WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93083 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

SVCHOST uses 100% of CPU... [Closed]

Started by CMD4649 , Dec 14 2013 07:39 PM

This topic is locked

7 replies to this topic

#1 CMD4649

Authentic Member

Authentic Member
68 posts

Posted 14 December 2013 - 07:39 PM

Hello.

I'm running Windows XP and when I boot the PC and look at the Windows Task manager, SVCHOST.exe will be consuming a large amount of memory and then spike the CPU up to 100%. I can end the task and the CPU usage will drop, but then it will start up again. The PC must be infected with something. Here's the HJT log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:38:24 PM, on 12/14/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Charlie Duffy.CD-HOME\My Documents\Downloads\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Charlie Duffy.CD-HOME\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Charlie Duffy.CD-HOME\Application Data\Dropbox\bin\Dropbox.exe
O4 - Startup: Verizon Wireless Software Utility Application for Android – Samsung.lnk = C:\Documents and Settings\Charlie Duffy.CD-HOME\Application Data\Verizon\UA_ar\UA.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1361332591468
O18 - Protocol: bw+0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {AB07AD51-A2E5-489E-A029-9BC50D21E5B7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 20120 bytes

Thyanks for any help that you can provide.

Charlie

Advertisements

Register to Remove

#2 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 16 December 2013 - 11:44 AM

Hi and Welcome!!

My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

The fixes are specific to your problem and should only be used for the issues on this machine.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
Please be sure to subscribe to the topic if you have not already done so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.

Having said that.... Let's get going!!
----------

Please download TDSSKiller

Double click TDSSKiller.exe
Press Start Scan but do nothing else as we are just looking for what is there.
If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
Attach the log in your next reply
- A copy of the log will be saved automatically to the root of the drive (typically C:\)

----------

AdwCleaner

Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool
Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

----------

#3 CMD4649

Authentic Member

Authentic Member
68 posts

Posted 16 December 2013 - 09:36 PM

Hello Jeff.

Neither one of these tools found anything. First, here is the TDSS Killer log:

22:28:13.0515 0x0c9c TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50

22:28:18.0640 0x0c9c ============================================================

22:28:18.0640 0x0c9c Current date / time: 2013/12/16 22:28:18.0640

22:28:18.0640 0x0c9c SystemInfo:

22:28:18.0640 0x0c9c

22:28:18.0640 0x0c9c OS Version: 5.1.2600 ServicePack: 3.0

22:28:18.0640 0x0c9c Product type: Workstation

22:28:18.0640 0x0c9c ComputerName: CD-HOME

22:28:18.0640 0x0c9c UserName: Charlie Duffy

22:28:18.0640 0x0c9c Windows directory: C:\WINDOWS

22:28:18.0640 0x0c9c System windows directory: C:\WINDOWS

22:28:18.0640 0x0c9c Processor architecture: Intel x86

22:28:18.0640 0x0c9c Number of processors: 1

22:28:18.0640 0x0c9c Page size: 0x1000

22:28:18.0640 0x0c9c Boot type: Normal boot

22:28:18.0640 0x0c9c ============================================================

22:28:22.0781 0x0c9c KLMD registered as C:\WINDOWS\system32\drivers\09340174.sys

22:28:23.0000 0x0c9c System UUID: {C71A0724-4625-7D25-1E47-1E58AE7AB3D7}

22:28:23.0906 0x0c9c Drive \Device\Harddisk0\DR0 - Size: 0x728D84000 (28.64 Gb), SectorSize: 0x200, Cylinders: 0xE9A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

22:28:23.0906 0x0c9c Drive \Device\Harddisk1\DR1 - Size: 0x1315740000 (76.34 Gb), SectorSize: 0x200, Cylinders: 0x26EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

22:28:23.0906 0x0c9c Drive \Device\Harddisk2\DR4 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

22:28:23.0906 0x0c9c ============================================================

22:28:23.0906 0x0c9c \Device\Harddisk0\DR0:

22:28:23.0906 0x0c9c MBR partitions:

22:28:23.0906 0x0c9c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3940F1A

22:28:23.0906 0x0c9c \Device\Harddisk1\DR1:

22:28:23.0906 0x0c9c MBR partitions:

22:28:23.0906 0x0c9c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x98A40EC

22:28:23.0906 0x0c9c \Device\Harddisk2\DR4:

22:28:23.0906 0x0c9c MBR partitions:

22:28:23.0906 0x0c9c \Device\Harddisk2\DR4\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A384C02

22:28:23.0906 0x0c9c ============================================================

22:28:23.0906 0x0c9c D: <-> \Device\Harddisk1\DR1\Partition1

22:28:23.0906 0x0c9c C: <-> \Device\Harddisk0\DR0\Partition1

22:28:23.0921 0x0c9c G: <-> \Device\Harddisk2\DR4\Partition1

22:28:23.0921 0x0c9c ============================================================

22:28:23.0921 0x0c9c Initialize success

22:28:23.0921 0x0c9c ============================================================

22:28:28.0578 0x0178 ============================================================

22:28:28.0578 0x0178 Scan started

22:28:28.0578 0x0178 Mode: Manual;

22:28:28.0578 0x0178 ============================================================

22:28:28.0578 0x0178 KSN ping started

22:28:43.0125 0x0178 KSN ping finished: true

22:28:44.0296 0x0178 ================ Scan system memory ========================

22:28:44.0296 0x0178 System memory - ok

22:28:44.0312 0x0178 ================ Scan services =============================

