Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

random audio playing on computer: URGENT! [Closed]


  • This topic is locked This topic is locked

#1
bekahknows

bekahknows

    New Member

  • Member
  • Pip
  • 3 posts
my computer keeps playing random audios even when nothing is open. it used to be just ads playing and i thought i got rid of that a week ago because no ads would play anymore but this morning it came back and its not ads anymore i can hear people talking and laughing and playing music like ive been hacked but i cant see them, my spyware detect them and cant get rid of this problem either..any ideas:??i fear that if ive been hacked my personal information will be compromised please help.
ive tried my regular AVG scan and remove
superantispyware scan and remove in safe mode also
rootkit removers
malware removers
heres my HJT logfile



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:46:01 PM, on 8/10/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Safe mode

Running processes:
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Family computer\AppData\Roaming\Complitly\Complitly.dll (file missing)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: VirtualDJ Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CinemaNow Service - CinemaNow, Inc. - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: HP Support Assistant Service - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (file missing)
O23 - Service: hpqwmiex - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8126 bytes
  • 0

Advertisements


#2
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello bekahknows and welcome to my office here at G2G! :)

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Step 1

Download OTL to your Desktop

  • Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator"). Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan/Fixes box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them if you need to start a new topic.

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Check the boxes beside:

    • Verify Driver Digital Signature
    • Detect TDLFS file system
  • then click OK.
  • Click the Start Scan button to start the scan.
  • If a suspicious object is detected, the default action will be Skip
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected for malicious objects

    Posted Image
  • Click Continue then Reboot now to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3

Please don't forget to include these items in your reply:

  • OTL log
  • OTL Extras log
  • TDSSKiller log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#3
bekahknows

bekahknows

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
@maliprog thanks for helping me:) these are my logs


OTL Extras logfile created on: 8/16/2012 2:16:21 PM - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Family computer\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.75 Gb Total Physical Memory | 4.50 Gb Available Physical Memory | 78.24% Memory free
11.50 Gb Paging File | 9.35 Gb Available in Paging File | 81.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.35 Gb Total Space | 847.73 Gb Free Space | 92.21% Space Free | Partition Type: NTFS
Drive D: | 12.07 Gb Total Space | 1.47 Gb Free Space | 12.22% Space Free | Partition Type: NTFS

Computer Name: FAMILYCOMPUTER | User Name: Family computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{7C7A5A92-046C-A38C-AE0F-8F9CCA0F67A8}" = ATI Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FD9560A8-CB02-1F28-CB9C-487244A28A8B}" = ccc-utility64
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0655C185-FD48-5EBA-484A-CD530291F44D}" = CCC Help Hungarian
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0BF71387-5AFD-F71B-7353-3AEBD3E8F5F3}" = Catalyst Control Center Graphics Full Existing
"{0E1C256F-6B90-E5A5-F62E-5DAE1AEAE294}" = ccc-core-static
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1B01541D-B1B8-8B7E-E82B-70551A1AF961}" = CCC Help Chinese Standard
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22139F5D-9405-455A-BDEB-658B1A4E4861}" = Catalyst Control Center - Branding
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26070CDA-A7C5-2114-0533-38DE06C65E7F}" = CCC Help Polish
"{264FE20A-757B-492a-B0C3-4009E2997D8A}" = PictureMover
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{2726B6FF-D8F9-8F29-2A7D-8192AAE79D3F}" = Catalyst Control Center Localization All
"{2CE4119A-FF7F-3EE6-42A4-EB53C6057FFE}" = Zinio Reader 4
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{3088B508-7EE1-EC64-4FFD-C4901378CE7D}" = CCC Help Russian
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3538DD8F-A0CF-4CB9-8B38-0963CAA509EA}" = Panda Antivirus Pro 2012
"{3778B802-8E2C-04B0-2C1B-7C2A8F981824}" = CCC Help Finnish
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{48CA048A-3C5B-391E-7FF0-F36F434CB1B6}" = CCC Help Thai
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{52CD3425-C5E8-C49D-B776-AC85F018C0F6}" = Catalyst Control Center Graphics Previews Vista
"{597CE475-4F62-89EE-A81E-DB509DA0CBB2}" = CCC Help English
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{5E7A925A-CCE1-4ED5-A0DD-4A821A3F9BC2}" = Catalyst Control Center Core Implementation
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{674DAE26-3C3C-2D20-1BB4-82B380142E78}" = CCC Help Greek
"{6A9EF47E-D49A-2EFC-20A1-A92DE7F826DF}" = CCC Help Czech
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A9C67EF-05A8-499F-56A2-C467A4FE6DEE}" = CCC Help Italian
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7DA0C5CE-9817-CDB2-F061-F72D0CB6EEB3}" = CCC Help German
"{7DB63154-92A4-12AE-364F-DE9C7B459720}" = CCC Help Spanish
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8D2A81D8-AABF-673B-08BE-EF7A80295F14}" = CCC Help French
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{912CED74-88D3-4C5B-ACB0-13231864975D}" = PressReader
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{981F6BCD-252E-6A64-9C6D-4E3B10B1B126}" = Catalyst Control Center InstallProxy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A7CEA571-43AC-95FE-4F08-22C401FC2824}" = CCC Help Japanese
"{A826CCC4-C0BA-97B4-F1DB-E68CD45D1133}" = CCC Help Danish
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC9A3F48-8936-40CD-A0B2-7CFA76906143}" = Catalyst Control Center Graphics Full New
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B68D391C-32C6-798E-C78F-83C1797B162A}" = CCC Help Swedish
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BDDA1E1E-204E-4368-B0C2-737F16B76307}" = HP MediaSmart/TouchSmart Netflix
"{C58BEC6C-D968-4FE3-8DD6-9FDC4278657B}" = Panda Antivirus Pro 2012
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DC47D46D-8874-D83A-6612-9DA3175861B2}" = CCC Help Korean
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DF09BCD9-3556-77A6-8984-1CA95F8E1078}" = CCC Help Portuguese
"{E0DE2996-A443-5FEA-30B7-9395E0F3A7CC}" = CCC Help Chinese Traditional
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EDFA892D-594D-C921-35FF-B6E5CFD2487C}" = CCC Help Dutch
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F56BBEB1-E982-0A07-0004-1CBC8E5B534E}" = CCC Help Turkish
"{F600ED39-BA0C-A127-EAB7-057DF0A327E0}" = CCC Help Norwegian
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F84B7A2F-2328-A610-89F6-2CC78CF00FFE}" = Catalyst Control Center Graphics Light
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Kobo" = Kobo
"Logitech Vid" = Logitech Vid HD
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PDF Complete" = PDF Complete Special Edition
"TI-83 Plus Flash Debugger" = TI-83 Plus Flash Debugger
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT087328" = Blackhawk Striker 2
"WT087335" = Build-a-lot 2
"WT087342" = Dora's Carnival Adventure
"WT087360" = Escape Rosecliff Island
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087372" = Heroes of Hellas 2 - Olympia
"WT087373" = Jewel Quest 3
"WT087379" = Jewel Quest Solitaire 2
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087414" = Virtual Families
"WT087415" = Wheel of Fortune 2
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087501" = Plants vs. Zombies
"WT087513" = Virtual Villagers - The Secret City
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1" = Zinio Reader 4

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HuluDesktop" = Hulu Desktop

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/21/2012 2:29:54 PM | Computer Name = Familycomputer | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/21/2012 2:29:54 PM | Computer Name = Familycomputer | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9360

Error - 7/21/2012 2:29:54 PM | Computer Name = Familycomputer | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9360

Error - 7/21/2012 2:38:25 PM | Computer Name = Familycomputer | Source = RasClient | ID = 20227
Description =

Error - 7/21/2012 2:39:46 PM | Computer Name = Familycomputer | Source = RasClient | ID = 20227
Description =

Error - 7/21/2012 3:03:44 PM | Computer Name = Familycomputer | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/21/2012 3:03:44 PM | Computer Name = Familycomputer | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 999

Error - 7/21/2012 3:03:44 PM | Computer Name = Familycomputer | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 999

Error - 7/21/2012 3:03:45 PM | Computer Name = Familycomputer | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/21/2012 3:03:45 PM | Computer Name = Familycomputer | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1997

[ Hewlett-Packard Events ]
Error - 8/25/2011 4:01:11 PM | Computer Name = Familycomputer | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP
Support Framework\Logs\Temp\HPSA\HPSASession_201108251501.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String
path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String
path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String
path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()


Error - 9/1/2011 4:37:39 PM | Computer Name = Familycomputer | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP
Support Framework\Logs\Temp\HPSA\HPSASession_201109011537.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String
path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String
path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String
path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()


[ Media Center Events ]
Error - 8/31/2011 4:19:47 PM | Computer Name = Familycomputer | Source = MCUpdate | ID = 0
Description = 3:19:47 PM - Error connecting to the internet. 3:19:47 PM - Unable
to contact server..

Error - 8/31/2011 4:19:58 PM | Computer Name = Familycomputer | Source = MCUpdate | ID = 0
Description = 3:19:53 PM - Error connecting to the internet. 3:19:53 PM - Unable
to contact server..

[ System Events ]
Error - 8/11/2012 6:22:58 PM | Computer Name = Familycomputer | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR6.

Error - 8/11/2012 6:22:58 PM | Computer Name = Familycomputer | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR6.

Error - 8/11/2012 6:24:32 PM | Computer Name = Familycomputer | Source = Service Control Manager | ID = 7000
Description = The HP Support Assistant Service service failed to start due to the
following error: %%2

Error - 8/11/2012 10:48:42 PM | Computer Name = Familycomputer | Source = Service Control Manager | ID = 7000
Description = The HP Support Assistant Service service failed to start due to the
following error: %%2

Error - 8/12/2012 4:03:56 PM | Computer Name = Familycomputer | Source = Service Control Manager | ID = 7000
Description = The HP Support Assistant Service service failed to start due to the
following error: %%2

Error - 8/13/2012 12:46:16 PM | Computer Name = Familycomputer | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:47:57 PM on ?8/?12/?2012 was unexpected.

