-12-29] (Kaspersky Lab) 1 KLIM6; C:\Windows\System32\Drivers\KLIM6.sys [28504 2012-08-02] (Kaspersky Lab ZAO) 3 klkbdflt; C:\Windows\System32\Drivers\klkbdflt.sys [29016 2012-10-25] (Kaspersky Lab) 3 klmouflt; C:\Windows\System32\Drivers\klmouflt.sys [29528 2012-10-25] (Kaspersky Lab) 1 kltdi; C:\Windows\System32\Drivers\kltdi.sys [54104 2012-12-29] (Kaspersky Lab) 1 kneps; C:\Windows\System32\Drivers\kneps.sys [178008 2012-08-13] (Kaspersky Lab) 0 MDFSYSNT; C:\Windows\System32\Drivers\MDFSYSNT.sys [307888 2010-10-07] (Mediafour Corporation) 0 MDPMGRNT; C:\Windows\System32\Drivers\MDPMGRNT.sys [32424 2010-10-21] (Mediafour Corporation) 1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] () 3 pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [19936 2011-09-02] () 3 pwdspio; \??\C:\Windows\system32\pwdspio.sys [13280 2011-09-02] () 3 UBNRedir; C:\Windows\SysWow64\Drivers\UBNRedir.sys [6784 2011-12-31] (UniversalBox) 3 catchme; \??\C:\ComboFix\catchme.sys [x] 2 MCSTRM; [x] ==================== NetSvcs (Whitelisted) ==================== ==================== One Month Created Files and Folders ======== 2013-01-26 11:01 - 2013-01-26 11:01 - 01464303 ____A (Farbar) C:\Users\Dibbs\Downloads\FRST64(1).exe 2013-01-26 07:08 - 2013-01-26 07:08 - 00021732 ____A C:\ComboFix.txt 2013-01-25 15:45 - 2013-01-25 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-01-24 15:45 - 2013-01-26 06:40 - 05026751 ____R (Swearware) C:\Users\Dibbs\Downloads\ComboFix.exe 2013-01-23 17:18 - 2013-01-23 17:18 - 00881914 ____A C:\Users\Dibbs\Downloads\SecurityCheck.exe 2013-01-23 17:08 - 2013-01-23 17:08 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\Dibbs\Downloads\rkill(1).com 2013-01-22 18:42 - 2013-01-22 18:43 - 00007168 __ASH C:\Users\Dibbs\Documents\Thumbs.db 2013-01-22 18:41 - 2013-01-22 18:41 - 01172020 ____A C:\Users\Dibbs\Documents\elements finish 2.pptx 2013-01-21 04:24 - 2013-01-21 04:24 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Apple 2013-01-21 04:23 - 2013-01-21 04:23 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Apple Computer 2013-01-20 11:44 - 2013-01-20 11:45 - 00295488 ____A C:\Windows\Minidump\012013-28657-01.dmp 2013-01-20 11:36 - 2013-01-23 17:09 - 00002470 ____A C:\Users\Dibbs\Desktop\Rkill.txt 2013-01-20 11:35 - 2013-01-20 11:35 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\Dibbs\Downloads\rkill.com 2013-01-20 11:31 - 2013-01-20 11:31 - 02057199 ____A C:\Users\Dibbs\Downloads\ParanoidPreferences.apk 2013-01-20 11:29 - 2013-01-20 11:29 - 22330090 ____A C:\Users\Dibbs\Downloads\i717-ICS-UCLF6-Modem.zip 2013-01-19 19:39 - 2013-01-19 19:39 - 00000000 ____D C:\Users\Dibbs\Desktop\Doctor Who - The Snowmen Christmas Special 2012 [MP4-AAC](oan) 2013-01-19 13:28 - 2013-01-19 13:28 - 14513085 ____A C:\Users\Dibbs\Desktop\ebaypics.zip 2013-01-19 12:44 - 2013-01-19 13:28 - 00000000 ____D C:\Users\Dibbs\Desktop\ebaypics 2013-01-19 10:28 - 2013-01-19 10:28 - 00001703 ____A C:\Users\Dibbs\Desktop\RKreport[5]_S_01192013_02d1328.txt 2013-01-19 10:27 - 2013-01-19 10:27 - 00764416 ____A C:\Users\Dibbs\Downloads\RogueKiller.exe 2013-01-19 10:25 - 2013-01-19 10:25 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\Dibbs\Downloads\tdsskiller.exe 2013-01-19 10:25 - 2013-01-19 10:25 - 00001434 ____A C:\AdwCleaner[R2].txt 2013-01-19 10:24 - 2013-01-19 10:24 - 00574677 ____A C:\Users\Dibbs\Downloads\adwcleaner(1).exe 2013-01-19 10:23 - 2013-01-19 10:23 - 00000960 ____A C:\Users\Dibbs\Desktop\NTREGOPT.lnk 2013-01-19 10:23 - 2013-01-19 10:23 - 00000941 ____A C:\Users\Dibbs\Desktop\ERUNT.lnk 2013-01-19 10:23 - 2013-01-19 10:23 - 00000000 ____D C:\Program Files (x86)\ERUNT 2013-01-19 10:22 - 2013-01-19 10:22 - 00791393 ____A (Lars Hederer ) C:\Users\Dibbs\Downloads\erunt-setup.exe 2013-01-19 08:42 - 2013-01-19 09:07 - 00010627 ____A C:\Users\Dibbs\Desktop\Pratima_CoachesList.xlsx 2013-01-19 08:42 - 2013-01-19 08:42 - 00000165 ___AH C:\Users\Dibbs\Desktop\~$Pratima_CoachesList.xlsx 2013-01-18 17:38 - 2013-01-18 17:38 - 00012872 ____A (SurfRight B.V.) C:\Windows\System32\bootdelete.exe 2013-01-18 15:36 - 2013-01-18 15:36 - 00001929 ____A C:\Users\Public\Desktop\HitmanPro.lnk 2013-01-18 15:36 - 2013-01-18 15:36 - 00000000 ____D C:\Program Files\HitmanPro 2013-01-18 15:35 - 2013-01-18 17:39 - 00000000 ____D C:\Users\All Users\HitmanPro 2013-01-18 15:34 - 2013-01-18 15:35 - 09703176 ____A (SurfRight B.V.) C:\Users\Dibbs\Downloads\HitmanPro_x64.exe 2013-01-18 15:32 - 2013-01-18 15:32 - 02436672 ____A C:\Users\Dibbs\Downloads\bitdefender_antivirus.exe 2013-01-18 15:13 - 2013-01-18 15:13 - 00688992 ____R (Swearware) C:\Users\Dibbs\Downloads\dds(1).com 2013-01-18 15:03 - 2013-01-18 15:03 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Dibbs\Downloads\mbam-setup-1.70.0.1100(1).exe 2013-01-18 14:57 - 2013-01-18 15:12 - 00000472 ____A C:\Users\Dibbs\Downloads\defogger_disable.log 2013-01-18 14:57 - 2013-01-18 14:57 - 00050477 ____A C:\Users\Dibbs\Downloads\Defogger.exe 2013-01-18 14:57 - 2013-01-18 14:57 - 00000168 ____A C:\Users\Dibbs\defogger_reenable 2013-01-16 15:12 - 2013-01-18 15:16 - 00000000 ____D C:\Users\Dibbs\Documents\New folder 2013-01-16 15:10 - 2013-01-16 15:10 - 00688992 ____R (Swearware) C:\Users\Dibbs\Downloads\dds.com 2013-01-10 15:34 - 2013-01-10 17:59 - 728018944 ____A C:\Users\Dibbs\Downloads\ubuntu-12.04.1-desktop-amd64.iso 2013-01-08 06:05 - 2013-01-08 06:05 - 00774144 ____A (Microsoft Corporation) C:\Users\Dibbs\Downloads\nusb33e.exe 2013-01-08 05:57 - 2013-01-08 05:57 - 00010481 ____A C:\Users\Dibbs\Downloads\wtgenusb.zip 2013-01-08 05:51 - 2013-01-08 05:55 - 00000000 ____D C:\Users\Dibbs\Downloads\Windows 98_SECOND_English 2013-01-06 06:33 - 2013-01-06 06:34 - 00993824 ____A C:\Windows\Minidump\010613-29468-01.dmp 2013-01-04 05:30 - 2013-01-04 05:30 - 00003712 ____A C:\Windows\SysWOW64\ealregsnapshot1.reg 2013-01-04 05:07 - 2013-01-04 05:07 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Criterion Games 2013-01-02 17:41 - 2013-01-04 05:00 - 00000000 ____D C:\Users\Dibbs\Downloads\Burnout.Paradise.The.Ultimate.Box-RELOADED 2013-01-01 11:40 - 2013-01-01 11:40 - 00000381 ____A C:\Users\Dibbs\Documents\Rohan's type art (frowny face) unfinished.txt 2013-01-01 09:46 - 2013-01-01 09:46 - 00002152 ____A C:\Users\Dibbs\Documents\Rohan's type art (smiley face).txt 2012-12-30 11:47 - 2013-01-19 20:16 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\vlc 2012-12-30 11:47 - 2012-12-30 11:47 - 00001102 ____A C:\Users\Public\Desktop\VLC media player.lnk 2012-12-30 11:46 - 2012-12-30 11:46 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2012-12-30 11:45 - 2012-12-30 11:46 - 22916830 ____A C:\Users\Dibbs\Downloads\vlc-2.0.5-win32.exe 2012-12-29 16:55 - 2012-12-29 16:55 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2012-12-29 16:45 - 2012-12-29 16:45 - 00001334 ____A C:\Users\Dibbs\Desktop\3D Èíñòðóêòîð 2.2. Äîìàøíÿÿ âåðñèÿ.lnk 2012-12-29 16:45 - 2012-12-29 16:45 - 00000079 ____A C:\Users\Dibbs\Desktop\Èíôîðìàöèÿ ïî àêòèâàöèè ïðîäóêòà.url 2012-12-29 16:42 - 2012-12-29 16:44 - 00000000 ____D C:\Program Files (x86)\3D Instructor 2.2 Home 2012-12-29 16:41 - 2012-12-29 16:41 - 00000000 ____D C:\Users\Dibbs\Downloads\CityCarDriving.v.1.2.Eng 2012-12-29 16:38 - 2012-12-29 21:26 - 00002376 ____A C:\Users\Dibbs\Desktop\Safe Money.lnk 2012-12-29 16:34 - 2012-12-29 16:33 - 00001182 ____A C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk 2012-12-29 16:33 - 2012-12-29 16:33 - 00000000 ____D C:\Windows\ELAMBKUP 2012-12-29 16:33 - 2012-07-11 14:09 - 00064856 ____A (Kaspersky Lab) C:\Windows\System32\klfphc.dll 2012-12-29 16:28 - 2012-12-29 16:30 - 175777304 ____A (Kaspersky Lab) C:\Users\Dibbs\Downloads\kis2013_13.0.1.4190EN_3458.exe 2012-12-29 16:18 - 2012-12-29 16:18 - 00017408 ____A C:\Users\Dibbs\AppData\Local\WebpageIcons.db 2012-12-29 16:02 - 2013-01-24 14:01 - 00000000 ____D C:\Users\All Users\Kaspersky Lab 2012-12-29 16:02 - 2012-12-29 16:35 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2012-12-29 15:52 - 2012-12-29 15:52 - 22911336 ____A (SUPERAntiSpyware.com) C:\Users\Dibbs\Downloads\SUPERAntiSpyware(1).exe 2012-12-29 15:14 - 2012-12-29 15:14 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Dibbs\Downloads\mbam-setup-1.70.0.1100.exe 2012-12-29 15:07 - 2012-12-29 15:07 - 22911336 ____A (SUPERAntiSpyware.com) C:\Users\Dibbs\Downloads\SUPERAntiSpyware.exe 2012-12-29 12:11 - 2012-12-29 12:11 - 00001172 ____A C:\Users\Dibbs\Desktop\eMusic Download Manager 6.lnk 2012-12-29 12:11 - 2012-12-29 12:11 - 00000000 ____D C:\Program Files (x86)\eMusic Download Manager 6 2012-12-29 12:10 - 2012-12-29 12:11 - 14552720 ____A C:\Users\Dibbs\Downloads\emusic-dlm-installer-windows-6.0.2.exe 2012-12-29 11:18 - 2013-01-05 12:20 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\HpUpdate 2012-12-29 11:18 - 2012-12-29 11:18 - 00002272 ____A C:\Users\Public\Desktop\HP Officejet 4620 series.lnk 2012-12-29 11:18 - 2012-12-29 11:18 - 00001209 ____A C:\Users\Public\Desktop\Shop for Supplies - HP Officejet 4620 series.lnk 2012-12-29 11:18 - 2012-10-17 01:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\System32\HPDiscoPM6412.dll 2012-12-29 11:17 - 2012-12-29 11:22 - 00000000 ____D C:\Users\Dibbs\AppData\Local\HP 2012-12-29 11:17 - 2012-12-29 11:18 - 00000000 ____D C:\Program Files (x86)\HP 2012-12-29 11:17 - 2012-12-29 11:17 - 00000057 ____A C:\Users\All Users\Ament.ini 2012-12-29 11:17 - 2012-12-29 11:17 - 00000000 ____D C:\Users\All Users\HP 2012-12-29 11:17 - 2012-12-29 11:17 - 00000000 ____D C:\Program Files\HP 2012-12-29 11:12 - 2012-12-29 11:13 - 119887328 ____A C:\Users\Dibbs\Downloads\OJ4620_1315.exe 2012-12-29 10:39 - 2012-12-29 10:39 - 00000000 ____D C:\FRST 2012-12-29 07:50 - 2013-01-19 12:38 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Adobe 2012-12-29 07:35 - 2012-12-29 07:35 - 01463381 ____A (Farbar) C:\Users\Dibbs\Downloads\FRST64.exe 2012-12-28 23:52 - 2012-12-28 23:52 - 00000000 ____D C:\found.000 2012-12-28 22:06 - 2012-12-29 08:23 - 00000000 ____D C:\Windows\pss 2012-12-28 21:18 - 2012-12-28 21:21 - 105603488 ____A C:\Users\Dibbs\Downloads\avira_free_antivirus_en.exe 2012-12-28 20:41 - 2012-12-28 20:41 - 00003636 ____A C:\AdwCleaner[s2].txt 2012-12-28 20:40 - 2012-12-28 20:40 - 00550017 ____A C:\Users\Dibbs\Downloads\adwcleaner.exe 2012-12-28 20:40 - 2012-12-28 20:40 - 00039699 ____A C:\AdwCleaner[R1].txt 2012-12-28 19:11 - 2012-12-28 19:11 - 00028566 ____A C:\Users\Dibbs\Documents\Attach.txt 2012-12-28 19:11 - 2012-12-28 19:11 - 00018388 ____A C:\Users\Dibbs\Documents\DDS.txt 2012-12-28 19:10 - 2013-01-18 15:15 - 00023933 ____A C:\Users\Dibbs\Desktop\dds.txt 2012-12-28 19:10 - 2013-01-18 15:15 - 00008856 ____A C:\Users\Dibbs\Desktop\attach.txt 2012-12-28 18:37 - 2013-01-18 15:30 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\QuickScan 2012-12-28 18:02 - 2012-12-29 15:54 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2012-12-28 17:53 - 2012-12-28 17:53 - 00001491 ____A C:\Users\Dibbs\Desktop\RKreport[3]_S_12282012_02d2053.txt 2012-12-28 17:53 - 2012-12-28 17:53 - 00001457 ____A C:\Users\Dibbs\Desktop\RKreport[4]_D_12282012_02d2053.txt 2012-12-28 17:20 - 2013-01-26 07:09 - 00000000 ____D C:\Qoobox 2012-12-28 17:20 - 2013-01-20 11:50 - 00000000 ____D C:\Windows\erdnt 2012-12-28 17:20 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe 2012-12-28 17:20 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe 2012-12-28 17:20 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe 2012-12-28 17:20 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe 2012-12-28 17:20 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe 2012-12-28 17:20 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe 2012-12-28 17:20 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe 2012-12-28 17:20 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe 2012-12-28 17:14 - 2012-12-28 17:14 - 00000132 ____A C:\Users\Dibbs\Documents\CFScript.txt 2012-12-28 17:01 - 2012-12-28 17:01 - 00002162 ____A C:\Users\Dibbs\Desktop\RKreport[2]_D_12282012_02d2001.txt 2012-12-28 17:00 - 2012-12-28 17:00 - 00002107 ____A C:\Users\Dibbs\Desktop\RKreport[1]_S_12282012_02d2000.txt 2012-12-28 16:59 - 2013-01-19 10:28 - 00000000 ____D C:\Users\Dibbs\Desktop\RK_Quarantine 2012-12-28 16:57 - 2012-12-28 21:07 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\EurekaLog 2012-12-28 16:54 - 2012-12-28 16:57 - 00000000 ____D C:\Program Files (x86)\Your Uninstaller! 7 2012-12-28 16:54 - 2012-12-28 16:54 - 00001072 ____A C:\Users\Dibbs\Desktop\Your Unin-staller!.lnk 2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\URSoft 2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\Babylon 2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Babylon 2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\All Users\Babylon 2012-12-28 16:36 - 2012-12-28 16:36 - 00000513 ____A C:\Users\Dibbs\Documents\WinZip TrialPzy.txt 2012-12-28 16:34 - 2012-12-28 16:34 - 00368856 ____A (WinZip Computing) C:\Users\Dibbs\Downloads\WinZip170.exe 2012-12-28 14:46 - 2012-12-28 15:20 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0 2012-12-28 11:47 - 2012-12-28 11:47 - 00001264 ____A C:\Users\Dibbs\Desktop\Revo Uninstaller.lnk 2012-12-28 11:47 - 2012-12-28 11:47 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2012-12-28 11:46 - 2012-12-28 11:47 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\Dibbs\Downloads\revosetup.exe 2012-12-28 08:08 - 2012-12-28 08:08 - 00000000 ____D C:\Users\Dibbs\AppData\Local\RadonLabs 2012-12-28 08:03 - 2010-03-15 01:31 - 00165376 ____A C:\Windows\SysWOW64\unrar.dll 2012-12-28 08:00 - 2012-12-29 16:45 - 00001057 ____A C:\Windows\NLSDownlevelMapping.log 2012-12-28 07:59 - 2012-12-29 16:44 - 00000000 ____D C:\Users\Dibbs\Documents\Multisoft 2012-12-28 07:50 - 2012-12-28 07:55 - 408504248 ____A C:\Users\Dibbs\Downloads\CityCarDriving.v.1.2.Eng.rar 2012-12-27 19:52 - 2012-12-27 20:05 - 00000000 ____D C:\Users\Dibbs\Desktop\4GB USB DRIVE RED 2012-12-27 19:50 - 2012-12-27 19:53 - 00000000 ____D C:\Users\Dibbs\Downloads\imageusb 2012-12-27 19:49 - 2012-12-27 19:49 - 00432327 ___RA C:\Users\Dibbs\Downloads\imageusb.zip ==================== One Month Modified Files and Folders ======= 2013-01-26 11:24 - 2011-12-11 00:59 - 00410096 ____A C:\Windows\PFRO.log 2013-01-26 11:16 - 2011-12-10 22:45 - 01574240 ____A C:\Windows\WindowsUpdate.log 2013-01-26 11:14 - 2009-07-13 21:13 - 00778150 ____A C:\Windows\System32\PerfStringBackup.INI 2013-01-26 11:07 - 2011-12-10 22:18 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\Skype 2013-01-26 11:01 - 2013-01-26 11:01 - 01464303 ____A (Farbar) C:\Users\Dibbs\Downloads\FRST64(1).exe 2013-01-26 10:33 - 2012-01-09 14:04 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1616424981-3898423210-350200610-1000UA.job 2013-01-26 07:09 - 2012-12-28 17:20 - 00000000 ____D C:\Qoobox 2013-01-26 07:08 - 2013-01-26 07:08 - 00021732 ____A C:\ComboFix.txt 2013-01-26 06:55 - 2009-07-13 18:34 - 00000215 ____A C:\Windows\system.ini 2013-01-26 06:40 - 2013-01-24 15:45 - 05026751 ____R (Swearware) C:\Users\Dibbs\Downloads\ComboFix.exe 2013-01-26 06:30 - 2012-01-09 14:03 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1616424981-3898423210-350200610-1000Core.job 2013-01-26 06:21 - 2012-03-31 05:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-01-25 15:45 - 2013-01-25 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-01-24 14:01 - 2012-12-29 16:02 - 00000000 ____D C:\Users\All Users\Kaspersky Lab 2013-01-24 00:34 - 2012-01-09 14:04 - 00002364 ____A C:\Users\Dibbs\Desktop\Google Chrome.lnk 2013-01-23 17:18 - 2013-01-23 17:18 - 00881914 ____A C:\Users\Dibbs\Downloads\SecurityCheck.exe 2013-01-23 17:09 - 2013-01-20 11:36 - 00002470 ____A C:\Users\Dibbs\Desktop\Rkill.txt 2013-01-23 17:08 - 2013-01-23 17:08 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\Dibbs\Downloads\rkill(1).com 2013-01-22 18:43 - 2013-01-22 18:42 - 00007168 __ASH C:\Users\Dibbs\Documents\Thumbs.db 2013-01-22 18:41 - 2013-01-22 18:41 - 01172020 ____A C:\Users\Dibbs\Documents\elements finish 2.pptx 2013-01-22 18:40 - 2009-07-13 20:51 - 00120697 ____A C:\Windows\setupact.log 2013-01-22 13:02 - 2009-07-13 20:45 - 00014592 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-01-22 13:02 - 2009-07-13 20:45 - 00014592 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-01-22 12:55 - 2011-12-10 23:36 - 00000000 ____D C:\users\Dibbs 2013-01-22 12:54 - 2011-12-11 00:50 - 00016864 ____A C:\Windows\error.log 2013-01-22 12:54 - 2011-12-11 00:50 - 00003892 ____A C:\Windows\errord.log 2013-01-22 12:54 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-01-22 05:04 - 2011-12-27 16:52 - 00000000 ____D C:\Users\Dibbs\AppData\Local\CrashDumps 2013-01-21 04:24 - 2013-01-21 04:24 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Apple 2013-01-21 04:23 - 2013-01-21 04:23 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Apple Computer 2013-01-20 12:04 - 2011-12-10 22:16 - 00000000 ____D C:\Users\All Users\Skype 2013-01-20 11:54 - 2009-07-13 21:08 - 00032630 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2013-01-20 11:50 - 2012-12-28 17:20 - 00000000 ____D C:\Windows\erdnt 2013-01-20 11:45 - 2013-01-20 11:44 - 00295488 ____A C:\Windows\Minidump\012013-28657-01.dmp 2013-01-20 11:44 - 2012-07-19 02:49 - 632107619 ____A C:\Windows\MEMORY.DMP 2013-01-20 11:44 - 2012-02-11 10:08 - 00000000 ____D C:\Windows\Minidump 2013-01-20 11:35 - 2013-01-20 11:35 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\Dibbs\Downloads\rkill.com 2013-01-20 11:31 - 2013-01-20 11:31 - 02057199 ____A C:\Users\Dibbs\Downloads\ParanoidPreferences.apk 2013-01-20 11:29 - 2013-01-20 11:29 - 22330090 ____A C:\Users\Dibbs\Downloads\i717-ICS-UCLF6-Modem.zip 2013-01-19 20:16 - 2012-12-30 11:47 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\vlc 2013-01-19 19:39 - 2013-01-19 19:39 - 00000000 ____D C:\Users\Dibbs\Desktop\Doctor Who - The Snowmen Christmas Special 2012 [MP4-AAC](oan) 2013-01-19 13:28 - 2013-01-19 13:28 - 14513085 ____A C:\Users\Dibbs\Desktop\ebaypics.zip 2013-01-19 13:28 - 2013-01-19 12:44 - 00000000 ____D C:\Users\Dibbs\Desktop\ebaypics 2013-01-19 12:38 - 2012-12-29 07:50 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Adobe 2013-01-19 12:35 - 2012-01-10 09:44 - 00000000 ____D C:\Users\All Users\FLEXnet 2013-01-19 10:28 - 2013-01-19 10:28 - 00001703 ____A C:\Users\Dibbs\Desktop\RKreport[5]_S_01192013_02d1328.txt 2013-01-19 10:28 - 2012-12-28 16:59 - 00000000 ____D C:\Users\Dibbs\Desktop\RK_Quarantine 2013-01-19 10:27 - 2013-01-19 10:27 - 00764416 ____A C:\Users\Dibbs\Downloads\RogueKiller.exe 2013-01-19 10:25 - 2013-01-19 10:25 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\Dibbs\Downloads\tdsskiller.exe 2013-01-19 10:25 - 2013-01-19 10:25 - 00001434 ____A C:\AdwCleaner[R2].txt 2013-01-19 10:24 - 2013-01-19 10:24 - 00574677 ____A C:\Users\Dibbs\Downloads\adwcleaner(1).exe 2013-01-19 10:23 - 2013-01-19 10:23 - 00000960 ____A C:\Users\Dibbs\Desktop\NTREGOPT.lnk 2013-01-19 10:23 - 2013-01-19 10:23 - 00000941 ____A C:\Users\Dibbs\Desktop\ERUNT.lnk 2013-01-19 10:23 - 2013-01-19 10:23 - 00000000 ____D C:\Program Files (x86)\ERUNT 2013-01-19 10:22 - 2013-01-19 10:22 - 00791393 ____A (Lars Hederer ) C:\Users\Dibbs\Downloads\erunt-setup.exe 2013-01-19 09:07 - 2013-01-19 08:42 - 00010627 ____A C:\Users\Dibbs\Desktop\Pratima_CoachesList.xlsx 2013-01-19 08:42 - 2013-01-19 08:42 - 00000165 ___AH C:\Users\Dibbs\Desktop\~$Pratima_CoachesList.xlsx 2013-01-18 17:39 - 2013-01-18 15:35 - 00000000 ____D C:\Users\All Users\HitmanPro 2013-01-18 17:38 - 2013-01-18 17:38 - 00012872 ____A (SurfRight B.V.) C:\Windows\System32\bootdelete.exe 2013-01-18 17:38 - 2012-06-02 11:39 - 00000000 ____D C:\Users\Dibbs\Downloads\DigiDNA.DiskAid.v5.1.2.Incl.Keygen-Lz0 2013-01-18 15:36 - 2013-01-18 15:36 - 00001929 ____A C:\Users\Public\Desktop\HitmanPro.lnk 2013-01-18 15:36 - 2013-01-18 15:36 - 00000000 ____D C:\Program Files\HitmanPro 2013-01-18 15:35 - 2013-01-18 15:34 - 09703176 ____A (SurfRight B.V.) C:\Users\Dibbs\Downloads\HitmanPro_x64.exe 2013-01-18 15:32 - 2013-01-18 15:32 - 02436672 ____A C:\Users\Dibbs\Downloads\bitdefender_antivirus.exe 2013-01-18 15:30 - 2012-12-28 18:37 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\QuickScan 2013-01-18 15:16 - 2013-01-16 15:12 - 00000000 ____D C:\Users\Dibbs\Documents\New folder 2013-01-18 15:15 - 2012-12-28 19:10 - 00023933 ____A C:\Users\Dibbs\Desktop\dds.txt 2013-01-18 15:15 - 2012-12-28 19:10 - 00008856 ____A C:\Users\Dibbs\Desktop\attach.txt 2013-01-18 15:13 - 2013-01-18 15:13 - 00688992 ____R (Swearware) C:\Users\Dibbs\Downloads\dds(1).com 2013-01-18 15:12 - 2013-01-18 14:57 - 00000472 ____A C:\Users\Dibbs\Downloads\defogger_disable.log 2013-01-18 15:03 - 2013-01-18 15:03 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Dibbs\Downloads\mbam-setup-1.70.0.1100(1).exe 2013-01-18 14:57 - 2013-01-18 14:57 - 00050477 ____A C:\Users\Dibbs\Downloads\Defogger.exe 2013-01-18 14:57 - 2013-01-18 14:57 - 00000168 ____A C:\Users\Dibbs\defogger_reenable 2013-01-16 17:59 - 2011-12-27 17:37 - 00000000 ____D C:\Program Files (x86)\Opera 2013-01-16 15:10 - 2013-01-16 15:10 - 00688992 ____R (Swearware) C:\Users\Dibbs\Downloads\dds.com 2013-01-10 17:59 - 2013-01-10 15:34 - 728018944 ____A C:\Users\Dibbs\Downloads\ubuntu-12.04.1-desktop-amd64.iso 2013-01-08 06:05 - 2013-01-08 06:05 - 00774144 ____A (Microsoft Corporation) C:\Users\Dibbs\Downloads\nusb33e.exe 2013-01-08 05:57 - 2013-01-08 05:57 - 00010481 ____A C:\Users\Dibbs\Downloads\wtgenusb.zip 2013-01-08 05:55 - 2013-01-08 05:51 - 00000000 ____D C:\Users\Dibbs\Downloads\Windows 98_SECOND_English 2013-01-06 08:41 - 2012-02-13 18:16 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Corel 2013-01-06 08:24 - 2012-02-13 18:17 - 00000952 __ASH C:\Windows\SysWOW64\KGyGaAvL.sys 2013-01-06 06:34 - 2013-01-06 06:33 - 00993824 ____A C:\Windows\Minidump\010613-29468-01.dmp 2013-01-05 12:20 - 2012-12-29 11:18 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\HpUpdate 2013-01-04 05:30 - 2013-01-04 05:30 - 00003712 ____A C:\Windows\SysWOW64\ealregsnapshot1.reg 2013-01-04 05:29 - 2011-12-11 00:53 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Downloaded Installations 2013-01-04 05:11 - 2011-12-23 12:33 - 00000000 ____D C:\Program Files (x86)\Electronic Arts 2013-01-04 05:11 - 2011-12-23 12:32 - 00435055 ____A C:\Windows\DirectX.log 2013-01-04 05:07 - 2013-01-04 05:07 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Criterion Games 2013-01-04 05:00 - 2013-01-02 17:41 - 00000000 ____D C:\Users\Dibbs\Downloads\Burnout.Paradise.The.Ultimate.Box-RELOADED 2013-01-03 17:05 - 2012-10-25 16:15 - 00000000 ____D C:\Users\Dibbs\Documents\18 WoS Extreme Trucker 2 2013-01-01 11:40 - 2013-01-01 11:40 - 00000381 ____A C:\Users\Dibbs\Documents\Rohan's type art (frowny face) unfinished.txt 2013-01-01 09:46 - 2013-01-01 09:46 - 00002152 ____A C:\Users\Dibbs\Documents\Rohan's type art (smiley face).txt 2012-12-30 11:47 - 2012-12-30 11:47 - 00001102 ____A C:\Users\Public\Desktop\VLC media player.lnk 2012-12-30 11:46 - 2012-12-30 11:46 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2012-12-30 11:46 - 2012-12-30 11:45 - 22916830 ____A C:\Users\Dibbs\Downloads\vlc-2.0.5-win32.exe 2012-12-29 21:26 - 2012-12-29 16:38 - 00002376 ____A C:\Users\Dibbs\Desktop\Safe Money.lnk 2012-12-29 18:22 - 2012-10-25 14:23 - 00613720 ____A (Kaspersky Lab) C:\Windows\System32\Drivers\klif.sys 2012-12-29 18:22 - 2012-06-08 08:38 - 00054104 ____A (Kaspersky Lab) C:\Windows\System32\Drivers\kltdi.sys 2012-12-29 17:40 - 2012-11-29 17:52 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk 2012-12-29 16:55 - 2012-12-29 16:55 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2012-12-29 16:45 - 2012-12-29 16:45 - 00001334 ____A C:\Users\Dibbs\Desktop\3D Èíñòðóêòîð 2.2. Äîìàøíÿÿ âåðñèÿ.lnk 2012-12-29 16:45 - 2012-12-29 16:45 - 00000079 ____A C:\Users\Dibbs\Desktop\Èíôîðìàöèÿ ïî àêòèâàöèè ïðîäóêòà.url 2012-12-29 16:45 - 2012-12-28 08:00 - 00001057 ____A C:\Windows\NLSDownlevelMapping.log 2012-12-29 16:44 - 2012-12-29 16:42 - 00000000 ____D C:\Program Files (x86)\3D Instructor 2.2 Home 2012-12-29 16:44 - 2012-12-28 07:59 - 00000000 ____D C:\Users\Dibbs\Documents\Multisoft 2012-12-29 16:41 - 2012-12-29 16:41 - 00000000 ____D C:\Users\Dibbs\Downloads\CityCarDriving.v.1.2.Eng 2012-12-29 16:35 - 2012-12-29 16:02 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2012-12-29 16:33 - 2012-12-29 16:34 - 00001182 ____A C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk 2012-12-29 16:33 - 2012-12-29 16:33 - 00000000 ____D C:\Windows\ELAMBKUP 2012-12-29 16:30 - 2012-12-29 16:28 - 175777304 ____A (Kaspersky Lab) C:\Users\Dibbs\Downloads\kis2013_13.0.1.4190EN_3458.exe 2012-12-29 16:18 - 2012-12-29 16:18 - 00017408 ____A C:\Users\Dibbs\AppData\Local\WebpageIcons.db 2012-12-29 15:54 - 2012-12-28 18:02 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2012-12-29 15:52 - 2012-12-29 15:52 - 22911336 ____A (SUPERAntiSpyware.com) C:\Users\Dibbs\Downloads\SUPERAntiSpyware(1).exe 2012-12-29 15:14 - 2012-12-29 15:14 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Dibbs\Downloads\mbam-setup-1.70.0.1100.exe 2012-12-29 15:07 - 2012-12-29 15:07 - 22911336 ____A (SUPERAntiSpyware.com) C:\Users\Dibbs\Downloads\SUPERAntiSpyware.exe 2012-12-29 12:11 - 2012-12-29 12:11 - 00001172 ____A C:\Users\Dibbs\Desktop\eMusic Download Manager 6.lnk 2012-12-29 12:11 - 2012-12-29 12:11 - 00000000 ____D C:\Program Files (x86)\eMusic Download Manager 6 2012-12-29 12:11 - 2012-12-29 12:10 - 14552720 ____A C:\Users\Dibbs\Downloads\emusic-dlm-installer-windows-6.0.2.exe 2012-12-29 11:22 - 2012-12-29 11:17 - 00000000 ____D C:\Users\Dibbs\AppData\Local\HP 2012-12-29 11:18 - 2012-12-29 11:18 - 00002272 ____A C:\Users\Public\Desktop\HP Officejet 4620 series.lnk 2012-12-29 11:18 - 2012-12-29 11:18 - 00001209 ____A C:\Users\Public\Desktop\Shop for Supplies - HP Officejet 4620 series.lnk 2012-12-29 11:18 - 2012-12-29 11:17 - 00000000 ____D C:\Program Files (x86)\HP 2012-12-29 11:17 - 2012-12-29 11:17 - 00000057 ____A C:\Users\All Users\Ament.ini 2012-12-29 11:17 - 2012-12-29 11:17 - 00000000 ____D C:\Users\All Users\HP 2012-12-29 11:17 - 2012-12-29 11:17 - 00000000 ____D C:\Program Files\HP 2012-12-29 11:13 - 2012-12-29 11:12 - 119887328 ____A C:\Users\Dibbs\Downloads\OJ4620_1315.exe 2012-12-29 10:39 - 2012-12-29 10:39 - 00000000 ____D C:\FRST 2012-12-29 08:23 - 2012-12-28 22:06 - 00000000 ____D C:\Windows\pss 2012-12-29 07:35 - 2012-12-29 07:35 - 01463381 ____A (Farbar) C:\Users\Dibbs\Downloads\FRST64.exe 2012-12-28 23:52 - 2012-12-28 23:52 - 00000000 ____D C:\found.000 2012-12-28 22:26 - 2011-12-27 19:10 - 00000000 ____D C:\Program Files (x86)\Steam 2012-12-28 21:21 - 2012-12-28 21:18 - 105603488 ____A C:\Users\Dibbs\Downloads\avira_free_antivirus_en.exe 2012-12-28 21:07 - 2012-12-28 16:57 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\EurekaLog 2012-12-28 20:41 - 2012-12-28 20:41 - 00003636 ____A C:\AdwCleaner[s2].txt 2012-12-28 20:40 - 2012-12-28 20:40 - 00550017 ____A C:\Users\Dibbs\Downloads\adwcleaner.exe 2012-12-28 20:40 - 2012-12-28 20:40 - 00039699 ____A C:\AdwCleaner[R1].txt 2012-12-28 19:11 - 2012-12-28 19:11 - 00028566 ____A C:\Users\Dibbs\Documents\Attach.txt 2012-12-28 19:11 - 2012-12-28 19:11 - 00018388 ____A C:\Users\Dibbs\Documents\DDS.txt 2012-12-28 19:09 - 2012-07-26 15:27 - 00000000 ____D C:\Users\Dibbs\Downloads\TOSHIBA 2012-12-28 17:53 - 2012-12-28 17:53 - 00001491 ____A C:\Users\Dibbs\Desktop\RKreport[3]_S_12282012_02d2053.txt 2012-12-28 17:53 - 2012-12-28 17:53 - 00001457 ____A C:\Users\Dibbs\Desktop\RKreport[4]_D_12282012_02d2053.txt 2012-12-28 17:14 - 2012-12-28 17:14 - 00000132 ____A C:\Users\Dibbs\Documents\CFScript.txt 2012-12-28 17:01 - 2012-12-28 17:01 - 00002162 ____A C:\Users\Dibbs\Desktop\RKreport[2]_D_12282012_02d2001.txt 2012-12-28 17:00 - 2012-12-28 17:00 - 00002107 ____A C:\Users\Dibbs\Desktop\RKreport[1]_S_12282012_02d2000.txt 2012-12-28 16:57 - 2012-12-28 16:54 - 00000000 ____D C:\Program Files (x86)\Your Uninstaller! 7 2012-12-28 16:54 - 2012-12-28 16:54 - 00001072 ____A C:\Users\Dibbs\Desktop\Your Unin-staller!.lnk 2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\URSoft 2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\Babylon 2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Babylon 2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\All Users\Babylon 2012-12-28 16:36 - 2012-12-28 16:36 - 00000513 ____A C:\Users\Dibbs\Documents\WinZip TrialPzy.txt 2012-12-28 16:34 - 2012-12-28 16:34 - 00368856 ____A (WinZip Computing) C:\Users\Dibbs\Downloads\WinZip170.exe 2012-12-28 15:20 - 2012-12-28 14:46 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0 2012-12-28 11:49 - 2012-05-06 17:36 - 00870128 ____A C:\Users\Dibbs\AppData\Roaming\mcs.rma 2012-12-28 11:47 - 2012-12-28 11:47 - 00001264 ____A C:\Users\Dibbs\Desktop\Revo Uninstaller.lnk 2012-12-28 11:47 - 2012-12-28 11:47 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2012-12-28 11:47 - 2012-12-28 11:46 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\Dibbs\Downloads\revosetup.exe 2012-12-28 11:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Resources 2012-12-28 11:06 - 2012-06-02 11:25 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\DiskAid 2012-12-28 08:08 - 2012-12-28 08:08 - 00000000 ____D C:\Users\Dibbs\AppData\Local\RadonLabs 2012-12-28 07:55 - 2012-12-28 07:50 - 408504248 ____A C:\Users\Dibbs\Downloads\CityCarDriving.v.1.2.Eng.rar 2012-12-27 20:05 - 2012-12-27 19:52 - 00000000 ____D C:\Users\Dibbs\Desktop\4GB USB DRIVE RED 2012-12-27 19:53 - 2012-12-27 19:50 - 00000000 ____D C:\Users\Dibbs\Downloads\imageusb 2012-12-27 19:49 - 2012-12-27 19:49 - 00432327 ___RA C:\Users\Dibbs\Downloads\imageusb.zip ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-01-22 14:24:29 Restore point made on: 2013-01-24 15:48:08 Restore point made on: 2013-01-26 06:40:54 ==================== Memory info =========================== Percentage of memory in use: 16% Total physical RAM: 3893.86 MB Available physical RAM: 3261.83 MB Total Pagefile: 3892.01 MB Available Pagefile: 3247.05 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ==================== Partitions ============================= 1 Drive c: () (Fixed) (Total:337.41 GB) (Free:132.97 GB) NTFS 3 Drive f: () (Removable) (Total:7.46 GB) (Free:6.37 GB) FAT32 4 Drive g: (Blank) (Removable) (Total:0.96 GB) (Free:0.02 GB) FAT 5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS 6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 465 GB 0 B Disk 1 Online 7647 MB 0 B Disk 2 Online 984 MB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 100 MB 1024 KB Partition 2 Primary 337 GB 101 MB Partition 3 Primary 117 GB 337 GB Partition 4 Primary 10 GB 455 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y System Rese NTFS Partition 100 MB Healthy ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C NTFS Partition 337 GB Healthy ========================================================= Disk: 0 Partition 3 Type : 83 Hidden: Yes Active: No There is no volume associated with this partition. ========================================================= Disk: 0 Partition 4 Type : 82 Hidden: Yes Active: No There is no volume associated with this partition. ========================================================= Partitions of Disk 1: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 7646 MB 1024 KB ================================================================================== Disk: 1 Partition 1 Type : 0C Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 F FAT32 Removable 7646 MB Healthy ========================================================= Partitions of Disk 2: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 983 MB 16 KB ================================================================================== Disk: 2 Partition 1 Type : 06 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 G Blank FAT Removable 983 MB Healthy ========================================================= Last Boot: 2013-01-23 21:02 ==================== End Of Log =============================
- January 26, 2013
- 30 replies
Locked out. Desktop hangs, no icons, stuck on spinning wheel -Safe Mode OK

