Jump to content

Kamarill

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I was unable to do this, as I waited about one hour and the loading bar did not budge in the slightest. Attempting to repair it with my Windows CD got me to the part where you select which drive you wanted to repair, but my drive never popped up.
  2. Woops, must've clicked the wrong file. I'd also like to post this most recent MBAM log, which I ran after I noticed most outgoing connections were blocked on some ports. Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 911122602 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 12/26/2011 5:57:46 PM mbam-log-2011-12-26 (17-57-46).txt Scan type: Quick scan Objects scanned: 200542 Time elapsed: 5 minute(s), 49 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 4 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\Windows\System32\42EB02.exe (Trojan.Email) -> Quarantined and deleted successfully. c:\Windows\System32\42eb02.exe_ (Trojan.Email) -> Quarantined and deleted successfully. c:\Windows\SysWOW64\42EB02.exe (Trojan.Email) -> Quarantined and deleted successfully. c:\Windows\SysWOW64\42eb02.exe_ (Trojan.Email) -> Quarantined and deleted successfully. mbr-dump.zip
  3. I have attached both files as requested. Thanks! MBR.zip MBRCheck_12.26.11_01.09.10.zip
  4. ComboFix.txt: ComboFix 11-12-24.10 - Kamarill 12/25/2011 15:54:40.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4094.2084 [GMT -6:00] Running from: c:\users\Kamarill\Desktop\ComboFix.exe AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\windows\system32\consrv.dll c:\windows\system32\java.exe c:\windows\System64 c:\windows\SysWow64\ccrpTmr6.dll c:\windows\SysWow64\tmp1C40.tmp c:\windows\SysWow64\tmp1CFD.tmp . . ((((((((((((((((((((((((( Files Created from 2011-11-25 to 2011-12-25 ))))))))))))))))))))))))))))))) . . 2011-12-25 22:36 . 2011-12-25 22:36 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2011-12-25 22:36 . 2011-12-25 22:36 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-12-25 06:33 . 2011-12-24 14:10 79872 ----a-w- c:\windows\SysWow64\42EB02.exe 2011-12-25 06:13 . 2011-12-25 06:14 -------- d-----w- c:\program files (x86)\Ask.com 2011-12-24 12:10 . 2011-12-24 12:10 29184 ----a-w- c:\windows\SysWow64\42EB02.com 2011-12-24 12:05 . 2011-12-24 12:08 -------- d-----w- c:\users\Kamarill\AppData\Roaming\Polynomial 2011-12-20 16:51 . 2011-12-20 16:51 -------- d-----w- c:\users\Kamarill\AppData\Roaming\Atari 2011-12-20 10:06 . 2010-06-02 10:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll 2011-12-20 10:06 . 2010-06-02 10:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll 2011-12-20 10:06 . 2010-06-02 10:55 176984 ----a-w- c:\windows\system32\xactengine3_7.dll 2011-12-20 10:06 . 2010-05-26 17:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll 2011-12-20 10:06 . 2010-05-26 17:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll 2011-12-20 10:06 . 2010-05-26 17:41 1907552 ----a-w- c:\windows\system32\d3dcsx_43.dll 2011-12-20 10:06 . 2010-05-26 17:41 1868128 ----a-w- c:\windows\SysWow64\d3dcsx_43.dll 2011-12-20 10:04 . 2011-12-20 10:21 -------- d-----w- c:\users\Kamarill\AppData\Local\Two Tribes 2011-12-17 17:45 . 2011-12-17 17:45 -------- d-----w- c:\program files (x86)\Common Files\Java 2011-12-17 17:43 . 2011-12-17 17:43 -------- d-----w- c:\users\Kamarill\AppData\Roaming\Malwarebytes 2011-12-17 17:43 . 2011-12-17 17:43 -------- d-----w- c:\programdata\Malwarebytes 2011-12-17 17:43 . 2011-12-17 17:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-12-15 00:17 . 2011-12-15 00:17 -------- d-----w- c:\program files (x86)\WinGlulxe 2011-12-14 23:56 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll 2011-12-14 23:56 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys 2011-12-14 23:56 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll 2011-12-14 23:56 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll 2011-12-14 23:56 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll 2011-12-12 00:43 . 2011-12-12 00:43 388096 ----a-r- c:\users\Kamarill\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-12-12 00:43 . 2011-12-12 00:43 -------- d-----w- c:\program files (x86)\Trend Micro 2011-12-10 07:38 . 2010-05-26 17:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll 2011-12-10 07:38 . 2010-05-26 17:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll 2011-12-10 07:37 . 2010-05-26 17:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll 2011-12-10 07:37 . 2010-05-26 17:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll 2011-12-10 07:37 . 2010-05-26 17:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll 2011-12-10 07:37 . 2010-05-26 17:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll 2011-11-26 04:14 . 2011-11-26 04:14 -------- d-----w- c:\users\Kamarill\AppData\Local\Chromium . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-14 11:36 . 2011-05-17 18:52 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-12-09 01:07 . 2011-04-01 20:17 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-12-08 04:26 . 2011-12-09 19:05 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D2481BE-4989-408E-9769-243F11963815}\mpengine.dll 2011-11-10 11:54 . 2011-05-23 06:57 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-11-05 04:26 . 2011-12-14 23:56 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2011-11-03 22:39 . 2011-12-15 09:03 1127424 ----a-w- c:\windows\SysWow64\wininet.dll 2011-10-15 08:53 . 2011-11-11 06:04 7581504 ----a-w- c:\windows\system32\nvcuda.dll 2011-10-15 08:53 . 2011-11-11 06:04 68928 ----a-w- c:\windows\system32\OpenCL.dll 2011-10-15 08:53 . 2011-11-11 06:04 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll 2011-10-15 08:53 . 2011-11-11 06:04 5578560 ----a-w- c:\windows\SysWow64\nvcuda.dll 2011-10-15 08:53 . 2011-11-11 06:04 2542912 ----a-w- c:\windows\system32\nvcuvid.dll 2011-10-15 08:53 . 2011-11-11 06:04 24796992 ----a-w- c:\windows\system32\nvcompiler.dll 2011-10-15 08:53 . 2011-11-11 06:04 24742720 ----a-w- c:\windows\system32\nvoglv64.dll 2011-10-15 08:53 . 2011-11-11 06:04 2401088 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2011-10-15 08:53 . 2011-11-11 06:04 2232128 ----a-w- c:\windows\system32\nvcuvenc.dll 2011-10-15 08:53 . 2011-11-11 06:04 2099520 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2011-10-15 08:53 . 2011-11-11 06:04 18871616 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2011-10-15 08:53 . 2011-11-11 06:04 17248576 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2011-10-15 08:53 . 2011-11-11 06:04 15693120 ----a-w- c:\windows\system32\nvd3dumx.dll 2011-10-15 08:53 . 2011-11-11 06:04 12971840 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2011-10-15 08:53 . 2011-08-19 14:33 1533248 ----a-w- c:\windows\system32\nvdispco64.dll 2011-10-15 08:53 . 2011-08-19 14:33 1454400 ----a-w- c:\windows\system32\nvgenco64.dll 2011-10-15 08:53 . 2011-04-01 20:28 7041856 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2011-10-15 08:53 . 2011-04-01 20:28 2808128 ----a-w- c:\windows\system32\nvapi64.dll 2011-10-15 08:53 . 2011-04-01 20:28 2458432 ----a-w- c:\windows\SysWow64\nvapi.dll 2011-10-15 08:53 . 2011-01-08 01:49 837952 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll 2011-10-15 08:53 . 2011-01-08 01:49 10406208 ----a-w- c:\windows\system32\nvcpl.dll 2011-10-15 08:53 . 2011-01-08 01:49 5067584 ----a-w- c:\windows\system32\nvsvc64.dll 2011-10-15 08:53 . 2011-01-08 01:48 222528 ----a-w- c:\windows\system32\nvmctray.dll 2011-10-15 08:53 . 2011-01-08 01:48 1640768 ----a-w- c:\windows\system32\nvvsvc.exe 2011-10-15 08:53 . 2011-01-08 01:48 137536 ----a-w- c:\windows\system32\nvshext.dll 2011-10-15 08:53 . 2009-07-13 21:59 8791360 ----a-w- c:\windows\system32\nvwgf2umx.dll 2011-10-15 08:53 . 2009-06-10 20:37 13205312 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2011-10-15 06:54 . 2011-10-15 06:54 321856 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2011-10-13 20:29 . 2011-10-13 20:29 42392 ----a-w- c:\windows\SysWow64\xfcodec.dll 2011-10-13 20:29 . 2011-10-13 20:29 28056 ----a-w- c:\windows\system32\xfcodec64.dll 2011-10-03 10:31 . 2011-10-03 10:35 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll 2011-10-03 09:24 . 2011-10-03 09:15 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2011-10-03 09:24 . 2011-10-03 09:06 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2011-10-03 09:15 . 2011-10-03 09:06 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2011-10-03 09:06 . 2011-10-03 09:06 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2011-09-29 16:29 . 2011-11-09 02:01 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2010-09-29 04:44 1400712 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Kamarill\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Kamarill\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Kamarill\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Kamarill\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files (x86)\Steam\steam.exe" [2011-12-07 1242448] "igndlm.exe"="c:\program files (x86)\Download Manager\DLM.exe" [2009-10-27 1103216] "MP3 Skype Recorder"="c:\program files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe" [2011-06-23 1968640] "F.lux"="c:\users\Kamarill\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "VolPanel"="c:\program files (x86)\Creative\SB Arena Surround Headset\Volume Panel\VolPanlu.exe" [2009-05-05 241789] "CtaMon"="CtaMon.dll" [2008-08-27 9728] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888] "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208] "Bing Bar"="c:\program files (x86)\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe" [2010-03-24 243544] "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] . c:\users\Kamarill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Kamarill\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-9-1 24183152] OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152] R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-05-26 79360] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-05-26 79360] R3 Ctafiltv;Ctafiltv;c:\windows\system32\drivers\Ctafiltv.sys [x] R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\steam\steamapps\common\ava\Binaries\GameGuard\dump_wmimmc.sys [x] R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-09-02 2152152] S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2010-02-02 517632] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248] S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-05-28 17152] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - LAVASOFT_KERNEXPLORER . Contents of the 'Scheduled Tasks' folder . 