Error - 8/13/2012 12:48:28 PM | Computer Name = Familycomputer | Source = Service Control Manager | ID = 7000
Description = The HP Support Assistant Service service failed to start due to the
following error: %%2

Error - 8/14/2012 12:41:45 PM | Computer Name = Familycomputer | Source = Service Control Manager | ID = 7000
Description = The HP Support Assistant Service service failed to start due to the
following error: %%2

Error - 8/14/2012 8:46:32 PM | Computer Name = Familycomputer | Source = Service Control Manager | ID = 7000
Description = The HP Support Assistant Service service failed to start due to the
following error: %%2

Error - 8/15/2012 10:26:57 AM | Computer Name = Familycomputer | Source = Service Control Manager | ID = 7000
Description = The HP Support Assistant Service service failed to start due to the
following error: %%2


< End of report >




OTL logfile created on: 8/16/2012 2:16:21 PM - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Family computer\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.75 Gb Total Physical Memory | 4.50 Gb Available Physical Memory | 78.24% Memory free
11.50 Gb Paging File | 9.35 Gb Available in Paging File | 81.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.35 Gb Total Space | 847.73 Gb Free Space | 92.21% Space Free | Partition Type: NTFS
Drive D: | 12.07 Gb Total Space | 1.47 Gb Free Space | 12.22% Space Free | Partition Type: NTFS

Computer Name: FAMILYCOMPUTER | User Name: Family computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/16 14:15:00 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Family computer\Downloads\OTL.exe
PRC - [2012/08/14 19:23:13 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
PRC - [2012/07/13 19:17:11 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/06/12 20:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/03/25 18:42:36 | 000,388,096 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
PRC - [2010/01/18 12:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2009/10/14 17:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 01:47:22 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2008/11/20 12:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/14 19:23:12 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
MOD - [2012/07/28 17:40:18 | 002,909,008 | -HS- | M] () -- \\?\C:\ProgramData\Microsoft\PlayReady\Cache\S-1-5-21-4116492764-2712210220-710440253-1001\MSPRindiv02.key
MOD - [2012/07/13 19:17:14 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/06/13 21:36:48 | 014,325,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\517358eb2fd962a942dd1ea6afc5b93e\PresentationFramework.ni.dll
MOD - [2012/06/13 21:36:37 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012/06/13 21:36:31 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012/06/13 21:36:25 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\e9d0ba41128f363f2390c7e630129c2b\PresentationCore.ni.dll
MOD - [2012/05/12 12:22:46 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3f9dee1ce0ccb42145293a5bfcbe7205\System.Management.ni.dll
MOD - [2012/05/12 08:58:16 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fc626095c194be137bceb219934b06a7\PresentationFramework.Aero.ni.dll
MOD - [2012/05/12 08:57:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll
MOD - [2012/05/12 08:57:55 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\294d439cfe959b5528ca81d37d3d502f\System.Data.ni.dll
MOD - [2012/05/12 08:57:03 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll
MOD - [2012/05/12 08:56:58 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
MOD - [2012/05/12 08:56:55 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012/05/12 08:56:54 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012/05/12 08:56:47 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/02/09 20:58:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010/02/09 20:58:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010/02/09 20:58:24 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2010/02/09 20:58:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2010/02/09 20:58:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2010/02/09 20:58:22 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2010/02/09 20:58:18 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2010/02/09 20:58:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2010/01/18 12:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MOD - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2009/06/10 16:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/08/11 18:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2010/05/11 10:16:12 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/10/07 01:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV - [2012/08/14 19:23:13 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/13 19:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/12 20:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/14 17:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/01 01:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/05/11 10:46:18 | 006,790,656 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/05/11 09:24:20 | 000,221,184 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/03/10 10:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010/03/04 09:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/02/05 23:04:06 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/02/05 23:04:04 | 000,070,712 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/12/22 04:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/10/07 03:49:26 | 006,379,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2009/10/07 03:47:44 | 000,327,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmood...C&cr=1259682944
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {FF05609C-5E0A-436C-97B4-81EC3930C112}
IE:64bit: - HKLM\..\SearchScopes\{16B906CC-7AD5-4D83-B78C-77F76CADF004}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{60732D59-EF3C-4250-B625-028F8B67C8D8}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{ACAFF76F-993D-483B-BD50-DB914DF8DAC1}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://start.funmood...C&cr=1259682944
IE:64bit: - HKLM\..\SearchScopes\{FF05609C-5E0A-436C-97B4-81EC3930C112}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{16B906CC-7AD5-4D83-B78C-77F76CADF004}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{1825C506-A518-9C80-4615-0140E2646C50}: "URL" = http://search.condui...&ctid=CT1060933
IE - HKLM\..\SearchScopes\{60732D59-EF3C-4250-B625-028F8B67C8D8}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{ACAFF76F-993D-483B-BD50-DB914DF8DAC1}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://start.funmood...C&cr=1259682944
IE - HKLM\..\SearchScopes\{FF05609C-5E0A-436C-97B4-81EC3930C112}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://search.babylo...000d48564a4b13e
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://g.msn.com/HPDSK/1
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6R8AoQiRet&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/"


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll ()

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/08 11:53:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/07/28 21:15:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Family computer\AppData\Roaming\Mozilla\Extensions
[2012/08/07 22:46:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Family computer\AppData\Roaming\Mozilla\Firefox\Profiles\2h730jst.default\extensions
[2012/08/08 11:53:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/13 19:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/07/21 17:10:53 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/07/13 19:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/07/13 19:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.facebook.com/
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.facebook.com/
CHR - Extension: No name found = C:\Users\Family computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Family computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Family computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_0\
CHR - Extension: No name found = C:\Users\Family computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\emnlfbokmiehpnhgdjlmedakkchfldmj\2.3.1_1\
CHR - Extension: No name found = C:\Users\Family computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: No name found = C:\Users\Family computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nheaocaplknjkpcnbadlgfpdfjaabiml\1.0_0\
CHR - Extension: No name found = C:\Users\Family computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\3.3_0\
CHR - Extension: No name found = C:\Users\Family computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Family computer\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run File not found
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.113.206.10 24.217.0.5 71.92.29.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E465766-69F0-4007-A96D-5049E386D361}: DhcpNameServer = 68.113.206.10 24.217.0.5 71.92.29.130
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\avldr: DllName - (avldr64.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/01/03 20:49:42 | 000,000,047 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{198642e0-ccc4-11e0-928b-d48564a4b13e}\Shell - "" = AutoRun
O33 - MountPoints2\{198642e0-ccc4-11e0-928b-d48564a4b13e}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{96596703-f11a-11e0-b7c2-d48564a4b13e}\Shell - "" = AutoRun
O33 - MountPoints2\{96596703-f11a-11e0-b7c2-d48564a4b13e}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{bb9b11d6-cb7c-11e0-88d0-d48564a4b13e}\Shell - "" = AutoRun
O33 - MountPoints2\{bb9b11d6-cb7c-11e0-88d0-d48564a4b13e}\Shell\AutoRun\command - "" = J:\setup.exe -a
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/11 14:03:55 | 000,000,000 | ---D | C] -- C:\Users\Family computer\AppData\Roaming\.minecraft
[2012/08/10 11:07:44 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/08/10 10:58:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012/08/10 10:58:11 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/08/09 15:50:06 | 000,000,000 | ---D | C] -- C:\Users\Family computer\Documents\becky school stuff
[2012/08/09 12:50:30 | 000,000,000 | ---D | C] -- C:\Users\Family computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/08/09 12:50:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/08/09 12:32:21 | 000,000,000 | ---D | C] -- C:\Users\Family computer\AppData\Roaming\SUPERAntiSpyware.com
[2012/08/09 12:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/08/09 12:31:36 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/08/09 12:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/08/08 11:55:17 | 000,000,000 | ---D | C] -- C:\SMCLPAV
[2012/08/08 11:53:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/08/07 15:22:03 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.1
[2012/08/07 14:47:13 | 000,000,000 | ---D | C] -- C:\Users\Family computer\AppData\Local\MicrosoftStore
[2012/07/30 14:02:00 | 000,000,000 | ---D | C] -- C:\Windows\FltMgr
[2012/07/30 14:01:46 | 000,000,000 | ---D | C] -- C:\Users\Family computer\AppData\Local\Panda Security
[2012/07/30 14:00:48 | 000,446,464 | ---- | C] (eHelp Corporation.) -- C:\Windows\SysWow64\HHActiveX.dll
[2012/07/30 14:00:41 | 000,000,000 | ---D | C] -- C:\Users\Family computer\AppData\Roaming\Panda Security
[2012/07/30 14:00:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2012/07/30 14:00:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Panda Security
[2012/07/30 13:18:59 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2012/07/28 17:40:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/07/28 17:39:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/07/28 17:39:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/07/28 17:16:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
[2012/07/28 17:15:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2012/07/28 17:15:08 | 000,000,000 | ---D | C] -- C:\ProgramData\ADDICT-THING
[2012/07/28 17:14:53 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012/07/21 17:10:50 | 000,000,000 | ---D | C] -- C:\Users\Family computer\AppData\Roaming\Babylon
[2012/07/21 17:10:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012/07/21 17:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer

========== Files - Modified Within 30 Days ==========

[2012/08/16 13:34:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/16 13:33:49 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/16 12:32:00 | 000,000,530 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 101d4f6a-f4ce-48d2-ab21-c0dda5dc2b4c.job
[2012/08/16 02:00:00 | 000,000,530 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 366b0a4c-8419-417a-8c77-5609ef833369.job
[2012/08/15 09:31:58 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/15 09:31:58 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/15 09:24:47 | 334,979,071 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/12 18:20:01 | 000,726,142 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/12 18:20:01 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/12 18:20:01 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/11 14:03:50 | 000,263,186 | ---- | M] () -- C:\Users\Family computer\Desktop\Minecraft.exe
[2012/08/10 13:49:34 | 000,007,734 | ---- | M] () -- C:\Users\Family computer\Documents\hijackthis3
[2012/08/10 10:58:46 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm
[2012/08/09 12:50:30 | 000,003,019 | ---- | M] () -- C:\Users\Family computer\Desktop\HiJackThis.lnk
[2012/08/09 12:49:35 | 001,402,880 | ---- | M] () -- C:\Users\Family computer\Desktop\HiJackThis.msi
[2012/08/09 12:31:39 | 000,001,810 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/08/08 11:53:48 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/08/07 22:21:24 | 000,442,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/07 15:18:35 | 000,384,844 | ---- | M] () -- C:\Users\Family computer\AppData\Local\funmoods-speeddial.crx
[2012/08/07 15:18:35 | 000,031,465 | ---- | M] () -- C:\Users\Family computer\AppData\Local\funmoods.crx
[2012/08/03 15:31:23 | 000,008,627 | ---- | M] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2012/07/28 20:59:55 | 000,000,570 | ---- | M] () -- C:\Windows\SysNative\MyDefrag.debuglog
[2012/07/28 17:15:58 | 000,000,700 | ---- | M] () -- C:\user.js
[2012/07/27 19:01:36 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs

========== Files Created - No Company Name ==========

[2012/08/11 14:03:49 | 000,263,186 | ---- | C] () -- C:\Users\Family computer\Desktop\Minecraft.exe
[2012/08/10 13:49:34 | 000,007,734 | ---- | C] () -- C:\Users\Family computer\Documents\hijackthis3
[2012/08/10 10:58:46 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm
[2012/08/09 12:50:30 | 000,003,019 | ---- | C] () -- C:\Users\Family computer\Desktop\HiJackThis.lnk
[2012/08/09 12:49:33 | 001,402,880 | ---- | C] () -- C:\Users\Family computer\Desktop\HiJackThis.msi
[2012/08/09 12:32:27 | 000,000,530 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 101d4f6a-f4ce-48d2-ab21-c0dda5dc2b4c.job
[2012/08/09 12:32:26 | 000,000,530 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 366b0a4c-8419-417a-8c77-5609ef833369.job
[2012/08/09 12:31:39 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/08/08 11:53:48 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/08/08 11:53:48 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/07/30 15:54:28 | 000,023,552 | ---- | C] () -- C:\Windows\Installer\{85d5cced-8f02-6966-ad01-43a438d08e3e}\U\[email protected]
[2012/07/30 15:54:28 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{85d5cced-8f02-6966-ad01-43a438d08e3e}\U\[email protected]
[2012/07/30 15:54:27 | 000,001,712 | ---- | C] () -- C:\Windows\Installer\{85d5cced-8f02-6966-ad01-43a438d08e3e}\U\[email protected]
[2012/07/30 14:17:43 | 000,008,627 | ---- | C] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2012/07/28 20:43:51 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/22 08:13:27 | 000,000,570 | ---- | C] () -- C:\Windows\SysNative\MyDefrag.debuglog
[2012/07/21 17:14:36 | 000,384,844 | ---- | C] () -- C:\Users\Family computer\AppData\Local\funmoods-speeddial.crx
[2012/07/21 17:14:33 | 000,031,465 | ---- | C] () -- C:\Users\Family computer\AppData\Local\funmoods.crx
[2012/07/21 17:10:56 | 000,000,700 | ---- | C] () -- C:\user.js
[2012/06/10 18:26:01 | 000,002,025 | ---- | C] () -- C:\Users\Family computer\AppData\Roaming\result.db
[2012/02/27 18:37:43 | 001,294,293 | ---- | C] () -- C:\Users\Family computer\6.htm
[2012/01/11 11:16:01 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{85d5cced-8f02-6966-ad01-43a438d08e3e}\@
[2012/01/11 11:16:01 | 000,002,048 | -HS- | C] () -- C:\Users\Family computer\AppData\Local\{85d5cced-8f02-6966-ad01-43a438d08e3e}\@
[2011/12/24 00:40:35 | 000,007,168 | ---- | C] () -- C:\Users\Family computer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/30 13:56:08 | 000,001,137 | ---- | C] () -- C:\Users\Family computer\Documents - Shortcut.lnk
[2011/08/21 17:05:51 | 000,743,066 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/08/20 00:54:14 | 000,002,110 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/08/19 23:57:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== LOP Check ==========

[2012/08/11 14:11:45 | 000,000,000 | ---D | M] -- C:\Users\Family computer\AppData\Roaming\.minecraft
[2012/07/21 17:10:50 | 000,000,000 | ---D | M] -- C:\Users\Family computer\AppData\Roaming\Babylon
[2012/08/10 10:53:51 | 000,000,000 | ---D | M] -- C:\Users\Family computer\AppData\Roaming\Complitly
[2011/09/06 22:04:22 | 000,000,000 | ---D | M] -- C:\Users\Family computer\AppData\Roaming\Leadertech
[2012/04/24 10:59:21 | 000,000,000 | ---D | M] -- C:\Users\Family computer\AppData\Roaming\OpenOffice.org
[2012/08/08 11:55:48 | 000,000,000 | ---D | M] -- C:\Users\Family computer\AppData\Roaming\Panda Security
[2011/08/20 17:09:28 | 000,000,000 | ---D | M] -- C:\Users\Family computer\AppData\Roaming\PictureMover
[2011/10/16 18:24:28 | 000,000,000 | ---D | M] -- C:\Users\Family computer\AppData\Roaming\PlayFirst
[2012/04/18 20:23:20 | 000,000,000 | ---D | M] -- C:\Users\Family computer\AppData\Roaming\SoftGrid Client
[2012/04/14 16:06:23 | 000,000,000 | ---D | M] -- C:\Users\Family computer\AppData\Roaming\TP
[2012/06/30 19:22:04 | 000,000,000 | ---D | M] -- C:\Users\Family computer\AppData\Roaming\WildTangent
[2011/09/15 16:35:11 | 000,000,000 | ---D | M] -- C:\Users\Family computer\AppData\Roaming\WinBatch
[2012/08/03 19:38:31 | 000,032,652 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/08/16 12:32:00 | 000,000,530 | ---- | M] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 101d4f6a-f4ce-48d2-ab21-c0dda5dc2b4c.job
[2012/08/16 02:00:00 | 000,000,530 | ---- | M] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 366b0a4c-8419-417a-8c77-5609ef833369.job

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2010/08/20 00:46:01 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/08/20 00:47:40 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/08/20 00:46:01 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2010/08/20 00:44:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/08/20 00:47:40 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/08/20 00:44:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 08:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/08/20 00:47:40 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/08/20 00:44:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/08/20 00:47:40 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010/08/20 00:46:01 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/08/20 00:44:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010/08/20 00:46:01 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010/08/20 00:47:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/08/20 00:47:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2010/08/20 00:47:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%\*. /mp /s >

< End of report >


i will post my TDS killer log in a few minutes.
  • 0

#4
bekahknows

bekahknows

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
this is my TDS killer log.. i want to inform you that i had already done TDS killer runs on my computer should i post those logs too?