22:28:44.0406 0x0178 Abiosdsk - ok

22:28:44.0421 0x0178 abp480n5 - ok

22:28:44.0468 0x0178 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

22:28:44.0484 0x0178 ACPI - ok

22:28:44.0656 0x0178 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

22:28:44.0656 0x0178 ACPIEC - ok

22:28:44.0734 0x0178 [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

22:28:44.0750 0x0178 AdobeFlashPlayerUpdateSvc - ok

22:28:44.0765 0x0178 adpu160m - ok

22:28:44.0812 0x0178 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys

22:28:44.0812 0x0178 aec - ok

22:28:44.0875 0x0178 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys

22:28:44.0875 0x0178 AFD - ok

22:28:44.0906 0x0178 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys

22:28:44.0921 0x0178 agp440 - ok

22:28:44.0921 0x0178 Aha154x - ok

22:28:44.0937 0x0178 aic78u2 - ok

22:28:44.0953 0x0178 aic78xx - ok

22:28:45.0031 0x0178 [ D1E147EC5185BE609F251FD9A458EA1A, 621D22645B2CB772020C94AB35B8F128E03D4D6BD49396751995ED70279120D2 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS

22:28:45.0109 0x0178 ALCXWDM - ok

22:28:45.0140 0x0178 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

22:28:45.0140 0x0178 Alerter - ok

22:28:45.0171 0x0178 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe

22:28:45.0171 0x0178 ALG - ok

22:28:45.0187 0x0178 AliIde - ok

22:28:45.0203 0x0178 amsint - ok

22:28:45.0234 0x0178 [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll

22:28:45.0250 0x0178 AppMgmt - ok

22:28:45.0265 0x0178 asc - ok

22:28:45.0265 0x0178 asc3350p - ok

22:28:45.0281 0x0178 asc3550 - ok

22:28:45.0390 0x0178 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

22:28:45.0390 0x0178 aspnet_state - ok

22:28:45.0421 0x0178 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

22:28:45.0421 0x0178 AsyncMac - ok

22:28:45.0453 0x0178 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

22:28:45.0468 0x0178 atapi - ok

22:28:45.0484 0x0178 Atdisk - ok

22:28:45.0500 0x0178 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

22:28:45.0515 0x0178 Atmarpc - ok

22:28:45.0546 0x0178 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

22:28:45.0546 0x0178 AudioSrv - ok

22:28:45.0593 0x0178 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

22:28:45.0593 0x0178 audstub - ok

22:28:45.0625 0x0178 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys

22:28:45.0640 0x0178 Beep - ok

22:28:45.0687 0x0178 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll

22:28:45.0718 0x0178 BITS - ok

22:28:45.0781 0x0178 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll

22:28:45.0781 0x0178 Browser - ok

22:28:45.0828 0x0178 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

22:28:45.0828 0x0178 cbidf2k - ok

22:28:45.0875 0x0178 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

22:28:45.0875 0x0178 CCDECODE - ok

22:28:45.0890 0x0178 cd20xrnt - ok

22:28:45.0921 0x0178 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

22:28:45.0921 0x0178 Cdaudio - ok

22:28:45.0968 0x0178 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

22:28:45.0968 0x0178 Cdfs - ok

22:28:46.0000 0x0178 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

22:28:46.0000 0x0178 Cdrom - ok

22:28:46.0015 0x0178 Changer - ok

22:28:46.0109 0x0178 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe

22:28:46.0109 0x0178 CiSvc - ok

22:28:46.0140 0x0178 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

22:28:46.0140 0x0178 ClipSrv - ok

22:28:46.0203 0x0178 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

22:28:46.0218 0x0178 clr_optimization_v2.0.50727_32 - ok

22:28:46.0234 0x0178 CmdIde - ok

22:28:46.0250 0x0178 COMSysApp - ok

22:28:46.0281 0x0178 Cpqarray - ok

22:28:46.0328 0x0178 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

22:28:46.0328 0x0178 CryptSvc - ok

22:28:46.0343 0x0178 dac2w2k - ok

22:28:46.0359 0x0178 dac960nt - ok

22:28:46.0421 0x0178 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

22:28:46.0453 0x0178 DcomLaunch - ok

22:28:46.0500 0x0178 [ 7BEF2E2159EDB03105BC7A8BABE04726, 6F09F3C11DCE6E03D6A658B244F2F0ABBD2B13C46061D425A5266453C8159858 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys

22:28:46.0515 0x0178 dg_ssudbus - ok

22:28:46.0562 0x0178 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

22:28:46.0562 0x0178 Dhcp - ok

22:28:46.0609 0x0178 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

22:28:46.0609 0x0178 Disk - ok

22:28:46.0625 0x0178 dmadmin - ok

22:28:46.0703 0x0178 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

22:28:46.0765 0x0178 dmboot - ok

22:28:46.0796 0x0178 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys

22:28:46.0812 0x0178 dmio - ok

22:28:46.0843 0x0178 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys

22:28:46.0859 0x0178 dmload - ok

22:28:46.0890 0x0178 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll

22:28:46.0890 0x0178 dmserver - ok

22:28:46.0921 0x0178 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

22:28:46.0921 0x0178 DMusic - ok

22:28:46.0968 0x0178 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

22:28:46.0968 0x0178 Dnscache - ok

22:28:47.0015 0x0178 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

22:28:47.0015 0x0178 Dot3svc - ok

22:28:47.0031 0x0178 dpti2o - ok

22:28:47.0078 0x0178 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

22:28:47.0078 0x0178 drmkaud - ok

22:28:47.0125 0x0178 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll

22:28:47.0125 0x0178 EapHost - ok

22:28:47.0156 0x0178 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll

22:28:47.0156 0x0178 ERSvc - ok

22:28:47.0203 0x0178 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe

22:28:47.0203 0x0178 Eventlog - ok

22:28:47.0250 0x0178 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll

22:28:47.0265 0x0178 EventSystem - ok

22:28:47.0296 0x0178 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

22:28:47.0312 0x0178 Fastfat - ok

22:28:47.0343 0x0178 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

22:28:47.0359 0x0178 FastUserSwitchingCompatibility - ok

22:28:47.0375 0x0178 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys

22:28:47.0375 0x0178 Fdc - ok

22:28:47.0421 0x0178 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys

22:28:47.0421 0x0178 Fips - ok

22:28:47.0437 0x0178 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys

22:28:47.0437 0x0178 Flpydisk - ok

22:28:47.0484 0x0178 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys

22:28:47.0484 0x0178 FltMgr - ok

22:28:47.0562 0x0178 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

22:28:47.0562 0x0178 FontCache3.0.0.0 - ok

22:28:47.0593 0x0178 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

22:28:47.0593 0x0178 Fs_Rec - ok

22:28:47.0625 0x0178 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

22:28:47.0640 0x0178 Ftdisk - ok

22:28:47.0671 0x0178 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

22:28:47.0671 0x0178 Gpc - ok

22:28:47.0796 0x0178 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

22:28:47.0812 0x0178 gupdate - ok

22:28:47.0828 0x0178 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

22:28:47.0828 0x0178 gupdatem - ok

22:28:47.0890 0x0178 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

22:28:47.0906 0x0178 gusvc - ok

22:28:47.0968 0x0178 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

22:28:47.0968 0x0178 helpsvc - ok

22:28:47.0984 0x0178 HidServ - ok

22:28:48.0031 0x0178 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

22:28:48.0031 0x0178 hkmsvc - ok

22:28:48.0046 0x0178 hpn - ok

22:28:48.0093 0x0178 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

22:28:48.0140 0x0178 HTTP - ok

22:28:48.0171 0x0178 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

22:28:48.0187 0x0178 HTTPFilter - ok

22:28:48.0187 0x0178 i2omgmt - ok

22:28:48.0203 0x0178 i2omp - ok

22:28:48.0265 0x0178 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

22:28:48.0265 0x0178 i8042prt - ok

22:28:48.0390 0x0178 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

22:28:48.0437 0x0178 idsvc - ok

22:28:48.0484 0x0178 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

22:28:48.0484 0x0178 Imapi - ok

22:28:48.0531 0x0178 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe

22:28:48.0531 0x0178 ImapiService - ok

22:28:48.0546 0x0178 ini910u - ok

22:28:48.0609 0x0178 [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys

22:28:48.0609 0x0178 IntelIde - ok

22:28:48.0640 0x0178 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

22:28:48.0640 0x0178 intelppm - ok

22:28:48.0671 0x0178 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

22:28:48.0671 0x0178 Ip6Fw - ok

22:28:48.0703 0x0178 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

22:28:48.0718 0x0178 IpFilterDriver - ok

22:28:48.0734 0x0178 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

22:28:48.0734 0x0178 IpInIp - ok

22:28:48.0781 0x0178 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

22:28:48.0796 0x0178 IpNat - ok

22:28:48.0828 0x0178 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

22:28:48.0828 0x0178 IPSec - ok

22:28:48.0875 0x0178 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

22:28:48.0875 0x0178 IRENUM - ok

22:28:48.0921 0x0178 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

22:28:48.0921 0x0178 isapnp - ok

22:28:48.0968 0x0178 [ 8F1BA487B35F0C8F637E05113AA815F8, ADD27A92A56D271BD841B303E1813D8449158E683BAC595B8E5B5E145F7693AE ] itchfltr C:\WINDOWS\system32\DRIVERS\itchfltr.sys

22:28:48.0968 0x0178 itchfltr - ok

22:28:49.0078 0x0178 [ 9ECF00E19736054E019C532AED8228FC, F5A64A8269EA3655BBD4850298F335C0BD30535258928ED7CE62A32A3363E60B ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe

22:28:49.0078 0x0178 JavaQuickStarterService - ok

22:28:49.0109 0x0178 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

22:28:49.0109 0x0178 Kbdclass - ok

22:28:49.0171 0x0178 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

22:28:49.0171 0x0178 kmixer - ok

22:28:49.0218 0x0178 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

22:28:49.0218 0x0178 KSecDD - ok

22:28:49.0265 0x0178 [ 009C4267A8D74F98533C899710EE7419, F50902C557B7E4BACFA305945324A86DF5380B7BB50AF09CD012F9ADBB20F0F9 ] l8042pr2 C:\WINDOWS\system32\DRIVERS\L8042Pr2.sys

22:28:49.0265 0x0178 l8042pr2 - ok

22:28:49.0312 0x0178 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll

22:28:49.0328 0x0178 LanmanServer - ok

22:28:49.0375 0x0178 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

22:28:49.0375 0x0178 lanmanworkstation - ok

22:28:49.0390 0x0178 lbrtfdc - ok

22:28:49.0437 0x0178 [ 74AB237C1106216814C5052481A990D5, 0312B38487FE4C02067ED013D31A74171CAA9A7C07C98C4C1920559F2C3DF19E ] LKbdFlt2 C:\WINDOWS\system32\DRIVERS\LKbdFlt2.sys

22:28:49.0437 0x0178 LKbdFlt2 - ok

22:28:49.0468 0x0178 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

22:28:49.0468 0x0178 LmHosts - ok

22:28:49.0500 0x0178 [ 90BFBCF6EF78E59466B8FB7D3B012688, 7D2627F26BA3992736EFFF72FA4F84288D5852E5285C138CC12213E348B5CF0F ] LMouFlt2 C:\WINDOWS\system32\DRIVERS\LMouFlt2.sys

22:28:49.0500 0x0178 LMouFlt2 - ok

22:28:49.0656 0x0178 [ 2D0AB9D29E6B0C42CCE955B5A8E0D62D, AA70B7B644E911C4539CDB48FC9D6702183666C02F59ED3C947C22B8AB71B709 ] LVcKap C:\WINDOWS\system32\DRIVERS\LVcKap.sys

22:28:49.0734 0x0178 LVcKap - ok

22:28:49.0875 0x0178 [ A3963E3D997C3646E1D3338EB88A48E9, CC500574A5E59AB273BA246D2ABCE4BCE87473170B10B601F45EA6049B2EDA63 ] LVMVDrv C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys

22:28:49.0984 0x0178 LVMVDrv - ok

22:28:50.0015 0x0178 [ 39C767BD6D99C23D28E71B6E0CBA3129, A88E27A862D7E6E2500A56F8B6757EBCBD59860C1BCBA50F79DCEF1A279225AC ] LVPr2Mon C:\WINDOWS\system32\drivers\LVPr2Mon.sys

22:28:50.0015 0x0178 LVPr2Mon - ok

22:28:50.0093 0x0178 [ 44B3B997E25C5D9A81D6C501451A96D7, BE8EDB440B6C5AAE952B00DBAB203A695209322C0401BEC835F7C92B7386D035 ] LVPrcSrv c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

22:28:50.0109 0x0178 LVPrcSrv - ok

22:28:50.0125 0x0178 [ 7B4607C0C664DA98753508F85BB10694, 1BFB21633D724DE0AF7A63F49CF7321554EBEDF08F1C9251A6EF93BF837FED4A ] LVSrvLauncher C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe

22:28:50.0125 0x0178 LVSrvLauncher - ok

22:28:50.0156 0x0178 [ 6AD3F5275F117F08C12EAB2233A9E3FB, E20A600DDAD882565FC1191E4CED0212A89C4D4FCEB3880390CB50FA2AB2A5A4 ] LVUSBSta C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys

22:28:50.0156 0x0178 LVUSBSta - ok

22:28:50.0218 0x0178 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll

22:28:50.0218 0x0178 Messenger - ok

22:28:50.0265 0x0178 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

22:28:50.0265 0x0178 mnmdd - ok

22:28:50.0296 0x0178 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

22:28:50.0312 0x0178 mnmsrvc - ok

22:28:50.0328 0x0178 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys

22:28:50.0328 0x0178 Modem - ok

22:28:50.0359 0x0178 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

22:28:50.0359 0x0178 Mouclass - ok

22:28:50.0390 0x0178 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

22:28:50.0390 0x0178 MountMgr - ok

22:28:50.0468 0x0178 [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

22:28:50.0468 0x0178 MozillaMaintenance - ok

22:28:50.0484 0x0178 mraid35x - ok

22:28:50.0515 0x0178 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

22:28:50.0531 0x0178 MRxDAV - ok

22:28:50.0593 0x0178 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

22:28:50.0609 0x0178 MRxSmb - ok

22:28:50.0656 0x0178 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe

22:28:50.0656 0x0178 MSDTC - ok

22:28:50.0687 0x0178 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

22:28:50.0703 0x0178 Msfs - ok

22:28:50.0703 0x0178 MSIServer - ok

22:28:50.0734 0x0178 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

22:28:50.0734 0x0178 MSKSSRV - ok

22:28:50.0765 0x0178 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

22:28:50.0765 0x0178 MSPCLOCK - ok

22:28:50.0781 0x0178 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

22:28:50.0781 0x0178 MSPQM - ok

22:28:50.0812 0x0178 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

22:28:50.0812 0x0178 mssmbios - ok

22:28:50.0843 0x0178 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys

22:28:50.0843 0x0178 MSTEE - ok

22:28:50.0875 0x0178 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

22:28:50.0890 0x0178 Mup - ok

22:28:50.0921 0x0178 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

22:28:50.0921 0x0178 NABTSFEC - ok

22:28:50.0968 0x0178 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll

22:28:50.0984 0x0178 napagent - ok

22:28:51.0031 0x0178 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

22:28:51.0031 0x0178 NDIS - ok

22:28:51.0109 0x0178 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys

22:28:51.0109 0x0178 NdisIP - ok

22:28:51.0140 0x0178 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

22:28:51.0140 0x0178 NdisTapi - ok

22:28:51.0187 0x0178 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

22:28:51.0187 0x0178 Ndisuio - ok

22:28:51.0203 0x0178 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

22:28:51.0203 0x0178 NdisWan - ok

22:28:51.0265 0x0178 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

22:28:51.0265 0x0178 NDProxy - ok

22:28:51.0296 0x0178 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

22:28:51.0296 0x0178 NetBIOS - ok

22:28:51.0328 0x0178 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

22:28:51.0328 0x0178 NetBT - ok

22:28:51.0375 0x0178 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe

22:28:51.0375 0x0178 NetDDE - ok

22:28:51.0406 0x0178 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

22:28:51.0406 0x0178 NetDDEdsdm - ok

22:28:51.0453 0x0178 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe

22:28:51.0453 0x0178 Netlogon - ok

22:28:51.0500 0x0178 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll

22:28:51.0515 0x0178 Netman - ok

22:28:51.0546 0x0178 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

22:28:51.0562 0x0178 NetTcpPortSharing - ok

22:28:51.0593 0x0178 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll

22:28:51.0609 0x0178 Nla - ok

22:28:51.0640 0x0178 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

22:28:51.0640 0x0178 Npfs - ok

22:28:51.0703 0x0178 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

22:28:51.0734 0x0178 Ntfs - ok

22:28:51.0765 0x0178 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

22:28:51.0765 0x0178 NtLmSsp - ok

22:28:51.0812 0x0178 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

22:28:51.0843 0x0178 NtmsSvc - ok

22:28:51.0875 0x0178 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys

22:28:51.0875 0x0178 Null - ok

22:28:52.0000 0x0178 [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

22:28:52.0109 0x0178 nv - ok

22:28:52.0156 0x0178 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

22:28:52.0171 0x0178 NwlnkFlt - ok

22:28:52.0171 0x0178 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

22:28:52.0187 0x0178 NwlnkFwd - ok

22:28:52.0296 0x0178 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

22:28:52.0328 0x0178 odserv - ok

22:28:52.0390 0x0178 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

22:28:52.0390 0x0178 ose - ok

22:28:52.0421 0x0178 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

22:28:52.0437 0x0178 Parport - ok

22:28:52.0453 0x0178 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

22:28:52.0453 0x0178 PartMgr - ok

22:28:52.0484 0x0178 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

22:28:52.0484 0x0178 ParVdm - ok

22:28:52.0515 0x0178 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

22:28:52.0531 0x0178 PCI - ok

22:28:52.0531 0x0178 PCIDump - ok

22:28:52.0562 0x0178 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

22:28:52.0562 0x0178 PCIIde - ok

22:28:52.0609 0x0178 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

22:28:52.0609 0x0178 Pcmcia - ok

22:28:52.0625 0x0178 PDCOMP - ok

22:28:52.0640 0x0178 PDFRAME - ok

22:28:52.0656 0x0178 PDRELI - ok

22:28:52.0671 0x0178 PDRFRAME - ok

22:28:52.0703 0x0178 [ 4350CB255AD546F4668C8B8AFD6A00A4, 854780D5A96BEB674F3838376D0B4698EA9E0CD574C5A357759D298188125265 ] pepifilter C:\WINDOWS\system32\DRIVERS\lv302af.sys

22:28:52.0703 0x0178 pepifilter - ok

22:28:52.0703 0x0178 perc2 - ok

22:28:52.0718 0x0178 perc2hib - ok

22:28:52.0828 0x0178 [ 6B310DE726E1A0DEFD66718A7F79B5D2, 6FE6AB44569EB69F2CD15829C4328323E40A3CDAFCF5B5D27267BA1303F95436 ] PID_08A0 C:\WINDOWS\system32\DRIVERS\LV302AV.SYS

22:28:52.0875 0x0178 PID_08A0 - ok

22:28:52.0906 0x0178 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe

22:28:52.0906 0x0178 PlugPlay - ok

22:28:52.0921 0x0178 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

22:28:52.0937 0x0178 PolicyAgent - ok

22:28:52.0968 0x0178 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

22:28:52.0968 0x0178 PptpMiniport - ok

22:28:52.0984 0x0178 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

22:28:52.0984 0x0178 ProtectedStorage - ok

22:28:53.0000 0x0178 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

22:28:53.0015 0x0178 PSched - ok

22:28:53.0031 0x0178 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

22:28:53.0031 0x0178 Ptilink - ok

22:28:53.0046 0x0178 ql1080 - ok

22:28:53.0062 0x0178 Ql10wnt - ok

22:28:53.0062 0x0178 ql12160 - ok

22:28:53.0093 0x0178 ql1240 - ok

22:28:53.0093 0x0178 ql1280 - ok

22:28:53.0109 0x0178 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

22:28:53.0109 0x0178 RasAcd - ok

22:28:53.0156 0x0178 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll

22:28:53.0156 0x0178 RasAuto - ok

22:28:53.0187 0x0178 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

22:28:53.0203 0x0178 Rasl2tp - ok

22:28:53.0218 0x0178 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll

22:28:53.0234 0x0178 RasMan - ok

22:28:53.0250 0x0178 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

22:28:53.0250 0x0178 RasPppoe - ok

22:28:53.0265 0x0178 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

22:28:53.0265 0x0178 Raspti - ok

22:28:53.0296 0x0178 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

22:28:53.0343 0x0178 Rdbss - ok

22:28:53.0359 0x0178 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

22:28:53.0359 0x0178 RDPCDD - ok

22:28:53.0421 0x0178 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys

22:28:53.0421 0x0178 rdpdr - ok

22:28:53.0484 0x0178 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

22:28:53.0484 0x0178 RDPWD - ok

22:28:53.0531 0x0178 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

22:28:53.0546 0x0178 RDSessMgr - ok

22:28:53.0578 0x0178 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

22:28:53.0593 0x0178 redbook - ok

22:28:53.0625 0x0178 [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

22:28:53.0625 0x0178 RemoteAccess - ok

22:28:53.0656 0x0178 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll

22:28:53.0656 0x0178 RemoteRegistry - ok

22:28:53.0703 0x0178 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe

22:28:53.0703 0x0178 RpcLocator - ok

22:28:53.0750 0x0178 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\system32\rpcss.dll

22:28:53.0781 0x0178 RpcSs - ok

22:28:53.0812 0x0178 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe

22:28:53.0828 0x0178 RSVP - ok

22:28:53.0843 0x0178 [ D507C1400284176573224903819FFDA3, DD0BDB2AB39A8A0A300B6D60FB6A7F5BA08C4DB8F59E0A784FB763EA8AD72AB2 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS

22:28:53.0859 0x0178 rtl8139 - ok

22:28:53.0875 0x0178 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe

22:28:53.0875 0x0178 SamSs - ok

22:28:53.0921 0x0178 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

22:28:53.0921 0x0178 SCardSvr - ok

22:28:53.0984 0x0178 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll

22:28:53.0984 0x0178 Schedule - ok

22:28:54.0031 0x0178 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

22:28:54.0031 0x0178 Secdrv - ok

22:28:54.0078 0x0178 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll

22:28:54.0078 0x0178 seclogon - ok

22:28:54.0093 0x0178 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll

22:28:54.0109 0x0178 SENS - ok

22:28:54.0125 0x0178 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

22:28:54.0125 0x0178 serenum - ok

22:28:54.0140 0x0178 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

22:28:54.0156 0x0178 Serial - ok

22:28:54.0187 0x0178 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

22:28:54.0187 0x0178 Sfloppy - ok

22:28:54.0218 0x0178 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

22:28:54.0250 0x0178 SharedAccess - ok

22:28:54.0281 0x0178 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

22:28:54.0281 0x0178 ShellHWDetection - ok

22:28:54.0296 0x0178 Simbad - ok

22:28:54.0593 0x0178 [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

22:28:54.0781 0x0178 Skype C2C Service - ok

22:28:54.0859 0x0178 [ 4E8A4BB5B11D828FF986F6228B1CD3DF, 8750614C6211059045A41F9579BC5A87162E9F72D865BC9790D2D55E98E50412 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe

22:28:54.0875 0x0178 SkypeUpdate - ok

22:28:54.0906 0x0178 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys

22:28:54.0906 0x0178 SLIP - ok

22:28:54.0921 0x0178 Sparrow - ok

22:28:54.0953 0x0178 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys

22:28:54.0953 0x0178 splitter - ok

22:28:54.0984 0x0178 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe

22:28:54.0984 0x0178 Spooler - ok

22:28:55.0031 0x0178 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

22:28:55.0031 0x0178 sr - ok

22:28:55.0062 0x0178 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll

22:28:55.0062 0x0178 srservice - ok

22:28:55.0125 0x0178 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

22:28:55.0140 0x0178 Srv - ok

22:28:55.0187 0x0178 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

22:28:55.0203 0x0178 SSDPSRV - ok

22:28:55.0250 0x0178 [ BCB4E273147AFCAFDFC0DA59AF9E6E25, 27143BD55995AFF9819A34F726EDC3F32422B2251EABBE1E022DD4979503F668 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys

22:28:55.0250 0x0178 ssudmdm - ok

22:28:55.0312 0x0178 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll

22:28:55.0328 0x0178 stisvc - ok

22:28:55.0343 0x0178 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys

22:28:55.0359 0x0178 streamip - ok

22:28:55.0375 0x0178 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

22:28:55.0375 0x0178 swenum - ok

22:28:55.0421 0x0178 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

22:28:55.0421 0x0178 swmidi - ok

22:28:55.0437 0x0178 SwPrv - ok

22:28:55.0453 0x0178 symc810 - ok

22:28:55.0468 0x0178 symc8xx - ok

22:28:55.0484 0x0178 sym_hi - ok

22:28:55.0500 0x0178 sym_u3 - ok

22:28:55.0515 0x0178 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

22:28:55.0515 0x0178 sysaudio - ok

22:28:55.0562 0x0178 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

22:28:55.0578 0x0178 SysmonLog - ok

22:28:55.0609 0x0178 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

22:28:55.0625 0x0178 TapiSrv - ok

22:28:55.0671 0x0178 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

22:28:55.0703 0x0178 Tcpip - ok

22:28:55.0734 0x0178 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

22:28:55.0734 0x0178 TDPIPE - ok

22:28:55.0765 0x0178 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

22:28:55.0765 0x0178 TDTCP - ok

22:28:55.0796 0x0178 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

22:28:55.0812 0x0178 TermDD - ok

22:28:55.0843 0x0178 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll

22:28:55.0859 0x0178 TermService - ok

22:28:55.0890 0x0178 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll

22:28:55.0890 0x0178 Themes - ok

22:28:55.0937 0x0178 [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe

22:28:55.0937 0x0178 TlntSvr - ok

22:28:55.0953 0x0178 TosIde - ok

22:28:56.0000 0x0178 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll

22:28:56.0000 0x0178 TrkWks - ok

22:28:56.0046 0x0178 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

22:28:56.0062 0x0178 Udfs - ok

22:28:56.0062 0x0178 ultra - ok

22:28:56.0125 0x0178 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

22:28:56.0156 0x0178 Update - ok

22:28:56.0187 0x0178 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll

22:28:56.0203 0x0178 upnphost - ok

22:28:56.0234 0x0178 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe

22:28:56.0234 0x0178 UPS - ok

22:28:56.0281 0x0178 [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys

22:28:56.0281 0x0178 usbaudio - ok

22:28:56.0328 0x0178 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

22:28:56.0328 0x0178 usbccgp - ok

22:28:56.0343 0x0178 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

22:28:56.0359 0x0178 usbehci - ok

22:28:56.0390 0x0178 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

22:28:56.0390 0x0178 usbhub - ok

22:28:56.0421 0x0178 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

22:28:56.0421 0x0178 USBSTOR - ok

22:28:56.0468 0x0178 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys

22:28:56.0468 0x0178 usbuhci - ok

22:28:56.0484 0x0178 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

22:28:56.0484 0x0178 VgaSave - ok

22:28:56.0500 0x0178 ViaIde - ok

22:28:56.0515 0x0178 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

22:28:56.0531 0x0178 VolSnap - ok

22:28:56.0578 0x0178 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe

22:28:56.0593 0x0178 VSS - ok

22:28:56.0640 0x0178 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll

22:28:56.0640 0x0178 W32Time - ok

22:28:56.0671 0x0178 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

22:28:56.0687 0x0178 Wanarp - ok

22:28:56.0687 0x0178 WDICA - ok

22:28:56.0718 0x0178 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

22:28:56.0734 0x0178 wdmaud - ok

22:28:56.0750 0x0178 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll

22:28:56.0765 0x0178 WebClient - ok

22:28:56.0828 0x0178 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

22:28:56.0843 0x0178 winmgmt - ok

22:28:56.0890 0x0178 [ 051B1BDECD6DEE18C771B5D5EC7F044D, E9D4870C7E4E6119B274CF788D564BE9C48EA63790F5D6A2E987EB6DF7C93200 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

22:28:56.0890 0x0178 WmdmPmSN - ok

22:28:56.0953 0x0178 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll

22:28:56.0984 0x0178 Wmi - ok

22:28:57.0046 0x0178 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

22:28:57.0046 0x0178 WmiApSrv - ok

22:28:57.0156 0x0178 [ 6BAB4DC65515A098505F8B3D01FB6FE5, 52AA14777920753A8AF76072216A266F5D0036F112F671E7104E1F4C04AE499E ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

22:28:57.0218 0x0178 WMPNetworkSvc - ok

22:28:57.0250 0x0178 [ C60DC16D4E406810FAD54B98DC92D5EC, 43E7DF323BBD7C889CAD078176E239319A40EE4BEBC7BD753012B94CF5E48551 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys

22:28:57.0250 0x0178 WpdUsb - ok

22:28:57.0296 0x0178 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll

22:28:57.0296 0x0178 wscsvc - ok

22:28:57.0328 0x0178 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

22:28:57.0328 0x0178 WSTCODEC - ok

22:28:57.0359 0x0178 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll

22:28:57.0359 0x0178 wuauserv - ok

22:28:57.0390 0x0178 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

22:28:57.0406 0x0178 WudfPf - ok

22:28:57.0421 0x0178 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

22:28:57.0421 0x0178 WudfRd - ok

22:28:57.0437 0x0178 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

22:28:57.0437 0x0178 WudfSvc - ok

22:28:57.0531 0x0178 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

22:28:57.0562 0x0178 WZCSVC - ok

22:28:57.0593 0x0178 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll

22:28:57.0609 0x0178 xmlprov - ok

22:28:57.0687 0x0178 [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

22:28:57.0734 0x0178 YahooAUService - ok

22:28:57.0765 0x0178 ================ Scan global ===============================

22:28:57.0781 0x0178 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll

22:28:57.0828 0x0178 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

22:28:57.0875 0x0178 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

22:28:57.0906 0x0178 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe

22:28:57.0921 0x0178 [ Global ] - ok

22:28:57.0921 0x0178 ================ Scan MBR ==================================

22:28:57.0937 0x0178 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

22:28:58.0078 0x0178 \Device\Harddisk0\DR0 - ok

22:28:58.0093 0x0178 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1

22:28:58.0093 0x0178 \Device\Harddisk1\DR1 - ok

22:28:58.0109 0x0178 [ 8FF255184F078C9C04E6A2CE66117C5C ] \Device\Harddisk2\DR4

22:28:58.0125 0x0178 \Device\Harddisk2\DR4 - ok

22:28:58.0125 0x0178 ================ Scan VBR ==================================

22:28:58.0125 0x0178 [ CC4186F7F1EC20A68A9EFE97D8EAE2F4 ] \Device\Harddisk0\DR0\Partition1

22:28:58.0140 0x0178 \Device\Harddisk0\DR0\Partition1 - ok

22:28:58.0140 0x0178 [ 3EAEDD92A2493B83CA4795D3F1DF5C80 ] \Device\Harddisk1\DR1\Partition1

22:28:58.0140 0x0178 \Device\Harddisk1\DR1\Partition1 - ok

22:28:58.0156 0x0178 [ 422ADD607D1AA39BA5E67B9A46A3DD38 ] \Device\Harddisk2\DR4\Partition1