2011-12-25 c:\windows\Tasks\At1.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At10.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At11.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At12.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At13.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At14.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At15.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At16.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At17.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At18.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At19.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At2.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At20.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At21.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At22.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At23.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At24.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At25.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At26.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At27.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At28.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At29.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At3.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At30.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At31.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At32.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At33.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At34.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-24 c:\windows\Tasks\At35.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-24 c:\windows\Tasks\At36.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At37.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At38.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At39.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At4.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At40.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At41.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At42.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At43.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At44.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At45.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At46.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At47.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At48.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At49.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At5.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At51.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At53.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At55.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At57.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At59.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At6.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At61.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At63.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At65.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At67.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At69.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At7.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At71.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At73.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At75.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At77.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At79.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At8.job - c:\windows\system32\42EB02.exe_ [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At81.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-24 c:\windows\Tasks\At83.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At85.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At87.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At89.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At9.job - c:\windows\system32\42EB02.exe [2011-12-25 14:10] . 2011-12-25 c:\windows\Tasks\At91.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At93.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\At95.job - c:\windows\system32\42EB02.com [2011-12-24 12:10] . 2011-12-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645332414-3284546636-808201787-1000Core.job - c:\users\Kamarill\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-24 06:02] . 2011-12-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645332414-3284546636-808201787-1000UA.job - c:\users\Kamarill\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-24 06:02] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Kamarill\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Kamarill\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Kamarill\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Kamarill\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RAVCpl64.exe" [2008-07-24 6452256] "Skytel"="Skytel.exe" [2008-07-24 1833504] "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552] "combofix"="c:\combofix\CF8435.3XE" [2010-11-20 345088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm FF - ProfilePath - c:\users\Kamarill\AppData\Roaming\Mozilla\Firefox\Profiles\7rwyawao.default\ FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKCU-Run-uTorrent - c:\program files (x86)\uTorrent\uTorrent.exe AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8, 89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac, 6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93, aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83 "{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd, d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07, 72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:db,b8,87,de,a3,c2,cc,01 . [HKEY_USERS\S-1-5-21-1645332414-3284546636-808201787-1000\Software\SecuROM\License information*] "datasecu"=hex:10,28,c5,0f,d9,24,58,42,33,4b,00,b5,dd,c1,4f,47,ae,f9,8d,93,9b, 44,49,f2,a1,70,8c,87,81,05,1c,dc,71,50,db,26,e7,79,01,82,5e,c5,a0,cf,11,f2,\ "rkeysecu"=hex:eb,23,0c,50,7b,47,6a,1d,9e,7d,28,00,e1,31,d8,d0 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe c:\program files (x86)\Common Files\Motive\McciCMService.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files (x86)\Lavasoft\Ad-Aware\AAWTray.exe c:\program files (x86)\OpenOffice.org 3\program\soffice.exe c:\program files (x86)\OpenOffice.org 3\program\soffice.bin c:\windows\SysWOW64\rundll32.exe . ************************************************************************** . Completion time: 2011-12-25 17:17:41 - machine was rebooted ComboFix-quarantined-files.txt 2011-12-25 23:17 . Pre-Run: 138,222,628,864 bytes free Post-Run: 140,554,268,672 bytes free . - - End Of File - - 73B8E13696792F8D0B6C82E3E8D29698 At the end of running this my issues seemed to be fixed. I still ran MBRCheck: MBRCheck, version 1.2.3 © 2010, AD Command-line: Windows Version: Windows 7 Home Premium Edition Windows Information: Service Pack 1 (build 7601), 64-bit Base Board Manufacturer: Gigabyte Technology Co., Ltd. BIOS Manufacturer: Award Software International, Inc. System Manufacturer: Gigabyte Technology Co., Ltd. System Product Name: EX58-UD3R Logical Drives Mask: 0x0000000d Kernel Drivers (total 150): 0x02C50000 \SystemRoot\system32\ntoskrnl.exe 0x02C07000 \SystemRoot\system32\hal.dll 0x00BB2000 \SystemRoot\system32\kdcom.dll 0x00C07000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x00C56000 \SystemRoot\system32\PSHED.dll 0x00C6A000 \SystemRoot\system32\CLFS.SYS 0x00CC8000 \SystemRoot\system32\CI.dll 0x00E63000 \SystemRoot\system32\drivers\Wdf01000.sys 0x00F07000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x00F16000 \SystemRoot\system32\drivers\ACPI.sys 0x00F6D000 \SystemRoot\system32\drivers\WMILIB.SYS 0x00F76000 \SystemRoot\system32\drivers\msisadrv.sys 0x00F80000 \SystemRoot\system32\drivers\pci.sys 0x00FB3000 \SystemRoot\system32\drivers\vdrvroot.sys 0x00FC0000 \SystemRoot\System32\drivers\partmgr.sys 0x00FD5000 \SystemRoot\system32\drivers\volmgr.sys 0x00E00000 \SystemRoot\System32\drivers\volmgrx.sys 0x00E5C000 \SystemRoot\system32\drivers\pciide.sys 0x00FEA000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x00D88000 \SystemRoot\System32\drivers\mountmgr.sys 0x00DA2000 \SystemRoot\system32\drivers\atapi.sys 0x00DAB000 \SystemRoot\system32\drivers\ataport.SYS 0x00DD5000 \SystemRoot\system32\DRIVERS\jraid.sys 0x01086000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS 0x010B5000 \SystemRoot\system32\drivers\amdxata.sys 0x010C0000 \SystemRoot\system32\drivers\fltmgr.sys 0x0110C000 \SystemRoot\system32\drivers\fileinfo.sys 0x01120000 \SystemRoot\system32\DRIVERS\Lbd.sys 0x01233000 \SystemRoot\System32\Drivers\Ntfs.sys 0x01135000 \SystemRoot\System32\Drivers\msrpc.sys 0x013D6000 \SystemRoot\System32\Drivers\ksecdd.sys 0x01000000 \SystemRoot\System32\Drivers\cng.sys 0x01200000 \SystemRoot\System32\drivers\pcw.sys 