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

Thanks so much for your reply. I'm running farbar. Yes, I have MBAM pro license - lifetime version. MBAM was the only software for virus/malware I installed. I did install Kaspersky when MBAM was on there, and it was a ~4 months ago I think (??). Other software like BitDefender, SuperAntispyware and Avira seem to run through a quick scan all right. This is only happening on the newest version of MBAM (sorry, do not remember version #) - the one with the blue M icon. The old RED Icon M seems t run fine - at least on my other computer. Aha, maybe I should try to udpate the other computer and see if I get a freeze, then it has to be sotware ??? Just srtruck me..... 1. Where is ComboFix-quarantined-files.txt stored? Many thanks.
- January 26, 2013
- 30 replies
Locked out. Desktop hangs, no icons, stuck on spinning wheel -Safe Mode OK

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

Hi, Here is ComboFix log. BTW, re the freezing of MBAM, I have waited even overnight for it to finish. But everything is just completely forzen.... no mouse movements, no nothing. ComboFix 13-01-26.02 - Dibbs 01/26/2013 9:41.3.4 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3894.2320 [GMT -5:00] Running from: c:\users\Dibbs\Downloads\ComboFix.exe AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5} FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E} SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2012-12-26 to 2013-01-26 ))))))))))))))))))))))))))))))) . . 2013-01-26 14:55 . 2013-01-26 14:55 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-01-22 13:45 . 2013-01-23 09:36 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BAFC8448-AE01-4C5C-863D-ABFF87C948AC}\offreg.dll 2013-01-21 12:24 . 2013-01-21 12:24 -------- d-----w- c:\users\Dibbs\AppData\Local\Apple 2013-01-21 12:23 . 2013-01-21 12:23 -------- d-----w- c:\users\Dibbs\AppData\Local\Apple Computer 2013-01-19 18:23 . 2013-01-19 18:23 -------- d-----w- c:\program files (x86)\ERUNT 2013-01-19 01:38 . 2013-01-19 01:38 12872 ----a-w- c:\windows\system32\bootdelete.exe 2013-01-18 23:36 . 2013-01-18 23:36 -------- d-----w- c:\program files\HitmanPro 2013-01-18 23:35 . 2013-01-19 01:39 -------- d-----w- c:\programdata\HitmanPro 2013-01-04 13:30 . 2013-01-04 13:30 3712 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg 2013-01-04 13:07 . 2013-01-04 13:07 -------- d-----w- c:\users\Dibbs\AppData\Local\Criterion Games 2012-12-30 19:47 . 2013-01-20 04:16 -------- d-----w- c:\users\Dibbs\AppData\Roaming\vlc 2012-12-30 19:46 . 2012-12-30 19:46 -------- d-----w- c:\program files (x86)\VideoLAN 2012-12-30 00:55 . 2012-12-30 00:55 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack 2012-12-30 00:42 . 2012-12-30 00:44 -------- d-----w- c:\program files (x86)\3D Instructor 2.2 Home 2012-12-30 00:33 . 2012-07-11 22:09 64856 ----a-w- c:\windows\system32\klfphc.dll 2012-12-30 00:33 . 2012-12-30 00:33 -------- d-----w- c:\windows\ELAMBKUP 2012-12-30 00:02 . 2012-12-30 00:35 -------- d-----w- c:\program files (x86)\Kaspersky Lab 2012-12-30 00:02 . 2013-01-24 22:01 -------- d-----w- c:\programdata\Kaspersky Lab 2012-12-29 20:11 . 2012-12-29 20:11 -------- d-----w- c:\users\Dibbs\AppData\Local\eMusic 2012-12-29 20:11 . 2012-12-29 20:11 -------- d-----w- c:\program files (x86)\eMusic Download Manager 6 2012-12-29 19:18 . 2013-01-05 20:20 -------- d-----w- c:\users\Dibbs\AppData\Roaming\HpUpdate 2012-12-29 19:18 . 2012-10-17 09:31 741480 ------w- c:\windows\system32\HPDiscoPM6412.dll 2012-12-29 19:17 . 2012-12-29 19:18 -------- d-----w- c:\program files (x86)\HP 2012-12-29 19:17 . 2012-12-29 19:17 -------- d-----w- c:\programdata\HP 2012-12-29 19:17 . 2012-12-29 19:17 -------- d-----w- c:\program files\HP 2012-12-29 19:17 . 2012-12-29 19:22 -------- d-----w- c:\users\Dibbs\AppData\Local\HP 2012-12-29 18:39 . 2012-12-29 18:39 -------- d-----w- C:\FRST 2012-12-29 15:50 . 2013-01-19 20:38 -------- d-----w- c:\users\Dibbs\AppData\Local\Adobe 2012-12-29 07:52 . 2012-12-29 07:52 -------- d-----w- C:\found.000 2012-12-29 02:37 . 2013-01-18 23:30 -------- d-----w- c:\users\Dibbs\AppData\Roaming\QuickScan 2012-12-29 02:02 . 2012-12-29 23:54 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-12-29 00:57 . 2012-12-29 05:07 -------- d-----w- c:\users\Dibbs\AppData\Roaming\EurekaLog 2012-12-29 00:54 . 2012-12-29 00:54 -------- d-----w- c:\users\Dibbs\AppData\Roaming\URSoft 2012-12-29 00:54 . 2012-12-29 00:57 -------- d-----w- c:\program files (x86)\Your Uninstaller! 7 2012-12-29 00:54 . 2012-12-29 00:54 -------- d-----w- c:\users\Dibbs\AppData\Local\Babylon 2012-12-29 00:54 . 2012-12-29 00:54 -------- d-----w- c:\users\Dibbs\AppData\Roaming\Babylon 2012-12-29 00:54 . 2012-12-29 00:54 -------- d-----w- c:\programdata\Babylon 2012-12-29 00:36 . 2012-11-19 06:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BAFC8448-AE01-4C5C-863D-ABFF87C948AC}\mpengine.dll 2012-12-28 22:46 . 2012-12-28 23:20 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0 2012-12-28 19:47 . 2012-12-28 19:47 -------- d-----w- c:\program files (x86)\VS Revo Group 2012-12-28 19:04 . 2012-12-28 19:04 -------- d-----w- c:\users\Dibbs\AppData\Local\Programs 2012-12-28 16:08 . 2012-12-28 16:08 -------- d-----w- c:\users\Dibbs\AppData\Local\RadonLabs 2012-12-28 16:03 . 2010-03-15 09:31 165376 ----a-w- c:\windows\SysWow64\unrar.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-30 02:22 . 2012-10-25 22:23 613720 ----a-w- c:\windows\system32\drivers\klif.sys 2012-12-30 02:22 . 2012-06-08 16:38 54104 ----a-w- c:\windows\system32\drivers\kltdi.sys 2012-12-21 21:52 . 2012-07-02 22:18 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-12-21 21:52 . 2011-12-11 08:18 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="c:\users\Dibbs\AppData\Local\Akamai\netsession_win.exe" [bU] "HP Officejet 4620 series (NET)"="c:\program files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-24 926896] "Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2010-10-25 36760] "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2010-10-25 821144] "Corel File Shell Monitor"="c:\program files (x86)\Corel\Corel Photo Album 7\CorelIOMonitor.exe" [2008-08-22 37888] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208] "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2012-12-30 356376] "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2012-05-31 336992] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] . c:\users\Dibbs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912] Monitor Ink Alerts - HP Officejet 4620 series (Network).lnk - c:\windows\system32\RunDll32.exe [2009-7-13 45568] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\Belkin\Bluetooth Software\BTTray.exe [2007-2-27 982320] NI Error Reporting.lnk - c:\program files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe [2011-6-19 619672] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-19 102368] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-10 1038088] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136] R3 LVUVC64;Logitech Webcam C260(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568] R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [2011-11-01 12800] R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2011-11-01 171008] R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-09-03 19936] R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-09-03 13280] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-19 203104] R3 UBNRedir;UBNRedir;c:\windows\system32\DRIVERS\ubnredir.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736] R4 MacDrive8Service;MacDrive 8 service;c:\program files\Mediafour\MacDrive 8\MacDrive8Service.exe [2010-10-08 149504] R4 NIApplicationWebServer64;NI Application Web Server (64-bit);c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-05-27 68256] S0 MDFSYSNT;MacDrive file system driver; [x] S0 MDPMGRNT;MacDrive Partition Driver;c:\windows\system32\DRIVERS\MDPMGRNT.SYS [2010-10-21 32424] S1 CBDisk;CBDisk;c:\windows\system32\drivers\CBDisk.sys [2010-05-12 70344] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-15 283200] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2012-08-02 28504] S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [2012-12-30 54104] S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [2012-08-13 178008] S2 M4LIC;Mediafour M4LIC service;c:\program files (x86)\Common Files\Mediafour\M4LIC.EXE [2010-07-20 205312] S2 NIApplicationWebServer;NI Application Web Server;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-05-27 50336] S2 nimDNSResponder;National Instruments mDNS Responder Service;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-06-01 194224] S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-06-15 548264] S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2012-03-15 370504] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-18 56344] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976] S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [2012-10-25 29016] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2012-10-25 29528] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584] S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2009-10-02 946688] . . Contents of the 'Scheduled Tasks' folder . 2013-01-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1616424981-3898423210-350200610-1000Core.job - c:\users\Dibbs\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-09 22:03] . 2013-01-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1616424981-3898423210-350200610-1000UA.job - c:\users\Dibbs\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-09 22:03] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B] @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}" [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}] 2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.110.223\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O] @="{64174815-8D98-4CE6-8646-4C039977D808}" [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}] 2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.110.223\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-10 520760] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-10 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-10 386584] "MacDrive 8 application"="c:\program files\Mediafour\MacDrive 8\MacDrive.exe" [2010-10-08 193536] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-10 415256] "Corel Photo Downloader"="c:\program files (x86)\Corel\Corel Photo Album 7\Corel Photo Downloader.exe" [2008-08-22 481608] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = about:blank mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local;<local> IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\Belkin\Bluetooth Software\btsendto_ie.htm Trusted Zone: rhapsody.com\rhap-app-4-0 Trusted Zone: rhapsody.com\rhapreg TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\Dibbs\AppData\Roaming\Mozilla\Firefox\Profiles\zpncz643.default\ FF - ExtSQL: 2012-12-29 19:33; anti_banner@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com FF - ExtSQL: 2012-12-29 19:33; content_blocker@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com FF - ExtSQL: 2012-12-29 19:33; online_banking@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com FF - ExtSQL: 2012-12-29 19:33; url_advisor@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com FF - ExtSQL: 2012-12-29 19:33; virtual_keyboard@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com FF - ExtSQL: 2013-01-18 18:30; {e001c731-5e37-4538-a5cb-8168736a2360}; c:\users\Dibbs\AppData\Roaming\Mozilla\Firefox\Profiles\zpncz643.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-Run-<NO NAME> - (no file) ShellIconOverlayIdentifiers-MacDrive volume icons - (no file) AddRemove-Akamai - c:\users\Dibbs\AppData\Local\Akamai\uninstall.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1616424981-3898423210-350200610-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{49CA60F3-7D7F-D540-3F44-7A99EEF0DD39}*] "bbemohkjfbokbpgcjepnbjjcmenjofagdkcf"=hex:61,62,6a,68,6f,61,6c,69,62,6b,64,6a, 70,65,64,64,64,61,6c,64,67,61,68,69,65,70,6d,63,67,62,62,6f,6d,6e,00,00 "abemohkjfbokbpgcjecoobljmjnpjiikjl"=hex:61,62,6f,67,6b,67,63,63,70,61,70,64, 70,70,6c,6f,63,6c,6d,6f,70,69,6a,65,67,62,70,63,65,6d,64,6f,70,68,00,00 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-01-26 10:08:46 ComboFix-quarantined-files.txt 2013-01-26 15:08 ComboFix2.txt 2012-12-29 01:42 . Pre-Run: 143,303,532,544 bytes free Post-Run: 142,841,683,968 bytes free . - - End Of File - - 143AC534FE9450D52AA50DF87D1CF5B1
- January 26, 2013
- 30 replies
Locked out. Desktop hangs, no icons, stuck on spinning wheel -Safe Mode OK