22:28:58.0156 0x0178 \Device\Harddisk2\DR4\Partition1 - ok

22:28:58.0156 0x0178 Waiting for KSN requests completion. In queue: 176

22:28:59.0156 0x0178 Waiting for KSN requests completion. In queue: 176

22:29:00.0156 0x0178 Waiting for KSN requests completion. In queue: 176

22:29:01.0812 0x0178 Win FW state via NFM: enabled

22:29:04.0234 0x0178 ============================================================

22:29:04.0234 0x0178 Scan finished

22:29:04.0234 0x0178 ============================================================

22:29:04.0250 0x0e24 Detected object count: 0

22:29:04.0250 0x0e24 Actual detected object count: 0

Here's the AdwCleaner log:

# AdwCleaner v3.015 - Report created 16/12/2013 at 22:30:31

# Updated 10/12/2013 by Xplode

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

# Username : Charlie Duffy - CD-HOME

# Running from : C:\Documents and Settings\Charlie Duffy.CD-HOME\My Documents\Downloads\AdwCleaner.exe

# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\WINDOWS\system32\roboot.exe

Folder Found C:\Documents and Settings\All Users.WINDOWS\Application Data\Ask

Folder Found C:\Program Files\MyPC Backup

Folder Found C:\Program Files\PricePeep

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\SOFTWARE\Classes\driverscanner

Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Found : HKLM\SOFTWARE\Classes\speedupmypc

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

Key Found : HKLM\Software\systweak

Key Found : HKLM\Software\Uniblue

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v25.0.1 (en-US)

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [3321 octets] - [16/12/2013 22:30:31]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3381 octets] ##########

Let me know what to do next.

Charlie

#4 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 17 December 2013 - 06:37 AM

Hi,

Please download aswMBR to your desktop.

Double click the aswMBR icon to run it.
Click the Scan button to start scan.
If you are asked to update the Avast Virus database please allow it to do so.
When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.

----------

#5 CMD4649

Authentic Member

Authentic Member
68 posts

Posted 17 December 2013 - 11:23 PM

Hello Jeff.

Here is the log:

Run date: 2013-12-17 23:56:31

-----------------------------

23:56:31.015 OS Version: Windows 5.1.2600 Service Pack 3

23:56:31.015 Number of processors: 1 586 0x207

23:56:31.015 ComputerName: CD-HOME UserName:

23:56:32.281 Initialize success

00:00:09.000 The log file has been saved successfully to "C:\Documents and Settings\Charlie Duffy.CD-HOME\Desktop\aswMBR.txt"

Run date: 2013-12-18 00:03:04

-----------------------------

00:03:04.343 OS Version: Windows 5.1.2600 Service Pack 3

00:03:04.343 Number of processors: 1 586 0x207

00:03:04.359 ComputerName: CD-HOME UserName:

00:03:05.250 Initialize success

00:04:10.250 AVAST engine defs: 13121701

00:04:39.390 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4

00:04:39.406 Disk 0 Vendor: Maxtor_6E030L0 NAR61590 Size: 29325MB BusType: 3

00:04:39.406 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c

00:04:39.406 Disk 1 Vendor: Maxtor_6Y080L0 YAR41BW0 Size: 78167MB BusType: 3

00:04:39.609 Disk 0 MBR read successfully

00:04:39.609 Disk 0 MBR scan

00:04:39.687 Disk 0 Windows XP default MBR code

00:04:39.734 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 29313 MB offset 63

00:04:39.765 Disk 0 scanning sectors +60034905

00:04:39.906 Disk 0 scanning C:\WINDOWS\system32\drivers

00:04:57.328 Service scanning

00:05:32.328 Modules scanning

00:05:52.765 Disk 0 trace - called modules:

00:05:53.125 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS

00:05:53.125 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82386ab8]

00:05:53.125 3 CLASSPNP.SYS[f8575fd7] -> nt!IofCallDriver -> \Device\00000057[0x82360f18]

00:05:53.125 5 ACPI.sys[f84ec620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x82387d98]

00:05:53.921 AVAST engine scan C:\WINDOWS

00:06:10.609 AVAST engine scan C:\WINDOWS\system32

00:09:28.796 AVAST engine scan C:\WINDOWS\system32\drivers

00:09:41.718 AVAST engine scan C:\Documents and Settings\Charlie Duffy.CD-HOME

00:20:51.875 AVAST engine scan C:\Documents and Settings\All Users.WINDOWS

00:21:31.828 Scan finished successfully

00:21:46.875 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Charlie Duffy.CD-HOME\Desktop\MBR.dat"

00:21:46.875 The log file has been saved successfully to "C:\Documents and Settings\Charlie Duffy.CD-HOME\Desktop\aswMBR.txt"

#6 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 18 December 2013 - 06:42 AM

Please read through these instructions to familarize yourself with what to expect when this tool runs

Download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
4. If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.
----------

#7 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 20 December 2013 - 12:40 PM

Still here?

#8 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 21 December 2013 - 02:37 PM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic

Body Background

skin color theme

SVCHOST uses 100% of CPU... [Closed]

#1 CMD4649

Advertisements

Register to Remove

#2 jeffce

#3 CMD4649

#4 jeffce

#5 CMD4649

#6 jeffce

#7 jeffce

#8 jeffce

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Body Background

skin color theme

SVCHOST uses 100% of CPU... [Closed]

#1 CMD4649

Advertisements Register to Remove

#2 jeffce

#3 CMD4649

#4 jeffce

#5 CMD4649

#6 jeffce

#7 jeffce

#8 jeffce

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Sign In

Advertisements

Register to Remove