0x01211000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x014D9000 \SystemRoot\system32\drivers\ndis.sys 0x01400000 \SystemRoot\system32\drivers\NETIO.SYS 0x01460000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x01611000 \SystemRoot\System32\drivers\tcpip.sys 0x01815000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x0185F000 \SystemRoot\system32\drivers\volsnap.sys 0x018AB000 \SystemRoot\System32\Drivers\spldr.sys 0x018B3000 \SystemRoot\System32\drivers\rdyboost.sys 0x018ED000 \SystemRoot\System32\Drivers\mup.sys 0x018FF000 \SystemRoot\System32\drivers\hwpolicy.sys 0x01908000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x01942000 \SystemRoot\system32\DRIVERS\disk.sys 0x01958000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS 0x019CE000 \SystemRoot\system32\drivers\cdrom.sys 0x01600000 \SystemRoot\System32\Drivers\Null.SYS 0x01609000 \SystemRoot\System32\Drivers\Beep.SYS 0x0148B000 \SystemRoot\System32\drivers\vga.sys 0x01499000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x014BE000 \SystemRoot\System32\drivers\watchdog.sys 0x014CE000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x015CC000 \SystemRoot\system32\drivers\rdpencdd.sys 0x015D5000 \SystemRoot\system32\drivers\rdprefmp.sys 0x015DE000 \SystemRoot\System32\Drivers\Msfs.SYS 0x015E9000 \SystemRoot\System32\Drivers\Npfs.SYS 0x01193000 \SystemRoot\system32\DRIVERS\tdx.sys 0x0121B000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x040FD000 \SystemRoot\system32\drivers\afd.sys 0x04186000 \SystemRoot\System32\DRIVERS\netbt.sys 0x041CB000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x041D4000 \SystemRoot\system32\DRIVERS\pacer.sys 0x04000000 \SystemRoot\system32\DRIVERS\netbios.sys 0x0400F000 \SystemRoot\system32\DRIVERS\serial.sys 0x0402C000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x04047000 \SystemRoot\system32\drivers\termdd.sys 0x0405B000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x040AC000 \SystemRoot\system32\drivers\nsiproxy.sys 0x040B8000 \SystemRoot\system32\drivers\mssmbios.sys 0x040C3000 \SystemRoot\System32\drivers\discache.sys 0x040D2000 \SystemRoot\System32\Drivers\dfsc.sys 0x011B5000 \SystemRoot\system32\DRIVERS\blbdrive.sys 0x011C6000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x044A3000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x0F080000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys 0x0FCF7000 \SystemRoot\System32\Drivers\nvBridge.kmd 0x0FCF9000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x0F000000 \SystemRoot\System32\drivers\dxgmms1.sys 0x0F046000 \SystemRoot\system32\drivers\usbuhci.sys 0x044B9000 \SystemRoot\system32\drivers\USBPORT.SYS 0x0F053000 \SystemRoot\system32\drivers\usbehci.sys 0x0450F000 \SystemRoot\system32\drivers\HDAudBus.sys 0x04533000 \SystemRoot\system32\DRIVERS\Rt64win7.sys 0x04565000 \SystemRoot\system32\drivers\1394ohci.sys 0x0F064000 \SystemRoot\system32\DRIVERS\fdc.sys 0x0F071000 \SystemRoot\system32\DRIVERS\serenum.sys 0x0FDED000 \SystemRoot\system32\drivers\wmiacpi.sys 0x045A3000 \SystemRoot\system32\drivers\CompositeBus.sys 0x045B3000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x045C9000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x045ED000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x04400000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x0442F000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x0444A000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x0446B000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x04485000 \SystemRoot\system32\DRIVERS\hamachi.sys 0x04490000 \SystemRoot\system32\drivers\kbdclass.sys 0x013F1000 \SystemRoot\system32\drivers\mouclass.sys 0x0FDF6000 \SystemRoot\system32\drivers\swenum.sys 0x04A77000 \SystemRoot\system32\drivers\ks.sys 0x04ABA000 \SystemRoot\system32\drivers\umbus.sys 0x04ACC000 \SystemRoot\system32\drivers\usbhub.sys 0x04B26000 \SystemRoot\system32\DRIVERS\flpydisk.sys 0x04B31000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x05C78000 \SystemRoot\system32\drivers\RTKVHD64.sys 0x05C00000 \SystemRoot\system32\drivers\portcls.sys 0x05C3D000 \SystemRoot\system32\drivers\drmk.sys 0x05C5F000 \SystemRoot\system32\drivers\ksthunk.sys 0x05DE2000 \SystemRoot\system32\drivers\usbccgp.sys 0x05C65000 \SystemRoot\system32\drivers\USBD.SYS 0x05C67000 \SystemRoot\system32\drivers\hidusb.sys 0x04B46000 \SystemRoot\system32\drivers\HIDCLASS.SYS 0x04B5F000 \SystemRoot\system32\drivers\HIDPARSE.SYS 0x04B68000 \SystemRoot\system32\drivers\kbdhid.sys 0x04B76000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x000B0000 \SystemRoot\System32\win32k.sys 0x04B83000 \SystemRoot\System32\drivers\Dxapi.sys 0x04B8F000 \SystemRoot\system32\DRIVERS\monitor.sys 0x00550000 \SystemRoot\System32\TSDDD.dll 0x00610000 \SystemRoot\System32\cdd.dll 0x04B9D000 \SystemRoot\system32\drivers\luafv.sys 0x04BC0000 \SystemRoot\system32\drivers\WudfPf.sys 0x04BE1000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x04A00000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x06E4D000 \SystemRoot\system32\drivers\HTTP.sys 0x06F16000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x06F47000 \SystemRoot\system32\DRIVERS\bowser.sys 0x06F65000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x06F92000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x06E00000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x07016000 \SystemRoot\System32\DRIVERS\srv2.sys 0x0707F000 \SystemRoot\System32\DRIVERS\srv.sys 0x07117000 \SystemRoot\system32\DRIVERS\udfs.sys 0x0716C000 \SystemRoot\System32\Drivers\crashdmp.sys 0x0717A000 \SystemRoot\System32\Drivers\dump_diskdump.sys 0x07184000 \SystemRoot\System32\Drivers\dump_JRAID.sys 0x0719F000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x071B2000 \SystemRoot\system32\drivers\npf.sys 0x076E4000 \SystemRoot\system32\drivers\peauth.sys 0x0778A000 \SystemRoot\System32\Drivers\secdrv.SYS 0x07795000 \SystemRoot\System32\drivers\tcpipreg.sys 0x077A7000 \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys 0x077AE000 \SystemRoot\System32\Drivers\fastfat.SYS 0x07671000 \SystemRoot\system32\DRIVERS\asyncmac.sys 0x0767C000 \??\C:\Windows\system32\Drivers\PROCEXP113.SYS 0x77120000 \Windows\System32\ntdll.dll 0x48300000 \Windows\System32\smss.exe 0xFF440000 \Windows\System32\apisetschema.dll Processes (total 69): 0 System Idle Process 4 System 320 C:\Windows\System32\smss.exe 452 csrss.exe 528 C:\Windows\System32\wininit.exe 556 csrss.exe 588 C:\Windows\System32\services.exe 616 C:\Windows\System32\lsass.exe 624 C:\Windows\System32\lsm.exe 732 C:\Windows\System32\svchost.exe 796 C:\Windows\System32\nvvsvc.exe 820 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 876 C:\Windows\System32\svchost.exe 924 C:\Windows\System32\winlogon.exe 992 C:\Windows\System32\svchost.exe 140 C:\Windows\System32\svchost.exe 392 C:\Windows\System32\svchost.exe 1056 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe 1100 C:\Windows\System32\svchost.exe 1220 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe 1232 C:\Windows\System32\nvvsvc.exe 1496 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe 1676 C:\Windows\System32\spoolsv.exe 1936 C:\Windows\System32\svchost.exe 1972 C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe 1992 C:\Program Files (x86)\Common Files\Motive\McciCMService.exe 2028 C:\Program Files\Common Files\Motive\McciCMService.exe 1372 C:\Windows\SysWOW64\PnkBstrA.exe 1532 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 444 C:\Windows\System32\svchost.exe 1708 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe 544 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 2088 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 2432 unsecapp.exe 2520 WmiPrvSE.exe 2656 C:\Windows\System32\taskhost.exe 2736 C:\Windows\System32\dwm.exe 2760 C:\Windows\explorer.exe 1912 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe 2440 C:\Windows\RAVCpl64.exe 2968 C:\Program Files\Zune\ZuneLauncher.exe 2948 C:\Program Files (x86)\Steam\Steam.exe 1420 C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe 1452 C:\Users\Kamarill\AppData\Local\Apps\F.lux\flux.exe 2148 C:\Program Files (x86)\Skype\Phone\Skype.exe 2756 C:\Users\Kamarill\AppData\Roaming\Dropbox\bin\Dropbox.exe 2124 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe 2900 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin 3076 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 3096 C:\Program Files (x86)\Creative\SB Arena Surround Headset\Volume Panel\VolPanlu.exe 3120 C:\Windows\SysWOW64\rundll32.exe 3172 C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe 3200 C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe 3356 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 3404 C:\Windows\System32\svchost.exe 3928 C:\Windows\System32\SearchIndexer.exe 4088 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 428 C:\Windows\System32\svchost.exe 3032 C:\Program Files (x86)\Internet Explorer\iexplore.exe 2160 C:\Program Files (x86)\Internet Explorer\iexplore.exe 1980 C:\Program Files (x86)\Internet Explorer\iexplore.exe 4028 C:\Program Files (x86)\Internet Explorer\iexplore.exe 4780 C:\Program Files (x86)\Internet Explorer\iexplore.exe 1376 C:\Program Files (x86)\Internet Explorer\iexplore.exe 4624 C:\Program Files (x86)\Internet Explorer\iexplore.exe 5148 C:\Program Files (x86)\Internet Explorer\iexplore.exe 5480 C:\Windows\System32\audiodg.exe 5940 C:\Users\Kamarill\Desktop\MBRCheck.exe 5956 C:\Windows\System32\conhost.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS) PhysicalDrive0 Model Number: WDCWD6401AALS-00E3A0, Rev: 05.01D05 Size Device Name MBR Status -------------------------------------------- 596 GB \\.\PhysicalDrive0 MBR Code Faked! SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79 Found non-standard or infected MBR. Enter 'Y' and hit ENTER for more options, or 'N' to exit: Done! Thanks for the help!
