Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93081 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

multiple dllhost.com running (computer very slow) [Closed]


  • This topic is locked This topic is locked
42 replies to this topic

#1 sweetescape

sweetescape

    Authentic Member

  • Authentic Member
  • PipPip
  • 23 posts

Posted 22 December 2013 - 10:34 AM

Hi and thanks in advance for any help,

 

My computer is very slow and i got a tons of dllhost.com that is running. i also scaned my computer with hijackthis here's the log :
 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:26:20, on 2013-12-22
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
CHROME: 31.0.1650.63
FIREFOX: 24.0 (fr)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\syswow64\dllhost.exe
C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Users\Eric\Downloads\HijackThis.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://twitch.tv/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - d:\vb2010\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Eric\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Eric\AppData\Local\Google\Desktop\Install\{191f5d2d-7351-2455-d166-7d325c75f1b0}\???\???\???\{191f5d2d-7351-2455-d166-7d325c75f1b0}\GoogleUpdate.exe" >
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Eric\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft..../?LinkID=122915" /build:7601 (User 'Système')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft..../?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra button: Absolute Poker - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Absolute Poker - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.line6.net
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Akamai NetSession Interface (Akamai) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VisualSVN Server (VisualSVNServer) - Apache Software Foundation - C:\Program Files (x86)\VisualSVN Server\bin\VisualSVNServer.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 29201 bytes


    Advertisements

Register to Remove


#2 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 22 December 2013 - 02:02 PM

Hi and Welcome!!   

My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
  • If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
  • Please be sure to subscribe to the topic if you have not already done so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.


Having said that....   YBCQLm4.gif   Let's get going!!  
----------
 
Please download DDS from either of these links

LINK 1
LINK 2

and save it to your desktop.

  • Disable any antivirus programs during the scan (If you have difficulty properly disabling your protective programs, refer to this link here )
  • Double click dds to run the tool.
  • When done, two DDS.txt's will open.
  • Save both reports to your desktop.

---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt

Attach.txt
----------
 
weVCzW0.jpg Please download TDSSKiller

  • Double click TDSSKiller.exe
  • Press Start Scan but do nothing else as we are just looking for what is there.
  • If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
  • Attach the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

----------
 
81mYIKe.jpg  AdwCleaner

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

----------


Posted Image
 
 

#3 sweetescape

sweetescape

    Authentic Member

  • Authentic Member
  • PipPip
  • 23 posts

Posted 22 December 2013 - 02:26 PM

Heres the dds.txt log :

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK Internet Explorer: 10.0.9200.16660 Run by Eric at 15:18:26 on 2013-12-22 Microsoft Windows 7 Édition Intégrale 6.1.7601.1.1252.2.1036.18.4095.1410 [GMT -5:00] . AV: AntiVir Desktop *Enabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AntiVir Desktop *Enabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\Explorer.EXE C:\Windows\system32\ctfmon.exe C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\syswow64\dllhost.exe C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe C:\Windows\system32\LogonUI.exe C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eric\Downloads\HijackThis.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\syswow64\dllhost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://twitch.tv/ uProxyOverride = <local> BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO: Programme d'aide de l'Assistant de connexion Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - d:\vb2010\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} - uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [AdobeBridge] <no file> mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" mRun: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" mRun: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft..../?LinkID=122915" /build:7601 StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Ajouter à un fichier PDF existant - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir au format Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien au format Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: E&xporter vers Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 192.168.1.1 24.200.241.37 24.202.72.13 TCP: Interfaces\{56935080-2A11-4216-837D-21CE4E9CFB16} : DHCPNameServer = 192.168.1.1 24.200.241.37 24.202.72.13 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {Q8WIK5AW-C4XH-I111-2XP1-1JI8TA2A4612} - C:\Windows\System32\Winbooterr\Svchost.exe Restart x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" x64-Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" x64-Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe" . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\0jy3up8z.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.startup.homepage - www.google.com FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll FF - plugin: C:\Users\Eric\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll FF - plugin: C:\Users\Eric\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll FF - plugin: C:\Users\Eric\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Eric\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Users\Eric\AppData\Roaming\Mozilla\plugins\npo1d.dll FF - plugin: C:\Users\Eric\AppData\Roaming\raidcall\plugins\nprcplugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll . ============= SERVICES / DRIVERS =============== . . =============== File Associations =============== . FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1" ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\dreamweaver.exe", "%1" . =============== Created Last 30 ================ . 2013-12-20 16:29:10 22704 ----a-w- C:\Windows\System32\drivers\EsgScanner.sys 2013-12-20 16:28:59 110080 ----a-r- C:\Users\Eric\AppData\Roaming\Microsoft\Installer\{CD09642E-061D-4844-BA37-ED1480916404}\IconD7F16134.exe 2013-12-20 16:28:59 110080 ----a-r- C:\Users\Eric\AppData\Roaming\Microsoft\Installer\{CD09642E-061D-4844-BA37-ED1480916404}\Icon1226A4C5.exe 2013-12-20 16:28:58 110080 ----a-r- C:\Users\Eric\AppData\Roaming\Microsoft\Installer\{CD09642E-061D-4844-BA37-ED1480916404}\IconF7A21AF7.exe 2013-12-20 16:28:58 -------- d-----w- C:\sh4ldr 2013-12-20 16:28:58 -------- d-----w- C:\Program Files\Enigma Software Group 2013-12-20 16:26:39 -------- d-----w- C:\Windows\CD09642E061D4844BA37ED1480916404.TMP 2013-12-20 16:26:32 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2013-12-20 16:24:29 -------- d-----w- C:\Users\Eric\AppData\Local\{BE8108BD-6DF5-4758-90DB-079F7B2C4192} 2013-12-19 16:19:13 -------- d-----w- C:\Users\Eric\AppData\Local\{F24B1BAC-DBB7-43C6-84EC-0E408BFFA9EC} 2013-12-18 23:07:59 -------- d-----w- C:\Users\Eric\AppData\Roaming\SUPERAntiSpyware.com 2013-12-18 23:07:36 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2013-12-18 23:07:36 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2013-12-18 22:43:12 -------- d-----w- C:\Users\Eric\AppData\Local\{A726C179-75BE-4284-987A-CED8E47736A1} 2013-12-18 22:30:03 -------- d-----w- C:\Users\Eric\AppData\Local\{472FA007-FF6E-4102-98B0-B3B10D769837} 2013-12-18 22:28:36 -------- d-sh--w- C:\$RECYCLE.BIN 2013-12-18 20:02:32 208896 ----a-w- C:\Windows\MBR.exe 2013-12-18 20:02:31 98816 ----a-w- C:\Windows\sed.exe 2013-12-18 20:02:31 256000 ----a-w- C:\Windows\PEV.exe 2013-12-18 20:01:34 -------- d-s---w- C:\ComboFix 2013-12-18 19:52:34 -------- d-----w- C:\Users\Eric\AppData\Local\{2F65E6B0-9DA7-4614-B267-F9A87C5EA38E} 2013-12-17 20:12:14 -------- d-----w- C:\Users\Eric\AppData\Local\{89970940-3435-4A81-BA06-802452461E18} 2013-12-16 20:27:48 -------- d-----w- C:\Users\Eric\AppData\Local\{6F10FE4B-0C50-425F-A33B-028634E5F81F} 2013-12-15 16:15:46 -------- d-----w- C:\Users\Eric\AppData\Local\{405E0935-BD2D-4FE2-B514-67457F1A5B5F} 2013-12-14 15:34:02 -------- d-----w- C:\AdwCleaner 2013-12-14 14:49:04 -------- d-----w- C:\Users\Eric\AppData\Local\{6DBFC86E-E936-4629-BE45-E93DD13412F4} 2013-12-14 14:00:12 -------- d-----w- C:\Users\Eric\AppData\Roaming\Malwarebytes 2013-12-14 13:59:20 -------- d-----w- C:\ProgramData\Malwarebytes 2013-12-14 13:58:48 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-12-14 13:58:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-11 02:51:04 9293192 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2013-12-09 16:54:00 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi 2013-11-24 14:17:40 -------- d-----w- C:\Users\Eric\AppData\Local\{4AF6DB97-D021-4C4A-9B88-7F1BC40355E1} 2013-11-23 17:55:05 60248 ----a-w- C:\Windows\System32\drivers\ffusb2audio.sys 2013-11-23 17:55:05 21336 ----a-w- C:\Windows\System32\ffusb2audio_coinst.dll 2013-11-23 17:55:05 -------- d-----w- C:\Program Files\Focusrite 2013-11-23 17:30:33 -------- d-----w- C:\Users\Eric\AppData\Local\{E19C667D-6EEC-4065-9FE2-BD9D1207FB36} . ==================== Find3M ==================== . 2013-12-11 02:51:11 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-12-11 02:51:11 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-11-30 00:30:45 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2013-11-30 00:30:45 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2013-11-26 17:25:52 267936 ------w- C:\Windows\System32\MpSigStub.exe . ============= FINISH: 15:22:18,04 ===============



#4 sweetescape

sweetescape

    Authentic Member

  • Authentic Member
  • PipPip
  • 23 posts

Posted 22 December 2013 - 02:26 PM

and here's the attach.txt log:

. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Édition Intégrale Boot Device: \Device\HarddiskVolume1 Install Date: 2010-01-26 10:58:41 System Uptime: 2013-12-21 10:37:23 (29 hours ago) . Motherboard: ASUSTeK Computer INC. | | P5QL/EPU Processor: Intel® Core™2 Duo CPU E7500 @ 2.93GHz | LGA775 | 2932/266mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 300 GiB total, 75,427 GiB free. D: is FIXED (NTFS) - 166 GiB total, 30,895 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== Installed Programs ====================== . Ableton Live 9 Suite Acrobat.com Adobe Acrobat 9 Pro - English, Français, Deutsch Adobe After Effects CS4 Adobe After Effects CS4 Presets Adobe After Effects CS4 Third Party Content Adobe AIR Adobe Anchor Service CS4 Adobe Anchor Service x64 CS4 Adobe Asset Services CS4 Adobe Bridge CS4 Adobe CMaps CS4 Adobe CMaps x64 CS4 Adobe Color - Photoshop Specific CS4 Adobe Color EU Extra Settings CS4 Adobe Color EU Recommended Settings CS4 Adobe Color JA Extra Settings CS4 Adobe Color NA Extra Settings CS4 Adobe Color NA Recommended Settings CS4 Adobe Color Video Profiles AE CS4 Adobe Color Video Profiles CS CS4 Adobe Contribute CS4 Adobe Creative Suite 4 Master Collection Adobe CS4 American English Speech Analysis Models Adobe CSI CS4 Adobe CSI CS4 x64 Adobe Default Language CS4 Adobe Device Central CS4 Adobe Dreamweaver CS4 Adobe Drive CS4 Adobe Drive CS4 x64 Adobe Dynamiclink Support Adobe Encore CS4 Adobe Encore CS4 Codecs Adobe ExtendScript Toolkit CS4 Adobe Extension Manager CS4 Adobe Fireworks CS4 Adobe Flash CS4 Adobe Flash CS4 Extension - Flash Lite STI fr Adobe Flash CS4 Professional Adobe Flash CS4 STI-fr Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Fonts All Adobe Fonts All x64 Adobe Illustrator CS4 Adobe InDesign CS4 Adobe InDesign CS4 Application Feature Set Files (Roman) Adobe InDesign CS4 Common Base Files Adobe InDesign CS4 Icon Handler Adobe InDesign CS4 Icon Handler x64 Adobe Linguistics CS4 Adobe Linguistics CS4 x64 Adobe Media Encoder CS4 Adobe Media Encoder CS4 Additional Exporter Adobe Media Encoder CS4 Dolby Adobe Media Encoder CS4 Exporter Adobe Media Encoder CS4 Importer Adobe Media Player Adobe MotionPicture Color Files CS4 Adobe OnLocation CS4 Adobe Output Module Adobe PDF Library Files CS4 Adobe PDF Library Files x64 CS4 Adobe Photoshop CS4 Adobe Photoshop CS4 (64 Bit) Adobe Photoshop CS4 Support Adobe Premiere Pro CS4 Adobe Premiere Pro CS4 Functional Content Adobe Premiere Pro CS4 Third Party Content Adobe Reader 9.2 - Français Adobe Search for Help Adobe Service Manager Extension Adobe Setup Adobe SGM CS4 Adobe SING CS4 Adobe Soundbooth CS4 Adobe Soundbooth CS4 Codecs Adobe Type Support CS4 Adobe Type Support x64 CS4 Adobe Update Manager CS4 Adobe Version Cue CS4 Server Adobe WinSoft Linguistics Plugin Adobe WinSoft Linguistics Plugin x64 Adobe XMP Panels CS4 AdobeColorCommonSetCMYK AdobeColorCommonSetRGB Akamai NetSession Interface Akamai NetSession Interface Service AMD Accelerated Video Transcoding AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Media Foundation Decoders AMR to MP3 Converter 1.4 Apple Application Support Apple Mobile Device Support Apple Software Update µTorrent Audacity 1.3.11 (Unicode) Avira AntiVir Personal - Free Antivirus Bonjour Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Complément Messenger Connect Contrôle ActiveX Windows Live Mesh pour connexions à distance Counter-Strike: Global Offensive Counter-Strike: Source Crystal Reports for Visual Studio D3DX10 DAEMON Tools Pro Dotfuscator Software Services - Community Edition Easy Follow FabFilter Pro-Q 1.22 (64-bit) Facebook Video Calling 1.2.0.287 Fiddler2 FileZilla Client 3.7.0.2 Focusrite USB 2.0 Audio Driver 2.3 Galerie de photos Windows Live Google Chrome Google Talk (remove only) Google Talk Plugin Google Update Helper Hotfix for Microsoft Visual Studio 2010 Ultimate - ENU (KB2542054) Interlok driver setup x64 iTunes iZotope RX 3 Java™ 6 Update 17 Java™ 6 Update 17 (64-bit) Junk Mail filter update kuler LAME v3.98.2 for Audacity Le Centre de Contrôle de Licences de Syncrosoft League of Legends LG Burning Tools Line 6 Uninstaller Live 8.2.2 Loadout Logiciel d'archivage WinRAR LogMeIn Hamachi Malwarebytes Anti-Malware version 1.75.0.1300 McAfee Security Scan Plus Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile FRA Language Pack Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Extended FRA Language Pack Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft ASP.NET MVC 2 Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Help Viewer 1.0 Microsoft IntelliType Pro 8.0 Microsoft LifeChat Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (French) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office InfoPath MUI (French) 2007 Microsoft Office Live Add-in 1.4 Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (French) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (French) 2007 Microsoft Office Shared 64-bit MUI (French) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Word MUI (French) 2007 Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 (64-bit) Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 R2 Data-Tier Application Framework Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 R2 Management Objects (x64) Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft SQL Server System CLR Types Microsoft SQL Server System CLR Types (x64) Microsoft SQL Server VSS Writer Microsoft Sync Framework Runtime v1.0 SP1 (x64) Microsoft Sync Framework SDK v1.0 SP1 Microsoft Sync Framework Services v1.0 SP1 (x64) Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) Microsoft Team Foundation Server 2010 Object Model - ENU Microsoft Text-to-Speech Engine 4.0 (English) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 Microsoft Visual F# 2.0 Runtime Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 IntelliTrace Collection (x64) Microsoft Visual Studio 2010 Office Developer Tools (x64) Microsoft Visual Studio 2010 Performance Collection Tools - ENU Microsoft Visual Studio 2010 SharePoint Developer Tools Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA Microsoft Visual Studio 2010 Ultimate - ENU Microsoft Visual Studio 6.0 Enterprise Edition Microsoft Visual Studio Macro Tools Microsoft Web Publishing Wizard 1.53 Microsoft XNA Framework Redistributable 4.0 minimoog V2 2.0 Mise à jour Microsoft Office Excel 2007 Help (KB963678) Mise à jour Microsoft Office Outlook 2007 Help (KB963677) Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) Mise à jour Microsoft Office Word 2007 Help (KB963665) Module linguistique Microsoft .NET Framework 4 Client Profile FRA Module linguistique Microsoft .NET Framework 4 Extended FRA Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA Mozilla Firefox 24.0 (x86 fr) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mumble 1.2.3 Native Instruments Kontakt 4 Native Instruments Kontakt 5 Native Instruments Kontakt Factory Selection Native Instruments Massive Native Instruments Service Center NCsoft Launcher neroxml Neverwinter Notepad++ Ohm Force - Ohmicide VST Open Broadcaster Software OpenAL Package de pilotes Windows - Focusrite USB 2.0 Audio Driver (01/05/2012 2.3.128.0) PDF Settings CS4 PDFill PDF Editor with FREE Writer and FREE Tools Photoshop Camera Raw Photoshop Camera Raw_x64 Pixel Bender Toolkit Project64 1.6 PunkBuster Services QuickTime RaidCall Razer DeathAdder™ Mouse rgc:audio sfz VSTi v1.96 saVEnsHare Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB973704) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office Excel 2007 (KB973593) Security Update for Microsoft Office Outlook 2007 (KB972363) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB969613) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB969604) Security Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2251489) Security Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2644980) Security Update for Microsoft Visual Studio Macro Tools (KB2669970) Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) shortcircuit² Skype Click to Call Skype™ 6.3 Spybot - Search & Destroy SpyHunter Sql Server Customer Experience Improvement Program SSL LMC-1 v1.0 StarCraft II Steam Subversion Suite Shared Configuration CS4 SUPERAntiSpyware Sylenth1 Demo v2.20 TeamSpeak 3 Client The Lord of the Rings FREE Trial The War Z version alpha TortoiseSVN 1.7.12.24070 (64 bit) TruePianos 1.5.0 TruePianos: Amber Module 1.4.0 Uninstall 1.0.0.1 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939) Update for Microsoft Office InfoPath 2007 (KB976416) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Outlook 2007 Junk Email Filter (kb977839) VB Decompiler Lite VCRedistSetup Visual Studio 2010 Prerequisites - English Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU VisualSVN Server 2.5.9 VLC media player 1.0.3 Web Deployment Tool Windows Live Windows Live Communications Platform Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live OneCare safety scanner Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Movie Maker 2.6 . ==== End Of File ===========================



#5 sweetescape

sweetescape

    Authentic Member

  • Authentic Member
  • PipPip
  • 23 posts

Posted 22 December 2013 - 03:56 PM

do you want the other logs now?



#6 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 22 December 2013 - 04:56 PM

Yes....please attach all of the logs including the DDS logs again.  :)


Posted Image
 
 

#7 sweetescape

sweetescape

    Authentic Member

  • Authentic Member
  • PipPip
  • 23 posts

Posted 22 December 2013 - 07:57 PM

DDS.txt :