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

Results of screen317's Security Check version 0.99.57 Windows 7 x64 (UAC is enabled) Out of date service pack!! Internet Explorer 8 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! Kaspersky Internet Security Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 6 Update 35 Java version out of Date! Adobe Flash Player 11.5.502.135 Adobe Reader XI Mozilla Firefox (19.0) Google Chrome 23.0.1271.97 Google Chrome 24.0.1312.52 ````````Process Check: objlist.exe by Laurent```````` Kaspersky Lab Kaspersky Internet Security 2013 avp.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 2% ````````````````````End of Log``````````````````````
- January 24, 2013
- 30 replies
Locked out. Desktop hangs, no icons, stuck on spinning wheel -Safe Mode OK

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

My apologies I am slow to reply back. I am quite swamped..... and thanks for your time and patience. Step 1. Nothing showed up. So nothing to delete/fix. Step 2. Rkill log below. Step 3. MBAM freezes and computer hangs. Cannot run MBAM even in safe mode, still freezes and hangs computer needing to restart. I had to uninstall MBAM to proceed to next step. Step 4. Security check log in next reply. Rkill 2.4.6 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2013 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 01/23/2013 08:09:12 PM in x64 mode. Windows Version: Windows 7 Home Premium Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * C:\Windows\system32\crypserv.exe (PID: 1684) [WD-HEUR] 1 proccess terminated! Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * Windows Firewall Disabled [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = dword:00000000 Checking Windows Service Integrity: * No issues found. Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * HOSTS file entries found: 127.0.0.1 localhost Program finished at: 01/23/2013 08:09:33 PM Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)
- January 24, 2013
- 30 replies
Locked out. Desktop hangs, no icons, stuck on spinning wheel -Safe Mode OK

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

RogueKiller V8.4.3 [Jan 10 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7600 ) 64 bits version Started in : Normal mode User : Dibbs [Admin rights] Mode : Scan -- Date : 01/19/2013 13:28:55 ¤¤¤ Bad processes : 1 ¤¤¤ [DLL] rundll32.exe -- C:\Windows\SysWOW64\rundll32.exe : C:\Users\Dibbs\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll -> KILLED [TermProc] ¤¤¤ Registry Entries : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD5000BPVT-00HXZT3 ATA Device +++++ --- User --- [MBR] fede1a3f111c563547d8f5d09ae11300 [bSP] 86c639b09967ec76f8f44519cf44c738 : Linux MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 345509 Mo 2 - [XXXXXX] LINUX (0x83) [VISIBLE] Offset (sectors): 707809280 | Size: 120504 Mo 3 - [XXXXXX] LINUX-SWP (0x82) [VISIBLE] Offset (sectors): 954601472 | Size: 10825 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[5]_S_01192013_02d1328.txt >> RKreport[1]_S_12282012_02d2000.txt ; RKreport[2]_D_12282012_02d2001.txt ; RKreport[3]_S_12282012_02d2053.txt ; RKreport[4]_D_12282012_02d2053.txt ; RKreport[5]_S_01192013_02d1328.txt
- January 19, 2013
- 30 replies
Locked out. Desktop hangs, no icons, stuck on spinning wheel -Safe Mode OK