  5. Thank you for the welcomes! The delay was no issue; it gave me no excuse to spend Christmas with my family (and I hope your holidays were good as well!) FSS.txt: Farbar Service Scanner Ran by Kamarill (administrator) on 25-12-2011 at 15:36:44 Microsoft Windows 7 Home Premium Service Pack 1 (X64) **************************************************************** Internet Services: ============ Dnscache Service is not running. Checking service configuration: The start type of Dnscache service is OK. The ImagePath of Dnscache service is OK. The ServiceDll of Dnscache service is OK. Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Yahoo IP is accessible. Windows Firewall: ============= MpsSvc Service is not running. Checking service configuration: Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist. Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist. Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist. bfe Service is not running. Checking service configuration: Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist. Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist. Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist. mpsdrv Service is not running. Checking service configuration: The start type of mpsdrv service is OK. The ImagePath of mpsdrv service is OK. Firewall Disabled Policy: ================== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=DWORD:0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=DWORD:0 System Restore: ============ SDRSVC Service is not running. Checking service configuration: The start type of SDRSVC service is OK. The ImagePath of SDRSVC service is OK. The ServiceDll of SDRSVC service is OK. VSS Service is not running. Checking service configuration: The start type of VSS service is OK. The ImagePath of VSS service is OK. System Restore Disabled Policy: ======================== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log **** TDSSKiller_log.txt: 15:38:51.0281 13740 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16 15:38:52.0571 13740 ============================================================ 15:38:52.0571 13740 Current date / time: 2011/12/25 15:38:52.0571 15:38:52.0571 13740 SystemInfo: 15:38:52.0571 13740 15:38:52.0571 13740 OS Version: 6.1.7601 ServicePack: 1.0 15:38:52.0571 13740 Product type: Workstation 15:38:52.0571 13740 ComputerName: KAMARILL-PC 15:38:52.0571 13740 UserName: Kamarill 15:38:52.0571 13740 Windows directory: C:\Windows 15:38:52.0571 13740 System windows directory: C:\Windows 15:38:52.0571 13740 Running under WOW64 15:38:52.0571 13740 Processor architecture: Intel x64 15:38:52.0571 13740 Number of processors: 8 15:38:52.0571 13740 Page size: 0x1000 15:38:52.0571 13740 Boot type: Normal boot 15:38:52.0571 13740 ============================================================ 15:38:53.0463 13740 Initialize success 15:39:01.0287 15216 ============================================================ 15:39:01.0287 15216 Scan started 15:39:01.0287 15216 Mode: Manual; 15:39:01.0287 15216 ============================================================ 15:39:04.0840 15216 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 15:39:04.0863 15216 1394ohci - ok 15:39:04.0955 15216 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 15:39:04.0959 15216 ACPI - ok 15:39:05.0044 15216 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 15:39:05.0045 15216 AcpiPmi - ok 15:39:05.0264 15216 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 15:39:05.0270 15216 adp94xx - ok 15:39:05.0346 15216 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 15:39:05.0350 15216 adpahci - ok 15:39:05.0404 15216 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 15:39:05.0407 15216 adpu320 - ok 15:39:05.0517 15216 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 15:39:05.0519 15216 AFD - ok 15:39:05.0599 15216 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 15:39:05.0600 15216 agp440 - ok 15:39:05.0685 15216 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 15:39:05.0685 15216 aliide - ok 15:39:05.0759 15216 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 15:39:05.0760 15216 amdide - ok 15:39:05.0823 15216 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 15:39:05.0824 15216 AmdK8 - ok 15:39:05.0879 15216 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 15:39:05.0880 15216 AmdPPM - ok 15:39:05.0959 15216 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys 15:39:05.0961 15216 amdsata - ok 15:39:06.0020 15216 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 15:39:06.0023 15216 amdsbs - ok 15:39:06.0104 15216 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys 15:39:06.0105 15216 amdxata - ok 15:39:06.0179 15216 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 15:39:06.0191 15216 AppID - ok 15:39:06.0261 15216 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 15:39:06.0263 15216 arc - ok 15:39:06.0319 15216 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 15:39:06.0320 15216 arcsas - ok 15:39:06.0394 15216 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 15:39:06.0395 15216 AsyncMac - ok 15:39:06.0479 15216 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 15:39:06.0480 15216 atapi - ok 15:39:06.0565 15216 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 15:39:06.0571 15216 b06bdrv - ok 15:39:06.0652 15216 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 15:39:06.0655 15216 b57nd60a - ok 15:39:06.0711 15216 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 15:39:06.0711 15216 Beep - ok 15:39:06.0769 15216 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 15:39:06.0770 15216 blbdrive - ok 15:39:06.0846 15216 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 15:39:06.0848 15216 bowser - ok 15:39:06.0907 15216 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 15:39:06.0908 15216 BrFiltLo - ok 15:39:06.0958 15216 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 15:39:06.0959 15216 BrFiltUp - ok 15:39:07.0022 15216 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 15:39:07.0026 15216 Brserid - ok 15:39:07.0079 15216 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 15:39:07.0080 15216 BrSerWdm - ok 15:39:07.0178 15216 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 15:39:07.0179 15216 BrUsbMdm - ok 15:39:07.0231 15216 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 15:39:07.0232 15216 BrUsbSer - ok 15:39:07.0287 15216 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 15:39:07.0288 15216 BTHMODEM - ok 15:39:07.0357 15216 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 15:39:07.0358 15216 cdfs - ok 15:39:07.0449 15216 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 15:39:07.0451 15216 cdrom - ok 15:39:07.0521 15216 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 15:39:07.0522 15216 circlass - ok 15:39:07.0571 15216 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 15:39:07.0576 15216 CLFS - ok 15:39:07.0648 15216 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 15:39:07.0649 15216 CmBatt - ok 15:39:07.0729 15216 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 15:39:07.0730 15216 cmdide - ok 15:39:07.0811 15216 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 15:39:07.0816 15216 CNG - ok 15:39:07.0872 15216 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 15:39:07.0873 15216 Compbatt - ok 15:39:07.0956 15216 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 15:39:07.0975 15216 CompositeBus - ok 15:39:08.0264 15216 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 15:39:08.0306 15216 crcdisk - ok 15:39:08.0445 15216 Ctafiltv (01acb9228c303de1fff82b807d28b2b0) C:\Windows\system32\drivers\Ctafiltv.sys 15:39:08.0446 15216 Ctafiltv - ok 15:39:08.0558 15216 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 15:39:08.0560 15216 DfsC - ok 15:39:08.0626 15216 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 15:39:08.0627 15216 discache - ok 15:39:08.0684 15216 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 15:39:08.0686 15216 Disk - ok 15:39:08.0755 15216 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 15:39:08.0756 15216 drmkaud - ok 15:39:08.0931 15216 dump_wmimmc - ok 15:39:09.0016 15216 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 15:39:09.0028 15216 DXGKrnl - ok 15:39:09.0190 15216 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 15:39:09.0243 15216 ebdrv - ok 15:39:09.0323 15216 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 15:39:09.0330 15216 elxstor - ok 15:39:09.0410 15216 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 15:39:09.0426 15216 ErrDev - ok 15:39:09.0584 15216 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 15:39:09.0587 15216 exfat - ok 15:39:09.0645 15216 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 15:39:09.0648 15216 fastfat - ok 15:39:09.0705 15216 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 15:39:09.0706 15216 fdc - ok 15:39:09.0777 15216 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 15:39:09.0780 15216 FileInfo - ok 15:39:09.0871 15216 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 15:39:09.0872 15216 Filetrace - ok 15:39:09.0928 15216 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 15:39:09.0929 15216 flpydisk - ok 15:39:10.0298 15216 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 15:39:10.0331 15216 FltMgr - ok 15:39:10.0387 15216 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 15:39:10.0388 15216 FsDepends - ok 15:39:10.0436 15216 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 15:39:10.0436 15216 Fs_Rec - ok 15:39:10.0517 15216 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 15:39:10.0520 15216 fvevol - ok 15:39:10.0576 15216 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 15:39:10.0578 15216 gagp30kx - ok 15:39:10.0606 15216 gdrv (4412705f7fd88aacb1dad2ed321c3328) C:\Windows\gdrv.sys 15:39:10.0607 15216 gdrv - ok 