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK Internet Explorer: 10.0.9200.16660 Run by Eric at 15:18:26 on 2013-12-22 Microsoft Windows 7 Édition Intégrale 6.1.7601.1.1252.2.1036.18.4095.1410 [GMT -5:00] . AV: AntiVir Desktop *Enabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AntiVir Desktop *Enabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\Explorer.EXE C:\Windows\system32\ctfmon.exe C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\syswow64\dllhost.exe C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe C:\Windows\system32\LogonUI.exe C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eric\Downloads\HijackThis.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\syswow64\dllhost.exe C:\Windows\syswow64\dllhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\syswow64\dllhost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://twitch.tv/ uProxyOverride = <local> BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO: Programme d'aide de l'Assistant de connexion Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - d:\vb2010\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} - uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [AdobeBridge] <no file> mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" mRun: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" mRun: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft..../?LinkID=122915" /build:7601 StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Ajouter à un fichier PDF existant - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir au format Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien au format Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: E&xporter vers Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 192.168.1.1 24.200.241.37 24.202.72.13 TCP: Interfaces\{56935080-2A11-4216-837D-21CE4E9CFB16} : DHCPNameServer = 192.168.1.1 24.200.241.37 24.202.72.13 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {Q8WIK5AW-C4XH-I111-2XP1-1JI8TA2A4612} - C:\Windows\System32\Winbooterr\Svchost.exe Restart x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" x64-Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" x64-Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe" . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\0jy3up8z.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.startup.homepage - www.google.com FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll FF - plugin: C:\Users\Eric\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll FF - plugin: C:\Users\Eric\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll FF - plugin: C:\Users\Eric\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Eric\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Users\Eric\AppData\Roaming\Mozilla\plugins\npo1d.dll FF - plugin: C:\Users\Eric\AppData\Roaming\raidcall\plugins\nprcplugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll . ============= SERVICES / DRIVERS =============== . . =============== File Associations =============== . FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1" ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\dreamweaver.exe", "%1" . =============== Created Last 30 ================ . 2013-12-20 16:29:10 22704 ----a-w- C:\Windows\System32\drivers\EsgScanner.sys 2013-12-20 16:28:59 110080 ----a-r- C:\Users\Eric\AppData\Roaming\Microsoft\Installer\{CD09642E-061D-4844-BA37-ED1480916404}\IconD7F16134.exe 2013-12-20 16:28:59 110080 ----a-r- C:\Users\Eric\AppData\Roaming\Microsoft\Installer\{CD09642E-061D-4844-BA37-ED1480916404}\Icon1226A4C5.exe 2013-12-20 16:28:58 110080 ----a-r- C:\Users\Eric\AppData\Roaming\Microsoft\Installer\{CD09642E-061D-4844-BA37-ED1480916404}\IconF7A21AF7.exe 2013-12-20 16:28:58 -------- d-----w- C:\sh4ldr 2013-12-20 16:28:58 -------- d-----w- C:\Program Files\Enigma Software Group 2013-12-20 16:26:39 -------- d-----w- C:\Windows\CD09642E061D4844BA37ED1480916404.TMP 2013-12-20 16:26:32 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2013-12-20 16:24:29 -------- d-----w- C:\Users\Eric\AppData\Local\{BE8108BD-6DF5-4758-90DB-079F7B2C4192} 2013-12-19 16:19:13 -------- d-----w- C:\Users\Eric\AppData\Local\{F24B1BAC-DBB7-43C6-84EC-0E408BFFA9EC} 2013-12-18 23:07:59 -------- d-----w- C:\Users\Eric\AppData\Roaming\SUPERAntiSpyware.com 2013-12-18 23:07:36 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2013-12-18 23:07:36 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2013-12-18 22:43:12 -------- d-----w- C:\Users\Eric\AppData\Local\{A726C179-75BE-4284-987A-CED8E47736A1} 2013-12-18 22:30:03 -------- d-----w- C:\Users\Eric\AppData\Local\{472FA007-FF6E-4102-98B0-B3B10D769837} 2013-12-18 22:28:36 -------- d-sh--w- C:\$RECYCLE.BIN 2013-12-18 20:02:32 208896 ----a-w- C:\Windows\MBR.exe 2013-12-18 20:02:31 98816 ----a-w- C:\Windows\sed.exe 2013-12-18 20:02:31 256000 ----a-w- C:\Windows\PEV.exe 2013-12-18 20:01:34 -------- d-s---w- C:\ComboFix 2013-12-18 19:52:34 -------- d-----w- C:\Users\Eric\AppData\Local\{2F65E6B0-9DA7-4614-B267-F9A87C5EA38E} 2013-12-17 20:12:14 -------- d-----w- C:\Users\Eric\AppData\Local\{89970940-3435-4A81-BA06-802452461E18} 2013-12-16 20:27:48 -------- d-----w- C:\Users\Eric\AppData\Local\{6F10FE4B-0C50-425F-A33B-028634E5F81F} 2013-12-15 16:15:46 -------- d-----w- C:\Users\Eric\AppData\Local\{405E0935-BD2D-4FE2-B514-67457F1A5B5F} 2013-12-14 15:34:02 -------- d-----w- C:\AdwCleaner 2013-12-14 14:49:04 -------- d-----w- C:\Users\Eric\AppData\Local\{6DBFC86E-E936-4629-BE45-E93DD13412F4} 2013-12-14 14:00:12 -------- d-----w- C:\Users\Eric\AppData\Roaming\Malwarebytes 2013-12-14 13:59:20 -------- d-----w- C:\ProgramData\Malwarebytes 2013-12-14 13:58:48 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-12-14 13:58:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-11 02:51:04 9293192 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2013-12-09 16:54:00 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi 2013-11-24 14:17:40 -------- d-----w- C:\Users\Eric\AppData\Local\{4AF6DB97-D021-4C4A-9B88-7F1BC40355E1} 2013-11-23 17:55:05 60248 ----a-w- C:\Windows\System32\drivers\ffusb2audio.sys 2013-11-23 17:55:05 21336 ----a-w- C:\Windows\System32\ffusb2audio_coinst.dll 2013-11-23 17:55:05 -------- d-----w- C:\Program Files\Focusrite 2013-11-23 17:30:33 -------- d-----w- C:\Users\Eric\AppData\Local\{E19C667D-6EEC-4065-9FE2-BD9D1207FB36} . ==================== Find3M ==================== . 2013-12-11 02:51:11 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-12-11 02:51:11 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-11-30 00:30:45 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2013-11-30 00:30:45 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2013-11-26 17:25:52 267936 ------w- C:\Windows\System32\MpSigStub.exe . ============= FINISH: 15:22:18,04 ===============

 



#8 sweetescape

sweetescape

    Authentic Member

  • Authentic Member
  • PipPip
  • 23 posts

Posted 22 December 2013 - 07:58 PM

Attach.txt :

. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Édition Intégrale Boot Device: \Device\HarddiskVolume1 Install Date: 2010-01-26 10:58:41 System Uptime: 2013-12-21 10:37:23 (29 hours ago) . Motherboard: ASUSTeK Computer INC. | | P5QL/EPU Processor: Intel® Core™2 Duo CPU E7500 @ 2.93GHz | LGA775 | 2932/266mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 300 GiB total, 75,427 GiB free. D: is FIXED (NTFS) - 166 GiB total, 30,895 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== Installed Programs ====================== . Ableton Live 9 Suite Acrobat.com Adobe Acrobat 9 Pro - English, Français, Deutsch Adobe After Effects CS4 Adobe After Effects CS4 Presets Adobe After Effects CS4 Third Party Content Adobe AIR Adobe Anchor Service CS4 Adobe Anchor Service x64 CS4 Adobe Asset Services CS4 Adobe Bridge CS4 Adobe CMaps CS4 Adobe CMaps x64 CS4 Adobe Color - Photoshop Specific CS4 Adobe Color EU Extra Settings CS4 Adobe Color EU Recommended Settings CS4 Adobe Color JA Extra Settings CS4 Adobe Color NA Extra Settings CS4 Adobe Color NA Recommended Settings CS4 Adobe Color Video Profiles AE CS4 Adobe Color Video Profiles CS CS4 Adobe Contribute CS4 Adobe Creative Suite 4 Master Collection Adobe CS4 American English Speech Analysis Models Adobe CSI CS4 Adobe CSI CS4 x64 Adobe Default Language CS4 Adobe Device Central CS4 Adobe Dreamweaver CS4 Adobe Drive CS4 Adobe Drive CS4 x64 Adobe Dynamiclink Support Adobe Encore CS4 Adobe Encore CS4 Codecs Adobe ExtendScript Toolkit CS4 Adobe Extension Manager CS4 Adobe Fireworks CS4 Adobe Flash CS4 Adobe Flash CS4 Extension - Flash Lite STI fr Adobe Flash CS4 Professional Adobe Flash CS4 STI-fr Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Fonts All Adobe Fonts All x64 Adobe Illustrator CS4 Adobe InDesign CS4 Adobe InDesign CS4 Application Feature Set Files (Roman) Adobe InDesign CS4 Common Base Files Adobe InDesign CS4 Icon Handler Adobe InDesign CS4 Icon Handler x64 Adobe Linguistics CS4 Adobe Linguistics CS4 x64 Adobe Media Encoder CS4 Adobe Media Encoder CS4 Additional Exporter Adobe Media Encoder CS4 Dolby Adobe Media Encoder CS4 Exporter Adobe Media Encoder CS4 Importer Adobe Media Player Adobe MotionPicture Color Files CS4 Adobe OnLocation CS4 Adobe Output Module Adobe PDF Library Files CS4 Adobe PDF Library Files x64 CS4 Adobe Photoshop CS4 Adobe Photoshop CS4 (64 Bit) Adobe Photoshop CS4 Support Adobe Premiere Pro CS4 Adobe Premiere Pro CS4 Functional Content Adobe Premiere Pro CS4 Third Party Content Adobe Reader 9.2 - Français Adobe Search for Help Adobe Service Manager Extension Adobe Setup Adobe SGM CS4 Adobe SING CS4 Adobe Soundbooth CS4 Adobe Soundbooth CS4 Codecs Adobe Type Support CS4 Adobe Type Support x64 CS4 Adobe Update Manager CS4 Adobe Version Cue CS4 Server Adobe WinSoft Linguistics Plugin Adobe WinSoft Linguistics Plugin x64 Adobe XMP Panels CS4 AdobeColorCommonSetCMYK AdobeColorCommonSetRGB Akamai NetSession Interface Akamai NetSession Interface Service AMD Accelerated Video Transcoding AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Media Foundation Decoders AMR to MP3 Converter 1.4 Apple Application Support Apple Mobile Device Support Apple Software Update µTorrent Audacity 1.3.11 (Unicode) Avira AntiVir Personal - Free Antivirus Bonjour Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Complément Messenger Connect Contrôle ActiveX Windows Live Mesh pour connexions à distance Counter-Strike: Global Offensive Counter-Strike: Source Crystal Reports for Visual Studio D3DX10 DAEMON Tools Pro Dotfuscator Software Services - Community Edition Easy Follow FabFilter Pro-Q 1.22 (64-bit) Facebook Video Calling 1.2.0.287 Fiddler2 FileZilla Client 3.7.0.2 Focusrite USB 2.0 Audio Driver 2.3 Galerie de photos Windows Live Google Chrome Google Talk (remove only) Google Talk Plugin Google Update Helper Hotfix for Microsoft Visual Studio 2010 Ultimate - ENU (KB2542054) Interlok driver setup x64 iTunes iZotope RX 3 Java™ 6 Update 17 Java™ 6 Update 17 (64-bit) Junk Mail filter update kuler LAME v3.98.2 for Audacity Le Centre de Contrôle de Licences de Syncrosoft League of Legends LG Burning Tools Line 6 Uninstaller Live 8.2.2 Loadout Logiciel d'archivage WinRAR LogMeIn Hamachi Malwarebytes Anti-Malware version 1.75.0.1300 McAfee Security Scan Plus Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile FRA Language Pack Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Extended FRA Language Pack Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft ASP.NET MVC 2 Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Help Viewer 1.0 Microsoft IntelliType Pro 8.0 Microsoft LifeChat Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (French) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office InfoPath MUI (French) 2007 Microsoft Office Live Add-in 1.4 Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (French) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (French) 2007 Microsoft Office Shared 64-bit MUI (French) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Word MUI (French) 2007 Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 (64-bit) Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 R2 Data-Tier Application Framework Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 R2 Management Objects (x64) Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft SQL Server System CLR Types Microsoft SQL Server System CLR Types (x64) Microsoft SQL Server VSS Writer Microsoft Sync Framework Runtime v1.0 SP1 (x64) Microsoft Sync Framework SDK v1.0 SP1 Microsoft Sync Framework Services v1.0 SP1 (x64) Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) Microsoft Team Foundation Server 2010 Object Model - ENU Microsoft Text-to-Speech Engine 4.0 (English) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 Microsoft Visual F# 2.0 Runtime Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 IntelliTrace Collection (x64) Microsoft Visual Studio 2010 Office Developer Tools (x64) Microsoft Visual Studio 2010 Performance Collection Tools - ENU Microsoft Visual Studio 2010 SharePoint Developer Tools Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA Microsoft Visual Studio 2010 Ultimate - ENU Microsoft Visual Studio 6.0 Enterprise Edition Microsoft Visual Studio Macro Tools Microsoft Web Publishing Wizard 1.53 Microsoft XNA Framework Redistributable 4.0 minimoog V2 2.0 Mise à jour Microsoft Office Excel 2007 Help (KB963678) Mise à jour Microsoft Office Outlook 2007 Help (KB963677) Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) Mise à jour Microsoft Office Word 2007 Help (KB963665) Module linguistique Microsoft .NET Framework 4 Client Profile FRA Module linguistique Microsoft .NET Framework 4 Extended FRA Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA Mozilla Firefox 24.0 (x86 fr) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mumble 1.2.3 Native Instruments Kontakt 4 Native Instruments Kontakt 5 Native Instruments Kontakt Factory Selection Native Instruments Massive Native Instruments Service Center NCsoft Launcher neroxml Neverwinter Notepad++ Ohm Force - Ohmicide VST Open Broadcaster Software OpenAL Package de pilotes Windows - Focusrite USB 2.0 Audio Driver (01/05/2012 2.3.128.0) PDF Settings CS4 PDFill PDF Editor with FREE Writer and FREE Tools Photoshop Camera Raw Photoshop Camera Raw_x64 Pixel Bender Toolkit Project64 1.6 PunkBuster Services QuickTime RaidCall Razer DeathAdder™ Mouse rgc:audio sfz VSTi v1.96 saVEnsHare Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB973704) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office Excel 2007 (KB973593) Security Update for Microsoft Office Outlook 2007 (KB972363) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB969613) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB969604) Security Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2251489) Security Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2644980) Security Update for Microsoft Visual Studio Macro Tools (KB2669970) Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) shortcircuit² Skype Click to Call Skype™ 6.3 Spybot - Search & Destroy SpyHunter Sql Server Customer Experience Improvement Program SSL LMC-1 v1.0 StarCraft II Steam Subversion Suite Shared Configuration CS4 SUPERAntiSpyware Sylenth1 Demo v2.20 TeamSpeak 3 Client The Lord of the Rings FREE Trial The War Z version alpha TortoiseSVN 1.7.12.24070 (64 bit) TruePianos 1.5.0 TruePianos: Amber Module 1.4.0 Uninstall 1.0.0.1 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939) Update for Microsoft Office InfoPath 2007 (KB976416) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Outlook 2007 Junk Email Filter (kb977839) VB Decompiler Lite VCRedistSetup Visual Studio 2010 Prerequisites - English Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU VisualSVN Server 2.5.9 VLC media player 1.0.3 Web Deployment Tool Windows Live Windows Live Communications Platform Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live OneCare safety scanner Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Movie Maker 2.6 . ==== End Of File ===========================