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

13:26:03.0513 7504 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 13:26:04.0043 7504 ============================================================ 13:26:04.0043 7504 Current date / time: 2013/01/19 13:26:04.0043 13:26:04.0043 7504 SystemInfo: 13:26:04.0043 7504 13:26:04.0043 7504 OS Version: 6.1.7600 ServicePack: 0.0 13:26:04.0043 7504 Product type: Workstation 13:26:04.0043 7504 ComputerName: DIBBS-PC 13:26:04.0043 7504 UserName: Dibbs 13:26:04.0043 7504 Windows directory: C:\Windows 13:26:04.0043 7504 System windows directory: C:\Windows 13:26:04.0043 7504 Running under WOW64 13:26:04.0043 7504 Processor architecture: Intel x64 13:26:04.0043 7504 Number of processors: 4 13:26:04.0043 7504 Page size: 0x1000 13:26:04.0043 7504 Boot type: Normal boot 13:26:04.0043 7504 ============================================================ 13:26:05.0373 7504 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:26:05.0383 7504 ============================================================ 13:26:05.0383 7504 \Device\Harddisk0\DR0: 13:26:05.0383 7504 MBR partitions: 13:26:05.0383 7504 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 13:26:05.0383 7504 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x2A2D2800 13:26:05.0383 7504 ============================================================ 13:26:05.0403 7504 C: <-> \Device\Harddisk0\DR0\Partition2 13:26:05.0403 7504 ============================================================ 13:26:05.0403 7504 Initialize success 13:26:05.0403 7504 ============================================================ 13:26:06.0643 2636 ============================================================ 13:26:06.0643 2636 Scan started 13:26:06.0643 2636 Mode: Manual; 13:26:06.0643 2636 ============================================================ 13:26:07.0974 2636 ================ Scan system memory ======================== 13:26:07.0974 2636 System memory - ok 13:26:07.0974 2636 ================ Scan services ============================= 13:26:08.0134 2636 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 13:26:08.0144 2636 1394ohci - ok 13:26:08.0194 2636 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys 13:26:08.0204 2636 ACPI - ok 13:26:08.0234 2636 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys 13:26:08.0234 2636 AcpiPmi - ok 13:26:08.0294 2636 [ D44BCAF639E4E45307C2BC80715273D5 ] adfs C:\Windows\system32\drivers\adfs.sys 13:26:08.0304 2636 adfs - ok 13:26:08.0394 2636 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 13:26:08.0394 2636 AdobeARMservice - ok 13:26:08.0434 2636 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 13:26:08.0454 2636 adp94xx - ok 13:26:08.0474 2636 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 13:26:08.0484 2636 adpahci - ok 13:26:08.0484 2636 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 13:26:08.0494 2636 adpu320 - ok 13:26:08.0514 2636 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 13:26:08.0524 2636 AeLookupSvc - ok 13:26:08.0554 2636 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys 13:26:08.0554 2636 AFD - ok 13:26:08.0574 2636 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys 13:26:08.0574 2636 agp440 - ok 13:26:08.0594 2636 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 13:26:08.0594 2636 ALG - ok 13:26:08.0614 2636 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys 13:26:08.0614 2636 aliide - ok 13:26:08.0624 2636 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys 13:26:08.0624 2636 amdide - ok 13:26:08.0634 2636 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 13:26:08.0644 2636 AmdK8 - ok 13:26:08.0654 2636 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 13:26:08.0654 2636 AmdPPM - ok 13:26:08.0674 2636 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys 13:26:08.0674 2636 amdsata - ok 13:26:08.0684 2636 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 13:26:08.0684 2636 amdsbs - ok 13:26:08.0694 2636 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys 13:26:08.0694 2636 amdxata - ok 13:26:08.0714 2636 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys 13:26:08.0724 2636 AppID - ok 13:26:08.0734 2636 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 13:26:08.0744 2636 AppIDSvc - ok 13:26:08.0754 2636 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll 13:26:08.0754 2636 Appinfo - ok 13:26:08.0814 2636 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 13:26:08.0824 2636 Apple Mobile Device - ok 13:26:08.0844 2636 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 13:26:08.0844 2636 arc - ok 13:26:08.0864 2636 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 13:26:08.0864 2636 arcsas - ok 13:26:08.0994 2636 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 13:26:08.0994 2636 aspnet_state - ok 13:26:09.0014 2636 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 13:26:09.0014 2636 AsyncMac - ok 13:26:09.0034 2636 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys 13:26:09.0034 2636 atapi - ok 13:26:09.0064 2636 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 13:26:09.0074 2636 AudioEndpointBuilder - ok 13:26:09.0094 2636 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll 13:26:09.0094 2636 AudioSrv - ok 13:26:09.0154 2636 AVP - ok 13:26:09.0164 2636 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll 13:26:09.0164 2636 AxInstSV - ok 13:26:09.0184 2636 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 13:26:09.0194 2636 b06bdrv - ok 13:26:09.0214 2636 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 13:26:09.0214 2636 b57nd60a - ok 13:26:09.0224 2636 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 13:26:09.0234 2636 BDESVC - ok 13:26:09.0244 2636 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 13:26:09.0244 2636 Beep - ok 13:26:09.0264 2636 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll 13:26:09.0274 2636 BFE - ok 13:26:09.0314 2636 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\system32\qmgr.dll 13:26:09.0324 2636 BITS - ok 13:26:09.0364 2636 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 13:26:09.0364 2636 blbdrive - ok 13:26:09.0434 2636 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 13:26:09.0434 2636 Bonjour Service - ok 13:26:09.0454 2636 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 13:26:09.0454 2636 bowser - ok 13:26:09.0474 2636 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 13:26:09.0474 2636 BrFiltLo - ok 13:26:09.0484 2636 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 13:26:09.0494 2636 BrFiltUp - ok 13:26:09.0524 2636 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 13:26:09.0534 2636 BridgeMP - ok 13:26:09.0554 2636 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll 13:26:09.0554 2636 Browser - ok 13:26:09.0584 2636 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 13:26:09.0584 2636 Brserid - ok 13:26:09.0594 2636 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 13:26:09.0594 2636 BrSerWdm - ok 13:26:09.0614 2636 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 13:26:09.0614 2636 BrUsbMdm - ok 13:26:09.0624 2636 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 13:26:09.0624 2636 BrUsbSer - ok 13:26:09.0654 2636 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 13:26:09.0654 2636 BthEnum - ok 13:26:09.0664 2636 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 13:26:09.0664 2636 BTHMODEM - ok 13:26:09.0684 2636 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 13:26:09.0684 2636 BthPan - ok 13:26:09.0744 2636 [ A51FA9D0E85D5ADABEF72E67F386309C ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 13:26:09.0754 2636 BTHPORT - ok 13:26:09.0784 2636 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 13:26:09.0794 2636 bthserv - ok 13:26:09.0804 2636 [ F740B9A16B2C06700F2130E19986BF3B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 13:26:09.0814 2636 BTHUSB - ok 13:26:09.0844 2636 [ 3A75A1FB8E752911CE14E1CC41478055 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 13:26:09.0844 2636 btwaudio - ok 13:26:09.0884 2636 [ 765AF0B72B9CE0CAA821B86E12B73C58 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys 13:26:09.0884 2636 btwavdt - ok 13:26:09.0914 2636 [ 11E80DA0A0698C203115610AD19DB410 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 13:26:09.0914 2636 btwrchid - ok 13:26:09.0934 2636 [ AE34BE2969A5D42266746B68370BA97C ] BTWUSB C:\Windows\system32\Drivers\btwusb.sys 13:26:09.0934 2636 BTWUSB - ok 13:26:09.0944 2636 catchme - ok 13:26:09.0974 2636 [ B99D91E4CD9017F213645AA2E80EB425 ] CBDisk C:\Windows\system32\drivers\CBDisk.sys 13:26:09.0974 2636 CBDisk - ok 13:26:10.0004 2636 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 13:26:10.0004 2636 cdfs - ok 13:26:10.0044 2636 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 13:26:10.0044 2636 cdrom - ok 13:26:10.0074 2636 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll 13:26:10.0074 2636 CertPropSvc - ok 13:26:10.0104 2636 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 13:26:10.0104 2636 circlass - ok 13:26:10.0144 2636 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 13:26:10.0154 2636 CLFS - ok 13:26:10.0224 2636 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:26:10.0224 2636 clr_optimization_v2.0.50727_32 - ok 13:26:10.0264 2636 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 13:26:10.0264 2636 clr_optimization_v2.0.50727_64 - ok 13:26:10.0364 2636 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 13:26:10.0364 2636 clr_optimization_v4.0.30319_32 - ok 13:26:10.0384 2636 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 13:26:10.0384 2636 clr_optimization_v4.0.30319_64 - ok 13:26:10.0414 2636 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 13:26:10.0414 2636 CmBatt - ok 13:26:10.0434 2636 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys 13:26:10.0434 2636 cmdide - ok 13:26:10.0464 2636 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys 13:26:10.0464 2636 CNG - ok 13:26:10.0524 2636 [ 25C58EE97BE0416A373E3E4F855206B5 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys 13:26:10.0534 2636 CnxtHdAudService - ok 13:26:10.0604 2636 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 13:26:10.0604 2636 Compbatt - ok 13:26:10.0624 2636 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 13:26:10.0624 2636 CompositeBus - ok 13:26:10.0634 2636 COMSysApp - ok 13:26:10.0644 2636 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 13:26:10.0654 2636 crcdisk - ok 13:26:10.0654 2636 Crypkey License - ok 13:26:10.0704 2636 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll 13:26:10.0714 2636 CryptSvc - ok 13:26:10.0754 2636 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll 13:26:10.0754 2636 DcomLaunch - ok 13:26:10.0784 2636 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 13:26:10.0784 2636 defragsvc - ok 13:26:10.0804 2636 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 13:26:10.0804 2636 DfsC - ok 13:26:10.0844 2636 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 13:26:10.0854 2636 dg_ssudbus - ok 13:26:10.0874 2636 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll 13:26:10.0874 2636 Dhcp - ok 13:26:10.0894 2636 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 13:26:10.0894 2636 discache - ok 13:26:10.0914 2636 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 13:26:10.0914 2636 Disk - ok 13:26:10.0934 2636 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\Windows\System32\dnsrslvr.dll 13:26:10.0934 2636 Dnscache - ok 13:26:10.0954 2636 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll 13:26:10.0964 2636 dot3svc - ok 13:26:10.0984 2636 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll 13:26:10.0984 2636 DPS - ok 13:26:11.0004 2636 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 13:26:11.0004 2636 drmkaud - ok 13:26:11.0064 2636 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys 13:26:11.0064 2636 dtsoftbus01 - ok 13:26:11.0104 2636 [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 13:26:11.0144 2636 DXGKrnl - ok 13:26:11.0164 2636 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 13:26:11.0174 2636 EapHost - ok 13:26:11.0244 2636 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 13:26:11.0344 2636 ebdrv - ok 13:26:11.0384 2636 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe 13:26:11.0424 2636 EFS - ok 13:26:11.0604 2636 [ 3D69FAE60EDE442E004611A4EE4DB44C ] ehRecvr C:\Windows\ehome\ehRecvr.exe 13:26:11.0624 2636 ehRecvr - ok 13:26:11.0644 2636 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 13:26:11.0644 2636 ehSched - ok 13:26:11.0664 2636 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 13:26:11.0674 2636 elxstor - ok 13:26:11.0684 2636 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys 13:26:11.0684 2636 ErrDev - ok 13:26:11.0724 2636 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 13:26:11.0734 2636 EventSystem - ok 13:26:11.0754 2636 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 13:26:11.0754 2636 exfat - ok 13:26:11.0775 2636 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 13:26:11.0775 2636 fastfat - ok 13:26:11.0805 2636 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe 13:26:11.0815 2636 Fax - ok 13:26:11.0865 2636 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 13:26:11.0865 2636 fdc - ok 13:26:11.0885 2636 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 13:26:11.0885 2636 fdPHost - ok 13:26:11.0905 2636 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 13:26:11.0905 2636 FDResPub - ok 13:26:11.0915 2636 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 13:26:11.0915 2636 FileInfo - ok 13:26:11.0925 2636 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 13:26:11.0925 2636 Filetrace - ok 13:26:11.0975 2636 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 13:26:11.0985 2636 FLEXnet Licensing Service - ok 13:26:12.0025 2636 [ 1C3FB052A0BB72EDAED90785C34D6EED ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe 13:26:12.0045 2636 FLEXnet Licensing Service 64 - ok 13:26:12.0065 2636 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 13:26:12.0065 2636 flpydisk - ok 13:26:12.0085 2636 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 13:26:12.0085 2636 FltMgr - ok 13:26:12.0115 2636 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll 13:26:12.0135 2636 FontCache - ok 13:26:12.0175 2636 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 13:26:12.0185 2636 FontCache3.0.0.0 - ok 13:26:12.0205 2636 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 13:26:12.0205 2636 FsDepends - ok 13:26:12.0235 2636 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 13:26:12.0235 2636 Fs_Rec - ok 13:26:12.0255 2636 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 13:26:12.0255 2636 fvevol - ok 13:26:12.0265 2636 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 13:26:12.0265 2636 gagp30kx - ok 13:26:12.0305 2636 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 13:26:12.0305 2636 GEARAspiWDM - ok 13:26:12.0335 2636 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll 13:26:12.0345 2636 gpsvc - ok 13:26:12.0365 2636 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 13:26:12.0365 2636 hcw85cir - ok 13:26:12.0385 2636 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 13:26:12.0395 2636 HdAudAddService - ok 13:26:12.0405 2636 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 13:26:12.0415 2636 HDAudBus - ok 13:26:12.0435 2636 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 13:26:12.0435 2636 HECIx64 - ok 13:26:12.0455 2636 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 13:26:12.0455 2636 HidBatt - ok 13:26:12.0465 2636 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 13:26:12.0465 2636 HidBth - ok 13:26:12.0485 2636 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 13:26:12.0485 2636 HidIr - ok 13:26:12.0505 2636 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 13:26:12.0505 2636 hidserv - ok 13:26:12.0525 2636 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 13:26:12.0525 2636 HidUsb - ok 13:26:12.0535 2636 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll 13:26:12.0535 2636 hkmsvc - ok 13:26:12.0555 2636 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 13:26:12.0555 2636 HomeGroupListener - ok 13:26:12.0585 2636 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll 13:26:12.0595 2636 HomeGroupProvider - ok 13:26:12.0605 2636 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys 13:26:12.0605 2636 HpSAMD - ok 13:26:12.0635 2636 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys 13:26:12.0635 2636 HTTP - ok 13:26:12.0675 2636 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 13:26:12.0675 2636 hwpolicy - ok 13:26:12.0685 2636 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 13:26:12.0685 2636 i8042prt - ok 13:26:12.0715 2636 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys 13:26:12.0715 2636 iaStorV - ok 13:26:12.0825 2636 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 13:26:12.0825 2636 IDriverT - ok 13:26:12.0875 2636 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 13:26:12.0895 2636 idsvc - ok 13:26:13.0095 2636 [ 1BE8D9CA4F2363B8E8015621878E0043 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 13:26:13.0265 2636 igfx - ok 13:26:13.0275 2636 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 13:26:13.0275 2636 iirsp - ok 13:26:13.0315 2636 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll 13:26:13.0325 2636 IKEEXT - ok 13:26:13.0355 2636 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys 13:26:13.0355 2636 Impcd - ok 13:26:13.0385 2636 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys 13:26:13.0385 2636 intelide - ok 13:26:13.0395 2636 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 13:26:13.0395 2636 intelppm - ok 13:26:13.0405 2636 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 13:26:13.0415 2636 IPBusEnum - ok 13:26:13.0425 2636 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:26:13.0425 2636 IpFilterDriver - ok 13:26:13.0455 2636 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 13:26:13.0465 2636 iphlpsvc - ok 13:26:13.0475 2636 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys 13:26:13.0485 2636 IPMIDRV - ok 13:26:13.0495 2636 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 13:26:13.0505 2636 IPNAT - ok 13:26:13.0545 2636 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 13:26:13.0555 2636 iPod Service - ok 13:26:13.0575 2636 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 13:26:13.0575 2636 IRENUM - ok 13:26:13.0585 2636 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys 13:26:13.0595 2636 isapnp - ok 13:26:13.0605 2636 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 13:26:13.0615 2636 iScsiPrt - ok 13:26:13.0625 2636 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 13:26:13.0625 2636 kbdclass - ok 13:26:13.0645 2636 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 13:26:13.0645 2636 kbdhid - ok 13:26:13.0665 2636 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe 13:26:13.0665 2636 KeyIso - ok 13:26:13.0725 2636 [ 8B5219318DF5895ABD230C373F2DF18A ] KL1 C:\Windows\system32\DRIVERS\kl1.sys 13:26:13.0725 2636 KL1 - ok 13:26:13.0795 2636 [ 65F3B81FA285EAB641F5E6EF7AEB984D ] KLIF C:\Windows\system32\DRIVERS\klif.sys 13:26:13.0805 2636 KLIF - ok 13:26:13.0855 2636 [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys 13:26:13.0855 2636 KLIM6 - ok 13:26:13.0905 2636 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys 13:26:13.0905 2636 klkbdflt - ok 13:26:13.0915 2636 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys 13:26:13.0915 2636 klmouflt - ok 13:26:13.0955 2636 [ A8081ED8D48FA611D11DB97F49A5343D ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys 13:26:13.0955 2636 kltdi - ok 13:26:13.0965 2636 [ 185D21CB8F10CFB351FF65DA88C18BC9 ] kneps C:\Windows\system32\DRIVERS\kneps.sys 13:26:13.0965 2636 kneps - ok 13:26:13.0995 2636 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 13:26:13.0995 2636 KSecDD - ok 13:26:14.0025 2636 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 13:26:14.0025 2636 KSecPkg - ok 13:26:14.0035 2636 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 13:26:14.0035 2636 ksthunk - ok 13:26:14.0065 2636 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 13:26:14.0075 2636 KtmRm - ok 13:26:14.0125 2636 [ 655A5D8E80869781CCE23760ADA7E695 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys 13:26:14.0125 2636 L1C - ok 13:26:14.0165 2636 [ C926920B8978DE6ACFE9E15C709E9B57 ] LanmanServer C:\Windows\System32\srvsvc.dll 13:26:14.0165 2636 LanmanServer - ok 13:26:14.0185 2636 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 13:26:14.0195 2636 LanmanWorkstation - ok 13:26:14.0365 2636 [ 20CDB07017497C94A0BAD253C4BAFCBC ] LkCitadelServer C:\Windows\SysWOW64\lkcitdl.exe 13:26:14.0385 2636 LkCitadelServer - ok 13:26:14.0395 2636 [ B07D786736E7B1719A90365911BC2D0A ] lkClassAds C:\Windows\SysWOW64\lkads.exe 13:26:14.0395 2636 lkClassAds - ok 13:26:14.0405 2636 [ AB1FAA47332EC2EE43BBFED7A6F0EA09 ] lkTimeSync C:\Windows\SysWOW64\lktsrv.exe 13:26:14.0415 2636 lkTimeSync - ok 13:26:14.0435 2636 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 13:26:14.0435 2636 lltdio - ok 13:26:14.0455 2636 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 13:26:14.0465 2636 lltdsvc - ok 13:26:14.0485 2636 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 13:26:14.0495 2636 lmhosts - ok 13:26:14.0515 2636 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 13:26:14.0525 2636 LSI_FC - ok 13:26:14.0545 2636 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 13:26:14.0545 2636 LSI_SAS - ok 13:26:14.0565 2636 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 13:26:14.0565 2636 LSI_SAS2 - ok 13:26:14.0585 2636 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 13:26:14.0585 2636 LSI_SCSI - ok 13:26:14.0605 2636 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 13:26:14.0605 2636 luafv - ok 13:26:14.0645 2636 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys 13:26:14.0655 2636 LVRS64 - ok 13:26:14.0785 2636 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 13:26:14.0885 2636 LVUVC64 - ok 13:26:14.0925 2636 [ 543080D7653128B1FA7CD8F7DB22BADB ] M4LIC C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE 13:26:14.0925 2636 M4LIC - ok 13:26:14.0975 2636 [ 95C395FDEAF6813A1DC974DDB7EE04B4 ] MacDrive8Service C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe 13:26:14.0985 2636 MacDrive8Service - ok 13:26:14.0985 2636 MCSTRM - ok 13:26:15.0035 2636 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 13:26:15.0035 2636 Mcx2Svc - ok 13:26:15.0075 2636 [ 99875732A0C1373316AF28ED79C168CC ] MDFSYSNT C:\Windows\system32\drivers\MDFSYSNT.sys 13:26:15.0075 2636 MDFSYSNT - ok 13:26:15.0105 2636 [ 8D3B834090836A01F49B97F22AE9C83C ] MDPMGRNT C:\Windows\system32\DRIVERS\MDPMGRNT.SYS 13:26:15.0105 2636 MDPMGRNT - ok 13:26:15.0125 2636 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 13:26:15.0125 2636 megasas - ok 13:26:15.0145 2636 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 13:26:15.0155 2636 MegaSR - ok 13:26:15.0265 2636 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 13:26:15.0265 2636 Microsoft Office Groove Audit Service - ok 13:26:15.0285 2636 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 13:26:15.0295 2636 MMCSS - ok 13:26:15.0305 2636 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 13:26:15.0305 2636 Modem - ok 13:26:15.0325 2636 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 13:26:15.0325 2636 monitor - ok 13:26:15.0365 2636 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 13:26:15.0365 2636 mouclass - ok 13:26:15.0385 2636 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 13:26:15.0385 2636 mouhid - ok 13:26:15.0405 2636 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 13:26:15.0405 2636 mountmgr - ok 13:26:15.0435 2636 [ C8619D099F8149149045772B60DB09AC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 13:26:15.0435 2636 MozillaMaintenance - ok 13:26:15.0455 2636 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys 13:26:15.0465 2636 mpio - ok 13:26:15.0475 2636 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 13:26:15.0475 2636 mpsdrv - ok 13:26:15.0525 2636 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll 13:26:15.0535 2636 MpsSvc - ok 13:26:15.0555 2636 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 13:26:15.0555 2636 MRxDAV - ok 13:26:15.0575 2636 [ 767A4C3BCF9410C286CED15A2DB17108 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 13:26:15.0575 2636 mrxsmb - ok 13:26:15.0605 2636 [ 920EE0FF995FCFDEB08C41605A959E1C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:26:15.0605 2636 mrxsmb10 - ok 13:26:15.0625 2636 [ 740D7EA9D72C981510A5292CF6ADC941 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:26:15.0625 2636 mrxsmb20 - ok 13:26:15.0645 2636 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys 13:26:15.0645 2636 msahci - ok 13:26:15.0665 2636 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys 13:26:15.0665 2636 msdsm - ok 13:26:15.0685 2636 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 13:26:15.0685 2636 MSDTC - ok 13:26:15.0705 2636 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 13:26:15.0705 2636 Msfs - ok 13:26:15.0715 2636 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 13:26:15.0725 2636 mshidkmdf - ok 13:26:15.0735 2636 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys 13:26:15.0735 2636 msisadrv - ok 13:26:15.0765 2636 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 13:26:15.0775 2636 MSiSCSI - ok 13:26:15.0775 2636 msiserver - ok 13:26:15.0785 2636 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 13:26:15.0795 2636 MSKSSRV - ok 13:26:15.0806 2636 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 13:26:15.0806 2636 MSPCLOCK - ok 13:26:15.0816 2636 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 13:26:15.0816 2636 MSPQM - ok 13:26:15.0826 2636 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 13:26:15.0836 2636 MsRPC - ok 13:26:15.0886 2636 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 13:26:15.0886 2636 mssmbios - ok 13:26:15.0896 2636 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 13:26:15.0896 2636 MSTEE - ok 13:26:15.0906 2636 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 13:26:15.0916 2636 MTConfig - ok 13:26:15.0926 2636 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 13:26:15.0926 2636 Mup - ok 13:26:16.0036 2636 [ A3BA8A14490FDBF106939C37A125E82C ] mxssvr C:\Program Files (x86)\National Instruments\MAX\nimxs.exe 13:26:16.0036 2636 mxssvr - ok 13:26:16.0076 2636 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll 13:26:16.0086 2636 napagent - ok 13:26:16.0116 2636 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 13:26:16.0116 2636 NativeWifiP - ok 13:26:16.0146 2636 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys 13:26:16.0166 2636 NDIS - ok 13:26:16.0176 2636 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 13:26:16.0176 2636 NdisCap - ok 13:26:16.0196 2636 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 13:26:16.0196 2636 NdisTapi - ok 13:26:16.0206 2636 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 13:26:16.0206 2636 Ndisuio - ok 13:26:16.0216 2636 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 13:26:16.0226 2636 NdisWan - ok 13:26:16.0236 2636 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 13:26:16.0236 2636 NDProxy - ok 13:26:16.0256 