15:39:10.0678 15216 GGSAFERDriver - ok 15:39:10.0754 15216 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys 15:39:10.0755 15216 hamachi - ok 15:39:10.0822 15216 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 15:39:10.0823 15216 hcw85cir - ok 15:39:10.0901 15216 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 15:39:10.0905 15216 HdAudAddService - ok 15:39:10.0997 15216 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 15:39:10.0999 15216 HDAudBus - ok 15:39:11.0056 15216 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 15:39:11.0057 15216 HidBatt - ok 15:39:11.0339 15216 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 15:39:11.0398 15216 HidBth - ok 15:39:12.0201 15216 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 15:39:12.0225 15216 HidIr - ok 15:39:12.0355 15216 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 15:39:12.0370 15216 HidUsb - ok 15:39:12.0486 15216 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 15:39:12.0488 15216 HpSAMD - ok 15:39:12.0579 15216 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 15:39:12.0588 15216 HTTP - ok 15:39:12.0628 15216 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 15:39:12.0630 15216 hwpolicy - ok 15:39:12.0714 15216 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 15:39:12.0716 15216 i8042prt - ok 15:39:12.0806 15216 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys 15:39:12.0811 15216 iaStorV - ok 15:39:12.0884 15216 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 15:39:12.0885 15216 iirsp - ok 15:39:12.0971 15216 IntcAzAudAddService (4a725cdde1a0c3d1b1eaca0d9d0d95d0) C:\Windows\system32\drivers\RTKVHD64.sys 15:39:12.0988 15216 IntcAzAudAddService - ok 15:39:13.0029 15216 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 15:39:13.0030 15216 intelide - ok 15:39:13.0087 15216 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 15:39:13.0113 15216 intelppm - ok 15:39:13.0527 15216 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:39:13.0528 15216 IpFilterDriver - ok 15:39:13.0599 15216 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 15:39:13.0601 15216 IPMIDRV - ok 15:39:13.0675 15216 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 15:39:13.0677 15216 IPNAT - ok 15:39:13.0736 15216 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 15:39:13.0737 15216 IRENUM - ok 15:39:13.0820 15216 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 15:39:13.0821 15216 isapnp - ok 15:39:13.0908 15216 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 15:39:13.0912 15216 iScsiPrt - ok 15:39:13.0972 15216 JRAID (db85fe8d6cbaa2047cb4da1b2c193d76) C:\Windows\system32\DRIVERS\jraid.sys 15:39:13.0973 15216 JRAID - ok 15:39:14.0058 15216 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 15:39:14.0060 15216 kbdclass - ok 15:39:14.0146 15216 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 15:39:14.0146 15216 kbdhid - ok 15:39:14.0215 15216 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 15:39:14.0217 15216 KSecDD - ok 15:39:14.0297 15216 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 15:39:14.0299 15216 KSecPkg - ok 15:39:14.0384 15216 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 15:39:14.0385 15216 ksthunk - ok 15:39:14.0479 15216 Lbd (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys 15:39:14.0480 15216 Lbd - ok 15:39:14.0546 15216 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 15:39:14.0547 15216 lltdio - ok 15:39:14.0612 15216 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 15:39:14.0613 15216 LSI_FC - ok 15:39:14.0671 15216 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 15:39:14.0673 15216 LSI_SAS - ok 15:39:14.0753 15216 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 15:39:14.0754 15216 LSI_SAS2 - ok 15:39:14.0826 15216 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 15:39:14.0828 15216 LSI_SCSI - ok 15:39:14.0900 15216 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 15:39:14.0901 15216 luafv - ok 15:39:14.0958 15216 MBAMProtector - ok 15:39:15.0030 15216 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 15:39:15.0031 15216 megasas - ok 15:39:15.0151 15216 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 15:39:15.0154 15216 MegaSR - ok 15:39:15.0213 15216 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 15:39:15.0214 15216 Modem - ok 15:39:15.0272 15216 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 15:39:15.0273 15216 monitor - ok 15:39:15.0352 15216 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 15:39:15.0353 15216 mouclass - ok 15:39:15.0440 15216 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 15:39:15.0441 15216 mouhid - ok 15:39:15.0512 15216 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 15:39:15.0514 15216 mountmgr - ok 15:39:15.0582 15216 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 15:39:15.0585 15216 mpio - ok 15:39:15.0637 15216 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 15:39:15.0637 15216 mpsdrv - ok 15:39:15.0747 15216 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS 15:39:15.0748 15216 MREMP50 - ok 15:39:15.0821 15216 MREMP50a64 - ok 15:39:15.0880 15216 MREMPR5 - ok 15:39:15.0946 15216 MRENDIS5 - ok 15:39:16.0056 15216 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS 15:39:16.0057 15216 MRESP50 - ok 15:39:16.0138 15216 MRESP50a64 - ok 15:39:16.0218 15216 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 15:39:16.0219 15216 MRxDAV - ok 15:39:16.0312 15216 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:39:16.0314 15216 mrxsmb - ok 15:39:16.0391 15216 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:39:16.0394 15216 mrxsmb10 - ok 15:39:16.0466 15216 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:39:16.0468 15216 mrxsmb20 - ok 15:39:16.0548 15216 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 15:39:16.0549 15216 msahci - ok 15:39:16.0632 15216 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 15:39:16.0634 15216 msdsm - ok 15:39:16.0693 15216 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 15:39:16.0694 15216 Msfs - ok 15:39:16.0755 15216 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 15:39:16.0756 15216 mshidkmdf - ok 15:39:16.0835 15216 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 15:39:16.0836 15216 msisadrv - ok 15:39:16.0907 15216 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 15:39:16.0908 15216 MSKSSRV - ok 15:39:16.0963 15216 msloop (103b3bbe23ab774b009d182276ec6786) C:\Windows\system32\DRIVERS\loop.sys 15:39:16.0964 15216 msloop - ok 15:39:17.0020 15216 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 15:39:17.0020 15216 MSPCLOCK - ok 15:39:17.0075 15216 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 15:39:17.0076 15216 MSPQM - ok 15:39:17.0536 15216 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 15:39:17.0541 15216 MsRPC - ok 15:39:17.0622 15216 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 15:39:17.0623 15216 mssmbios - ok 15:39:17.0674 15216 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 15:39:17.0675 15216 MSTEE - ok 15:39:17.0732 15216 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 15:39:17.0732 15216 MTConfig - ok 15:39:17.0853 15216 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 15:39:17.0854 15216 Mup - ok 15:39:17.0915 15216 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 15:39:17.0919 15216 NativeWifiP - ok 15:39:18.0015 15216 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 15:39:18.0026 15216 NDIS - ok 15:39:18.0089 15216 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 15:39:18.0090 15216 NdisCap - ok 15:39:18.0150 15216 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 15:39:18.0151 15216 NdisTapi - ok 15:39:18.0223 15216 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 15:39:18.0225 15216 Ndisuio - ok 15:39:18.0303 15216 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 15:39:18.0305 15216 NdisWan - ok 15:39:18.0381 15216 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 15:39:18.0383 15216 NDProxy - ok 15:39:18.0444 15216 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 15:39:18.0445 15216 NetBIOS - ok 15:39:18.0515 15216 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 15:39:18.0518 15216 NetBT - ok 15:39:18.0586 15216 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 15:39:18.0587 15216 nfrd960 - ok 15:39:18.0683 15216 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys 15:39:18.0684 15216 NPF - ok 15:39:18.0730 15216 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 15:39:18.0731 15216 Npfs - ok 15:39:18.0781 15216 NPPTNT2 - ok 15:39:18.0839 15216 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 15:39:18.0839 15216 nsiproxy - ok 15:39:18.0941 15216 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys 15:39:18.0966 15216 Ntfs - ok 15:39:19.0040 15216 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 15:39:19.0041 15216 Null - ok 15:39:19.0334 15216 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys 15:39:19.0521 15216 nvlddmkm - ok 15:39:19.0604 15216 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys 15:39:19.0606 15216 nvraid - ok 15:39:19.0625 15216 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys 15:39:19.0627 15216 nvstor - ok 15:39:19.0677 15216 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 15:39:19.0679 15216 nv_agp - ok 15:39:19.0718 15216 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 15:39:19.0719 15216 ohci1394 - ok 15:39:19.0763 15216 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 15:39:19.0765 15216 Parport - ok 15:39:19.0808 15216 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 15:39:19.0810 15216 partmgr - ok 15:39:19.0858 15216 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 15:39:19.0861 15216 pci - ok 15:39:19.0875 15216 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 15:39:19.0875 15216 pciide - ok 15:39:19.0893 15216 