#9 sweetescape

sweetescape

    Authentic Member

  • Authentic Member
  • PipPip
  • 23 posts

Posted 22 December 2013 - 08:00 PM

TDSSKiller :

15:31:11.0286 5476 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 15:31:13.0411 5476 ============================================================ 15:31:13.0411 5476 Current date / time: 2013/12/22 15:31:13.0411 15:31:13.0411 5476 SystemInfo: 15:31:13.0411 5476 15:31:13.0411 5476 OS Version: 6.1.7601 ServicePack: 1.0 15:31:13.0411 5476 Product type: Workstation 15:31:13.0411 5476 ComputerName: ERIC-PC 15:31:13.0412 5476 UserName: Eric 15:31:13.0412 5476 Windows directory: C:\Windows 15:31:13.0412 5476 System windows directory: C:\Windows 15:31:13.0412 5476 Running under WOW64 15:31:13.0412 5476 Processor architecture: Intel x64 15:31:13.0412 5476 Number of processors: 2 15:31:13.0412 5476 Page size: 0x1000 15:31:13.0412 5476 Boot type: Safe boot with network 15:31:13.0412 5476 ============================================================ 15:31:19.0565 5476 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040 15:31:19.0570 5476 ============================================================ 15:31:19.0570 5476 \Device\Harddisk0\DR0: 15:31:19.0571 5476 MBR partitions: 15:31:19.0571 5476 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 15:31:19.0571 5476 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x257CD800 15:31:19.0571 5476 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x25800000, BlocksNum 0x14B85800 15:31:19.0571 5476 ============================================================ 15:31:19.0636 5476 C: <-> \Device\Harddisk0\DR0\Partition2 15:31:19.0703 5476 D: <-> \Device\Harddisk0\DR0\Partition3 15:31:19.0927 5476 ============================================================ 15:31:19.0927 5476 Initialize success 15:31:19.0927 5476 ============================================================ 15:31:29.0130 13372 ============================================================ 15:31:29.0130 13372 Scan started 15:31:29.0130 13372 Mode: Manual; 15:31:29.0130 13372 ============================================================ 15:31:40.0732 13372 ================ Scan system memory ======================== 15:31:40.0733 13372 System memory - ok 15:31:40.0733 13372 ================ Scan services ============================= 15:31:40.0850 13372 [ 620C92D6EEFA9853A3EAD41B5EB9B5FD ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE 15:31:40.0852 13372 !SASCORE - ok 15:31:41.0045 13372 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 15:31:41.0047 13372 1394ohci - ok 15:31:41.0091 13372 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 15:31:41.0097 13372 ACPI - ok 15:31:41.0148 13372 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 15:31:41.0148 13372 AcpiPmi - ok 15:31:41.0236 13372 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys 15:31:41.0238 13372 adfs - ok 15:31:41.0363 13372 [ 57A3B9A69F14414ACE12AFD6BA701773 ] Adobe Version Cue CS4 C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe 15:31:41.0369 13372 Adobe Version Cue CS4 - ok 15:31:41.0525 13372 [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 15:31:41.0528 13372 AdobeFlashPlayerUpdateSvc - ok 15:31:41.0654 13372 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 15:31:41.0659 13372 adp94xx - ok 15:31:41.0704 13372 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 15:31:41.0716 13372 adpahci - ok 15:31:41.0782 13372 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 15:31:41.0784 13372 adpu320 - ok 15:31:41.0913 13372 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 15:31:41.0914 13372 AeLookupSvc - ok 15:31:42.0034 13372 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 15:31:42.0043 13372 AFD - ok 15:31:42.0080 13372 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 15:31:42.0082 13372 agp440 - ok 15:31:42.0401 13372 [ BBE9054FDADC8D49D29C5DA4FB84A803 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll 15:31:42.0401 13372 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll. md5: BBE9054FDADC8D49D29C5DA4FB84A803 15:31:42.0424 13372 Akamai ( HiddenFile.Multi.Generic ) - warning 15:31:42.0424 13372 Akamai - detected HiddenFile.Multi.Generic (1) 15:31:42.0449 13372 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 15:31:42.0451 13372 ALG - ok 15:31:42.0462 13372 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 15:31:42.0463 13372 aliide - ok 15:31:42.0491 13372 [ 310F86335B0505DDC6D2DD48E66EF06B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 15:31:42.0494 13372 AMD External Events Utility - ok 15:31:42.0503 13372 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 15:31:42.0504 13372 amdide - ok 15:31:42.0538 13372 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 15:31:42.0539 13372 AmdK8 - ok 15:31:44.0711 13372 [ 79CC9BE187E3144E1B58A54B842475E7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 15:31:44.0881 13372 amdkmdag - ok 15:31:44.0962 13372 [ 07561D3B7FD99F6E186C49C2D0628E38 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 15:31:44.0968 13372 amdkmdap - ok 15:31:44.0990 13372 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 15:31:44.0991 13372 AmdPPM - ok 15:31:45.0036 13372 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 15:31:45.0063 13372 amdsata - ok 15:31:45.0111 13372 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 15:31:45.0117 13372 amdsbs - ok 15:31:45.0132 13372 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 15:31:45.0132 13372 amdxata - ok 15:31:45.0241 13372 [ 9015BC03F62940527EC92D45EE89E46F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 15:31:45.0399 13372 AntiVirSchedulerService - ok 15:31:45.0475 13372 [ B8720A787C1223492E6F319465E996CE ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 15:31:45.0478 13372 AntiVirService - ok 15:31:45.0514 13372 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 15:31:45.0516 13372 AppID - ok 15:31:46.0461 13372 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 15:31:47.0132 13372 AppIDSvc - ok 15:31:47.0387 13372 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll 15:31:47.0418 13372 Appinfo - ok 15:31:47.0514 13372 [ 4B5AE15E5C73EB4DC8DBEC2788230D41 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 15:31:47.0517 13372 Apple Mobile Device - ok 15:31:47.0564 13372 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll 15:31:47.0566 13372 AppMgmt - ok 15:31:47.0625 13372 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 15:31:47.0626 13372 arc - ok 15:31:47.0637 13372 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 15:31:47.0638 13372 arcsas - ok 15:31:47.0734 13372 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 15:31:47.0752 13372 aspnet_state - ok 15:31:47.0779 13372 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 15:31:47.0789 13372 AsyncMac - ok 15:31:47.0827 13372 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 15:31:47.0828 13372 atapi - ok 15:31:47.0867 13372 [ ED3A041014FBBFDC23D6C04F9C7A5D79 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 15:31:47.0869 13372 AtiHDAudioService - ok 15:31:47.0887 13372 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys 15:31:47.0888 13372 AtiHdmiService - ok 15:31:48.0298 13372 [ 79CC9BE187E3144E1B58A54B842475E7 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 15:31:48.0402 13372 atikmdag - ok 15:31:48.0414 13372 ATP - ok 15:31:48.0514 13372 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 15:31:48.0521 13372 AudioEndpointBuilder - ok 15:31:48.0532 13372 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 15:31:48.0535 13372 AudioSrv - ok 15:31:48.0592 13372 [ C30B5FC0ADCDFBA7668E99BAF0CBF58E ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 15:31:48.0593 13372 avgntflt - ok 15:31:48.0626 13372 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 15:31:48.0627 13372 AxInstSV - ok 15:31:48.0691 13372 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 15:31:48.0696 13372 b06bdrv - ok 15:31:48.0720 13372 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 15:31:48.0723 13372 b57nd60a - ok 15:31:48.0753 13372 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 15:31:48.0755 13372 BDESVC - ok 15:31:48.0773 13372 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 15:31:48.0774 13372 Beep - ok 15:31:48.0867 13372 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 15:31:48.0873 13372 BFE - ok 15:31:48.0936 13372 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 15:31:48.0945 13372 BITS - ok 15:31:48.0959 13372 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 15:31:48.0960 13372 blbdrive - ok 15:31:49.0040 13372 [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe 15:31:49.0062 13372 Bonjour Service - ok 15:31:49.0086 13372 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 15:31:49.0088 13372 bowser - ok 15:31:49.0112 13372 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 15:31:49.0113 13372 BrFiltLo - ok 15:31:49.0123 13372 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 15:31:49.0124 13372 BrFiltUp - ok 15:31:49.0151 13372 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 15:31:49.0152 13372 BridgeMP - ok 15:31:49.0203 13372 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 15:31:49.0204 13372 Browser - ok 15:31:49.0221 13372 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 15:31:49.0224 13372 Brserid - ok 15:31:49.0238 13372 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 15:31:49.0240 13372 BrSerWdm - ok 15:31:49.0263 13372 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 15:31:49.0264 13372 BrUsbMdm - ok 15:31:49.0270 13372 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 15:31:49.0271 13372 BrUsbSer - ok 15:31:49.0331 13372 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 15:31:49.0350 13372 BTHMODEM - ok 15:31:49.0397 13372 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 15:31:49.0399 13372 bthserv - ok 15:31:49.0527 13372 catchme - ok 15:31:49.0543 13372 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 15:31:49.0543 13372 cdfs - ok 15:31:49.0590 13372 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 15:31:49.0590 13372 cdrom - ok 15:31:49.0658 13372 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 15:31:49.0659 13372 CertPropSvc - ok 15:31:49.0696 13372 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 15:31:49.0697 13372 circlass - ok 15:31:49.0762 13372 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 15:31:49.0766 13372 CLFS - ok 15:31:50.0824 13372 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:31:50.0826 13372 clr_optimization_v2.0.50727_32 - ok 15:31:50.0952 13372 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 15:31:51.0088 13372 clr_optimization_v2.0.50727_64 - ok 15:31:51.0154 13372 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:31:51.0158 13372 clr_optimization_v4.0.30319_32 - ok 15:31:51.0173 13372 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 15:31:51.0227 13372 clr_optimization_v4.0.30319_64 - ok 15:31:51.0245 13372 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 15:31:51.0246 13372 CmBatt - ok 15:31:51.0256 13372 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 15:31:51.0257 13372 cmdide - ok 15:31:51.0297 13372 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 15:31:51.0302 13372 CNG - ok 15:31:51.0307 13372 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 15:31:51.0308 13372 Compbatt - ok 15:31:51.0338 13372 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 15:31:51.0339 13372 CompositeBus - ok 15:31:51.0347 13372 COMSysApp - ok 15:31:51.0530 13372 cpuz132 - ok 15:31:51.0621 13372 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 15:31:51.0633 13372 crcdisk - ok 15:31:51.0688 13372 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll 15:31:51.0693 13372 CryptSvc - ok 15:31:51.0731 13372 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys 15:31:51.0737 13372 CSC - ok 15:31:51.0794 13372 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll 15:31:51.0801 13372 CscService - ok 15:31:51.0848 13372 [ BFA0D9E4563CFBD10393AE41E77EA7EB ] DAdderFltr C:\Windows\system32\drivers\dadder.sys 15:31:51.0859 13372 DAdderFltr - ok 15:31:51.0897 13372 [ 76E02DB615A03801D698199A2BC4A06A ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys 15:31:51.0898 13372 dc3d - ok 15:31:51.0945 13372 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 15:31:51.0951 13372 DcomLaunch - ok 15:31:52.0066 13372 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 15:31:52.0080 13372 defragsvc - ok 15:31:52.0137 13372 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 15:31:52.0138 13372 DfsC - ok 15:31:52.0173 13372 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 15:31:52.0177 13372 Dhcp - ok 15:31:52.0202 13372 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 15:31:52.0203 13372 discache - ok 15:31:52.0221 13372 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 15:31:52.0223 13372 Disk - ok 15:31:52.0288 13372 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 15:31:52.0290 13372 Dnscache - ok 15:31:52.0321 13372 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 15:31:52.0324 13372 dot3svc - ok 15:31:52.0362 13372 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 15:31:52.0365 13372 DPS - ok 15:31:52.0386 13372 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 15:31:52.0395 13372 drmkaud - ok 15:31:52.0441 