14:42:06.0876 5244 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
14:42:07.0327 5244 ============================================================
14:42:07.0327 5244 Current date / time: 2012/08/16 14:42:07.0327
14:42:07.0327 5244 SystemInfo:
14:42:07.0327 5244
14:42:07.0327 5244 OS Version: 6.1.7600 ServicePack: 0.0
14:42:07.0328 5244 Product type: Workstation
14:42:07.0328 5244 ComputerName: FAMILYCOMPUTER
14:42:07.0328 5244 UserName: Family computer
14:42:07.0328 5244 Windows directory: C:\Windows
14:42:07.0328 5244 System windows directory: C:\Windows
14:42:07.0328 5244 Running under WOW64
14:42:07.0328 5244 Processor architecture: Intel x64
14:42:07.0328 5244 Number of processors: 4
14:42:07.0328 5244 Page size: 0x1000
14:42:07.0328 5244 Boot type: Normal boot
14:42:07.0328 5244 ============================================================
14:42:09.0623 5244 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:42:09.0644 5244 ============================================================
14:42:09.0644 5244 \Device\Harddisk0\DR0:
14:42:09.0646 5244 MBR partitions:
14:42:09.0647 5244 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:42:09.0647 5244 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72EB2000
14:42:09.0647 5244 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72EE4800, BlocksNum 0x1821800
14:42:09.0647 5244 ============================================================
14:42:09.0688 5244 C: <-> \Device\Harddisk0\DR0\Partition2
14:42:09.0740 5244 D: <-> \Device\Harddisk0\DR0\Partition3
14:42:09.0776 5244 ============================================================
14:42:09.0776 5244 Initialize success
14:42:09.0777 5244 ============================================================
14:42:25.0674 4392 ============================================================
14:42:25.0674 4392 Scan started
14:42:25.0674 4392 Mode: Manual; SigCheck; TDLFS;
14:42:25.0674 4392 ============================================================
14:42:26.0320 4392 ================ Scan services =============================
14:42:26.0558 4392 [ 7d9d615201a483d6fa99491c2e655a5a ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
14:42:26.0620 4392 !SASCORE - ok
14:42:26.0737 4392 [ 1b00662092f9f9568b995902f0cc40d5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
14:42:26.0809 4392 1394ohci - ok
14:42:26.0824 4392 [ 6f11e88748cdefd2f76aa215f97ddfe5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
14:42:26.0846 4392 ACPI - ok
14:42:26.0865 4392 [ 63b05a0420ce4bf0e4af6dcc7cada254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
14:42:26.0952 4392 AcpiPmi - ok
14:42:27.0059 4392 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:42:27.0084 4392 AdobeFlashPlayerUpdateSvc - ok
14:42:27.0101 4392 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:42:27.0126 4392 adp94xx - ok
14:42:27.0138 4392 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:42:27.0152 4392 adpahci - ok
14:42:27.0158 4392 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:42:27.0170 4392 adpu320 - ok
14:42:27.0194 4392 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:42:27.0342 4392 AeLookupSvc - ok
14:42:27.0372 4392 [ db9d6c6b2cd95a9ca414d045b627422e ] AFD C:\Windows\system32\drivers\afd.sys
14:42:27.0448 4392 AFD - ok
14:42:27.0460 4392 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
14:42:27.0479 4392 agp440 - ok
14:42:27.0493 4392 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
14:42:27.0561 4392 ALG - ok
14:42:27.0579 4392 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
14:42:27.0607 4392 aliide - ok
14:42:27.0627 4392 [ ca0d6c1390f4b3baf2a0a69d1a7f8332 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:42:27.0665 4392 AMD External Events Utility - ok
14:42:27.0669 4392 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\DRIVERS\amdide.sys
14:42:27.0680 4392 amdide - ok
14:42:27.0684 4392 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:42:27.0695 4392 AmdK8 - ok
14:42:27.0819 4392 [ 75e4baca583ae02c11e9ac8747e2abe0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:42:28.0006 4392 amdkmdag - ok
14:42:28.0014 4392 [ b765cf4b32f347be747b21ae22641025 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:42:28.0026 4392 amdkmdap - ok
14:42:28.0048 4392 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:42:28.0093 4392 AmdPPM - ok
14:42:28.0128 4392 [ f747497a0ee5498f79b207f215b3d2d8 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
14:42:28.0162 4392 amdsata - ok
14:42:28.0180 4392 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:42:28.0198 4392 amdsbs - ok
14:42:28.0216 4392 [ 2946d695e158615baaa16248e63c7adb ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
14:42:28.0227 4392 amdxata - ok
14:42:28.0240 4392 [ 42fd751b27fa0e9c69bb39f39e409594 ] AppID C:\Windows\system32\drivers\appid.sys
14:42:28.0345 4392 AppID - ok
14:42:28.0361 4392 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:42:28.0423 4392 AppIDSvc - ok
14:42:28.0450 4392 [ d065be66822847b7f127d1f90158376e ] Appinfo C:\Windows\System32\appinfo.dll
14:42:28.0473 4392 Appinfo - ok
14:42:28.0530 4392 [ 3debbecf665dcdde3a95d9b902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:42:28.0551 4392 Apple Mobile Device - ok
14:42:28.0558 4392 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys
14:42:28.0573 4392 arc - ok
14:42:28.0586 4392 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:42:28.0596 4392 arcsas - ok
14:42:28.0622 4392 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:42:28.0650 4392 AsyncMac - ok
14:42:28.0654 4392 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\DRIVERS\atapi.sys
14:42:28.0663 4392 atapi - ok
14:42:28.0688 4392 [ e82e61f46d1336447f4deff8c074f13e ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys
14:42:28.0695 4392 AtiPcie - ok
14:42:28.0718 4392 [ 07721a77180edd4d39ccb865bf63c7fd ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:42:28.0754 4392 AudioEndpointBuilder - ok
14:42:28.0764 4392 [ 07721a77180edd4d39ccb865bf63c7fd ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:42:28.0796 4392 AudioSrv - ok
14:42:28.0835 4392 [ b20b5fa5ca050e9926e4d1db81501b32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:42:28.0883 4392 AxInstSV - ok
14:42:28.0913 4392 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:42:28.0945 4392 b06bdrv - ok
14:42:28.0961 4392 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:42:28.0999 4392 b57nd60a - ok
14:42:29.0009 4392 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:42:29.0053 4392 BDESVC - ok
14:42:29.0062 4392 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:42:29.0160 4392 Beep - ok
14:42:29.0206 4392 [ 4992c609a6315671463e30f6512bc022 ] BFE C:\Windows\System32\bfe.dll
14:42:29.0248 4392 BFE - ok
14:42:29.0261 4392 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:42:29.0272 4392 blbdrive - ok
14:42:29.0321 4392 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:42:29.0335 4392 Bonjour Service - ok
14:42:29.0356 4392 [ 19d20159708e152267e53b66677a4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:42:29.0380 4392 bowser - ok
14:42:29.0385 4392 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:42:29.0411 4392 BrFiltLo - ok
14:42:29.0416 4392 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:42:29.0428 4392 BrFiltUp - ok
14:42:29.0451 4392 [ 94fbc06f294d58d02361918418f996e3 ] Browser C:\Windows\System32\browser.dll
14:42:29.0480 4392 Browser - ok
14:42:29.0494 4392 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:42:29.0518 4392 Brserid - ok
14:42:29.0523 4392 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:42:29.0560 4392 BrSerWdm - ok
14:42:29.0564 4392 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:42:29.0576 4392 BrUsbMdm - ok
14:42:29.0580 4392 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:42:29.0591 4392 BrUsbSer - ok
14:42:29.0595 4392 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:42:29.0612 4392 BTHMODEM - ok
14:42:29.0642 4392 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
14:42:29.0671 4392 bthserv - ok
14:42:29.0692 4392 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:42:29.0766 4392 cdfs - ok
14:42:29.0792 4392 [ 83d2d75e1efb81b3450c18131443f7db ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:42:29.0804 4392 cdrom - ok
14:42:29.0822 4392 [ 312e2f82af11e79906898ac3e3d58a1f ] CertPropSvc C:\Windows\System32\certprop.dll
14:42:29.0851 4392 CertPropSvc - ok
14:42:29.0897 4392 [ ea3333db9ab03106eec0d6d9d487ed01 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
14:42:29.0932 4392 CinemaNow Service - ok
14:42:29.0937 4392 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:42:29.0953 4392 circlass - ok
14:42:29.0971 4392 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
14:42:29.0986 4392 CLFS - ok
14:42:30.0035 4392 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:42:30.0061 4392 clr_optimization_v2.0.50727_32 - ok
14:42:30.0086 4392 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:42:30.0111 4392 clr_optimization_v2.0.50727_64 - ok
14:42:30.0172 4392 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:42:30.0199 4392 clr_optimization_v4.0.30319_32 - ok
14:42:30.0255 4392 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:42:30.0280 4392 clr_optimization_v4.0.30319_64 - ok
14:42:30.0301 4392 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:42:30.0316 4392 CmBatt - ok
14:42:30.0322 4392 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
14:42:30.0336 4392 cmdide - ok
14:42:30.0370 4392 [ ca7720b73446fddec5c69519c1174c98 ] CNG C:\Windows\system32\Drivers\cng.sys
14:42:30.0423 4392 CNG - ok
14:42:30.0440 4392 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:42:30.0454 4392 Compbatt - ok
14:42:30.0468 4392 [ f26b3a86f6fa87ca360b879581ab4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:42:30.0487 4392 CompositeBus - ok
14:42:30.0493 4392 COMSysApp - ok
14:42:30.0512 4392 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:42:30.0520 4392 crcdisk - ok
14:42:30.0561 4392 [ f02786b66375292e58c8777082d4396d ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:42:30.0588 4392 CryptSvc - ok
14:42:30.0622 4392 [ 7266972e86890e2b30c0c322e906b027 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:42:30.0657 4392 DcomLaunch - ok