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 15:39:19.0896 15216 pcmcia - ok 15:39:19.0909 15216 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 15:39:19.0910 15216 pcw - ok 15:39:19.0936 15216 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 15:39:19.0943 15216 PEAUTH - ok 15:39:20.0009 15216 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 15:39:20.0011 15216 PptpMiniport - ok 15:39:20.0030 15216 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 15:39:20.0032 15216 Processor - ok 15:39:20.0072 15216 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 15:39:20.0075 15216 Psched - ok 15:39:20.0112 15216 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 15:39:20.0134 15216 ql2300 - ok 15:39:20.0172 15216 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 15:39:20.0174 15216 ql40xx - ok 15:39:20.0196 15216 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 15:39:20.0196 15216 QWAVEdrv - ok 15:39:20.0212 15216 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 15:39:20.0213 15216 RasAcd - ok 15:39:20.0249 15216 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 15:39:20.0250 15216 RasAgileVpn - ok 15:39:20.0293 15216 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:39:20.0295 15216 Rasl2tp - ok 15:39:20.0312 15216 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 15:39:20.0314 15216 RasPppoe - ok 15:39:20.0326 15216 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 15:39:20.0328 15216 RasSstp - ok 15:39:20.0377 15216 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 15:39:20.0381 15216 rdbss - ok 15:39:20.0437 15216 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 15:39:20.0438 15216 rdpbus - ok 15:39:20.0493 15216 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:39:20.0494 15216 RDPCDD - ok 15:39:20.0558 15216 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 15:39:20.0559 15216 RDPENCDD - ok 15:39:20.0617 15216 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 15:39:20.0618 15216 RDPREFMP - ok 15:39:20.0690 15216 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 15:39:20.0694 15216 RDPWD - ok 15:39:20.0784 15216 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 15:39:20.0787 15216 rdyboost - ok 15:39:20.0889 15216 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 15:39:20.0891 15216 rspndr - ok 15:39:20.0948 15216 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys 15:39:20.0950 15216 RTL8167 - ok 15:39:21.0024 15216 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 15:39:21.0026 15216 sbp2port - ok 15:39:21.0093 15216 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 15:39:21.0219 15216 scfilter - ok 15:39:22.0100 15216 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 15:39:22.0100 15216 secdrv - ok 15:39:22.0179 15216 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 15:39:22.0180 15216 Serenum - ok 15:39:22.0239 15216 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 15:39:22.0240 15216 Serial - ok 15:39:22.0321 15216 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 15:39:22.0322 15216 sermouse - ok 15:39:22.0406 15216 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 15:39:22.0407 15216 sffdisk - ok 15:39:22.0483 15216 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 15:39:22.0483 15216 sffp_mmc - ok 15:39:22.0562 15216 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 15:39:22.0563 15216 sffp_sd - ok 15:39:22.0622 15216 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 15:39:22.0623 15216 sfloppy - ok 15:39:22.0682 15216 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 15:39:22.0683 15216 SiSRaid2 - ok 15:39:22.0736 15216 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 15:39:22.0738 15216 SiSRaid4 - ok 15:39:22.0801 15216 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 15:39:22.0803 15216 Smb - ok 15:39:22.0885 15216 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 15:39:22.0886 15216 spldr - ok 15:39:22.0969 15216 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 15:39:22.0974 15216 srv - ok 15:39:23.0066 15216 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 15:39:23.0071 15216 srv2 - ok 15:39:23.0472 15216 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 15:39:23.0474 15216 srvnet - ok 15:39:23.0546 15216 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 15:39:23.0547 15216 stexstor - ok 15:39:23.0627 15216 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 15:39:23.0628 15216 swenum - ok 15:39:23.0740 15216 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 15:39:23.0749 15216 Tcpip - ok 15:39:23.0856 15216 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 15:39:23.0865 15216 TCPIP6 - ok 15:39:23.0946 15216 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 15:39:23.0947 15216 tcpipreg - ok 15:39:24.0004 15216 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 15:39:24.0005 15216 TDPIPE - ok 15:39:24.0053 15216 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 15:39:24.0054 15216 TDTCP - ok 15:39:24.0125 15216 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 15:39:24.0126 15216 tdx - ok 15:39:24.0221 15216 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 15:39:24.0222 15216 TermDD - ok 15:39:24.0313 15216 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:39:24.0315 15216 tssecsrv - ok 15:39:24.0396 15216 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 15:39:24.0397 15216 TsUsbFlt - ok 15:39:24.0496 15216 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 15:39:24.0498 15216 tunnel - ok 15:39:24.0558 15216 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 15:39:24.0560 15216 uagp35 - ok 15:39:24.0641 15216 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 15:39:24.0645 15216 udfs - ok 15:39:24.0725 15216 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 15:39:24.0726 15216 uliagpkx - ok 15:39:24.0809 15216 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 15:39:24.0810 15216 umbus - ok 15:39:24.0860 15216 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 15:39:24.0861 15216 UmPass - ok 15:39:24.0951 15216 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 15:39:24.0953 15216 usbaudio - ok 15:39:25.0029 15216 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys 15:39:25.0031 15216 usbccgp - ok 15:39:25.0189 15216 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 15:39:25.0191 15216 usbcir - ok 15:39:25.0272 15216 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys 15:39:25.0273 15216 usbehci - ok 15:39:25.0361 15216 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys 15:39:25.0366 15216 usbhub - ok 15:39:25.0467 15216 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys 15:39:25.0468 15216 usbohci - ok 15:39:25.0832 15216 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 15:39:25.0833 15216 usbprint - ok 15:39:25.0914 15216 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:39:25.0915 15216 USBSTOR - ok 15:39:25.0994 15216 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys 15:39:25.0995 15216 usbuhci - ok 15:39:26.0078 15216 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 15:39:26.0079 15216 vdrvroot - ok 15:39:26.0150 15216 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 15:39:26.0151 15216 vga - ok 15:39:26.0208 15216 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 15:39:26.0208 15216 VgaSave - ok 15:39:26.0287 15216 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 15:39:26.0290 15216 vhdmp - ok 15:39:26.0372 15216 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 15:39:26.0373 15216 viaide - ok 15:39:26.0450 15216 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 15:39:26.0451 15216 volmgr - ok 15:39:26.0525 15216 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 15:39:26.0530 15216 volmgrx - ok 15:39:26.0617 15216 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 15:39:26.0621 15216 volsnap - ok 15:39:26.0680 15216 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 15:39:26.0682 15216 vsmraid - ok 15:39:26.0737 15216 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 15:39:26.0738 15216 vwifibus - ok 15:39:26.0797 15216 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 15:39:26.0798 15216 WacomPen - ok 15:39:26.0902 15216 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:39:26.0903 15216 WANARP - ok 15:39:26.0916 15216 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:39:26.0917 15216 Wanarpv6 - ok 15:39:26.0999 15216 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 15:39:26.0999 15216 Wd - ok 15:39:27.0027 15216 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 15:39:27.0035 15216 Wdf01000 - ok 15:39:27.0725 15216 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 15:39:27.0726 15216 WfpLwf - ok 15:39:27.0785 15216 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 15:39:27.0786 15216 WIMMount - ok 15:39:27.0890 15216 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 15:39:27.0891 15216 WmiAcpi - ok 15:39:27.0948 15216 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 15:39:27.0949 15216 ws2ifsl - ok 15:39:28.0022 15216 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 15:39:28.0023 15216 WudfPf - ok 15:39:28.0101 15216 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:39:28.0104 15216 WUDFRd - ok 15:39:28.0146 15216 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 15:39:28.0188 15216 \Device\Harddisk0\DR0 - ok 15:39:28.0190 15216 Boot (0x1200) (75e339bdd88122f9dce538687b16e6b1) \Device\Harddisk0\DR0\Partition0 15:39:28.0191 15216 \Device\Harddisk0\DR0\Partition0 - ok 15:39:28.0192 15216 ============================================================ 15:39:28.0192 15216 Scan finished 15:39:28.0192 15216 ============================================================ 15:39:28.0201 15944 Detected object count: 0 15:39:28.0201 15944 Actual detected object count: 0 After running TDSSKiller I was still experiencing issues.