2636 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 13:26:16.0256 2636 NetBIOS - ok 13:26:16.0266 2636 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 13:26:16.0276 2636 NetBT - ok 13:26:16.0286 2636 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe 13:26:16.0286 2636 Netlogon - ok 13:26:16.0306 2636 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 13:26:16.0316 2636 Netman - ok 13:26:16.0406 2636 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:26:16.0416 2636 NetMsmqActivator - ok 13:26:16.0416 2636 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:26:16.0426 2636 NetPipeActivator - ok 13:26:16.0456 2636 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 13:26:16.0466 2636 netprofm - ok 13:26:16.0466 2636 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:26:16.0476 2636 NetTcpActivator - ok 13:26:16.0476 2636 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:26:16.0476 2636 NetTcpPortSharing - ok 13:26:16.0496 2636 [ 2263727032E9B19231A706046B8C82D3 ] NetworkX C:\Windows\system32\ckldrv.sys 13:26:16.0506 2636 NetworkX - ok 13:26:16.0526 2636 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 13:26:16.0536 2636 nfrd960 - ok 13:26:16.0666 2636 [ F0E38750822EECC47B9913C55990F86A ] NIApplicationWebServer C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe 13:26:16.0666 2636 NIApplicationWebServer - ok 13:26:16.0816 2636 [ 633CDF3EF922DD438F82468DE1C10700 ] NIApplicationWebServer64 C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe 13:26:16.0816 2636 NIApplicationWebServer64 - ok 13:26:16.0876 2636 [ 908B9667F2FD7453CBCF3A2A0444DCC1 ] NIDomainService C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe 13:26:16.0876 2636 NIDomainService - ok 13:26:16.0976 2636 [ AA8896BCD689851665EFC02DC41181AC ] NILM License Manager C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe 13:26:17.0006 2636 NILM License Manager - ok 13:26:17.0046 2636 [ 8FED4893CB017F81CD1769448AD567E5 ] nimDNSResponder C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe 13:26:17.0046 2636 nimDNSResponder - ok 13:26:17.0056 2636 [ FC87856060BD0B667D2086B7050240A3 ] niSvcLoc C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe 13:26:17.0056 2636 niSvcLoc - ok 13:26:17.0116 2636 [ 4DC8C4EC1F9637110142C7D65FFB40E5 ] NITaggerService C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe 13:26:17.0126 2636 NITaggerService - ok 13:26:17.0156 2636 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll 13:26:17.0156 2636 NlaSvc - ok 13:26:17.0226 2636 [ CD569FA91EC6F59D045C19D0D3850F44 ] nmservice C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe 13:26:17.0226 2636 nmservice - ok 13:26:17.0266 2636 [ 5FE6F8C05F0769BBB74AFAC11453B182 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys 13:26:17.0266 2636 nmwcd - ok 13:26:17.0276 2636 [ 73C929945C0850B8D1FE2FEA05FDF05D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys 13:26:17.0286 2636 nmwcdc - ok 13:26:17.0316 2636 [ 697CA586209E022D15DD0C838B235D6A ] nmwcdnsucx64 C:\Windows\system32\drivers\nmwcdnsucx64.sys 13:26:17.0326 2636 nmwcdnsucx64 - ok 13:26:17.0366 2636 [ 292DDF13F91F2CB2482B57AACD6AEB9B ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys 13:26:17.0376 2636 nmwcdnsux64 - ok 13:26:17.0396 2636 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 13:26:17.0396 2636 Npfs - ok 13:26:17.0426 2636 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 13:26:17.0436 2636 nsi - ok 13:26:17.0456 2636 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 13:26:17.0456 2636 nsiproxy - ok 13:26:17.0506 2636 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 13:26:17.0556 2636 Ntfs - ok 13:26:17.0576 2636 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 13:26:17.0586 2636 Null - ok 13:26:17.0606 2636 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys 13:26:17.0606 2636 nvraid - ok 13:26:17.0626 2636 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys 13:26:17.0626 2636 nvstor - ok 13:26:17.0636 2636 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys 13:26:17.0636 2636 nv_agp - ok 13:26:17.0716 2636 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 13:26:17.0726 2636 odserv - ok 13:26:17.0756 2636 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 13:26:17.0756 2636 ohci1394 - ok 13:26:17.0866 2636 [ EAE6208900E2986F66F68B30AEF86E4D ] OpcEnum C:\Windows\SysWOW64\OpcEnum.exe 13:26:17.0876 2636 OpcEnum - ok 13:26:17.0916 2636 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 13:26:17.0916 2636 ose - ok 13:26:17.0966 2636 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 13:26:17.0976 2636 p2pimsvc - ok 13:26:18.0016 2636 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 13:26:18.0016 2636 p2psvc - ok 13:26:18.0036 2636 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 13:26:18.0036 2636 Parport - ok 13:26:18.0056 2636 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys 13:26:18.0056 2636 partmgr - ok 13:26:18.0066 2636 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 13:26:18.0076 2636 PcaSvc - ok 13:26:18.0106 2636 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 13:26:18.0106 2636 pccsmcfd - ok 13:26:18.0126 2636 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys 13:26:18.0126 2636 pci - ok 13:26:18.0136 2636 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys 13:26:18.0136 2636 pciide - ok 13:26:18.0156 2636 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 13:26:18.0156 2636 pcmcia - ok 13:26:18.0166 2636 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 13:26:18.0166 2636 pcw - ok 13:26:18.0196 2636 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 13:26:18.0196 2636 PEAUTH - ok 13:26:18.0236 2636 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 13:26:18.0236 2636 PerfHost - ok 13:26:18.0286 2636 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll 13:26:18.0326 2636 pla - ok 13:26:18.0366 2636 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 13:26:18.0366 2636 PlugPlay - ok 13:26:18.0406 2636 [ FB83B6C62DFF5ABE36304351D2BED581 ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys 13:26:18.0406 2636 pnarp - ok 13:26:18.0416 2636 PnkBstrA - ok 13:26:18.0426 2636 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 13:26:18.0436 2636 PNRPAutoReg - ok 13:26:18.0446 2636 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 13:26:18.0456 2636 PNRPsvc - ok 13:26:18.0476 2636 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 13:26:18.0486 2636 PolicyAgent - ok 13:26:18.0516 2636 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 13:26:18.0516 2636 Power - ok 13:26:18.0546 2636 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 13:26:18.0546 2636 PptpMiniport - ok 13:26:18.0566 2636 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 13:26:18.0566 2636 Processor - ok 13:26:18.0596 2636 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll 13:26:18.0606 2636 ProfSvc - ok 13:26:18.0616 2636 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe 13:26:18.0616 2636 ProtectedStorage - ok 13:26:18.0656 2636 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\SysWOW64\PSIService.exe 13:26:18.0666 2636 ProtexisLicensing - ok 13:26:18.0676 2636 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 13:26:18.0676 2636 Psched - ok 13:26:18.0716 2636 [ 1B3434642CE3C26E6F24D3A76D749C2A ] purendis C:\Windows\system32\DRIVERS\purendis.sys 13:26:18.0726 2636 purendis - ok 13:26:18.0746 2636 [ 595A22C4CCE855E72D475835F3DF2D53 ] pwdrvio C:\Windows\system32\pwdrvio.sys 13:26:18.0746 2636 pwdrvio - ok 13:26:18.0776 2636 [ 70EB529F6FEDAC79D0A8E3BB79999277 ] pwdspio C:\Windows\system32\pwdspio.sys 13:26:18.0776 2636 pwdspio - ok 13:26:18.0836 2636 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 13:26:18.0876 2636 ql2300 - ok 13:26:18.0886 2636 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 13:26:18.0896 2636 ql40xx - ok 13:26:18.0916 2636 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 13:26:18.0926 2636 QWAVE - ok 13:26:18.0936 2636 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 13:26:18.0946 2636 QWAVEdrv - ok 13:26:18.0986 2636 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll 13:26:18.0986 2636 RapiMgr - ok 13:26:18.0996 2636 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 13:26:18.0996 2636 RasAcd - ok 13:26:19.0016 2636 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 13:26:19.0016 2636 RasAgileVpn - ok 13:26:19.0036 2636 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 13:26:19.0046 2636 RasAuto - ok 13:26:19.0056 2636 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 13:26:19.0056 2636 Rasl2tp - ok 13:26:19.0076 2636 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll 13:26:19.0076 2636 RasMan - ok 13:26:19.0096 2636 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 13:26:19.0096 2636 RasPppoe - ok 13:26:19.0106 2636 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 13:26:19.0106 2636 RasSstp - ok 13:26:19.0126 2636 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 13:26:19.0136 2636 rdbss - ok 13:26:19.0156 2636 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 13:26:19.0156 2636 rdpbus - ok 13:26:19.0166 2636 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 13:26:19.0166 2636 RDPCDD - ok 13:26:19.0186 2636 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 13:26:19.0196 2636 RDPENCDD - ok 13:26:19.0206 2636 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 13:26:19.0216 2636 RDPREFMP - ok 13:26:19.0226 2636 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 13:26:19.0236 2636 RDPWD - ok 13:26:19.0246 2636 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 13:26:19.0256 2636 rdyboost - ok 13:26:19.0306 2636 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 13:26:19.0316 2636 RemoteAccess - ok 13:26:19.0346 2636 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 13:26:19.0346 2636 RemoteRegistry - ok 13:26:19.0396 2636 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 13:26:19.0396 2636 RFCOMM - ok 13:26:19.0436 2636 [ AD42432D22940B4215177BE113E4919C ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys 13:26:19.0436 2636 RimUsb - ok 13:26:19.0486 2636 [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys 13:26:19.0486 2636 RimVSerPort - ok 13:26:19.0506 2636 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys 13:26:19.0506 2636 ROOTMODEM - ok 13:26:19.0536 2636 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 13:26:19.0536 2636 RpcEptMapper - ok 13:26:19.0556 2636 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 13:26:19.0566 2636 RpcLocator - ok 13:26:19.0586 2636 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\System32\rpcss.dll 13:26:19.0586 2636 RpcSs - ok 13:26:19.0606 2636 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 13:26:19.0606 2636 rspndr - ok 13:26:19.0656 2636 [ A8ED9726734D403217A4861A6788B144 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys 13:26:19.0666 2636 rtl8192se - ok 13:26:19.0676 2636 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe 13:26:19.0676 2636 SamSs - ok 13:26:19.0716 2636 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys 13:26:19.0716 2636 sbp2port - ok 13:26:19.0736 2636 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 13:26:19.0746 2636 SCardSvr - ok 13:26:19.0786 2636 [ EFD61BD67E5CE72CA5CE8BB6AD3E1FDB ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys 13:26:19.0786 2636 SCDEmu - ok 13:26:19.0806 2636 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 13:26:19.0806 2636 scfilter - ok 13:26:19.0846 2636 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\Windows\system32\schedsvc.dll 13:26:19.0876 2636 Schedule - ok 13:26:19.0916 2636 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll 13:26:19.0926 2636 SCPolicySvc - ok 13:26:19.0926 2636 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll 13:26:19.0936 2636 SDRSVC - ok 13:26:19.0946 2636 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 13:26:19.0956 2636 secdrv - ok 13:26:19.0966 2636 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll 13:26:19.0966 2636 seclogon - ok 13:26:19.0996 2636 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll 13:26:19.0996 2636 SENS - ok 13:26:20.0006 2636 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 13:26:20.0006 2636 SensrSvc - ok 13:26:20.0016 2636 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 13:26:20.0026 2636 Serenum - ok 13:26:20.0046 2636 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 13:26:20.0046 2636 Serial - ok 13:26:20.0066 2636 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 13:26:20.0066 2636 sermouse - ok 13:26:20.0136 2636 [ F31E9531AF225CA25350D5E87E999B31 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 13:26:20.0146 2636 ServiceLayer - ok 13:26:20.0186 2636 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll 13:26:20.0186 2636 SessionEnv - ok 13:26:20.0206 2636 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys 13:26:20.0206 2636 sffdisk - ok 13:26:20.0216 2636 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys 13:26:20.0216 2636 sffp_mmc - ok 13:26:20.0226 2636 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys 13:26:20.0226 2636 sffp_sd - ok 13:26:20.0236 2636 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 13:26:20.0236 2636 sfloppy - ok 13:26:20.0296 2636 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 13:26:20.0306 2636 SharedAccess - ok 13:26:20.0376 2636 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll 13:26:20.0386 2636 ShellHWDetection - ok 13:26:20.0416 2636 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 13:26:20.0426 2636 SiSRaid2 - ok 13:26:20.0446 2636 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 13:26:20.0446 2636 SiSRaid4 - ok 13:26:20.0506 2636 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 13:26:20.0506 2636 SkypeUpdate - ok 13:26:20.0526 2636 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 13:26:20.0526 2636 Smb - ok 13:26:20.0546 2636 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 13:26:20.0546 2636 SNMPTRAP - ok 13:26:20.0626 2636 [ 5FA669007BD7874FBB70199211FFF64D ] SplashtopRemoteService C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe 13:26:20.0636 2636 SplashtopRemoteService - ok 13:26:20.0656 2636 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 13:26:20.0656 2636 spldr - ok 13:26:20.0676 2636 [ 89E8550C5862999FCF482EA562B0E98E ] Spooler C:\Windows\System32\spoolsv.exe 13:26:20.0686 2636 Spooler - ok 13:26:20.0756 2636 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe 13:26:20.0827 2636 sppsvc - ok 13:26:20.0837 2636 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 13:26:20.0847 2636 sppuinotify - ok 13:26:20.0867 2636 [ 43067A65522EAEC33D31A12D6FA8E3F4 ] srv C:\Windows\system32\DRIVERS\srv.sys 13:26:20.0877 2636 srv - ok 13:26:20.0887 2636 [ 03715CF9C30B563DA35FC5F2B8F7B8E0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 13:26:20.0897 2636 srv2 - ok 13:26:20.0907 2636 [ FBD09635227A8026C0F7790F604343C6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 13:26:20.0917 2636 srvnet - ok 13:26:20.0957 2636 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 13:26:20.0957 2636 SSDPSRV - ok 13:26:20.0977 2636 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 13:26:20.0977 2636 SstpSvc - ok 13:26:21.0017 2636 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 13:26:21.0017 2636 ssudmdm - ok 13:26:21.0067 2636 [ 1CFA4A1F3C7BB4C8F299E00428EB8677 ] SSUService C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe 13:26:21.0077 2636 SSUService - ok 13:26:21.0107 2636 Steam Client Service - ok 13:26:21.0127 2636 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 13:26:21.0127 2636 stexstor - ok 13:26:21.0187 2636 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 13:26:21.0187 2636 StillCam - ok 13:26:21.0237 2636 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll 13:26:21.0247 2636 stisvc - ok 13:26:21.0267 2636 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 13:26:21.0267 2636 swenum - ok 13:26:21.0307 2636 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 13:26:21.0317 2636 swprv - ok 13:26:21.0357 2636 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll 13:26:21.0397 2636 SysMain - ok 13:26:21.0407 2636 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll 13:26:21.0407 2636 TabletInputService - ok 13:26:21.0437 2636 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll 13:26:21.0447 2636 TapiSrv - ok 13:26:21.0477 2636 [ 93F0F5EF8A4CA261372DF98B31B2BD05 ] tbhsd C:\Windows\system32\drivers\tbhsd.sys 13:26:21.0477 2636 tbhsd - ok 13:26:21.0507 2636 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 13:26:21.0507 2636 TBS - ok 13:26:21.0577 2636 [ 90A2D722CF64D911879D6C4A4F802A4D ] Tcpip C:\Windows\system32\drivers\tcpip.sys 13:26:21.0607 2636 Tcpip - ok 13:26:21.0647 2636 [ 90A2D722CF64D911879D6C4A4F802A4D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 13:26:21.0657 2636 TCPIP6 - ok 13:26:21.0667 2636 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 13:26:21.0677 2636 tcpipreg - ok 13:26:21.0687 2636 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 13:26:21.0687 2636 TDPIPE - ok 13:26:21.0707 2636 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 13:26:21.0707 2636 TDTCP - ok 13:26:21.0727 2636 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys 13:26:21.0727 2636 tdx - ok 13:26:21.0737 2636 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 13:26:21.0747 2636 TermDD - ok 13:26:21.0777 2636 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll 13:26:21.0787 2636 TermService - ok 13:26:21.0847 2636 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 13:26:21.0857 2636 Themes - ok 13:26:21.0887 2636 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 13:26:21.0887 2636 THREADORDER - ok 13:26:21.0907 2636 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 13:26:21.0907 2636 TrkWks - ok 13:26:21.0957 2636 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 13:26:21.0957 2636 TrustedInstaller - ok 13:26:21.0987 2636 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 13:26:21.0997 2636 tssecsrv - ok 13:26:22.0007 2636 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 13:26:22.0007 2636 tunnel - ok 13:26:22.0047 2636 [ 9A744CC3D804EC38A6C2C65BC3C6FCD8 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS 13:26:22.0047 2636 TVALZ - ok 13:26:22.0067 2636 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 13:26:22.0077 2636 uagp35 - ok 13:26:22.0077 2636 UBNRedir - ok 13:26:22.0107 2636 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys 13:26:22.0117 2636 udfs - ok 13:26:22.0147 2636 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 13:26:22.0147 2636 UI0Detect - ok 13:26:22.0177 2636 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys 13:26:22.0177 2636 uliagpkx - ok 13:26:22.0187 2636 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 13:26:22.0187 2636 umbus - ok 13:26:22.0197 2636 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 13:26:22.0197 2636 UmPass - ok 13:26:22.0217 2636 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 13:26:22.0227 2636 upnphost - ok 13:26:22.0267 2636 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 13:26:22.0267 2636 USBAAPL64 - ok 13:26:22.0307 2636 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 13:26:22.0307 2636 usbaudio - ok 13:26:22.0327 2636 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 13:26:22.0327 2636 usbccgp - ok 13:26:22.0337 2636 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys 13:26:22.0347 2636 usbcir - ok 13:26:22.0367 2636 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 13:26:22.0377 2636 usbehci - ok 13:26:22.0407 2636 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 13:26:22.0417 2636 usbhub - ok 13:26:22.0437 2636 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 13:26:22.0437 2636 usbohci - ok 13:26:22.0447 2636 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 13:26:22.0457 2636 usbprint - ok 13:26:22.0487 2636 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 13:26:22.0487 2636 usbscan - ok 13:26:22.0507 2636 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:26:22.0507 2636 USBSTOR - ok 13:26:22.0517 2636 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 13:26:22.0517 2636 usbuhci - ok 13:26:22.0557 2636 [ D501E12614B00A3252073101D6A1A74B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 13:26:22.0557 2636 usbvideo - ok 13:26:22.0607 2636 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys 13:26:22.0607 2636 usb_rndisx - ok 13:26:22.0637 2636 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 13:26:22.0637 2636 UxSms - ok 13:26:22.0647 2636 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe 13:26:22.0647 2636 VaultSvc - ok 13:26:22.0677 2636 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys 13:26:22.0677 2636 vdrvroot - ok 13:26:22.0707 2636 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe 13:26:22.0717 2636 vds - ok 13:26:22.0717 2636 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 13:26:22.0717 2636 vga - ok 13:26:22.0757 2636 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 13:26:22.0757 2636 VgaSave - ok 13:26:22.0807 2636 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys 13:26:22.0807 2636 vhdmp - ok 13:26:22.0837 2636 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys 13:26:22.0837 2636 viaide - ok 13:26:22.0857 2636 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys 13:26:22.0857 2636 volmgr - ok 13:26:22.0887 2636 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 13:26:22.0897 2636 volmgrx - ok 13:26:22.0957 2636 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys 13:26:22.0967 2636 volsnap - ok 13:26:22.0987 2636 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 13:26:22.0987 2636 vsmraid - ok 13:26:23.0057 2636 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe 13:26:23.0087 2636 VSS - ok 13:26:23.0137 2636 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 13:26:23.0137 2636 vwifibus - ok 13:26:23.0157 2636 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 13:26:23.0157 2636 vwififlt - ok 13:26:23.0177 2636 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 13:26:23.0177 2636 vwifimp - ok 13:26:23.0187 2636 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 13:26:23.0197 2636 W32Time - ok 13:26:23.0207 2636 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 13:26:23.0207 2636 WacomPen - ok 13:26:23.0227 2636 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 13:26:23.0227 2636 WANARP - ok 13:26:23.0227 2636 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 13:26:23.0227 2636 Wanarpv6 - ok 13:26:23.0277 2636 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe 13:26:23.0327 2636 wbengine - ok 13:26:23.0357 2636 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 13:26:23.0357 2636 WbioSrvc - ok 13:26:23.0407 2636 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll 13:26:23.0417 2636 WcesComm - ok 13:26:23.0437 2636 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll 13:26:23.0447 2636 wcncsvc - ok 13:26:23.0467 2636 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 13:26:23.0467 2636 WcsPlugInService - ok 13:26:23.0497 2636 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 13:26:23.0497 2636 Wd - ok 13:26:23.0517 2636 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 13:26:23.0527 2636 Wdf01000 - ok 13:26:23.0537 2636 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 13:26:23.0537 2636 WdiServiceHost - ok 13:26:23.0547 2636 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 13:26:23.0547 2636 WdiSystemHost - ok 13:26:23.0557 2636 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll 13:26:23.0567 2636 WebClient - ok 13:26:23.0577 2636 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 13:26:23.0587 2636 Wecsvc - ok 13:26:23.0597 2636 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 13:26:23.0607 2636 wercplsupport - ok 13:26:23.0617 2636 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 13:26:23.0617 2636 WerSvc - ok 13:26:23.0647 2636 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 13:26:23.0647 2636 WfpLwf - ok 13:26:23.0667 2636 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 13:26:23.0667 2636 WIMMount - ok 13:26:23.0697 2636 WinDefend - ok 13:26:23.0697 2636 WinHttpAutoProxySvc - ok 13:26:23.0767 2636 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 13:26:23.0777 2636 Winmgmt - ok 13:26:23.0837 2636 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll 13:26:23.0897 2636 WinRM - ok 13:26:23.0937 2636 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 13:26:23.0937 2636 WinUsb - ok 13:26:23.0977 2636 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 13:26:23.0997 2636 Wlansvc - ok 13:26:24.0017 2636 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 13:26:24.0027 2636 WmiAcpi - ok 13:26:24.0057 2636 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 13:26:24.0057 2636 wmiApSrv - ok 13:26:24.0077 2636 WMPNetworkSvc - ok 13:26:24.0087 2636 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 13:26:24.0097 2636 WPCSvc - ok 13:26:24.0107 2636 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 13:26:24.0107 2636 WPDBusEnum - ok 13:26:24.0117 2636 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 13:26:24.0127 2636 ws2ifsl - ok 13:26:24.0137 2636 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 13:26:24.0137 2636 wscsvc - ok 13:26:24.0147 2636 WSearch - ok 13:26:24.0227 2636 [ 38340204A2D0228F1E87740FC5E554A7 ] wuauserv C:\Windows\system32\wuaueng.dll 13:26:24.0297 2636 wuauserv - ok 13:26:24.0317 2636 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 13:26:24.0317 2636 WudfPf - ok 13:26:24.0337 2636 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 13:26:24.0337 2636 WUDFRd - ok 13:26:24.0357 2636 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll 13:26:24.0357 2636 wudfsvc - ok 13:26:24.0377 2636 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 13:26:24.0377 2636 WwanSvc - ok 13:26:24.0407 2636 ================ Scan global =============================== 13:26:24.0437 2636 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 13:26:24.0467 2636 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll 13:26:24.0477 2636 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll 13:26:24.0497 2636 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 13:26:24.0537 2636 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 13:26:24.0537 2636 [Global] - ok 13:26:24.0537 2636 ================ Scan MBR ================================== 13:26:24.0557 2636 [ 8E734BD7AA1D4F7E9AF58DF495F6CF9E ] \Device\Harddisk0\DR0 13:26:24.0607 2636 \Device\Harddisk0\DR0 - ok 13:26:24.0607 2636 ================ Scan VBR ================================== 13:26:24.0617 2636 [ FB91A2245085D1EFB5639B1EC3A0DE9D ] \Device\Harddisk0\DR0\Partition1 13:26:24.0617 2636 \Device\Harddisk0\DR0\Partition1 - ok 13:26:24.0637 2636 [ FD677C4947BB8B313760B7C5B5F05B2C ] \Device\Harddisk0\DR0\Partition2 13:26:24.0637 2636 \Device\Harddisk0\DR0\Partition2 - ok 13:26:24.0637 2636 ============================================================ 13:26:24.0637 2636 Scan finished 13:26:24.0637 2636 ============================================================ 13:26:24.0657 6536 Detected object count: 0 13:26:24.0657 6536 Actual detected object count: 0 13:27:26.0684 6828 Deinitialize success
- January 19, 2013
- 30 replies
Locked out. Desktop hangs, no icons, stuck on spinning wheel -Safe Mode OK

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

Thanks for your reply. IThe three logs are as 3 separate posts: AdwCleaner: # AdwCleaner v2.106 - Logfile created 01/19/2013 at 13:25:12 # Updated 17/01/2013 by Xplode # Operating system : Windows 7 Home Premium (64 bits) # User : Dibbs - DIBBS-PC # Boot Mode : Normal # Running from : C:\Users\Dibbs\Downloads\adwcleaner(1).exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search Folder Found : C:\ProgramData\Babylon Folder Found : C:\ProgramData\boost_interprocess Folder Found : C:\Users\Dibbs\AppData\Local\Babylon Folder Found : C:\Users\Dibbs\AppData\Roaming\Babylon ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.7600.16385 [OK] Registry is clean. -\\ Mozilla Firefox v19.0 (en-US) File : C:\Users\Dibbs\AppData\Roaming\Mozilla\Firefox\Profiles\zpncz643.default\prefs.js [OK] File is clean. -\\ Google Chrome v24.0.1312.52 File : C:\Users\Dibbs\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. -\\ Opera v12.12.1707.0 File : C:\Users\Dibbs\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] File is clean. ************************* AdwCleaner[R1].txt - [39699 octets] - [28/12/2012 23:40:55] AdwCleaner[R2].txt - [1245 octets] - [19/01/2013 13:25:12] AdwCleaner[s2].txt - [3636 octets] - [28/12/2012 23:41:46] ########## EOF - C:\AdwCleaner[R2].txt - [1365 octets] ##########
- January 19, 2013
- 30 replies
Locked out. Desktop hangs, no icons, stuck on spinning wheel -Safe Mode OK