14:42:30.0678 4392 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
14:42:30.0746 4392 defragsvc - ok
14:42:30.0778 4392 [ 9c253ce7311ca60fc11c774692a13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:42:30.0795 4392 DfsC - ok
14:42:30.0815 4392 [ ce3b9562d997f69b330d181a8875960f ] Dhcp C:\Windows\system32\dhcpcore.dll
14:42:30.0908 4392 Dhcp - ok
14:42:30.0929 4392 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
14:42:30.0997 4392 discache - ok
14:42:31.0002 4392 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:42:31.0012 4392 Disk - ok
14:42:31.0044 4392 [ 85cf424c74a1d5ec33533e1dbff9920a ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:42:31.0057 4392 Dnscache - ok
14:42:31.0070 4392 [ 14452acdb09b70964c8c21bf80a13acb ] dot3svc C:\Windows\System32\dot3svc.dll
14:42:31.0123 4392 dot3svc - ok
14:42:31.0146 4392 [ 8c2ba6bea949ee6e68385f5692bafb94 ] DPS C:\Windows\system32\dps.dll
14:42:31.0232 4392 DPS - ok
14:42:31.0237 4392 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:42:31.0256 4392 drmkaud - ok
14:42:31.0300 4392 [ 1633b9abf52784a1331476397a48cbef ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:42:31.0324 4392 DXGKrnl - ok
14:42:31.0340 4392 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:42:31.0385 4392 EapHost - ok
14:42:31.0482 4392 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:42:31.0601 4392 ebdrv - ok
14:42:31.0637 4392 [ 156f6159457d0aa7e59b62681b56eb90 ] EFS C:\Windows\System32\lsass.exe
14:42:31.0668 4392 EFS - ok
14:42:31.0714 4392 [ 47c071994c3f649f23d9cd075ac9304a ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:42:31.0744 4392 ehRecvr - ok
14:42:31.0764 4392 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
14:42:31.0782 4392 ehSched - ok
14:42:31.0799 4392 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:42:31.0816 4392 elxstor - ok
14:42:31.0834 4392 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
14:42:31.0844 4392 ErrDev - ok
14:42:31.0863 4392 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
14:42:31.0895 4392 EventSystem - ok
14:42:31.0907 4392 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
14:42:31.0954 4392 exfat - ok
14:42:31.0984 4392 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:42:32.0015 4392 fastfat - ok
14:42:32.0050 4392 [ d607b2f1bee3992aa6c2c92c0a2f0855 ] Fax C:\Windows\system32\fxssvc.exe
14:42:32.0078 4392 Fax - ok
14:42:32.0094 4392 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:42:32.0134 4392 fdc - ok
14:42:32.0168 4392 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:42:32.0227 4392 fdPHost - ok
14:42:32.0238 4392 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:42:32.0266 4392 FDResPub - ok
14:42:32.0280 4392 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:42:32.0289 4392 FileInfo - ok
14:42:32.0301 4392 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:42:32.0330 4392 Filetrace - ok
14:42:32.0341 4392 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:42:32.0369 4392 flpydisk - ok
14:42:32.0391 4392 [ f7866af72abbaf84b1fa5aa195378c59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:42:32.0404 4392 FltMgr - ok
14:42:32.0429 4392 [ cb5e4b9c319e3c6bb363eb7e58a4a051 ] FontCache C:\Windows\system32\FntCache.dll
14:42:32.0453 4392 FontCache - ok
14:42:32.0490 4392 [ 8d89e3131c27fdd6932189cb785e1b7a ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:42:32.0497 4392 FontCache3.0.0.0 - ok
14:42:32.0508 4392 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:42:32.0517 4392 FsDepends - ok
14:42:32.0527 4392 [ d3e3f93d67821a2db2b3d9fac2dc2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:42:32.0536 4392 Fs_Rec - ok
14:42:32.0554 4392 [ ae87ba80d0ec3b57126ed2cdc15b24ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:42:32.0569 4392 fvevol - ok
14:42:32.0579 4392 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:42:32.0588 4392 gagp30kx - ok
14:42:32.0661 4392 [ c403c5db49a0f9aaf4f2128edc0106d8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
14:42:32.0688 4392 GamesAppService - ok
14:42:32.0720 4392 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:42:32.0728 4392 GEARAspiWDM - ok
14:42:32.0748 4392 [ fe5ab4525bc2ec68b9119a6e5d40128b ] gpsvc C:\Windows\System32\gpsvc.dll
14:42:32.0776 4392 gpsvc - ok
14:42:32.0793 4392 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:42:32.0853 4392 hcw85cir - ok
14:42:32.0874 4392 [ 6410f6f415b2a5a9037224c41da8bf12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:42:32.0920 4392 HdAudAddService - ok
14:42:32.0942 4392 [ 0a49913402747a0b67de940fb42cbdbb ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:42:32.0962 4392 HDAudBus - ok
14:42:32.0978 4392 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:42:33.0010 4392 HidBatt - ok
14:42:33.0033 4392 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:42:33.0067 4392 HidBth - ok
14:42:33.0092 4392 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:42:33.0140 4392 HidIr - ok
14:42:33.0145 4392 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll
14:42:33.0178 4392 hidserv - ok
14:42:33.0182 4392 [ b3bf6b5b50006def50b66306d99fcf6f ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:42:33.0192 4392 HidUsb - ok
14:42:33.0213 4392 [ efa58ede58dd74388ffd04cb32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:42:33.0242 4392 hkmsvc - ok
14:42:33.0250 4392 [ 046b2673767ca626e2cfb7fdf735e9e8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:42:33.0263 4392 HomeGroupListener - ok
14:42:33.0284 4392 [ 06a7422224d9865a5613710a089987df ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:42:33.0296 4392 HomeGroupProvider - ok
14:42:33.0331 4392 HP Support Assistant Service - ok
14:42:33.0344 4392 hpqwmiex - ok
14:42:33.0359 4392 [ 0886d440058f203eba0e1825e4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
14:42:33.0369 4392 HpSAMD - ok
14:42:33.0392 4392 [ cee049cac4efa7f4e1e4ad014414a5d4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:42:33.0430 4392 HTTP - ok
14:42:33.0439 4392 [ f17766a19145f111856378df337a5d79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:42:33.0448 4392 hwpolicy - ok
14:42:33.0464 4392 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:42:33.0475 4392 i8042prt - ok
14:42:33.0495 4392 [ b75e45c564e944a2657167d197ab29da ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:42:33.0510 4392 iaStorV - ok
14:42:33.0553 4392 [ 2f2be70d3e02b6fa877921ab9516d43c ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:42:33.0575 4392 idsvc - ok
14:42:33.0590 4392 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:42:33.0599 4392 iirsp - ok
14:42:33.0637 4392 [ c5b4683680df085b57bc53e5ef34861f ] IKEEXT C:\Windows\System32\ikeext.dll
14:42:33.0696 4392 IKEEXT - ok
14:42:33.0783 4392 [ 2b888bbdf6962e608a5e1a1d7a626adf ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:42:33.0864 4392 IntcAzAudAddService - ok
14:42:33.0876 4392 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\DRIVERS\intelide.sys
14:42:33.0885 4392 intelide - ok
14:42:33.0906 4392 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:42:33.0949 4392 intelppm - ok
14:42:33.0975 4392 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:42:34.0037 4392 IPBusEnum - ok
14:42:34.0060 4392 [ 722dd294df62483cecaae6e094b4d695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:42:34.0088 4392 IpFilterDriver - ok
14:42:34.0103 4392 [ e2b4a4494db7cb9b89b55ca268c337c5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:42:34.0114 4392 IPMIDRV - ok
14:42:34.0119 4392 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:42:34.0163 4392 IPNAT - ok
14:42:34.0231 4392 [ ee4c2a137c7088911a8919effc9812e7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:42:34.0285 4392 iPod Service - ok
14:42:34.0300 4392 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:42:34.0316 4392 IRENUM - ok
14:42:34.0334 4392 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
14:42:34.0345 4392 isapnp - ok
14:42:34.0366 4392 [ fa4d2557de56d45b0a346f93564be6e1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:42:34.0381 4392 iScsiPrt - ok
14:42:34.0397 4392 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:42:34.0408 4392 kbdclass - ok
14:42:34.0419 4392 [ 6def98f8541e1b5dceb2c822a11f7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:42:34.0431 4392 kbdhid - ok
14:42:34.0437 4392 [ 156f6159457d0aa7e59b62681b56eb90 ] KeyIso C:\Windows\system32\lsass.exe
14:42:34.0447 4392 KeyIso - ok
14:42:34.0480 4392 [ 4f4b5fde429416877de7143044582eb5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:42:34.0489 4392 KSecDD - ok
14:42:34.0523 4392 [ 6f40465a44ecdc1731befafec5bdd03c ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:42:34.0552 4392 KSecPkg - ok
14:42:34.0568 4392 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:42:34.0635 4392 ksthunk - ok
14:42:34.0680 4392 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
14:42:34.0735 4392 KtmRm - ok
14:42:34.0759 4392 [ 81f1d04d4d0e433099365127375fd501 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:42:34.0773 4392 LanmanServer - ok
14:42:34.0798 4392 [ 27026eac8818e8a6c00a1cad2f11d29a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:42:34.0827 4392 LanmanWorkstation - ok
14:42:34.0843 4392 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:42:34.0889 4392 lltdio - ok
14:42:34.0911 4392 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:42:34.0963 4392 lltdsvc - ok
14:42:34.0967 4392 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:42:34.0995 4392 lmhosts - ok
14:42:35.0020 4392 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:42:35.0030 4392 LSI_FC - ok
14:42:35.0040 4392 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:42:35.0050 4392 LSI_SAS - ok
14:42:35.0063 4392 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:42:35.0073 4392 LSI_SAS2 - ok
14:42:35.0083 4392 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:42:35.0093 4392 LSI_SCSI - ok
14:42:35.0111 4392 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
14:42:35.0157 4392 luafv - ok
14:42:35.0196 4392 [ ded333dbdbbcc3555a6e6244522e2f1a ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:42:35.0204 4392 LVPr2M64 - ok