  6. I've discovered some other issues I am having. I am unable to connect to localhost, even with Apache running correctly. I am also unable to connect to 192.168.1.1, my router's homepage. I've also been noticing Internet issues across all browsers where connection attempts to websites will time out occasionally. I am not sure if any of this is related or not.
  7. Like many others, I am also having PING.EXE issues. These started after removing Win 7 Security 2011 from my computer. MBAM finds no current other infections. DDS.txt: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30 Run by Kamarill at 10:15:17 on 2011-12-20 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4094.2089 [GMT -6:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe C:\Program Files (x86)\Common Files\Motive\McciCMService.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\RAVCpl64.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\Creative\SB Arena Surround Headset\Volume Panel\VolPanlu.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\ping.exe C:\Windows\system32\conhost.exe C:\Windows\system32\REGSVR32.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent uRun: [Google Update] "C:\Users\Kamarill\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork uRun: [MP3 Skype Recorder] C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe uRun: [F.lux] "C:\Users\Kamarill\Local Settings\Apps\F.lux\flux.exe" /noshow uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED uRunOnce: [Application Restart #1] C:\Users\Kamarill\AppData\Local\Google\Chrome\Application\chrome.exe --automation-channel=ChromeTestingInterface:3200.2 --chrome-frame --no-first-run --disable-popup-blocking --user-data-dir="C:\Users\Kamarill\AppData\Local\Google\Chrome Frame\User Data\iexplore" --chrome-version=13.0.782.112 --lang=en-US --flag-switches-begin --flag-switches-end --restore-last-session mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB Arena Surround Headset\Volume Panel\VolPanlu.exe" /r mRun: [CtaMon] Rundll32 CtaMon.dll,RunMonitor mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start mRun: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe" mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\Kamarill\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Kamarill\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\Kamarill\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe uPolicies-explorer: HideSCAHealth = 1 (0x1) mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll LSP: mswsock.dll DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab TCP: DhcpNameServer = 10.0.0.1 TCP: Interfaces\{FFBBB019-5441-4F31-A34E-4F6D3B318C5B} : DhcpNameServer = 10.0.0.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 Skype Recorder\Skype4Com.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4 BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO-X64: Search Helper - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll mRun-x64: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\SB Arena Surround Headset\Volume Panel\VolPanlu.exe" /r mRun-x64: [CtaMon] Rundll32 CtaMon.dll,RunMonitor mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start mRun-x64: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe" mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Kamarill\AppData\Roaming\Mozilla\Firefox\Profiles\7rwyawao.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll FF - plugin: C:\Program Files (x86)\Download Manager\npfpdlm.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Kamarill\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-8-15 2329480] R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2011-7-25 517632] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-8-19 2253120] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248] R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-6-1 2337144] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-5-25 2152152] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-17 366152] S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-5-26 79360] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-5-26 79360] S3 Ctafiltv;Ctafiltv;C:\Windows\system32\drivers\Ctafiltv.sys --> C:\Windows\system32\drivers\Ctafiltv.sys [?] S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400] . =============== Created Last 30 ================ . 2011-12-20 10:06:50 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll 2011-12-20 10:06:50 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll 2011-12-20 10:06:50 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll 2011-12-20 10:06:48 176984 ----a-w- C:\Windows\System32\xactengine3_7.dll 2011-12-20 10:06:46 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll 2011-12-20 10:06:46 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll 2011-12-20 10:06:45 1907552 ----a-w- C:\Windows\System32\d3dcsx_43.dll 2011-12-20 10:06:45 1868128 ----a-w- C:\Windows\SysWow64\d3dcsx_43.dll 2011-12-20 10:04:38 -------- d-----w- C:\Users\Kamarill\AppData\Local\Two Tribes 2011-12-17 17:43:55 -------- d-----w- C:\Users\Kamarill\AppData\Roaming\Malwarebytes 2011-12-17 17:43:43 -------- d-----w- C:\ProgramData\Malwarebytes 2011-12-17 17:43:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-12-15 00:17:24 -------- d-----w- C:\Program Files (x86)\WinGlulxe 2011-12-14 23:56:20 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2011-12-14 23:56:18 723456 ----a-w- C:\Windows\System32\EncDec.dll 2011-12-14 23:56:18 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2011-12-14 23:56:18 3145216 ----a-w- C:\Windows\System32\win32k.sys 2011-12-14 23:56:16 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2011-12-14 23:56:16 2048 ----a-w- C:\Windows\System32\tzres.dll 2011-12-12 00:43:49 388096 ----a-r- C:\Users\Kamarill\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-12-12 00:43:49 -------- d-----w- C:\Program Files (x86)\Trend Micro 2011-12-11 14:31:39 -------- d-----we C:\Windows\system64 2011-12-10 07:38:00 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll 2011-12-10 07:38:00 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll 2011-12-10 07:37:58 511328 ----a-w- C:\Windows\System32\d3dx10_43.dll 2011-12-10 07:37:58 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll 2011-12-10 07:37:53 2401112 ----a-w- C:\Windows\System32\D3DX9_43.dll 2011-12-10 07:37:53 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll 2011-12-09 19:05:29 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6D2481BE-4989-408E-9769-243F11963815}\mpengine.dll 2011-11-26 04:14:46 -------- d-----w- C:\Users\Kamarill\AppData\Local\Chromium 2011-11-22 06:42:59 -------- d-----w- C:\Program Files (x86)\Microsoft 2011-11-22 06:42:58 -------- d-----w- C:\Program Files (x86)\MSN Toolbar 2011-11-22 06:42:47 -------- d-----w- C:\Program Files (x86)\Bing Bar Installer 2011-11-22 06:37:24 90112 ----a-w- C:\Windows\SysWow64\ccrpTmr6.dll 2011-11-22 06:37:24 1066176 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX 2011-11-22 06:37:24 -------- d-----w- C:\Program Files (x86)\Cool Timer 2011-11-21 09:29:55 -------- d-----w- C:\Users\Kamarill\AppData\Local\{C7AD82AA-0A5A-42BA-9BC2-D56625C47FC1} 2011-11-21 09:29:55 -------- d-----w- C:\Users\Kamarill\AppData\Local\{76E4500C-484E-4B57-B97F-3D2C12C23D8C} . ==================== Find3M ==================== . 2011-12-14 11:36:32 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-12-09 01:07:24 270720 ------w- C:\Windows\System32\MpSigStub.exe 2011-11-10 11:54:13 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll 2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll 2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-10-15 06:54:52 321856 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2011-10-13 20:29:40 42392 ----a-w- C:\Windows\SysWow64\xfcodec.dll 2011-10-13 20:29:40 28056 ----a-w- C:\Windows\System32\xfcodec64.dll 2011-10-03 10:31:12 447752 ----a-w- C:\Windows\SysWow64\vp6vfw.dll 2011-10-03 09:24:58 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2011-10-03 09:24:58 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2011-10-03 09:15:45 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2011-10-03 09:06:46 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2011-09-29 16:29:28 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ============= FINISH: 10:23:50.09 =============== Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 4/1/2011 2:49:54 PM System Uptime: 12/20/2011 9:48:51 AM (1 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. | | EX58-UD3R Processor: Intel® Core i7 CPU 920 @ 2.67GHz | Socket 1366 | 2660/133mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 596 GiB total, 137.994 GiB free. D: is CDROM (UDF) E: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP188: 12/17/2011 11:44:22 AM - Installed Java 6 Update 30 RP189: 12/20/2011 4:03:13 AM - Installed DirectX RP190: 12/20/2011 4:20:41 AM - Installed DirectX RP191: 12/20/2011 6:03:25 AM - Installed DirectX . ==== Installed Programs ====================== . 