13372 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 15:31:52.0451 13372 DXGKrnl - ok 15:31:52.0474 13372 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 15:31:52.0476 13372 EapHost - ok 15:31:52.0551 13372 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 15:31:52.0608 13372 ebdrv - ok 15:31:52.0639 13372 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 15:31:52.0641 13372 EFS - ok 15:31:52.0748 13372 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 15:31:52.0755 13372 ehRecvr - ok 15:31:52.0795 13372 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 15:31:52.0796 13372 ehSched - ok 15:31:52.0852 13372 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 15:31:52.0857 13372 elxstor - ok 15:31:52.0895 13372 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 15:31:52.0896 13372 ErrDev - ok 15:31:53.0047 13372 ESEADriver2 - ok 15:31:53.0226 13372 [ 3B32CAA07D672F8A2E0DF5CB3A873F45 ] EsgScanner C:\Windows\system32\DRIVERS\EsgScanner.sys 15:31:53.0227 13372 EsgScanner - ok 15:31:53.0314 13372 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 15:31:53.0319 13372 EventSystem - ok 15:31:53.0355 13372 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 15:31:53.0357 13372 exfat - ok 15:31:53.0380 13372 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 15:31:53.0382 13372 fastfat - ok 15:31:53.0424 13372 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 15:31:53.0432 13372 Fax - ok 15:31:53.0451 13372 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 15:31:53.0452 13372 fdc - ok 15:31:53.0489 13372 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 15:31:53.0521 13372 fdPHost - ok 15:31:53.0547 13372 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 15:31:53.0548 13372 FDResPub - ok 15:31:53.0607 13372 [ C48917035036E48A7147B4841695B80E ] ffusb2audio C:\Windows\system32\DRIVERS\ffusb2audio.sys 15:31:53.0608 13372 ffusb2audio - ok 15:31:53.0655 13372 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 15:31:53.0656 13372 FileInfo - ok 15:31:53.0669 13372 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 15:31:53.0670 13372 Filetrace - ok 15:31:53.0788 13372 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 15:31:53.0795 13372 FLEXnet Licensing Service - ok 15:31:53.0888 13372 [ 1C3FB052A0BB72EDAED90785C34D6EED ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe 15:31:53.0898 13372 FLEXnet Licensing Service 64 - ok 15:31:53.0912 13372 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 15:31:53.0913 13372 flpydisk - ok 15:31:53.0992 13372 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 15:31:53.0995 13372 FltMgr - ok 15:31:54.0054 13372 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 15:31:54.0062 13372 FontCache - ok 15:31:54.0125 13372 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 15:31:54.0140 13372 FontCache3.0.0.0 - ok 15:31:54.0171 13372 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 15:31:54.0171 13372 FsDepends - ok 15:31:54.0220 13372 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 15:31:54.0221 13372 fssfltr - ok 15:31:54.0359 13372 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 15:31:54.0445 13372 fsssvc - ok 15:31:54.0477 13372 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 15:31:54.0477 13372 Fs_Rec - ok 15:31:54.0509 13372 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 15:31:54.0512 13372 fvevol - ok 15:31:54.0530 13372 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 15:31:54.0531 13372 gagp30kx - ok 15:31:54.0610 13372 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 15:31:54.0611 13372 GEARAspiWDM - ok 15:31:54.0735 13372 GGSAFERDriver - ok 15:31:54.0832 13372 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 15:31:54.0840 13372 gpsvc - ok 15:31:54.0939 13372 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 15:31:54.0950 13372 gupdate - ok 15:31:54.0956 13372 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 15:31:54.0956 13372 gupdatem - ok 15:31:54.0986 13372 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys 15:31:55.0005 13372 hamachi - ok 15:31:55.0097 13372 [ E24E88736B13BC54CA93E7F86A0F4FCF ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe 15:31:55.0138 13372 Hamachi2Svc - ok 15:31:55.0175 13372 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 15:31:55.0176 13372 hcw85cir - ok 15:31:55.0389 13372 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 15:31:55.0394 13372 HdAudAddService - ok 15:31:55.0506 13372 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 15:31:55.0508 13372 HDAudBus - ok 15:31:55.0513 13372 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 15:31:55.0514 13372 HidBatt - ok 15:31:55.0523 13372 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 15:31:55.0524 13372 HidBth - ok 15:31:55.0536 13372 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 15:31:55.0537 13372 HidIr - ok 15:31:55.0573 13372 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 15:31:55.0575 13372 hidserv - ok 15:31:55.0710 13372 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys 15:31:55.0711 13372 HidUsb - ok 15:31:55.0863 13372 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 15:31:55.0865 13372 hkmsvc - ok 15:31:55.0905 13372 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 15:31:55.0908 13372 HomeGroupListener - ok 15:31:55.0953 13372 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 15:31:55.0956 13372 HomeGroupProvider - ok 15:31:55.0986 13372 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 15:31:55.0988 13372 HpSAMD - ok 15:31:56.0065 13372 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 15:31:56.0080 13372 HTTP - ok 15:31:56.0776 13372 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 15:31:56.0786 13372 hwpolicy - ok 15:31:56.0801 13372 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 15:31:56.0803 13372 i8042prt - ok 15:31:56.0853 13372 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 15:31:56.0857 13372 iaStorV - ok 15:31:56.0953 13372 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 15:31:56.0961 13372 idsvc - ok 15:31:57.0030 13372 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 15:31:57.0031 13372 iirsp - ok 15:31:57.0057 13372 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 15:31:57.0065 13372 IKEEXT - ok 15:31:57.0102 13372 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 15:31:57.0102 13372 intelide - ok 15:31:57.0116 13372 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 15:31:57.0117 13372 intelppm - ok 15:31:57.0165 13372 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 15:31:57.0174 13372 IPBusEnum - ok 15:31:57.0214 13372 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:31:57.0215 13372 IpFilterDriver - ok 15:31:57.0256 13372 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 15:31:57.0258 13372 IPMIDRV - ok 15:31:57.0268 13372 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 15:31:57.0270 13372 IPNAT - ok 15:31:57.0313 13372 [ 1475A1A0A1FDB9894DCE7D0EE7EDA58A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 15:31:57.0320 13372 iPod Service - ok 15:31:57.0330 13372 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 15:31:57.0331 13372 IRENUM - ok 15:31:57.0367 13372 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 15:31:57.0367 13372 isapnp - ok 15:31:57.0414 13372 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 15:31:57.0414 13372 iScsiPrt - ok 15:31:57.0447 13372 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 15:31:57.0457 13372 kbdclass - ok 15:31:57.0488 13372 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 15:31:57.0507 13372 kbdhid - ok 15:31:57.0539 13372 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 15:31:57.0540 13372 KeyIso - ok 15:31:57.0591 13372 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 15:31:57.0592 13372 KSecDD - ok 15:31:57.0653 13372 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 15:31:57.0655 13372 KSecPkg - ok 15:31:57.0680 13372 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 15:31:57.0681 13372 ksthunk - ok 15:31:57.0706 13372 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 15:31:57.0710 13372 KtmRm - ok 15:31:57.0759 13372 [ 42E25441C303519E753014893A13A04E ] L6TPortB C:\Windows\system32\Drivers\L6TPortB64.sys 15:31:57.0768 13372 L6TPortB - ok 15:31:57.0805 13372 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll 15:31:57.0809 13372 LanmanServer - ok 15:31:57.0838 13372 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 15:31:57.0848 13372 LanmanWorkstation - ok 15:31:57.0873 13372 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 15:31:57.0874 13372 lltdio - ok 15:31:57.0906 13372 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 15:31:57.0910 13372 lltdsvc - ok 15:31:57.0922 13372 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 15:31:57.0924 13372 lmhosts - ok 15:31:57.0968 13372 [ 02468469C450CD16FB66A56FAB70138B ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe 15:31:57.0982 13372 LMIGuardianSvc - ok 15:31:58.0019 13372 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 15:31:58.0037 13372 LSI_FC - ok 15:31:58.0063 13372 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 15:31:58.0065 13372 LSI_SAS - ok 15:31:58.0073 13372 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 15:31:58.0075 13372 LSI_SAS2 - ok 15:31:58.0093 13372 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 15:31:58.0118 13372 LSI_SCSI - ok 15:31:58.0133 13372 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 15:31:58.0135 13372 luafv - ok 15:31:58.0187 13372 [ 968BFF74AEB683C962960ECE0CAE4135 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe 15:31:58.0191 13372 McComponentHostService - ok 15:31:58.0222 13372 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 15:31:58.0228 13372 Mcx2Svc - ok 15:31:58.0277 13372 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 15:31:58.0278 13372 megasas - ok 15:31:58.0341 13372 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 15:31:58.0345 13372 MegaSR - ok 15:31:58.0367 13372 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 15:31:58.0369 13372 MMCSS - ok 15:31:58.0377 13372 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 15:31:58.0404 13372 Modem - ok 15:31:58.0442 13372 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 15:31:58.0454 13372 monitor - ok 15:31:58.0501 13372 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 15:31:58.0572 13372 mouclass - ok 15:31:58.0630 13372 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 15:31:58.0631 13372 mouhid - ok 15:31:58.0672 13372 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 15:31:58.0673 13372 mountmgr - ok 15:31:58.0736 13372 [ 0329A45C849C9D77901094B8FFE8BBB9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 15:31:58.0738 13372 MozillaMaintenance - ok 15:31:58.0764 13372 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 15:31:58.0766 13372 mpio - ok 15:31:58.0785 13372 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 15:31:58.0786 13372 mpsdrv - ok 15:31:58.0822 13372 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 15:31:58.0824 13372 MRxDAV - ok 15:31:58.0866 13372 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 15:31:58.0869 13372 mrxsmb - ok 15:31:58.0904 13372 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:31:58.0908 13372 mrxsmb10 - ok 15:31:58.0932 13372 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:31:58.0934 13372 mrxsmb20 - ok 15:31:58.0970 13372 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 15:31:58.0971 13372 msahci - ok 15:31:59.0030 13372 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 15:31:59.0032 13372 msdsm - ok 15:31:59.0071 13372 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 15:31:59.0074 13372 MSDTC - ok 15:31:59.0124 13372 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 15:31:59.0125 13372 Msfs - ok 15:31:59.0142 13372 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 15:31:59.0143 13372 mshidkmdf - ok 15:31:59.0151 13372 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 15:31:59.0152 13372 msisadrv - ok 15:31:59.0193 13372 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 15:31:59.0195 13372 MSiSCSI - ok 15:31:59.0202 13372 msiserver - ok 15:31:59.0235 13372 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 15:31:59.0246 13372 MSKSSRV - ok 15:31:59.0254 13372 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 15:31:59.0255 13372 MSPCLOCK - ok 15:31:59.0270 13372 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 15:31:59.0271 13372 MSPQM - ok 15:31:59.0315 13372 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 15:31:59.0319 13372 MsRPC - ok 15:31:59.0351 13372 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 15:31:59.0355 13372 mssmbios - ok 15:31:59.0445 13372 MSSQL$SQLEXPRESS - ok 15:31:59.0622 13372 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 15:31:59.0654 13372 MSSQLServerADHelper100 - ok 15:31:59.0691 13372 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 15:31:59.0692 13372 MSTEE - ok 15:31:59.0702 13372 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 15:31:59.0703 13372 MTConfig - ok 15:31:59.0726 13372 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys 15:31:59.0726 13372 MTsensor - ok 15:31:59.0757 13372 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 15:31:59.0758 13372 Mup - ok 15:31:59.0861 13372 