14:42:35.0211 4392 [ ded333dbdbbcc3555a6e6244522e2f1a ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:42:35.0218 4392 LVPr2Mon - ok
14:42:35.0244 4392 [ a35679e56e78091e1042a2d7adbf2958 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
14:42:35.0254 4392 LVPrcS64 - ok
14:42:35.0282 4392 [ 986c1cb787a007baa5f74e7d316d7246 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
14:42:35.0295 4392 LVRS64 - ok
14:42:35.0433 4392 [ 5747bc465abea2858c5d037252aed84e ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
14:42:35.0615 4392 LVUVC64 - ok
14:42:35.0630 4392 [ f84c8f1000bc11e3b7b23cbd3baff111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:42:35.0659 4392 Mcx2Svc - ok
14:42:35.0686 4392 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:42:35.0708 4392 megasas - ok
14:42:35.0732 4392 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:42:35.0752 4392 MegaSR - ok
14:42:35.0771 4392 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
14:42:35.0814 4392 MMCSS - ok
14:42:35.0822 4392 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:42:35.0868 4392 Modem - ok
14:42:35.0890 4392 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:42:35.0902 4392 monitor - ok
14:42:35.0916 4392 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:42:35.0925 4392 mouclass - ok
14:42:35.0936 4392 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:42:35.0946 4392 mouhid - ok
14:42:35.0958 4392 [ 791af66c4d0e7c90a3646066386fb571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:42:35.0968 4392 mountmgr - ok
14:42:36.0018 4392 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:42:36.0045 4392 MozillaMaintenance - ok
14:42:36.0073 4392 [ 609d1d87649ecc19796f4d76d4c15cea ] mpio C:\Windows\system32\DRIVERS\mpio.sys
14:42:36.0086 4392 mpio - ok
14:42:36.0100 4392 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:42:36.0135 4392 mpsdrv - ok
14:42:36.0191 4392 [ aecab449567d1846dad63ece49e893e3 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:42:36.0305 4392 MpsSvc - ok
14:42:36.0329 4392 [ 30524261bb51d96d6fcbac20c810183c ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:42:36.0380 4392 MRxDAV - ok
14:42:36.0417 4392 [ 040d62a9d8ad28922632137acdd984f2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:42:36.0437 4392 mrxsmb - ok
14:42:36.0457 4392 [ f0067552f8f9b33d7c59403ab808a3cb ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:42:36.0472 4392 mrxsmb10 - ok
14:42:36.0478 4392 [ 3c142d31de9f2f193218a53fe2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:42:36.0509 4392 mrxsmb20 - ok
14:42:36.0534 4392 [ 5c37497276e3b3a5488b23a326a754b7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
14:42:36.0545 4392 msahci - ok
14:42:36.0564 4392 [ 8d27b597229aed79430fb9db3bcbfbd0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
14:42:36.0577 4392 msdsm - ok
14:42:36.0589 4392 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
14:42:36.0604 4392 MSDTC - ok
14:42:36.0629 4392 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:42:36.0660 4392 Msfs - ok
14:42:36.0671 4392 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:42:36.0713 4392 mshidkmdf - ok
14:42:36.0734 4392 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
14:42:36.0742 4392 msisadrv - ok
14:42:36.0755 4392 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:42:36.0804 4392 MSiSCSI - ok
14:42:36.0808 4392 msiserver - ok
14:42:36.0834 4392 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:42:36.0862 4392 MSKSSRV - ok
14:42:36.0870 4392 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:42:36.0915 4392 MSPCLOCK - ok
14:42:36.0939 4392 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:42:37.0009 4392 MSPQM - ok
14:42:37.0016 4392 [ 89cb141aa8616d8c6a4610fa26c60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:42:37.0030 4392 MsRPC - ok
14:42:37.0058 4392 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:42:37.0066 4392 mssmbios - ok
14:42:37.0070 4392 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:42:37.0114 4392 MSTEE - ok
14:42:37.0136 4392 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:42:37.0146 4392 MTConfig - ok
14:42:37.0158 4392 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:42:37.0167 4392 Mup - ok
14:42:37.0192 4392 [ 4987e079a4530fa737a128be54b63b12 ] napagent C:\Windows\system32\qagentRT.dll
14:42:37.0226 4392 napagent - ok
14:42:37.0254 4392 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:42:37.0271 4392 NativeWifiP - ok
14:42:37.0306 4392 [ cad515dbd07d082bb317d9928ce8962c ] NDIS C:\Windows\system32\drivers\ndis.sys
14:42:37.0330 4392 NDIS - ok
14:42:37.0340 4392 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:42:37.0383 4392 NdisCap - ok
14:42:37.0418 4392 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:42:37.0445 4392 NdisTapi - ok
14:42:37.0458 4392 [ f105ba1e22bf1f2ee8f005d4305e4bec ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:42:37.0486 4392 Ndisuio - ok
14:42:37.0492 4392 [ 557dfab9ca1fcb036ac77564c010dad3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:42:37.0521 4392 NdisWan - ok
14:42:37.0535 4392 [ 659b74fb74b86228d6338d643cd3e3cf ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:42:37.0582 4392 NDProxy - ok
14:42:37.0606 4392 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:42:37.0633 4392 NetBIOS - ok
14:42:37.0639 4392 [ 9162b273a44ab9dce5b44362731d062a ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:42:37.0687 4392 NetBT - ok
14:42:37.0712 4392 [ 156f6159457d0aa7e59b62681b56eb90 ] Netlogon C:\Windows\system32\lsass.exe
14:42:37.0721 4392 Netlogon - ok
14:42:37.0754 4392 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
14:42:37.0804 4392 Netman - ok
14:42:37.0833 4392 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
14:42:37.0865 4392 netprofm - ok
14:42:37.0886 4392 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:42:37.0895 4392 NetTcpPortSharing - ok
14:42:37.0915 4392 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:42:37.0924 4392 nfrd960 - ok
14:42:37.0938 4392 [ d9a0ce66046d6efa0c61baa885cba0a8 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:42:37.0971 4392 NlaSvc - ok
14:42:37.0981 4392 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:42:38.0009 4392 Npfs - ok
14:42:38.0032 4392 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:42:38.0060 4392 nsi - ok
14:42:38.0067 4392 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:42:38.0094 4392 nsiproxy - ok
14:42:38.0142 4392 [ 378e0e0dfea67d98ae6ea53adbbd76bc ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:42:38.0178 4392 Ntfs - ok
14:42:38.0188 4392 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
14:42:38.0216 4392 Null - ok
14:42:38.0233 4392 [ a4d9c9a608a97f59307c2f2600edc6a4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:42:38.0243 4392 nvraid - ok
14:42:38.0273 4392 [ 6c1d5f70e7a6a3fd1c90d840edc048b9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:42:38.0284 4392 nvstor - ok
14:42:38.0316 4392 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
14:42:38.0326 4392 nv_agp - ok
14:42:38.0340 4392 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:42:38.0378 4392 ohci1394 - ok
14:42:38.0412 4392 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:42:38.0454 4392 p2pimsvc - ok
14:42:38.0487 4392 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:42:38.0509 4392 p2psvc - ok
14:42:38.0523 4392 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:42:38.0533 4392 Parport - ok
14:42:38.0561 4392 [ 90061b1acfe8ccaa5345750ffe08d8b8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:42:38.0570 4392 partmgr - ok
14:42:38.0584 4392 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:42:38.0621 4392 PcaSvc - ok
14:42:38.0648 4392 [ f36f6504009f2fb0dfd1b17a116ad74b ] pci C:\Windows\system32\DRIVERS\pci.sys
14:42:38.0659 4392 pci - ok
14:42:38.0669 4392 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\DRIVERS\pciide.sys
14:42:38.0677 4392 pciide - ok
14:42:38.0684 4392 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:42:38.0696 4392 pcmcia - ok
14:42:38.0701 4392 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:42:38.0710 4392 pcw - ok
14:42:38.0734 4392 pdfcDispatcher - ok
14:42:38.0755 4392 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:42:38.0792 4392 PEAUTH - ok
14:42:38.0864 4392 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:42:38.0875 4392 PerfHost - ok
14:42:38.0907 4392 [ 557e9a86f65f0de18c9b6751dfe9d3f1 ] pla C:\Windows\system32\pla.dll
14:42:38.0976 4392 pla - ok
14:42:39.0018 4392 [ 98b1721b8718164293b9701b98c52d77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:42:39.0052 4392 PlugPlay - ok
14:42:39.0065 4392 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:42:39.0077 4392 PNRPAutoReg - ok
14:42:39.0084 4392 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:42:39.0099 4392 PNRPsvc - ok
14:42:39.0130 4392 [ 166eb40d1f5b47e615de3d0fffe5f243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:42:39.0171 4392 PolicyAgent - ok
14:42:39.0195 4392 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
14:42:39.0247 4392 Power - ok
14:42:39.0273 4392 [ 27cc19e81ba5e3403c48302127bda717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:42:39.0302 4392 PptpMiniport - ok
14:42:39.0307 4392 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:42:39.0333 4392 Processor - ok
14:42:39.0368 4392 [ 97293447431311c06703368ad0f6c4be ] ProfSvc C:\Windows\system32\profsvc.dll
14:42:39.0429 4392 ProfSvc - ok
14:42:39.0439 4392 Prot6Flt - ok
14:42:39.0446 4392 [ 156f6159457d0aa7e59b62681b56eb90 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:42:39.0461 4392 ProtectedStorage - ok
14:42:39.0468 4392 [ ee992183bd8eaefd9973f352e587a299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:42:39.0497 4392 Psched - ok
14:42:39.0530 4392 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:42:39.0568 4392 ql2300 - ok
14:42:39.0574 4392 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:42:39.0585 4392 ql40xx - ok
14:42:39.0613 4392 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
14:42:39.0630 4392 QWAVE - ok
14:42:39.0638 4392 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:42:39.0668 4392 QWAVEdrv - ok
14:42:39.0672 4392 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:42:39.0703 4392 RasAcd - ok