1... 2... 3... KICK IT! (Drop That Beat Like an Ugly Baby) AaAaAA!!! - A Reckless Disregard for Gravity Ad-Aware Adobe Flash Player 10 Plugin Adobe Reader 9.4.6 Adobe Shockwave Player 11.5 Alliance of Valiant Arms ALSee ALTools Update Amnesia: The Dark Descent Apple Application Support Apple Software Update Audacity 1.3.13 (Unicode) Audiosurf Batman: Arkham Asylum GOTY Edition Battlefield 3™ Open Beta Battlelog Web Plugins Bing Bar Bing Bar Platform BioShock 2 Blood Bowl: Legendary Edition Bloodline Champions Borderlands Brink Bulletstorm Call of Duty: Black Ops - Multiplayer Chantelise - Demo Cool Timer 3.7 Creative ALchemy Creative MediaSource 5 Creative Software AutoUpdate Creative System Information Creative WaveStudio 7 D3DX10 Dead Rising 2 Deus Ex: Game of the Year Edition Deus Ex: Human Revolution Dev-C++ 5 beta 9 release (4.9.9.2) Diablo III Beta Dota 2 DotAlicious Gaming Client Download Manager 2.3.10 Dragon Age: Origins Dropbox Dungeon Defenders Dungeon Siege Dungeon Siege 2 Dungeon Siege III EasyBits GO EDGE ESN Sonar F.lux Fallout 3 - Game of the Year Edition Fallout: New Vegas Fraps (remove only) Garena 2010 Garry's Mod Gigabyte Raid Configurer GOM Player GOMTV Streamer Google Chrome Grand Theft Auto: San Andreas Gravitron 2 Guild Wars HiJackThis ICCup Launcher Java Auto Updater Java 6 Update 22 Java 6 Update 30 Killing Floor Killing Floor Mod: Defence Alliance 2 League of Legends Left 4 Dead 2 LogMeIn Hamachi Magic: The Gathering — Duels of the Planeswalkers 2012 Magicka Malwarebytes' Anti-Malware version 1.51.2.1300 Microsoft Default Manager Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Office Word Viewer 2003 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft WSE 3.0 Runtime Microsoft XNA Framework Redistributable 3.1 Microsoft XNA Framework Redistributable 4.0 Morrowind AnimKit 2.1 (remove only) Mount and Blade Warband - Demo Mozilla Firefox 8.0.1 (x86 en-US) Mozilla Thunderbird (8.0) MP3 Skype Recorder MSVCRT Multiwinia Mumble 1.2.3 Notepad++ NVIDIA 3D Vision Controller Driver NVIDIA PhysX NVIDIA Stereoscopic 3D Driver OpenOffice.org 3.3 Orcs Must Die! Origin Pando Media Booster Plants vs. Zombies: Game of the Year Poker Night at the Inventory Prototype PunkBuster Services Puzzle Quest 2 QuickTime Real Myst Realtek High Definition Audio Driver Recettear: An Item Shop's Tale RIFT RollerCoaster Tycoon 3: Platinum! RUSH Sam & Max 202: Moai Better Blues Sam & Max 203: Night of the Raving Dead Sam & Max 204: Chariots of the Dogs SB Arena Headset Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Sid Meier's Civilization V SimCity 4 Deluxe Skype Click to Call Skype™ 5.5 Space Quest Collection Spectromancer Spiral Knights StarCraft StarCraft II Steam Super Meat Boy SWAT 4 System Requirements Lab CYRI Team Fortress 2 TeamViewer 6 Terraria The Binding Of Isaac The Elder Scrolls III: Morrowind The Elder Scrolls IV: Oblivion The Ship The Ship Single Player The Ship Tutorial The Sims™ 3 The Witcher 2 The Wonderful End of the World Titan Quest TOD-Demo Toki Tori Universe Sandbox Unreal Tournament 2004 Update for Microsoft .NET Framework 4 Client Profile (KB2473228) VH Toolkit 1.0.15.0 WampServer 2.1 Warhammer 40,000: Space Marine Demo Warhammer® 40,000™: Dawn of War® II Warhammer® 40,000™: Dawn of War® II – Chaos Rising™ Windows Glulxe Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Media Player Firefox Plugin WinPcap 4.1.2 Xfire (remove only) XSplit YABOT Build Order Editor version 1.0 YOU DON'T KNOW JACK . ==== Event Viewer Messages From Past Week ======== . 12/20/2011 9:57:21 AM, Error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 2 time(s). 12/20/2011 9:57:21 AM, Error: Service Control Manager [7031] - The Workstation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/20/2011 9:57:21 AM, Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. 12/20/2011 9:57:21 AM, Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. 12/20/2011 9:53:30 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Cryptographic Services service, but this action failed with the following error: An instance of the service is already running. 12/20/2011 9:52:30 AM, Error: Service Control Manager [7031] - The Workstation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 12/20/2011 9:52:30 AM, Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. 12/20/2011 9:52:30 AM, Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/20/2011 9:52:30 AM, Error: Service Control Manager [7031] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 12/20/2011 9:49:26 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 12/20/2011 9:49:20 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 12/20/2011 9:49:20 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 12/20/2011 9:34:57 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 12/20/2011 9:34:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 12/20/2011 9:34:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 12/20/2011 9:34:53 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 12/20/2011 9:34:53 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 12/20/2011 9:34:51 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 12/20/2011 9:34:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 12/20/2011 9:34:34 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf 12/20/2011 9:34:33 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 12/20/2011 9:34:33 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 12/20/2011 9:34:33 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 12/20/2011 9:34:33 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 12/20/2011 9:34:33 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 12/20/2011 9:34:33 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 12/20/2011 9:34:32 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 12/20/2011 9:34:32 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 12/20/2011 9:34:32 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 12/20/2011 9:34:32 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 12/20/2011 9:34:32 AM, Error: Service Control Manager [7001] - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start. 12/20/2011 4:20:40 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Installer service to connect. 12/20/2011 4:20:40 AM, Error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 12/20/2011 4:20:40 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} 12/20/2011 10:23:19 AM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file. 12/20/2011 10:05:13 AM, Error: Service Control Manager [7034] - The Workstation service terminated unexpectedly. It has done this 3 time(s). 12/20/2011 10:05:13 AM, Error: Service Control Manager [7034] - The Network Location Awareness service terminated unexpectedly. It has done this 3 time(s). 12/20/2011 10:05:13 AM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 3 time(s). 12/20/2011 10:05:13 AM, Error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 3 time(s). 12/20/2011 10:01:32 AM, Error: Service Control Manager [7001] - The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: The system cannot find the file specified. 12/20/2011 10:01:32 AM, Error: Service Control Manager [7000] - The MBAMProtector service failed to start due to the following error: The system cannot find the file specified. 12/17/2011 11:32:37 PM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/17/2011 11:32:37 PM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 12/17/2011 11:32:37 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 12/17/2011 11:32:37 PM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 12/17/2011 11:32:37 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. 12/17/2011 11:32:37 PM, Error: Service Control Manager [7031] - The Human Interface Device Access service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/17/2011 11:32:37 PM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/17/2011 11:32:37 PM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 12/16/2011 2:32:16 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. 12/16/2011 2:32:16 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 12/14/2011 9:22:40 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. . ==== End Of File =========================== Thanks in advance!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.