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 15:31:59.0867 13372 napagent - ok 15:31:59.0889 13372 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 15:31:59.0892 13372 NativeWifiP - ok 15:31:59.0936 13372 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 15:31:59.0946 13372 NDIS - ok 15:31:59.0961 13372 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 15:31:59.0962 13372 NdisCap - ok 15:31:59.0970 13372 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 15:31:59.0971 13372 NdisTapi - ok 15:31:59.0995 13372 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 15:31:59.0996 13372 Ndisuio - ok 15:32:00.0033 13372 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 15:32:00.0035 13372 NdisWan - ok 15:32:00.0062 13372 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 15:32:00.0063 13372 NDProxy - ok 15:32:00.0078 13372 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 15:32:00.0079 13372 NetBIOS - ok 15:32:00.0139 13372 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 15:32:00.0155 13372 NetBT - ok 15:32:00.0184 13372 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 15:32:00.0185 13372 Netlogon - ok 15:32:00.0247 13372 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 15:32:00.0252 13372 Netman - ok 15:32:00.0381 13372 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:32:00.0391 13372 NetMsmqActivator - ok 15:32:00.0397 13372 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:32:00.0398 13372 NetPipeActivator - ok 15:32:00.0419 13372 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 15:32:00.0424 13372 netprofm - ok 15:32:00.0434 13372 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:32:00.0435 13372 NetTcpActivator - ok 15:32:00.0447 13372 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:32:00.0449 13372 NetTcpPortSharing - ok 15:32:00.0479 13372 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 15:32:00.0480 13372 nfrd960 - ok 15:32:00.0512 13372 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 15:32:00.0516 13372 NlaSvc - ok 15:32:00.0528 13372 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 15:32:00.0529 13372 Npfs - ok 15:32:00.0580 13372 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 15:32:00.0582 13372 nsi - ok 15:32:00.0599 13372 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 15:32:00.0599 13372 nsiproxy - ok 15:32:00.0665 13372 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 15:32:00.0692 13372 Ntfs - ok 15:32:00.0739 13372 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 15:32:00.0739 13372 Null - ok 15:32:00.0770 13372 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 15:32:00.0770 13372 nvraid - ok 15:32:00.0786 13372 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 15:32:00.0786 13372 nvstor - ok 15:32:00.0829 13372 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 15:32:00.0837 13372 nv_agp - ok 15:32:01.0006 13372 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 15:32:01.0011 13372 odserv - ok 15:32:01.0045 13372 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 15:32:01.0046 13372 ohci1394 - ok 15:32:01.0101 13372 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 15:32:01.0103 13372 ose - ok 15:32:01.0151 13372 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 15:32:01.0155 13372 p2pimsvc - ok 15:32:01.0169 13372 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 15:32:01.0174 13372 p2psvc - ok 15:32:01.0229 13372 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 15:32:01.0230 13372 Parport - ok 15:32:01.0272 13372 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 15:32:01.0274 13372 partmgr - ok 15:32:01.0309 13372 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 15:32:01.0312 13372 PcaSvc - ok 15:32:01.0334 13372 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 15:32:01.0336 13372 pci - ok 15:32:01.0365 13372 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 15:32:01.0366 13372 pciide - ok 15:32:01.0413 13372 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 15:32:01.0416 13372 pcmcia - ok 15:32:01.0430 13372 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 15:32:01.0432 13372 pcw - ok 15:32:01.0599 13372 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 15:32:01.0666 13372 PEAUTH - ok 15:32:01.0991 13372 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 15:32:02.0056 13372 PeerDistSvc - ok 15:32:06.0317 13372 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 15:32:06.0317 13372 PerfHost - ok 15:32:06.0441 13372 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 15:32:06.0468 13372 pla - ok 15:32:06.0522 13372 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 15:32:06.0527 13372 PlugPlay - ok 15:32:06.0533 13372 PnkBstrA - ok 15:32:06.0563 13372 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 15:32:06.0565 13372 PNRPAutoReg - ok 15:32:06.0584 13372 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 15:32:06.0586 13372 PNRPsvc - ok 15:32:06.0632 13372 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 15:32:06.0637 13372 PolicyAgent - ok 15:32:06.0674 13372 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 15:32:06.0677 13372 Power - ok 15:32:06.0705 13372 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 15:32:06.0706 13372 PptpMiniport - ok 15:32:06.0722 13372 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 15:32:06.0723 13372 Processor - ok 15:32:06.0788 13372 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 15:32:06.0791 13372 ProfSvc - ok 15:32:06.0810 13372 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 15:32:06.0811 13372 ProtectedStorage - ok 15:32:06.0839 13372 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 15:32:06.0841 13372 Psched - ok 15:32:06.0889 13372 [ 901DBA98359966A62A6548596988E931 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 15:32:06.0891 13372 PxHlpa64 - ok 15:32:06.0944 13372 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 15:32:06.0958 13372 ql2300 - ok 15:32:06.0979 13372 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 15:32:06.0987 13372 ql40xx - ok 15:32:07.0014 13372 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 15:32:07.0018 13372 QWAVE - ok 15:32:07.0036 13372 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 15:32:07.0038 13372 QWAVEdrv - ok 15:32:07.0049 13372 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 15:32:07.0050 13372 RasAcd - ok 15:32:07.0101 13372 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 15:32:07.0128 13372 RasAgileVpn - ok 15:32:07.0148 13372 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 15:32:07.0150 13372 RasAuto - ok 15:32:07.0193 13372 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 15:32:07.0195 13372 Rasl2tp - ok 15:32:07.0235 13372 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 15:32:07.0240 13372 RasMan - ok 15:32:07.0266 13372 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 15:32:07.0268 13372 RasPppoe - ok 15:32:07.0286 13372 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 15:32:07.0287 13372 RasSstp - ok 15:32:07.0328 13372 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 15:32:07.0332 13372 rdbss - ok 15:32:07.0341 13372 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 15:32:07.0342 13372 rdpbus - ok 15:32:07.0347 13372 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 15:32:07.0348 13372 RDPCDD - ok 15:32:07.0393 13372 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 15:32:07.0395 13372 RDPDR - ok 15:32:07.0473 13372 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 15:32:07.0475 13372 RDPENCDD - ok 15:32:07.0485 13372 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 15:32:07.0486 13372 RDPREFMP - ok 15:32:07.0521 13372 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 15:32:07.0522 13372 RdpVideoMiniport - ok 15:32:07.0551 13372 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 15:32:07.0554 13372 RDPWD - ok 15:32:07.0590 13372 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 15:32:07.0592 13372 rdyboost - ok 15:32:07.0619 13372 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 15:32:07.0621 13372 RemoteAccess - ok 15:32:07.0648 13372 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 15:32:07.0652 13372 RemoteRegistry - ok 15:32:07.0669 13372 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 15:32:07.0671 13372 RpcEptMapper - ok 15:32:07.0712 13372 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 15:32:07.0721 13372 RpcLocator - ok 15:32:07.0778 13372 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 15:32:07.0782 13372 RpcSs - ok 15:32:07.0853 13372 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys 15:32:07.0856 13372 RsFx0103 - ok 15:32:07.0884 13372 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 15:32:07.0886 13372 rspndr - ok 15:32:07.0973 13372 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 15:32:07.0975 13372 RTL8167 - ok 15:32:08.0005 13372 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 15:32:08.0006 13372 s3cap - ok 15:32:08.0028 13372 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 15:32:08.0029 13372 SamSs - ok 15:32:08.0134 13372 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 15:32:08.0135 13372 SASDIFSV - ok 15:32:08.0169 13372 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 15:32:08.0170 13372 SASKUTIL - ok 15:32:08.0198 13372 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 15:32:08.0200 13372 sbp2port - ok 15:32:08.0259 13372 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 15:32:08.0270 13372 SBSDWSCService - ok 15:32:08.0320 13372 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 15:32:08.0323 13372 SCardSvr - ok 15:32:08.0386 13372 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 15:32:08.0387 13372 scfilter - ok 15:32:08.0431 13372 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 15:32:08.0442 13372 Schedule - ok 15:32:08.0469 13372 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 15:32:08.0469 13372 SCPolicySvc - ok 15:32:08.0510 13372 [ 490B0B68BB938D5C628EC4A67277BE75 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys 15:32:08.0511 13372 ScreamBAudioSvc - ok 15:32:08.0544 13372 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 15:32:08.0547 13372 SDRSVC - ok 15:32:08.0586 13372 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 15:32:08.0602 13372 secdrv - ok 15:32:08.0649 13372 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 15:32:08.0650 13372 seclogon - ok 15:32:08.0676 13372 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 15:32:08.0678 13372 SENS - ok 15:32:08.0686 13372 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 15:32:08.0687 13372 SensrSvc - ok 15:32:08.0704 13372 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 15:32:08.0705 13372 Serenum - ok 15:32:08.0730 13372 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 15:32:08.0731 13372 Serial - ok 15:32:08.0771 13372 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 15:32:08.0772 13372 sermouse - ok 15:32:08.0813 13372 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 15:32:08.0816 13372 SessionEnv - ok 15:32:08.0843 13372 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 15:32:08.0844 13372 sffdisk - ok 15:32:08.0860 13372 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 15:32:08.0861 13372 sffp_mmc - ok 15:32:08.0876 13372 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 15:32:08.0876 13372 sffp_sd - ok 15:32:08.0906 13372 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 15:32:08.0907 13372 sfloppy - ok 15:32:08.0947 13372 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 15:32:08.0952 13372 ShellHWDetection - ok 15:32:08.0969 13372 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 15:32:08.0970 13372 SiSRaid2 - ok 15:32:08.0988 13372 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 15:32:08.0990 13372 SiSRaid4 - ok 15:32:09.0031 13372 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 15:32:09.0033 13372 SkypeUpdate - ok 15:32:09.0050 13372 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 15:32:09.0051 13372 Smb - ok 15:32:09.0073 13372 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 15:32:09.0075 13372 SNMPTRAP - ok 15:32:09.0088 13372 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 15:32:09.0089 13372 spldr - ok 15:32:09.0123 13372 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 15:32:09.0130 13372 Spooler - ok 15:32:09.0222 13372 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 15:32:09.0277 13372 sppsvc - ok 15:32:09.0306 13372 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 15:32:09.0308 13372 sppuinotify - ok 15:32:09.0408 13372 [ 484008985EEB63C0ABBBBC4F93E6AF06 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE 15:32:09.0419 13372 SpyHunter 4 Service - ok 15:32:11.0147 13372 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE 15:32:11.0237 13372 SQLAgent$SQLEXPRESS - ok 15:32:11.0398 13372 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe 15:32:13.0142 13372 SQLBrowser - ok 15:32:14.0345 13372 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 15:32:14.0619 13372 SQLWriter - ok 15:32:14.0893 13372 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 15:32:14.0931 13372 srv - ok 15:32:15.0003 13372 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 15:32:15.0034 13372 srv2 - ok 15:32:15.0820 13372 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 15:32:15.0825 13372 srvnet - ok 15:32:15.0884 13372 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 15:32:16.0026 13372 SSDPSRV - ok 15:32:16.0997 13372 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 15:32:17.0740 13372 SstpSvc - ok 15:32:17.0836 13372 Steam Client Service - ok 15:32:18.0262 13372 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 15:32:18.0340 13372 stexstor - ok 15:32:18.0415 13372 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 15:32:18.0421 13372 stisvc - ok 15:32:18.0486 13372 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 15:32:18.0504 13372 storflt - ok 15:32:18.0519 13372 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 15:32:18.0520 13372 storvsc - ok 15:32:18.0553 13372 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 15:32:18.0553 13372 swenum - ok 15:32:18.0586 13372 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 15:32:18.0592 13372 swprv - ok 15:32:18.0619 13372 Synth3dVsc - ok 15:32:18.0671 13372 [ 7C24FA401C5BBFEA8553ABC4DB983E83 ] SynUSB64 C:\Windows\system32\DRIVERS\SynUSB64.sys 15:32:18.0672 13372 SynUSB64 - ok 15:32:18.0721 13372 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 15:32:18.0813 13372 SysMain - ok 15:32:18.0855 13372 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 15:32:18.0868 13372 TabletInputService - ok 15:32:18.0902 13372 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 15:32:18.0906 13372 TapiSrv - ok 15:32:18.0929 13372 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 15:32:18.0932 13372 TBS - ok 15:32:19.0004 13372 [ DB74544B75566C974815E79A62433F29 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 15:32:19.0035 13372 Tcpip - ok 15:32:19.0078 13372 [ DB74544B75566C974815E79A62433F29 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 15:32:19.0087 13372 TCPIP6 - ok 15:32:19.0144 13372 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 15:32:19.0156 13372 tcpipreg - ok 15:32:19.0233 13372 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 15:32:19.0235 13372 TDPIPE - ok 15:32:19.0273 13372 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 15:32:19.0274 13372 TDTCP - ok 15:32:19.0307 13372 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 15:32:19.0313 13372 tdx - ok 15:32:19.0343 13372 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 15:32:19.0345 13372 TermDD - ok 15:32:19.0625 13372 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 15:32:19.0634 13372 TermService - ok 15:32:19.0686 13372 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 15:32:19.0688 13372 Themes - ok 15:32:20.0122 13372 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 15:32:20.0124 13372 THREADORDER - ok 15:32:20.0263 13372 [ C676B0F52F2B6483AFB88F79CABB011E ] Tpkd C:\Windows\system32\drivers\Tpkd.sys 15:32:20.0292 13372 Tpkd - ok 15:32:20.0340 13372 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 15:32:20.0344 13372 TrkWks - ok 15:32:20.0426 13372 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 15:32:20.0429 13372 TrustedInstaller - ok 15:32:20.0466 13372 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 15:32:20.0469 13372 tssecsrv - ok 15:32:20.0525 13372 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 15:32:20.0537 13372 TsUsbFlt - ok 15:32:20.0537 13372 tsusbhub - ok 15:32:20.0568 13372 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 15:32:20.0568 13372 tunnel - ok 15:32:20.0603 13372 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 15:32:20.0606 13372 uagp35 - ok 15:32:20.0651 13372 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 15:32:20.0654 13372 udfs - ok 15:32:20.0694 13372 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 15:32:20.0696 13372 UI0Detect - ok 15:32:20.0721 13372 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 15:32:20.0733 13372 uliagpkx - ok 15:32:20.0946 13372 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys 15:32:20.0949 13372 umbus - ok 15:32:20.0964 13372 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 15:32:20.0965 13372 UmPass - ok 15:32:20.0995 13372 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 15:32:20.0998 13372 UmRdpService - ok 15:32:21.0019 13372 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 15:32:21.0028 13372 upnphost - ok 15:32:21.0078 13372 [ 9E58997A211C8C9AC9E6CFFA53614A73 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 15:32:21.0129 13372 USBAAPL64 - ok 15:32:21.0147 13372 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 15:32:21.0149 13372 usbaudio - ok 15:32:21.0195 13372 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 15:32:21.0197 13372 usbccgp - ok 15:32:21.0228 13372 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 15:32:21.0241 13372 usbcir - ok 15:32:21.0254 13372 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 15:32:21.0256 13372 usbehci - ok 15:32:21.0305 13372 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 15:32:21.0309 13372 usbhub - ok 15:32:21.0325 13372 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 15:32:21.0326 13372 usbohci - ok 15:32:21.0354 13372 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 15:32:21.0355 13372 usbprint - ok 15:32:21.0382 13372 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:32:21.0384 13372 USBSTOR - ok 15:32:21.0399 13372 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 15:32:21.0406 13372 usbuhci - ok 15:32:21.0427 13372 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 15:32:21.0430 13372 UxSms - ok 15:32:21.0442 13372 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 15:32:21.0443 13372 VaultSvc - ok 15:32:21.0471 13372 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 15:32:21.0474 13372 vdrvroot - ok 15:32:21.0526 13372 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 15:32:21.0533 13372 vds - ok 15:32:21.0569 13372 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 15:32:21.0570 13372 vga - ok 15:32:21.0589 13372 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 15:32:21.0590 13372 VgaSave - ok 15:32:21.0597 13372 VGPU - ok 15:32:21.0651 13372 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 15:32:21.0682 13372 vhdmp - ok 15:32:21.0749 13372 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 15:32:21.0752 13372 viaide - ok 15:32:21.0844 13372 [ B5BA71EADEED0773D2E0978F962E1BF3 ] Visual Studio Analyzer RPC bridge C:\Program Files (x86)\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe 15:32:21.0849 13372 Visual Studio Analyzer RPC bridge - ok 15:32:21.0932 13372 [ BA99A0E32086DD4588AF35998C443679 ] VisualSVNServer C:\Program Files (x86)\VisualSVN Server\bin\VisualSVNServer.exe 15:32:21.0940 13372 VisualSVNServer - ok 15:32:22.0008 13372 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 15:32:22.0011 13372 vmbus - ok 15:32:22.0023 13372 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 15:32:22.0024 13372 VMBusHID - ok 15:32:22.0045 13372 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 15:32:22.0049 13372 volmgr - ok 15:32:22.0084 13372 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 15:32:22.0104 13372 volmgrx - ok 15:32:22.0133 13372 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 15:32:22.0136 13372 volsnap - ok 15:32:22.0164 13372 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 15:32:22.0166 13372 vsmraid - ok 15:32:22.0316 13372 [ 1928B9CA20F51BFBBAD54D2C2C447B13 ] VSPerfDrv100 d:\vb2010\Team Tools\Performance Tools\x64\VSPerfDrv100.sys 15:32:22.0318 13372 VSPerfDrv100 - ok 15:32:22.0375 13372 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 15:32:22.0577 13372 VSS - ok 15:32:22.0640 13372 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 15:32:22.0641 13372 vwifibus - ok 15:32:23.0115 13372 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 15:32:23.0120 13372 W32Time - ok 15:32:23.0146 13372 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 15:32:23.0147 13372 WacomPen - ok 15:32:23.0731 13372 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 15:32:23.0872 13372 WANARP - ok 15:32:23.0881 13372 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 15:32:23.0882 13372 Wanarpv6 - ok 15:32:23.0957 13372 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 15:32:23.0970 13372 WatAdminSvc - ok 15:32:24.0029 13372 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 15:32:24.0060 13372 wbengine - ok 15:32:24.0135 13372 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 15:32:24.0139 13372 WbioSrvc - ok 15:32:24.0181 13372 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 15:32:24.0187 13372 wcncsvc - ok 15:32:24.0200 13372 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 15:32:24.0202 13372 WcsPlugInService - ok 15:32:24.0232 13372 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 15:32:24.0233 13372 Wd - ok 15:32:24.0326 13372 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 15:32:24.0345 13372 Wdf01000 - ok 15:32:24.0389 13372 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 15:32:24.0391 13372 WdiServiceHost - ok 15:32:24.0396 13372 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 15:32:24.0398 13372 WdiSystemHost - ok 15:32:24.0433 13372 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 15:32:24.0437 13372 WebClient - ok 15:32:24.0456 13372 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 15:32:24.0460 13372 Wecsvc - ok 15:32:24.0504 13372 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 15:32:24.0517 13372 wercplsupport - ok 15:32:24.0554 13372 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 15:32:24.0566 13372 WerSvc - ok 15:32:24.0613 13372 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 15:32:24.0615 13372 WfpLwf - ok 15:32:24.0634 13372 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 15:32:24.0635 13372 WIMMount - ok 15:32:24.0656 13372 WinDefend - ok 15:32:24.0668 13372 WinHttpAutoProxySvc - ok 15:32:24.0786 13372 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 15:32:24.0839 13372 Winmgmt - ok 15:32:26.0286 13372 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 15:32:26.0554 13372 WinRM - ok 15:32:27.0009 13372 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\drivers\WinUSB.SYS 15:32:27.0042 13372 WinUsb - ok 15:32:28.0365 13372 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 15:32:28.0525 13372 Wlansvc - ok 15:32:29.0594 13372 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 15:32:30.0189 13372 wlcrasvc - ok 15:32:31.0486 13372 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 15:32:31.0908 13372 wlidsvc - ok 15:32:32.0071 13372 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 15:32:32.0072 13372 WmiAcpi - ok 15:32:32.0118 13372 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 15:32:32.0537 13372 wmiApSrv - ok 15:32:33.0046 13372 WMPNetworkSvc - ok 15:32:33.0934 13372 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 15:32:34.0095 13372 WPCSvc - ok 15:32:34.0173 13372 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 15:32:34.0178 13372 WPDBusEnum - ok 15:32:34.0224 13372 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 15:32:34.0241 13372 ws2ifsl - ok 15:32:34.0272 13372 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 15:32:34.0272 13372 wscsvc - ok 15:32:34.0272 13372 WSearch - ok 15:32:34.0413 13372 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 15:32:34.0462 13372 wuauserv - ok 15:32:34.0487 13372 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 15:32:34.0488 13372 WudfPf - ok 15:32:34.0503 13372 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 15:32:34.0506 13372 WUDFRd - ok 15:32:34.0558 13372 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 15:32:34.0561 13372 wudfsvc - ok 15:32:34.0594 13372 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll 15:32:34.0597 13372 WwanSvc - ok 15:32:34.0609 13372 ================ Scan global =============================== 15:32:34.0708 13372 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 15:32:34.0744 13372 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 15:32:34.0826 13372 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 15:32:34.0878 13372 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 15:32:34.0943 13372 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 15:32:34.0947 13372 [Global] - ok 15:32:34.0985 13372 ================ Scan MBR ================================== 15:32:34.0999 13372 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 15:32:35.0553 13372 \Device\Harddisk0\DR0 - ok 15:32:35.0556 13372 ================ Scan VBR ================================== 15:32:35.0583 13372 [ 85C3C727B084CB0DCD816E067E436982 ] \Device\Harddisk0\DR0\Partition1 15:32:35.0594 13372 \Device\Harddisk0\DR0\Partition1 - ok 15:32:35.0622 13372 [ AC05ABA0FE29FBDF93A643F5F25EAEA7 ] \Device\Harddisk0\DR0\Partition2 15:32:35.0623 13372 \Device\Harddisk0\DR0\Partition2 - ok 15:32:35.0642 13372 [ 9A7BE722AA0123EF4A71A19AE69BC04F ] \Device\Harddisk0\DR0\Partition3 15:32:35.0666 13372 \Device\Harddisk0\DR0\Partition3 - ok 15:32:35.0667 13372 ============================================================ 15:32:35.0667 13372 Scan finished 15:32:35.0667 13372 ============================================================ 15:32:35.0725 11036 Detected object count: 1 15:32:35.0725 11036 Actual detected object count: 1 15:32:42.0563 11036 Akamai ( HiddenFile.Multi.Generic ) - skipped by user 15:32:42.0563 11036 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip



#10 sweetescape

sweetescape

    Authentic Member

  • Authentic Member
  • PipPip
  • 23 posts

Posted 22 December 2013 - 08:01 PM

Adwcleaner :
 

# AdwCleaner v3.015 - Rapport créé le 22/12/2013 à 15:35:14 # Mis à jour le 10/12/2013 par Xplode # Système d'exploitation : Windows 7 Ultimate Service Pack 1 (64 bits) # Nom d'utilisateur : Eric - ERIC-PC # Exécuté depuis : C:\Users\Eric\Downloads\adwcleaner-3.015.exe # Option : Scanner

***** [ Services ] *****

***** [ Fichiers / Dossiers ] *****

Fichier Présent : C:\Windows\System32\Tasks\SpyHunter4Startup

***** [ Raccourcis ] *****

***** [ Registre ] *****

***** [ Navigateurs ] *****

-\\ Internet Explorer v10.0.9200.16660

-\\ Mozilla Firefox v24.0 (fr)

[ Fichier : C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\0jy3up8z.default\prefs.js ]

-\\ Google Chrome v

[ Fichier : C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [6714 octets] - [14/12/2013 10:34:13] AdwCleaner[R1].txt - [905 octets] - [22/12/2013 15:35:14] AdwCleaner[S0].txt - [6563 octets] - [14/12/2013 10:44:34]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1024 octets] ##########


    Advertisements

Register to Remove


#11 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 23 December 2013 - 07:43 AM

ComboFix

Download Combofix from either of the links below, and save it to your desktop.  
Link 1
Link 2

**Note:  It is important that it is saved directly to your desktop**
If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.



--------------------------------------------------------------------

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

--------------------------------------------------------------------

Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please attach the C:\ComboFix.txt for further review.

Posted Image
 
 

#12 sweetescape

sweetescape

    Authentic Member

  • Authentic Member
  • PipPip
  • 23 posts

Posted 23 December 2013 - 02:22 PM

ComboFix :
 

Recherche de fichiers infect‚s . . . Ceci ne prend g‚n‚ralement pas plus de 10 minutes Le temps d'analyse d'une machine s‚v‚rement infect‚e peut facilement doubler

Termin‚: Etape_1 Termin‚: Etape_2 Termin‚: Etape_3 Termin‚: Etape_4 Termin‚: Etape_5 Termin‚: Etape_6 Termin‚: Etape_6A Termin‚: Etape_7 Termin‚: Etape_8 Termin‚: Etape_9 Termin‚: Etape_10 Termin‚: Etape_11 Termin‚: Etape_12 Termin‚: Etape_13 Termin‚: Etape_14 Termin‚: Etape_15 Termin‚: Etape_16 Termin‚: Etape_17 Termin‚: Etape_18 Termin‚: Etape_19 Termin‚: Etape_19B Termin‚: Etape_20 Termin‚: Etape_21 Termin‚: Etape_22 Termin‚: Etape_23 Termin‚: Etape_24 Termin‚: Etape_25 Termin‚: Etape_26 Termin‚: Etape_27 Termin‚: Etape_28 Termin‚: Etape_29 Termin‚: Etape_30 Termin‚: Etape_31 Termin‚: Etape_32 Termin‚: Etape_32A Termin‚: Etape_33 Termin‚: Etape_34 Termin‚: Etape_35 Termin‚: Etape_36 Termin‚: Etape_37 Termin‚: Etape_38 Termin‚: Etape_39 Termin‚: Etape_40 Termin‚: Etape_41 Termin‚: Etape_42 Termin‚: Etape_43 Termin‚: Etape_44 Termin‚: Etape_45 Termin‚: Etape_46 Termin‚: Etape_47 Termin‚: Etape_48 Termin‚: Etape_49 Termin‚: Etape_50

Suppression de fichiers:

C:\Windows\assembly\GAC_32\Desktop.ini C:\Windows\assembly\GAC_64\Desktop.ini C:\Windows\PFRO.log



#13 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 23 December 2013 - 05:10 PM

Hi,

 

Was there a log created on your computer at C:/ComboFix.txt????  If so please attach that to your reply.

 

Here is a link to show you how to attach a file to your responses >> http://i1224.photobu...zpsde1813e9.mp4

 

 


Posted Image
 
 

#14 sweetescape

sweetescape

    Authentic Member

  • Authentic Member
  • PipPip
  • 23 posts

Posted 25 December 2013 - 07:53 AM

hey my combofix log is named log.txt and i attached the other logs

 

 

Attached Files



#15 sweetescape

sweetescape

    Authentic Member

  • Authentic Member
  • PipPip
  • 23 posts

Posted 25 December 2013 - 08:03 AM

sorry i forgot 2 logs in my last reply

Attached Files


Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users