14:42:39.0737 4392 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:42:39.0790 4392 RasAgileVpn - ok
14:42:39.0795 4392 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
14:42:39.0825 4392 RasAuto - ok
14:42:39.0838 4392 [ 87a6e852a22991580d6d39adc4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:42:39.0868 4392 Rasl2tp - ok
14:42:39.0893 4392 [ 47394ed3d16d053f5906efe5ab51cc83 ] RasMan C:\Windows\System32\rasmans.dll
14:42:39.0924 4392 RasMan - ok
14:42:39.0938 4392 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:42:39.0987 4392 RasPppoe - ok
14:42:40.0012 4392 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:42:40.0041 4392 RasSstp - ok
14:42:40.0048 4392 [ 3bac8142102c15d59a87757c1d41dce5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:42:40.0096 4392 rdbss - ok
14:42:40.0120 4392 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:42:40.0169 4392 rdpbus - ok
14:42:40.0193 4392 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:42:40.0249 4392 RDPCDD - ok
14:42:40.0259 4392 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:42:40.0305 4392 RDPENCDD - ok
14:42:40.0328 4392 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:42:40.0356 4392 RDPREFMP - ok
14:42:40.0383 4392 [ 447de7e3dea39d422c1504f245b668b1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:42:40.0401 4392 RDPWD - ok
14:42:40.0415 4392 [ 634b9a2181d98f15941236886164ec8b ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:42:40.0427 4392 rdyboost - ok
14:42:40.0434 4392 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:42:40.0464 4392 RemoteAccess - ok
14:42:40.0473 4392 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:42:40.0504 4392 RemoteRegistry - ok
14:42:40.0510 4392 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:42:40.0539 4392 RpcEptMapper - ok
14:42:40.0555 4392 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
14:42:40.0565 4392 RpcLocator - ok
14:42:40.0581 4392 [ 7266972e86890e2b30c0c322e906b027 ] RpcSs C:\Windows\system32\rpcss.dll
14:42:40.0614 4392 RpcSs - ok
14:42:40.0621 4392 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:42:40.0667 4392 rspndr - ok
14:42:40.0707 4392 [ 7ea8d2eb9bbfd2ab8a3117a1e96d3b3a ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:42:40.0737 4392 RTL8167 - ok
14:42:40.0746 4392 [ 156f6159457d0aa7e59b62681b56eb90 ] SamSs C:\Windows\system32\lsass.exe
14:42:40.0760 4392 SamSs - ok
14:42:40.0824 4392 [ 3289766038db2cb14d07dc84392138d5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
14:42:40.0848 4392 SASDIFSV - ok
14:42:40.0872 4392 [ 58a38e75f3316a83c23df6173d41f2b5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
14:42:40.0884 4392 SASKUTIL - ok
14:42:40.0905 4392 [ e3bbb89983daf5622c1d50cf49f28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
14:42:40.0920 4392 sbp2port - ok
14:42:40.0928 4392 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:42:40.0962 4392 SCardSvr - ok
14:42:40.0967 4392 [ c94da20c7e3ba1dca269bc8460d98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:42:41.0016 4392 scfilter - ok
14:42:41.0063 4392 [ 624d0f5ff99428bb90a5b8a4123e918e ] Schedule C:\Windows\system32\schedsvc.dll
14:42:41.0121 4392 Schedule - ok
14:42:41.0139 4392 [ 312e2f82af11e79906898ac3e3d58a1f ] SCPolicySvc C:\Windows\System32\certprop.dll
14:42:41.0166 4392 SCPolicySvc - ok
14:42:41.0175 4392 [ 765a27c3279ce11d14cb9e4f5869fca5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:42:41.0187 4392 SDRSVC - ok
14:42:41.0197 4392 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:42:41.0225 4392 secdrv - ok
14:42:41.0236 4392 [ 463b386ebc70f98da5dff85f7e654346 ] seclogon C:\Windows\system32\seclogon.dll
14:42:41.0280 4392 seclogon - ok
14:42:41.0304 4392 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\System32\sens.dll
14:42:41.0349 4392 SENS - ok
14:42:41.0375 4392 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:42:41.0432 4392 SensrSvc - ok
14:42:41.0453 4392 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:42:41.0490 4392 Serenum - ok
14:42:41.0496 4392 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:42:41.0511 4392 Serial - ok
14:42:41.0555 4392 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:42:41.0584 4392 sermouse - ok
14:42:41.0620 4392 [ c3bc61ce47ff6f4e88ab8a3b429a36af ] SessionEnv C:\Windows\system32\sessenv.dll
14:42:41.0663 4392 SessionEnv - ok
14:42:41.0681 4392 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
14:42:41.0741 4392 sffdisk - ok
14:42:41.0751 4392 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:42:41.0776 4392 sffp_mmc - ok
14:42:41.0791 4392 [ 178298f767fe638c9fedcbdef58bb5e4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
14:42:41.0823 4392 sffp_sd - ok
14:42:41.0852 4392 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:42:41.0883 4392 sfloppy - ok
14:42:41.0915 4392 [ 0298ac45d0efffb2db4baa7dd186e7bf ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:42:41.0938 4392 ShellHWDetection - ok
14:42:41.0962 4392 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:42:41.0973 4392 SiSRaid2 - ok
14:42:41.0985 4392 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:42:41.0997 4392 SiSRaid4 - ok
14:42:42.0010 4392 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:42:42.0046 4392 Smb - ok
14:42:42.0067 4392 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:42:42.0093 4392 SNMPTRAP - ok
14:42:42.0113 4392 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:42:42.0122 4392 spldr - ok
14:42:42.0146 4392 [ f8e1fa03cb70d54a9892ac88b91d1e7b ] Spooler C:\Windows\System32\spoolsv.exe
14:42:42.0184 4392 Spooler - ok
14:42:42.0263 4392 [ 913d843498553a1bc8f8dbad6358e49f ] sppsvc C:\Windows\system32\sppsvc.exe
14:42:42.0339 4392 sppsvc - ok
14:42:42.0350 4392 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:42:42.0378 4392 sppuinotify - ok
14:42:42.0412 4392 [ 2408c0366d96bcdf63e8f1c78e4a29c5 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:42:42.0458 4392 srv - ok
14:42:42.0483 4392 [ 76548f7b818881b47d8d1ae1be9c11f8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:42:42.0503 4392 srv2 - ok
14:42:42.0522 4392 [ 0af6e19d39c70844c5caa8fb0183c36e ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:42:42.0560 4392 srvnet - ok
14:42:42.0589 4392 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:42:42.0630 4392 SSDPSRV - ok
14:42:42.0645 4392 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:42:42.0674 4392 SstpSvc - ok
14:42:42.0679 4392 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:42:42.0688 4392 stexstor - ok
14:42:42.0704 4392 [ 52d0e33b681bd0f33fdc08812fee4f7d ] stisvc C:\Windows\System32\wiaservc.dll
14:42:42.0725 4392 stisvc - ok
14:42:42.0738 4392 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:42:42.0746 4392 swenum - ok
14:42:42.0760 4392 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
14:42:42.0793 4392 swprv - ok
14:42:42.0828 4392 [ 3c1284516a62078fb68f768de4f1a7be ] SysMain C:\Windows\system32\sysmain.dll
14:42:42.0892 4392 SysMain - ok
14:42:42.0918 4392 [ 238935c3cf2854886dc7cbb2a0e2cc66 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:42:42.0952 4392 TabletInputService - ok
14:42:42.0978 4392 [ 884264ac597b690c5707c89723bb8e7b ] TapiSrv C:\Windows\System32\tapisrv.dll
14:42:43.0009 4392 TapiSrv - ok
14:42:43.0024 4392 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
14:42:43.0052 4392 TBS - ok
14:42:43.0119 4392 [ 624c5b3aa4c99b3184bb922d9ece3ff0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:42:43.0175 4392 Tcpip - ok
14:42:43.0198 4392 [ 624c5b3aa4c99b3184bb922d9ece3ff0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:42:43.0228 4392 TCPIP6 - ok
14:42:43.0235 4392 [ 76d078af6f587b162d50210f761eb9ed ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:42:43.0263 4392 tcpipreg - ok
14:42:43.0280 4392 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:42:43.0300 4392 TDPIPE - ok
14:42:43.0336 4392 [ 7518f7bcfd4b308abc9192bacaf6c970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:42:43.0381 4392 TDTCP - ok
14:42:43.0404 4392 [ 079125c4b17b01fcaeebce0bcb290c0f ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:42:43.0460 4392 tdx - ok
14:42:43.0467 4392 [ c448651339196c0e869a355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:42:43.0477 4392 TermDD - ok
14:42:43.0496 4392 [ 0f05ec2887bfe197ad82a13287d2f404 ] TermService C:\Windows\System32\termsrv.dll
14:42:43.0534 4392 TermService - ok
14:42:43.0541 4392 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
14:42:43.0555 4392 Themes - ok
14:42:43.0562 4392 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
14:42:43.0590 4392 THREADORDER - ok
14:42:43.0603 4392 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
14:42:43.0633 4392 TrkWks - ok
14:42:43.0673 4392 [ 840f7fb849f5887a49ba18c13b2da920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:42:43.0703 4392 TrustedInstaller - ok
14:42:43.0721 4392 [ 61b96c26131e37b24e93327a0bd1fb95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:42:43.0763 4392 tssecsrv - ok
14:42:43.0788 4392 [ 3836171a2cdf3af8ef10856db9835a70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:42:43.0834 4392 tunnel - ok
14:42:43.0853 4392 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:42:43.0862 4392 uagp35 - ok
14:42:43.0881 4392 [ d47baead86c65d4f4069d7ce0a4edceb ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:42:43.0934 4392 udfs - ok
14:42:43.0943 4392 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:42:43.0955 4392 UI0Detect - ok
14:42:43.0981 4392 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
14:42:43.0991 4392 uliagpkx - ok
14:42:44.0016 4392 [ eab6c35e62b1b0db0d1b48b671d3a117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:42:44.0061 4392 umbus - ok
14:42:44.0088 4392 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:42:44.0115 4392 UmPass - ok
14:42:44.0135 4392 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
14:42:44.0193 4392 upnphost - ok
14:42:44.0247 4392 [ aa33fc47ed58c34e6e9261e4f850b7eb ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:42:44.0309 4392 USBAAPL64 - ok
14:42:44.0329 4392 [ 77b01bc848298223a95d4ec23e1785a1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:42:44.0350 4392 usbaudio - ok