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

PS: I already have Kaspersky AV installed foer some time now, so am a little surprised it did not show up? Thanks.
- January 18, 2013
- 30 replies
Locked out. Desktop hangs, no icons, stuck on spinning wheel -Safe Mode OK

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

OK. 1. No P2P - all removed. 2. I ran Defogger. It finished successfully. I then reinstalled MBAM. It again got stuck in middle of scan and computer froze. REbooted and uninstalled MBAM. Reboot was very slow and sluggish, until MBAM removed. Computer recovers. 3. The ran DDS.com. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 12/11/2011 2:36:43 AM System Uptime: 1/18/2013 6:06:02 PM (0 hours ago) . Motherboard: Intel Corp. | | Base Board Product Name Processor: Intel® Core i3 CPU M 350 @ 2.27GHz | CPU | 2130/1066mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 337 GiB total, 134.685 GiB free. D: is CDROM () E: is CDROM () F: is CDROM () G: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: Description: Device ID: ACPI\QCI0701\2&DABA3FF&1 Manufacturer: Name: PNP Device ID: ACPI\QCI0701\2&DABA3FF&1 Service: . ==== System Restore Points =================== . RP161: 1/15/2013 6:53:42 AM - Scheduled Checkpoint . ==== Installed Programs ====================== . «3D Èíñòðóêòîð 2.2.0 Äîìàøíÿÿ âåðñèÿ» 18 WoS Extreme Trucker 2 (v.1.0) Adobe Acrobat X Pro Adobe AIR Adobe Anchor Service CS4 Adobe Anchor Service x64 CS4 Adobe Bridge CS4 Adobe CMaps CS4 Adobe CMaps x64 CS4 Adobe Color - Photoshop Specific CS4 Adobe Color EU Extra Settings CS4 Adobe Color JA Extra Settings CS4 Adobe Color NA Recommended Settings CS4 Adobe Color Video Profiles CS CS4 Adobe CSI CS4 Adobe CSI CS4 x64 Adobe Default Language CS4 Adobe Device Central CS4 Adobe Drive CS4 Adobe Drive CS4 x64 Adobe ExtendScript Toolkit CS4 Adobe Extension Manager CS4 Adobe Flash Player 11 ActiveX 64-bit Adobe Flash Player 11 Plugin Adobe Fonts All Adobe Fonts All x64 Adobe Linguistics CS4 Adobe Linguistics CS4 x64 Adobe Media Player Adobe Output Module Adobe PDF Library Files CS4 Adobe PDF Library Files x64 CS4 Adobe Photoshop CS4 Adobe Photoshop CS4 (64 Bit) Adobe Photoshop CS4 Support Adobe Reader XI Adobe Search for Help Adobe Service Manager Extension Adobe Setup Adobe Shockwave Player 11.6 Adobe Type Support CS4 Adobe Type Support x64 CS4 Adobe Update Manager CS4 Adobe WinSoft Linguistics Plugin Adobe WinSoft Linguistics Plugin x64 Adobe XMP Panels CS4 AdobeColorCommonSetCMYK AdobeColorCommonSetRGB Akamai NetSession Interface Android SDK Tools Apple Application Support Apple Mobile Device Support Apple Software Update ASUS Android USB Drivers ASUS Sync ASUS WebStorage Audials Audials TV BELKIN Bluetooth Software 6.0.1.4400 Bonjour Burnout Paradise The Ultimate Box CamToPrint CDBurnerXP Cisco Network Magic Conexant HD Audio Connect Corel Clip Art Corel Photo Album 7 Cytoscape 2.8.2 DAEMON Tools Lite DiskAid 5.12 EASEUS Data Recovery Wizard Professional 5.5.1 EGAN WebStart eMusic Download Manager 6 EPSON Printer Software FlatOut Ultimate Carnage Ford Racing 3 Form Pilot Pro version 2.27 GenePattern geWorkbench_2.2.2 GIMP 2.6.11 Google Chrome Google Talk Plugin GTI Racing HP Officejet 4620 series Basic Device Software HP Officejet 4620 series Help HP Update I.R.I.S. OCR ImgBurn Intel® Graphics Media Accelerator Driver iPhoneBrowser iTunes J-Express 2011 Java 7 Update 7 (64-bit) Java Auto Updater Java SE Development Kit 7 Update 7 (64-bit) Java 6 Update 35 Java SE Development Kit 7 Update 2 (64-bit) JavaFX 2.0.2 (64-bit) JavaFX 2.0.2 SDK (64-bit) K-Lite Codec Pack 5.9.0 (Basic) Kaspersky Internet Security 2013 kuler LEGO MINDSTORMS NXT - English Language Pack LEGO MINDSTORMS NXT Driver for x64 LEGO MINDSTORMS NXT Migration Package LEGO MINDSTORMS NXT Patch v2.0f3 LEGO MINDSTORMS NXT Software v2.0 Logitech Vid HD MacDrive 8 MATLAB Component Runtime MediaFACE Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Games for Windows - LIVE Redistributable Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC100_CRT_SP1_x64 Microsoft_VC100_CRT_SP1_x86 MiniTool Partition Wizard Home Edition 7.0 Mozilla Firefox 19.0 (x86 en-US) Mozilla Maintenance Service MSVC80_x64_v2 MSVC80_x86_v2 MSVC90_x64 MSVC90_x86 MSXML 4.0 SP3 Parser National Instruments Software NAVIGON Fresh 3.4.1 Need for Speed™ ProStreet NI-RPC 4.2.2f0 NI-RPC 4.2.2f0 for 64 Bit Windows NI-RPC 4.2.2f0 for Phar Lap ETS NI Authentication 2.0 NI Authentication 2.0 (64-bit) NI Curl 1.1 NI Curl 1.1 (64-bit) NI DataSocket 4.9 NI DataSocket 4.9 (64-bit) NI Error Reporting 2011 NI EulaDepot NI GMP Windows 32-bit Installer 11.0.0 NI GMP Windows 64-bit Installer 11.0.0 NI Help Assistant NI Help Assistant (64bit) NI LabVIEW 2011 Deployable License NI LabVIEW 2011 Deployment Framework NI LabVIEW 2011 Real-Time NBFifo NI LabVIEW 2011 Run-Time Engine Non-English Support. NI LabVIEW Run-Time Engine 2011 NI LabVIEW Run-Time Engine Interop 2011 NI LabVIEW Web Server for Run-Time Engine NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original) NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated) NI License Manager NI Logos 5.3.0 NI Logos XT Support NI Logos64 5.3.0 NI Logos64 XT Support NI Math Kernel Libraries NI Math Kernel Libraries (64-bit) NI MDF Support NI mDNS Responder 1.6 for Windows 64-bit NI mDNS Responder 1.6.0 NI MXS 5.0.0 NI MXS 5.0.0 for 64 Bit Windows NI OPC Support NI SSL Support NI SSL Support (64-bit) NI System State Publisher NI System State Publisher (64-bit) NI System Web Server 2.0 NI System Web Server Base 2.0 NI System Web Server Base 2.0 (64-bit) NI TDMS NI TDMS (64-bit) NI Trace Engine NI Trace Engine (64-bit) NI Uninstaller NI USI 1.9.0 NI USI 1.9.0 64-Bit NI Variable Engine (64-bit) NI Variable Engine 2.5.0 NI VC2005MSMs x64 NI VC2005MSMs x86 NI VC2008MSMs x64 NI VC2008MSMs x86 NI Web Application Server 2.0 NI Web Application Server 2.0 (64-bit) NI Xerces Delay Load 2.7.3 NI Xerces Delay Load 2.7.3 64-bit Nokia Connectivity Cable Driver Nokia Suite OBO-Edit2 2.1.0 Octoshape add-in for Adobe Flash Player Opera 12.12 PandoraRecovery (Remove Only) PC Connectivity Solution PDF Settings CS4 PFConfig 1.0.163 PhotoScape Photoshop Camera Raw Photoshop Camera Raw_x64 PowerISO Pure Networks Platform Realtek WLAN Driver Revo Uninstaller 1.94 Rhapsody RIM USB Driver 4.1.0 Router Screenshot Grabber 1.0.117 SAMSUNG USB Driver for Mobile Phones SDFormatter Skype Click to Call Skype™ 6.0 Splashtop Streamer Spotify Steam Stellar Phoenix Windows Data Recovery Stellar Phoenix Windows v4.2 Suite Shared Configuration CS4 swMSM Unity Web Player UniversalBox Universe Sandbox VLC media player 2.0.5 WBFS Manager 3.0 WBFS Manager 4.0 WinDirStat 1.1.2 Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) Windows Driver Package - UniversalBox Driver package (10/22/2009 2.06.00) Windows Media Player Firefox Plugin Windows Mobile Device Center WinRAR 4.10 beta 5 (64-bit) Xpand Rally Your Uninstaller! 7 . ==== Event Viewer Messages From Past Week ======== . 1/18/2013 6:06:25 PM, Error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified. 1/18/2013 6:04:54 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0. 1/14/2013 11:20:39 AM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:. 1/13/2013 9:35:36 AM, Error: Service Control Manager [7034] - The Pure Networks Platform Service service terminated unexpectedly. It has done this 1 time(s). . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_35 Run by Dibbs at 18:14:16 on 2013-01-18 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3894.1727 [GMT -5:00] . AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5} SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\crypserv.exe C:\Windows\SysWOW64\lkads.exe C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE C:\Program Files (x86)\National Instruments\MAX\nimxs.exe C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\SysWOW64\PSIService.exe C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\SysWOW64\lkcitdl.exe C:\Windows\SysWOW64\lktsrv.exe C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Corel\Corel Photo Album 7\Corel Photo Downloader.exe C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\Corel\Corel Photo Album 7\CorelIOMonitor.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe C:\Program Files\Belkin\Bluetooth Software\BTTray.exe C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe C:\Windows\system32\RunDll32.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\svchost.exe -k WindowsMobile C:\Windows\system32\sppsvc.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll uRun: [Akamai NetSession Interface] "C:\Users\Dibbs\AppData\Local\Akamai\netsession_win.exe" uRun: [HP Officejet 4620 series (NET)] "C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN29S215PP05RT:NW" -scfn "HP Officejet 4620 series (NET)" -AutoStart 1 uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Photo Album 7\CorelIOMonitor.exe mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup dRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun StartupFolder: C:\Users\Dibbs\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\Belkin\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NIERRO~1.LNK - C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: NameServer = 192.168.0.1 TCP: Interfaces\{C708EEA2-D231-465D-BF71-4884588D68A5} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{C708EEA2-D231-465D-BF71-4884588D68A5}\F6074796D657D677966696 : DHCPNameServer = 10.240.205.161 10.240.205.162 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [MacDrive 8 application] "C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe" x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [Corel Photo Downloader] "C:\Program Files (x86)\Corel\Corel Photo Album 7\Corel Photo Downloader.exe" -startup x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Dibbs\AppData\Roaming\Mozilla\Firefox\Profiles\zpncz643.default\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\eMusic Download Manager 6\npEMusic602.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2011win32.dll FF - plugin: C:\Users\Dibbs\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Users\Dibbs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Users\Dibbs\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Dibbs\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2012-12-29 19:33; anti_banner@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com FF - ExtSQL: 2012-12-29 19:33; content_blocker@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com FF - ExtSQL: 2012-12-29 19:33; online_banking@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com FF - ExtSQL: 2012-12-29 19:33; url_advisor@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com FF - ExtSQL: 2012-12-29 19:33; virtual_keyboard@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com . ============= SERVICES / DRIVERS =============== . R0 MDFSYSNT;MacDrive file system driver;C:\Windows\System32\drivers\MDFSYSNT.SYS [2010-10-7 307888] R0 MDPMGRNT;MacDrive Partition Driver;C:\Windows\System32\drivers\MDPMGRNT.SYS [2011-12-17 32424] R1 CBDisk;CBDisk;C:\Windows\System32\drivers\CBDisk.sys [2011-12-17 70344] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-6-15 283200] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504] R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-6-8 54104] R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178008] R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r [?] R2 M4LIC;Mediafour M4LIC service;C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE [2010-7-20 205312] R2 NIApplicationWebServer;NI Application Web Server;C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 50336] R2 nimDNSResponder;National Instruments mDNS Responder Service;C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-6-1 194224] R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-6-15 548264] R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2012-3-15 370504] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344] R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-27 158976] R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-10-25 29016] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-10-25 29528] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-4-20 169584] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2011-12-11 946688] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-9-19 102368] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-1-10 1038088] S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136] S3 LVUVC64;Logitech Webcam C260(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568] S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\System32\drivers\nmwcdnsucx64.sys [2011-11-1 12800] S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2011-11-1 171008] S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2011-12-17 19936] S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2011-12-17 13280] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-9-19 203104] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736] S4 MacDrive8Service;MacDrive 8 service;C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe [2010-10-8 149504] S4 NIApplicationWebServer64;NI Application Web Server (64-bit);C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 68256] . =============== Created Last 30 ================ . 2013-01-11 13:27:53 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BAFC8448-AE01-4C5C-863D-ABFF87C948AC}\offreg.dll 2013-01-04 13:30:02 3712 ----a-w- C:\Windows\SysWow64\ealregsnapshot1.reg 2013-01-04 13:07:47 -------- d-----w- C:\Users\Dibbs\AppData\Local\Criterion Games 2012-12-30 19:46:49 -------- d-----w- C:\Program Files (x86)\VideoLAN 2012-12-30 00:55:03 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack 2012-12-30 00:42:48 -------- d-----w- C:\Program Files (x86)\3D Instructor 2.2 Home 2012-12-30 00:33:58 64856 ----a-w- C:\Windows\System32\klfphc.dll 2012-12-30 00:33:20 -------- d-----w- C:\Windows\ELAMBKUP 2012-12-30 00:02:58 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab 2012-12-30 00:02:57 -------- d-----w- C:\ProgramData\Kaspersky Lab 2012-12-29 20:11:31 -------- d-----w- C:\Users\Dibbs\AppData\Local\eMusic 2012-12-29 20:11:20 -------- d-----w- C:\Program Files (x86)\eMusic Download Manager 6 2012-12-29 19:18:18 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\HpUpdate 2012-12-29 19:18:12 741480 ------w- C:\Windows\System32\HPDiscoPM6412.dll 2012-12-29 19:17:49 -------- d-----w- C:\Program Files (x86)\HP 2012-12-29 19:17:48 -------- d-----w- C:\Program Files\HP 2012-12-29 19:17:25 -------- d-----w- C:\Users\Dibbs\AppData\Local\HP 2012-12-29 18:39:29 -------- d-----w- C:\FRST 2012-12-29 15:50:39 -------- d-----w- C:\Users\Dibbs\AppData\Local\Adobe 2012-12-29 07:52:07 -------- d-sh--w- C:\found.000 2012-12-29 06:06:27 -------- d-----w- C:\Windows\pss 2012-12-29 02:37:00 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\QuickScan 2012-12-29 02:02:14 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2012-12-29 01:57:24 -------- d-sh--w- C:\$RECYCLE.BIN 2012-12-29 01:20:28 98816 ----a-w- C:\Windows\sed.exe 2012-12-29 01:20:28 256000 ----a-w- C:\Windows\PEV.exe 2012-12-29 01:20:28 208896 ----a-w- C:\Windows\MBR.exe 2012-12-29 00:57:36 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\EurekaLog 2012-12-29 00:54:42 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\URSoft 2012-12-29 00:54:39 -------- d-----w- C:\Program Files (x86)\Your Uninstaller! 7 2012-12-29 00:54:28 -------- d-----w- C:\Users\Dibbs\AppData\Local\Babylon 2012-12-29 00:54:27 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\Babylon 2012-12-29 00:54:27 -------- d-----w- C:\ProgramData\Babylon 2012-12-29 00:36:56 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BAFC8448-AE01-4C5C-863D-ABFF87C948AC}\mpengine.dll 2012-12-28 22:46:25 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0 2012-12-28 19:47:15 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2012-12-28 19:04:42 -------- d-----w- C:\Users\Dibbs\AppData\Local\Programs 2012-12-28 16:08:02 -------- d-----w- C:\Users\Dibbs\AppData\Local\RadonLabs 2012-12-28 16:03:20 165376 ----a-w- C:\Windows\SysWow64\unrar.dll . ==================== Find3M ==================== . 2013-01-06 16:24:16 952 --sha-w- C:\Windows\SysWow64\KGyGaAvL.sys 2012-12-30 02:22:15 54104 ----a-w- C:\Windows\System32\drivers\kltdi.sys 2012-12-21 21:52:34 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-12-21 21:52:34 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-10-25 22:23:06 29528 ----a-w- C:\Windows\System32\drivers\klmouflt.sys 2012-10-25 22:23:06 29016 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys . ============= FINISH: 18:15:24.67 ===============
- January 18, 2013
- 30 replies
Locked out. Desktop hangs, no icons, stuck on spinning wheel -Safe Mode OK

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

Sure. My apologies again. I am very aware of the way this forum works. Just a screw loose there ! ATTACH.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 12/11/2011 2:36:43 AM System Uptime: 12/28/2012 9:39:05 PM (1 hours ago) . Motherboard: Intel Corp. | | Base Board Product Name Processor: Intel® Core™ i3 CPU M 350 @ 2.27GHz | CPU | 2261/1066mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 337 GiB total, 150.145 GiB free. D: is CDROM () E: is FIXED (FAT32) - 128 GiB total, 128.196 GiB free. F: is CDROM () G: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: Description: Device ID: ACPI\QCI0701\2&DABA3FF&1 Manufacturer: Name: PNP Device ID: ACPI\QCI0701\2&DABA3FF&1 Service: . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Security Processor Loader Driver Device ID: ROOT\LEGACY_SPLDR\0000 Manufacturer: Name: Security Processor Loader Driver PNP Device ID: ROOT\LEGACY_SPLDR\0000 Service: spldr . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . µTorrent 18 WoS Extreme Trucker 2 (v.1.0) Adobe Acrobat X Pro Adobe AIR Adobe Anchor Service CS4 Adobe Anchor Service x64 CS4 Adobe Bridge CS4 Adobe CMaps CS4 Adobe CMaps x64 CS4 Adobe Color - Photoshop Specific CS4 Adobe Color EU Extra Settings CS4 Adobe Color JA Extra Settings CS4 Adobe Color NA Recommended Settings CS4 Adobe Color Video Profiles CS CS4 Adobe CSI CS4 Adobe CSI CS4 x64 Adobe Default Language CS4 Adobe Device Central CS4 Adobe Drive CS4 Adobe Drive CS4 x64 Adobe ExtendScript Toolkit CS4 Adobe Extension Manager CS4 Adobe Flash Player 11 ActiveX 64-bit Adobe Flash Player 11 Plugin Adobe Fonts All Adobe Fonts All x64 Adobe Linguistics CS4 Adobe Linguistics CS4 x64 Adobe Media Player Adobe Output Module Adobe PDF Library Files CS4 Adobe PDF Library Files x64 CS4 Adobe Photoshop CS4 Adobe Photoshop CS4 (64 Bit) Adobe Photoshop CS4 Support Adobe Reader XI Adobe Search for Help Adobe Service Manager Extension Adobe Setup Adobe Shockwave Player 11.6 Adobe Type Support CS4 Adobe Type Support x64 CS4 Adobe Update Manager CS4 Adobe WinSoft Linguistics Plugin Adobe WinSoft Linguistics Plugin x64 Adobe XMP Panels CS4 AdobeColorCommonSetCMYK AdobeColorCommonSetRGB Akamai NetSession Interface Android SDK Tools Apple Application Support Apple Mobile Device Support Apple Software Update ASUS Android USB Drivers ASUS Sync ASUS WebStorage Audials Audials TV BELKIN Bluetooth Software 6.0.1.4400 Bonjour CamToPrint CDBurnerXP Cisco Network Magic Conexant HD Audio Connect Corel Clip Art Corel Photo Album 7 Cytoscape 2.8.2 DAEMON Tools Lite DiskAid 5.12 EASEUS Data Recovery Wizard Professional 5.5.1 EGAN WebStart EPSON Printer Software FlatOut Ultimate Carnage Ford Racing 3 Form Pilot Pro version 2.27 GenePattern geWorkbench_2.2.2 GIMP 2.6.11 Google Chrome Google Talk Plugin GTI Racing ImgBurn Intel® Graphics Media Accelerator Driver iPhoneBrowser iTunes J-Express 2011 Jamcast Java 7 Update 7 (64-bit) Java Auto Updater Java SE Development Kit 7 Update 7 (64-bit) Java™ 6 Update 35 Java™ SE Development Kit 7 Update 2 (64-bit) JavaFX 2.0.2 (64-bit) JavaFX 2.0.2 SDK (64-bit) kuler LEGO MINDSTORMS NXT - English Language Pack LEGO MINDSTORMS NXT Driver for x64 LEGO MINDSTORMS NXT Migration Package LEGO MINDSTORMS NXT Patch v2.0f3 LEGO MINDSTORMS NXT Software v2.0 Logitech Vid HD MacDrive 8 Malwarebytes Anti-Malware version 1.70.0.1100 MATLAB Component Runtime MediaFACE Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Games for Windows - LIVE Redistributable Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC100_CRT_SP1_x64 Microsoft_VC100_CRT_SP1_x86 MiniTool Partition Wizard Home Edition 7.0 Mozilla Firefox 18.0 (x86 en-US) Mozilla Maintenance Service MSVC80_x64_v2 MSVC80_x86_v2 MSVC90_x64 MSVC90_x86 MSXML 4.0 SP3 Parser National Instruments Software NAVIGON Fresh 3.4.1 Need for Speed™ ProStreet NI-RPC 4.2.2f0 NI-RPC 4.2.2f0 for 64 Bit Windows NI-RPC 4.2.2f0 for Phar Lap ETS NI Authentication 2.0 NI Authentication 2.0 (64-bit) NI Curl 1.1 NI Curl 1.1 (64-bit) NI DataSocket 4.9 NI DataSocket 4.9 (64-bit) NI Error Reporting 2011 NI EulaDepot NI GMP Windows 32-bit Installer 11.0.0 NI GMP Windows 64-bit Installer 11.0.0 NI Help Assistant NI Help Assistant (64bit) NI LabVIEW 2011 Deployable License NI LabVIEW 2011 Deployment Framework NI LabVIEW 2011 Real-Time NBFifo NI LabVIEW 2011 Run-Time Engine Non-English Support. NI LabVIEW Run-Time Engine 2011 NI LabVIEW Run-Time Engine Interop 2011 NI LabVIEW Web Server for Run-Time Engine NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original) NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated) NI License Manager NI Logos 5.3.0 NI Logos XT Support NI Logos64 5.3.0 NI Logos64 XT Support NI Math Kernel Libraries NI Math Kernel Libraries (64-bit) NI MDF Support NI mDNS Responder 1.6 for Windows 64-bit NI mDNS Responder 1.6.0 NI MXS 5.0.0 NI MXS 5.0.0 for 64 Bit Windows NI OPC Support NI SSL Support NI SSL Support (64-bit) NI System State Publisher NI System State Publisher (64-bit) NI System Web Server 2.0 NI System Web Server Base 2.0 NI System Web Server Base 2.0 (64-bit) NI TDMS NI TDMS (64-bit) NI Trace Engine NI Trace Engine (64-bit) NI Uninstaller NI USI 1.9.0 NI USI 1.9.0 64-Bit NI Variable Engine (64-bit) NI Variable Engine 2.5.0 NI VC2005MSMs x64 NI VC2005MSMs x86 NI VC2008MSMs x64 NI VC2008MSMs x86 NI Web Application Server 2.0 NI Web Application Server 2.0 (64-bit) NI Xerces Delay Load 2.7.3 NI Xerces Delay Load 2.7.3 64-bit Nokia Connectivity Cable Driver Nokia Suite OBO-Edit2 2.1.0 Octoshape add-in for Adobe Flash Player Opera 12.00 PandoraRecovery (Remove Only) PC Connectivity Solution PDF Settings CS4 PFConfig 1.0.163 PhotoScape Photoshop Camera Raw Photoshop Camera Raw_x64 PowerISO Pure Networks Platform Realtek WLAN Driver Revo Uninstaller 1.94 Rhapsody RIM USB Driver 4.1.0 Router Screenshot Grabber 1.0.117 SAMSUNG USB Driver for Mobile Phones SDFormatter Skype Click to Call Skype™ 6.0 Splashtop Streamer Spotify Steam Stellar Phoenix Windows Data Recovery Stellar Phoenix Windows v4.2 Suite Shared Configuration CS4 swMSM Unity Web Player UniversalBox Universe Sandbox WBFS Manager 3.0 WBFS Manager 4.0 WinDirStat 1.1.2 Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) Windows Driver Package - UniversalBox Driver package (10/22/2009 2.06.00) Windows Media Player Firefox Plugin Windows Mobile Device Center WinRAR 4.10 beta 5 (64-bit) Xpand Rally Your Uninstaller! 7 . ==== Event Viewer Messages From Past Week ======== . 12/28/2012 9:42:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 12/28/2012 9:42:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 12/28/2012 9:40:11 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 12/28/2012 9:40:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 12/28/2012 9:40:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 12/28/2012 9:40:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 12/28/2012 9:39:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 12/28/2012 9:39:45 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: CBDisk discache MDFSYSNT NetworkX SASDIFSV SASKUTIL SCDEmu spldr Wanarpv6 12/28/2012 9:37:11 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0. 12/28/2012 9:23:36 PM, Error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified. 12/28/2012 8:57:13 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: CBDisk discache MDFSYSNT NetworkX SCDEmu spldr Wanarpv6 12/28/2012 8:40:56 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 12/28/2012 8:40:26 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 12/28/2012 8:20:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} 12/28/2012 7:57:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} 12/28/2012 7:36:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 12/28/2012 7:24:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service COMSysApp with arguments "" in order to run the server: {182C40F0-32E4-11D0-818B-00A0C9231C29} 12/28/2012 7:16:45 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running. 12/28/2012 7:16:45 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running. 12/28/2012 7:16:45 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Extensible Authentication Protocol service, but this action failed with the following error: An instance of the service is already running. 12/28/2012 7:16:45 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running. 12/28/2012 7:15:45 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running. 12/28/2012 7:15:45 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Application Experience service, but this action failed with the following error: An instance of the service is already running. 12/28/2012 7:14:54 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Jamcast service to connect. 12/28/2012 7:14:54 PM, Error: Service Control Manager [7000] - The Jamcast service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 12/28/2012 7:14:40 AM, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s). 12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Portable Device Enumerator Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. 12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Human Interface Device Access service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/28/2012 7:12:51 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 12/28/2012 7:12:18 AM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:. 12/28/2012 2:56:19 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. 12/28/2012 2:49:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WcesComm with arguments "" in order to run the server: {FF4C4832-2BEA-4472-98A3-F931BEB8F62B} 12/28/2012 2:38:15 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 12/28/2012 2:34:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 12/28/2012 2:34:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 12/28/2012 2:24:41 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CBDisk DfsC discache MDFSYSNT NetBIOS NetBT NetworkX nsiproxy Psched rdbss SCDEmu spldr tdx vwififlt Wanarpv6 WfpLwf 12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 12/28/2012 11:36:10 AM, Error: Service Control Manager [7022] - The Windows Mobile-2003-based device connectivity service hung on starting. 12/28/2012 11:34:10 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 12/28/2012 11:33:11 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service. 12/28/2012 11:32:41 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service. 12/28/2012 11:32:11 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. 12/28/2012 11:31:41 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the stisvc service. 12/28/2012 11:31:27 AM, Error: Service Control Manager [7022] - The Windows Search service hung on starting. 12/28/2012 11:31:11 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service. 12/28/2012 11:30:24 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RapiMgr service. 12/28/2012 10:10:32 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 12/28/2012 1:57:23 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004 12/28/2012 1:49:50 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service. 12/28/2012 1:49:20 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SplashtopRemoteService service. 12/28/2012 1:47:01 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EapHost service. 12/28/2012 1:46:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service. 12/28/2012 1:46:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 12/28/2012 1:28:05 AM, Error: Service Control Manager [7034] - The Pure Networks Platform Service service terminated unexpectedly. It has done this 1 time(s). 12/21/2012 9:08:25 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.104. The computer with the IP address 192.168.0.102 did not allow the name to be claimed by this computer. 12/21/2012 3:14:30 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer HP-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{C708EEA2-D231-465D-BF71-4884588D68A5}. The master browser is stopping or an election is being forced. . ==== End Of File =========================== DDS.TXT DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_35 Run by Dibbs at 22:09:57 on 2012-12-28 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3894.2900 [GMT -5:00] . SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\Explorer.EXE C:\Windows\system32\ctfmon.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent uRun: [spotify] "C:\Users\Dibbs\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart uRun: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun uRun: [spotify Web Helper] "C:\Users\Dibbs\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" uRun: [Akamai NetSession Interface] "C:\Users\Dibbs\AppData\Local\Akamai\netsession_win.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.110.223\AsusWSPanel.exe /S mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin mRun: [MediaFace Integration] C:\Program Files (x86)\Fellowes\MediaFACE 5.0\SetHook.exe mRun: [Corel Photo Downloader] "C:\Program Files (x86)\Corel\Corel Photo Album 7\Corel Photo Downloader.exe" -startup mRun: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Photo Album 7\CorelIOMonitor.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun: [Jamcast System Tray Utility] "C:\Program Files (x86)\Jamcast\jctray.exe" mRun: [ASUS Sync Loader] "C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe" -startup mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\Belkin\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NIERRO~1.LNK - C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: NameServer = 192.168.0.1 TCP: Interfaces\{C708EEA2-D231-465D-BF71-4884588D68A5} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{C708EEA2-D231-465D-BF71-4884588D68A5}\F6074796D657D677966696 : DHCPNameServer = 10.240.205.161 10.240.205.162 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t x64-Run: [MacDrive 8 application] "C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe" x64-Run: [Getting started with MacDrive 8] "C:\Program Files\Mediafour\MacDrive 8\MDGetStarted.exe" /auto x64-Run: [Form Pilot Pro virtual printer agent] "C:\Program Files\Form Pilot Pro\fppragent.exe" x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe x64-Run: [Corel Photo Downloader] "C:\Program Files (x86)\Corel\Corel Photo Album 7\Corel Photo Downloader.exe" -startup x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Dibbs\AppData\Roaming\Mozilla\Firefox\Profiles\zpncz643.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.nytimes.com/ FF - prefs.js: network.proxy.ftp - 122.165.59.98 FF - prefs.js: network.proxy.ftp_port - 80 FF - prefs.js: network.proxy.http - 122.165.59.98 FF - prefs.js: network.proxy.http_port - 80 FF - prefs.js: network.proxy.socks - 122.165.59.98 FF - prefs.js: network.proxy.socks_port - 80 FF - prefs.js: network.proxy.ssl - 122.165.59.98 FF - prefs.js: network.proxy.ssl_port - 80 FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2011win32.dll FF - plugin: C:\Users\Dibbs\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Users\Dibbs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Users\Dibbs\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Dibbs\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 MDPMGRNT;MacDrive Partition Driver;C:\Windows\System32\drivers\MDPMGRNT.SYS [2011-12-17 32424] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-6-15 283200] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-4-20 169584] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2011-12-11 946688] S0 MDFSYSNT;MacDrive file system driver;C:\Windows\System32\drivers\MDFSYSNT.SYS [2010-10-7 307888] S1 CBDisk;CBDisk;C:\Windows\System32\drivers\CBDisk.sys [2011-12-17 70344] S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 Jamcast;Jamcast;C:\Program Files (x86)\Jamcast\jamcastsvc.exe [2012-7-9 64240] S2 M4LIC;Mediafour M4LIC service;C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE [2010-7-20 205312] S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-27 398184] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-27 682344] S2 NIApplicationWebServer;NI Application Web Server;C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 50336] S2 nimDNSResponder;National Instruments mDNS Responder Service;C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-6-1 194224] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944] S2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-6-15 548264] S2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2012-3-15 370504] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-9-19 102368] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-1-10 1038088] S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-27 158976] S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136] S3 LVUVC64;Logitech Webcam C260(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568] S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2012-12-28 36680] S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-12-11 24176] S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\System32\drivers\nmwcdnsucx64.sys [2011-11-1 12800] S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2011-11-1 171008] S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2011-12-17 19936] S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2011-12-17 13280] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-9-19 203104] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736] S4 MacDrive8Service;MacDrive 8 service;C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe [2010-10-8 149504] S4 NIApplicationWebServer64;NI Application Web Server (64-bit);C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 68256] . =============== Created Last 30 ================ . 2012-12-29 02:37:00 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\QuickScan 2012-12-29 02:16:59 36680 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2012-12-29 02:02:30 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\SUPERAntiSpyware.com 2012-12-29 02:02:14 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2012-12-29 02:02:14 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2012-12-29 01:57:24 -------- d-sh--w- C:\$RECYCLE.BIN 2012-12-29 01:20:28 98816 ----a-w- C:\Windows\sed.exe 2012-12-29 01:20:28 256000 ----a-w- C:\Windows\PEV.exe 2012-12-29 01:20:28 208896 ----a-w- C:\Windows\MBR.exe 2012-12-29 00:57:36 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\EurekaLog 2012-12-29 00:54:42 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\URSoft 2012-12-29 00:54:39 -------- d-----w- C:\Program Files (x86)\Your Uninstaller! 7 2012-12-29 00:54:28 -------- d-----w- C:\Users\Dibbs\AppData\Local\Babylon 2012-12-29 00:54:27 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\Babylon 2012-12-29 00:54:27 -------- d-----w- C:\ProgramData\Babylon 2012-12-29 00:36:56 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BAFC8448-AE01-4C5C-863D-ABFF87C948AC}\mpengine.dll 2012-12-28 19:47:15 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2012-12-28 19:04:42 -------- d-----w- C:\Users\Dibbs\AppData\Local\Programs 2012-12-28 16:08:02 -------- d-----w- C:\Users\Dibbs\AppData\Local\RadonLabs 2012-12-28 16:03:20 165376 ----a-w- C:\Windows\SysWow64\unrar.dll 2012-12-08 16:09:27 33328 ----a-w- C:\Windows\System32\drivers\pnarp.sys 2012-12-08 16:09:20 35376 ----a-w- C:\Windows\System32\drivers\purendis.sys 2012-12-08 16:09:20 -------- d-----w- C:\Program Files (x86)\Common Files\Pure Networks Shared 2012-12-08 16:09:10 -------- d-----w- C:\ProgramData\Pure Networks 2012-12-05 03:11:29 -------- d-----w- C:\Program Files (x86)\Pure Networks . ==================== Find3M ==================== . 2012-12-21 21:52:34 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-12-21 21:52:34 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-12-14 21:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-12-08 16:28:38 952 --sha-w- C:\Windows\SysWow64\KGyGaAvL.sys 2012-10-02 20:55:22 916456 ----a-w- C:\Windows\System32\deployJava1.dll 2012-10-02 20:55:22 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll 2012-10-02 20:55:22 1034216 ----a-w- C:\Windows\System32\npdeployJava1.dll . ============= FINISH: 22:10:44.18 ===============
- January 17, 2013
- 30 replies
Locked out. Desktop hangs, no icons, stuck on spinning wheel -Safe Mode OK

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

Awww..... sorry to blow off there. Will post scan logs.
- January 16, 2013
- 30 replies
Locked out. Desktop hangs, no icons, stuck on spinning wheel -Safe Mode OK

disinfectPL replied to disinfectPL's topic in Resolved Malware Removal Logs

Oh, come on now !! I am not that daft to have two versions of Malwarebytes installed on the same computer. I said "older version still works on my other computer". Installing the new version on any computer BY ITSELF gives the same problem. Not every one who complains about any software is clueless......
- January 16, 2013
- 30 replies

Events

Profiles

Forums

Everything posted by disinfectPL

Important Information