14:42:44.0369 4392 [ 7b6a127c93ee590e4d79a5f2a76fe46f ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:42:44.0426 4392 usbccgp - ok
14:42:44.0443 4392 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
14:42:44.0502 4392 usbcir - ok
14:42:44.0533 4392 [ 92969ba5ac44e229c55a332864f79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:42:44.0547 4392 usbehci - ok
14:42:44.0571 4392 [ 2c780746dc44a28fe67004dc58173f05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
14:42:44.0584 4392 usbfilter - ok
14:42:44.0602 4392 [ e7df1cfd28ca86b35ef5add0735ceef3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:42:44.0639 4392 usbhub - ok
14:42:44.0665 4392 [ f1bb1e55f1e7a65c5839ccc7b36d773e ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:42:44.0679 4392 usbohci - ok
14:42:44.0698 4392 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:42:44.0716 4392 usbprint - ok
14:42:44.0729 4392 [ f39983647bc1f3e6100778ddfe9dce29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:42:44.0752 4392 USBSTOR - ok
14:42:44.0768 4392 [ bc3070350a491d84b518d7cca9abd36f ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:42:44.0783 4392 usbuhci - ok
14:42:44.0816 4392 [ 7cb8c573c6e4a2714402cc0a36eab4fe ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:42:44.0847 4392 usbvideo - ok
14:42:44.0865 4392 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
14:42:44.0925 4392 UxSms - ok
14:42:44.0953 4392 [ 156f6159457d0aa7e59b62681b56eb90 ] VaultSvc C:\Windows\system32\lsass.exe
14:42:44.0975 4392 VaultSvc - ok
14:42:44.0991 4392 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
14:42:45.0005 4392 vdrvroot - ok
14:42:45.0027 4392 [ 44d73e0bbc1d3c8981304ba15135c2f2 ] vds C:\Windows\System32\vds.exe
14:42:45.0074 4392 vds - ok
14:42:45.0099 4392 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:42:45.0117 4392 vga - ok
14:42:45.0135 4392 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
14:42:45.0175 4392 VgaSave - ok
14:42:45.0188 4392 [ c82e748660f62a242b2dfac1442f22a4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
14:42:45.0200 4392 vhdmp - ok
14:42:45.0227 4392 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
14:42:45.0254 4392 viaide - ok
14:42:45.0273 4392 [ 2b1a3dae2b4e70dbba822b7a03fbd4a3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
14:42:45.0285 4392 volmgr - ok
14:42:45.0298 4392 [ 99b0cbb569ca79acaed8c91461d765fb ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:42:45.0316 4392 volmgrx - ok
14:42:45.0323 4392 [ 58f82eed8ca24b461441f9c3e4f0bf5c ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
14:42:45.0336 4392 volsnap - ok
14:42:45.0357 4392 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:42:45.0368 4392 vsmraid - ok
14:42:45.0406 4392 [ 787898bf9fb6d7bd87a36e2d95c899ba ] VSS C:\Windows\system32\vssvc.exe
14:42:45.0430 4392 VSS - ok
14:42:45.0443 4392 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:42:45.0470 4392 vwifibus - ok
14:42:45.0506 4392 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
14:42:45.0539 4392 W32Time - ok
14:42:45.0553 4392 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:42:45.0585 4392 WacomPen - ok
14:42:45.0620 4392 [ 47ca49400643effd3f1c9a27e1d69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:42:45.0678 4392 WANARP - ok
14:42:45.0682 4392 [ 47ca49400643effd3f1c9a27e1d69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:42:45.0710 4392 Wanarpv6 - ok
14:42:45.0764 4392 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:42:45.0793 4392 WatAdminSvc - ok
14:42:45.0829 4392 [ 5ab1bb85bd8b5089cc5d64200dedae68 ] wbengine C:\Windows\system32\wbengine.exe
14:42:45.0910 4392 wbengine - ok
14:42:45.0930 4392 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:42:45.0952 4392 WbioSrvc - ok
14:42:45.0977 4392 [ dd1bae8ebfc653824d29ccf8c9054d68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:42:46.0028 4392 wcncsvc - ok
14:42:46.0044 4392 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:42:46.0055 4392 WcsPlugInService - ok
14:42:46.0069 4392 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:42:46.0078 4392 Wd - ok
14:42:46.0103 4392 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:42:46.0121 4392 Wdf01000 - ok
14:42:46.0134 4392 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:42:46.0189 4392 WdiServiceHost - ok
14:42:46.0193 4392 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:42:46.0210 4392 WdiSystemHost - ok
14:42:46.0251 4392 [ 733006127f235be7c35354ebee7b9a7b ] WebClient C:\Windows\System32\webclnt.dll
14:42:46.0319 4392 WebClient - ok
14:42:46.0343 4392 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:42:46.0414 4392 Wecsvc - ok
14:42:46.0429 4392 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:42:46.0476 4392 wercplsupport - ok
14:42:46.0505 4392 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:42:46.0534 4392 WerSvc - ok
14:42:46.0560 4392 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:42:46.0588 4392 WfpLwf - ok
14:42:46.0599 4392 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:42:46.0608 4392 WIMMount - ok
14:42:46.0613 4392 WinHttpAutoProxySvc - ok
14:42:46.0656 4392 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:42:46.0704 4392 Winmgmt - ok
14:42:46.0758 4392 [ 41fbb751936b387f9179e7f03a74fe29 ] WinRM C:\Windows\system32\WsmSvc.dll
14:42:46.0812 4392 WinRM - ok
14:42:46.0846 4392 [ 817eaff5d38674edd7713b9dfb8e9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:42:46.0875 4392 WinUsb - ok
14:42:46.0907 4392 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
14:42:46.0974 4392 Wlansvc - ok
14:42:46.0980 4392 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:42:46.0995 4392 WmiAcpi - ok
14:42:47.0019 4392 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:42:47.0048 4392 wmiApSrv - ok
14:42:47.0083 4392 WMPNetworkSvc - ok
14:42:47.0109 4392 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:42:47.0128 4392 WPCSvc - ok
14:42:47.0144 4392 [ 2e57ddf2880a7e52e76f41c7e96d327b ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:42:47.0176 4392 WPDBusEnum - ok
14:42:47.0195 4392 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:42:47.0222 4392 ws2ifsl - ok
14:42:47.0227 4392 WSearch - ok
14:42:47.0244 4392 [ 7cadc74271dd6461c452c271b30bd378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:42:47.0316 4392 WudfPf - ok
14:42:47.0346 4392 [ 3b197af0fff08aa66b6b2241ca538d64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:42:47.0376 4392 WUDFRd - ok
14:42:47.0389 4392 [ b551d6637aa0e132c18ac6e504f7b79b ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:42:47.0435 4392 wudfsvc - ok
14:42:47.0458 4392 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
14:42:47.0475 4392 WwanSvc - ok
14:42:47.0494 4392 ================ Scan global ===============================
14:42:47.0515 4392 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
14:42:47.0535 4392 (0cb6ebf4b461a6043353c570bd72a1e1) C:\Windows\system32\winsrv.dll
14:42:47.0542 4392 (0cb6ebf4b461a6043353c570bd72a1e1) C:\Windows\system32\winsrv.dll
14:42:47.0552 4392 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
14:42:47.0584 4392 (014a9cb92514e27c0107614df764bc06) C:\Windows\system32\services.exe
14:42:47.0588 4392 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
14:42:47.0588 4392 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
14:42:47.0589 4392 ================ Scan MBR ==================================
14:42:47.0605 4392 MBR (0x1B8) (e055dcd3a6826c7b2c0044a28d3e8d02) \Device\Harddisk0\DR0
14:42:48.0013 4392 \Device\Harddisk0\DR0 - ok
14:42:48.0014 4392 ================ Scan VBR ==================================
14:42:48.0020 4392 Boot (0x1200) (3a1492c651af341be13ff50cb7b72330) \Device\Harddisk0\DR0\Partition1
14:42:48.0024 4392 \Device\Harddisk0\DR0\Partition1 - ok
14:42:48.0061 4392 Boot (0x1200) (b49021d698f20e2afeb85e3f87fbea1a) \Device\Harddisk0\DR0\Partition2
14:42:48.0063 4392 \Device\Harddisk0\DR0\Partition2 - ok
14:42:48.0095 4392 Boot (0x1200) (d7adee2d9cdd242de1ddc7ce28cf8331) \Device\Harddisk0\DR0\Partition3
14:42:48.0097 4392 \Device\Harddisk0\DR0\Partition3 - ok
14:42:48.0097 4392 ============================================================
14:42:48.0097 4392 Scan finished
14:42:48.0097 4392 ============================================================
14:42:48.0113 5916 Detected object count: 1
14:42:48.0113 5916 Actual detected object count: 1
14:45:37.0196 5916 C:\Windows\system32\services.exe - copied to quarantine
14:45:37.0449 5916 C:\Windows\installer\{85d5cced-8f02-6966-ad01-43a438d08e3e}\@ - copied to quarantine
14:45:37.0450 5916 C:\Windows\installer\{85d5cced-8f02-6966-ad01-43a438d08e3e}\U\[email protected] - copied to quarantine
14:45:37.0451 5916 C:\Windows\installer\{85d5cced-8f02-6966-ad01-43a438d08e3e}\U\[email protected] - copied to quarantine
14:45:37.0475 5916 C:\Windows\installer\{85d5cced-8f02-6966-ad01-43a438d08e3e}\U\[email protected] - copied to quarantine
14:45:37.0478 5916 C:\Users\Family computer\AppData\Local\{85d5cced-8f02-6966-ad01-43a438d08e3e}\@ - copied to quarantine
14:45:37.0965 5916 Backup copy found, using it..
14:45:38.0033 5916 C:\Windows\installer\{85d5cced-8f02-6966-ad01-43a438d08e3e}\@ - will be deleted on reboot
14:45:38.0034 5916 C:\Windows\installer\{85d5cced-8f02-6966-ad01-43a438d08e3e}\U\[email protected] - will be deleted on reboot
14:45:38.0034 5916 C:\Windows\installer\{85d5cced-8f02-6966-ad01-43a438d08e3e}\U\[email protected] - will be deleted on reboot
14:45:38.0034 5916 C:\Windows\installer\{85d5cced-8f02-6966-ad01-43a438d08e3e}\U\[email protected] - will be deleted on reboot
14:45:38.0037 5916 C:\Users\Family computer\AppData\Local\{85d5cced-8f02-6966-ad01-43a438d08e3e}\@ - will be deleted on reboot
14:45:38.0038 5916 C:\Windows\system32\services.exe - will be cured on reboot
14:45:38.0038 5916 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure
14:45:52.0111 5708 Deinitialize success
  • 0

#5
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
We have work to do...

Step 1

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply


Step 2

Please don't forget to include these items in your reply:

  • Combofix log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#6
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP