Jump to content

charade539

Members
 View Profile  See their activity

  • Posts

    17

  • Joined

  • Last visited

 Content Type 

Everything posted by charade539

  1. charade539
    Here's the results of the scan. C:\FRST\Quarantine\services.exe Win64/Patched.B.Gen trojan C:\FRST\Quarantine\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\00000008.@ Win64/Agent.BA trojan C:\FRST\Quarantine\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\80000000.@ Win64/Sirefef.AE trojan C:\FRST\Quarantine\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\80000032.@ Win32/Sirefef.FD trojan C:\FRST\Quarantine\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\80000064.@ Win64/Sirefef.AM trojan C:\FRST\Quarantine\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\n Win64/Sirefef.W trojan C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe probably a variant of Win32/Toolbar.Widgi application C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Toolbar.Widgi application C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll a variant of Win32/Toolbar.Widgi application C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.10 a variant of Win32/Toolbar.Widgi application C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.11 a variant of Win32/Toolbar.Widgi application C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.12 a variant of Win32/Toolbar.Widgi application C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5 a variant of Win32/Toolbar.Widgi application C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6 a variant of Win32/Toolbar.Widgi application C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.7 a variant of Win32/Toolbar.Widgi application C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.8 a variant of Win32/Toolbar.Widgi application C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.9 a variant of Win32/Toolbar.Widgi application C:\Program Files (x86)\IObit Toolbar\IE\5.1\iobitToolbarIE.dll a variant of Win32/Toolbar.Widgi application C:\Qoobox\Quarantine\C\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\n.vir Win64/Sirefef.W trojan C:\Qoobox\Quarantine\C\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\00000008.@.vir Win64/Agent.BA trojan C:\Qoobox\Quarantine\C\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\80000000.@.vir Win64/Sirefef.AE trojan C:\Qoobox\Quarantine\C\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\80000032.@.vir Win32/Sirefef.FD trojan C:\Qoobox\Quarantine\C\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\80000064.@.vir Win64/Sirefef.AM trojan C:\Users\Kyle\Documents\Morrowind Mods\cnet2_horse85_exe.exe a variant of Win32/InstallCore.D application C:\Windows\Installer\fc11d5.msi a variant of Win32/Toolbar.Widgi application
  2. charade539
    Downloaded Revo Uninstaller Updated Adobe Reader (says it was already installed) Ran Malwarebytes Malwarebytes Anti-Malware (PRO) 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.07.07 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 Kyle :: WHEELJACK [administrator] Protection: Enabled 7/8/2012 12:44:51 AM mbam-log-2012-07-08 (00-44-51).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 230941 Time elapsed: 2 minute(s), 18 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Hijackthis Log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:49:32 AM, on 7/8/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe C:\Program Files (x86)\Edimax\Common\RaUI.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Pidgin\pidgin.exe C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe C:\Users\Kyle\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3072253 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Updater For Spam Free Search Bar - {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll O2 - BHO: Spam Free Search Bar - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: Spam Free Search Bar - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart O4 - Global Startup: Wireless Utility.lnk = C:\Program Files (x86)\Edimax\Common\RaUI.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O15 - Trusted IP range: http://192.168.15.1 O15 - ESC Trusted IP range: http://192.168.15.1 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Edimax\Common\RaRegistry.exe O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe O23 - Service: Sentinel Security Runtime (SentinelSecurityRuntime) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10078 bytes So far I haven't been having the weird redirects, not for the past few days at least. Everything else seems to be running smoothly.
  3. charade539
    aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-07-06 13:47:00 ----------------------------- 13:47:00.607 OS Version: Windows x64 6.1.7600 13:47:00.607 Number of processors: 4 586 0x170A 13:47:00.608 ComputerName: WHEELJACK UserName: Kyle 13:47:03.643 Initialize success 13:50:16.057 AVAST engine defs: 12070601 13:50:50.615 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 13:50:50.618 Disk 0 Vendor: ST32000542AS CC34 Size: 1907729MB BusType: 3 13:50:50.635 Disk 0 MBR read successfully 13:50:50.639 Disk 0 MBR scan 13:50:50.644 Disk 0 Windows 7 default MBR code 13:50:50.653 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 13:50:50.669 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1907627 MB offset 206848 13:50:50.687 Disk 0 scanning C:\Windows\system32\drivers 13:50:59.240 Service scanning 13:51:14.427 Modules scanning 13:51:14.435 Disk 0 trace - called modules: 13:51:14.457 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys 13:51:14.461 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007db8060] 13:51:14.467 3 CLASSPNP.SYS[fffff88000dd043f] -> nt!IofCallDriver -> [0xfffffa80077db520] 13:51:14.473 5 ACPI.sys[fffff88000f26781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80077d7680] 13:51:17.346 AVAST engine scan C:\Windows 13:51:24.157 AVAST engine scan C:\Windows\system32 13:54:35.543 AVAST engine scan C:\Windows\system32\drivers 13:54:49.266 AVAST engine scan C:\Users\Kyle 14:30:52.306 AVAST engine scan C:\ProgramData 14:37:04.244 Scan finished successfully 14:47:00.155 Disk 0 MBR has been saved successfully to "C:\Users\Kyle\Desktop\MBR.dat" 14:47:00.161 The log file has been saved successfully to "C:\Users\Kyle\Desktop\aswMBR.txt"
  4. charade539
    13:44:02.0609 3432 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08 13:44:03.0115 3432 ============================================================ 13:44:03.0115 3432 Current date / time: 2012/07/06 13:44:03.0115 13:44:03.0115 3432 SystemInfo: 13:44:03.0115 3432 13:44:03.0115 3432 OS Version: 6.1.7600 ServicePack: 0.0 13:44:03.0115 3432 Product type: Workstation 13:44:03.0115 3432 ComputerName: WHEELJACK 13:44:03.0115 3432 UserName: Kyle 13:44:03.0115 3432 Windows directory: C:\Windows 13:44:03.0115 3432 System windows directory: C:\Windows 13:44:03.0115 3432 Running under WOW64 13:44:03.0115 3432 Processor architecture: Intel x64 13:44:03.0115 3432 Number of processors: 4 13:44:03.0115 3432 Page size: 0x1000 13:44:03.0115 3432 Boot type: Normal boot 13:44:03.0115 3432 ============================================================ 13:44:04.0325 3432 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:44:04.0331 3432 ============================================================ 13:44:04.0331 3432 \Device\Harddisk0\DR0: 13:44:04.0331 3432 MBR partitions: 13:44:04.0331 3432 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 13:44:04.0331 3432 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800 13:44:04.0331 3432 ============================================================ 13:44:04.0350 3432 C: <-> \Device\Harddisk0\DR0\Partition1 13:44:04.0350 3432 ============================================================ 13:44:04.0350 3432 Initialize success 13:44:04.0350 3432 ============================================================ 13:44:07.0470 3548 ============================================================ 13:44:07.0470 3548 Scan started 13:44:07.0470 3548 Mode: Manual; 13:44:07.0470 3548 ============================================================ 13:44:08.0359 3548 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 13:44:08.0362 3548 1394ohci - ok 13:44:08.0397 3548 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 13:44:08.0400 3548 ACPI - ok 13:44:08.0434 3548 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 13:44:08.0435 3548 AcpiPmi - ok 13:44:08.0508 3548 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 13:44:08.0509 3548 AdobeARMservice - ok 13:44:08.0599 3548 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 13:44:08.0602 3548 AdobeFlashPlayerUpdateSvc - ok 13:44:08.0627 3548 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 13:44:08.0633 3548 adp94xx - ok 13:44:08.0655 3548 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 13:44:08.0659 3548 adpahci - ok 13:44:08.0668 3548 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 13:44:08.0670 3548 adpu320 - ok 13:44:08.0747 3548 AdvancedSystemCareService5 (96d6cdd0b32846e8cfbe592f4f32e608) C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe 13:44:08.0757 3548 AdvancedSystemCareService5 - ok 13:44:08.0786 3548 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 13:44:08.0788 3548 AeLookupSvc - ok 13:44:08.0809 3548 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 13:44:08.0815 3548 AFD - ok 13:44:08.0830 3548 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 13:44:08.0831 3548 agp440 - ok 13:44:08.0845 3548 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 13:44:08.0847 3548 ALG - ok 13:44:08.0851 3548 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 13:44:08.0851 3548 aliide - ok 13:44:08.0856 3548 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 13:44:08.0857 3548 amdide - ok 13:44:08.0863 3548 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 13:44:08.0865 3548 AmdK8 - ok 13:44:08.0870 3548 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 13:44:08.0871 3548 AmdPPM - ok 13:44:08.0879 3548 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys 13:44:08.0880 3548 amdsata - ok 13:44:08.0891 3548 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 13:44:08.0893 3548 amdsbs - ok 13:44:08.0906 3548 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys 13:44:08.0907 3548 amdxata - ok 13:44:08.0921 3548 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 13:44:08.0922 3548 AppID - ok 13:44:08.0931 3548 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 13:44:08.0932 3548 AppIDSvc - ok 13:44:08.0960 3548 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll 13:44:08.0961 3548 Appinfo - ok 13:44:08.0999 3548 Application Updater (54951548980ecd07b80ead3c7921f8a1) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe 13:44:09.0007 3548 Application Updater - ok 13:44:09.0055 3548 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 13:44:09.0056 3548 arc - ok 13:44:09.0082 3548 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 13:44:09.0084 3548 arcsas - ok 13:44:09.0157 3548 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 13:44:09.0158 3548 aspnet_state - ok 13:44:09.0182 3548 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 13:44:09.0183 3548 AsyncMac - ok 13:44:09.0200 3548 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 13:44:09.0200 3548 atapi - ok 13:44:09.0229 3548 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 13:44:09.0236 3548 AudioEndpointBuilder - ok 13:44:09.0244 3548 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 13:44:09.0248 3548 AudioSrv - ok 13:44:09.0263 3548 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll 13:44:09.0265 3548 AxInstSV - ok 13:44:09.0283 3548 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 13:44:09.0287 3548 b06bdrv - ok 13:44:09.0300 3548 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 13:44:09.0303 3548 b57nd60a - ok 13:44:09.0324 3548 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 13:44:09.0325 3548 BDESVC - ok 13:44:09.0329 3548 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 13:44:09.0329 3548 Beep - ok 13:44:09.0378 3548 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll 13:44:09.0386 3548 BFE - ok 13:44:09.0428 3548 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll 13:44:09.0476 3548 BITS - ok 13:44:09.0505 3548 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 13:44:09.0506 3548 blbdrive - ok 13:44:09.0551 3548 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe 13:44:09.0555 3548 Bonjour Service - ok 13:44:09.0563 3548 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys 13:44:09.0564 3548 bowser - ok 13:44:09.0568 3548 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 13:44:09.0569 3548 BrFiltLo - ok 13:44:09.0575 3548 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 13:44:09.0576 3548 BrFiltUp - ok 13:44:09.0584 3548 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 13:44:09.0586 3548 BridgeMP - ok 13:44:09.0602 3548 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll 13:44:09.0604 3548 Browser - ok 13:44:09.0620 3548 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 13:44:09.0624 3548 Brserid - ok 13:44:09.0632 3548 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 13:44:09.0633 3548 BrSerWdm - ok 13:44:09.0644 3548 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 13:44:09.0645 3548 BrUsbMdm - ok 13:44:09.0649 3548 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 13:44:09.0650 3548 BrUsbSer - ok 13:44:09.0655 3548 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 13:44:09.0657 3548 BTHMODEM - ok 13:44:09.0666 3548 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 13:44:09.0667 3548 bthserv - ok 13:44:09.0689 3548 catchme - ok 13:44:09.0697 3548 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 13:44:09.0698 3548 cdfs - ok 13:44:09.0723 3548 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 13:44:09.0725 3548 cdrom - ok 13:44:09.0734 3548 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 13:44:09.0735 3548 CertPropSvc - ok 13:44:09.0751 3548 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 13:44:09.0752 3548 circlass - ok 13:44:09.0770 3548 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 13:44:09.0774 3548 CLFS - ok 13:44:09.0829 3548 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:44:09.0831 3548 clr_optimization_v2.0.50727_32 - ok 13:44:09.0873 3548 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 13:44:09.0874 3548 clr_optimization_v2.0.50727_64 - ok 13:44:09.0927 3548 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 13:44:09.0929 3548 clr_optimization_v4.0.30319_32 - ok 13:44:09.0962 3548 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 13:44:09.0964 3548 clr_optimization_v4.0.30319_64 - ok 13:44:09.0968 3548 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 13:44:09.0969 3548 CmBatt - ok 13:44:09.0975 3548 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 13:44:09.0976 3548 cmdide - ok 13:44:10.0000 3548 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 13:44:10.0005 3548 CNG - ok 13:44:10.0016 3548 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 13:44:10.0017 3548 Compbatt - ok 13:44:10.0033 3548 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 13:44:10.0034 3548 CompositeBus - ok 13:44:10.0052 3548 COMSysApp - ok 13:44:10.0058 3548 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 13:44:10.0059 3548 crcdisk - ok 13:44:10.0092 3548 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll 13:44:10.0094 3548 CryptSvc - ok 13:44:10.0155 3548 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 13:44:10.0162 3548 DcomLaunch - ok 13:44:10.0181 3548 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 13:44:10.0185 3548 defragsvc - ok 13:44:10.0221 3548 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 13:44:10.0222 3548 DfsC - ok 13:44:10.0245 3548 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll 13:44:10.0248 3548 Dhcp - ok 13:44:10.0263 3548 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 13:44:10.0264 3548 discache - ok 13:44:10.0280 3548 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 13:44:10.0281 3548 Disk - ok 13:44:10.0313 3548 Dnscache (676108c4e3aa6f6b34633748bd0bebd9) C:\Windows\System32\dnsrslvr.dll 13:44:10.0322 3548 Dnscache - ok 13:44:10.0372 3548 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll 13:44:10.0376 3548 dot3svc - ok 13:44:10.0407 3548 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll 13:44:10.0408 3548 DPS - ok 13:44:10.0443 3548 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 13:44:10.0444 3548 drmkaud - ok 13:44:10.0492 3548 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys 13:44:10.0495 3548 dtsoftbus01 - ok 13:44:10.0552 3548 dump_wmimmc - ok 13:44:10.0599 3548 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 13:44:10.0610 3548 DXGKrnl - ok 13:44:10.0631 3548 EagleX64 - ok 13:44:10.0669 3548 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 13:44:10.0670 3548 EapHost - ok 13:44:10.0828 3548 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 13:44:10.0881 3548 ebdrv - ok 13:44:10.0960 3548 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe 13:44:10.0961 3548 EFS - ok 13:44:11.0004 3548 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe 13:44:11.0012 3548 ehRecvr - ok 13:44:11.0023 3548 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 13:44:11.0025 3548 ehSched - ok 13:44:11.0099 3548 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 13:44:11.0105 3548 elxstor - ok 13:44:11.0113 3548 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 13:44:11.0114 3548 ErrDev - ok 13:44:11.0207 3548 esgiguard - ok 13:44:11.0245 3548 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 13:44:11.0249 3548 EventSystem - ok 13:44:11.0287 3548 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 13:44:11.0289 3548 exfat - ok 13:44:11.0307 3548 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 13:44:11.0309 3548 fastfat - ok 13:44:11.0341 3548 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe 13:44:11.0348 3548 Fax - ok 13:44:11.0363 3548 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 13:44:11.0364 3548 fdc - ok 13:44:11.0380 3548 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 13:44:11.0381 3548 fdPHost - ok 13:44:11.0394 3548 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 13:44:11.0395 3548 FDResPub - ok 13:44:11.0405 3548 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 13:44:11.0406 3548 FileInfo - ok 13:44:11.0529 3548 FileMonitor (060cc45cecae2feaff9c8c52d8fafaa8) C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys 13:44:11.0530 3548 FileMonitor - ok 13:44:11.0550 3548 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 13:44:11.0551 3548 Filetrace - ok 13:44:11.0559 3548 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 13:44:11.0560 3548 flpydisk - ok 13:44:11.0576 3548 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 13:44:11.0580 3548 FltMgr - ok 13:44:11.0624 3548 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll 13:44:11.0645 3548 FontCache - ok 13:44:11.0699 3548 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 13:44:11.0700 3548 FontCache3.0.0.0 - ok 13:44:11.0745 3548 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 13:44:11.0746 3548 FsDepends - ok 13:44:11.0755 3548 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 13:44:11.0756 3548 Fs_Rec - ok 13:44:11.0792 3548 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 13:44:11.0795 3548 fvevol - ok 13:44:11.0825 3548 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 13:44:11.0826 3548 gagp30kx - ok 13:44:11.0857 3548 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll 13:44:11.0865 3548 gpsvc - ok 13:44:11.0898 3548 Hardlock (091582da724f54830012e3faaf2f1d1a) C:\Windows\system32\drivers\hardlock.sys 13:44:11.0902 3548 Hardlock - ok 13:44:11.0926 3548 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 13:44:11.0927 3548 hcw85cir - ok 13:44:11.0964 3548 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 13:44:11.0967 3548 HdAudAddService - ok 13:44:11.0982 3548 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 13:44:11.0984 3548 HDAudBus - ok 13:44:12.0000 3548 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 13:44:12.0002 3548 HidBatt - ok 13:44:12.0030 3548 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 13:44:12.0032 3548 HidBth - ok 13:44:12.0056 3548 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 13:44:12.0058 3548 HidIr - ok 13:44:12.0069 3548 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 13:44:12.0070 3548 hidserv - ok 13:44:12.0084 3548 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 13:44:12.0085 3548 HidUsb - ok 13:44:12.0102 3548 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll 13:44:12.0104 3548 hkmsvc - ok 13:44:12.0137 3548 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll 13:44:12.0141 3548 HomeGroupListener - ok 13:44:12.0183 3548 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll 13:44:12.0186 3548 HomeGroupProvider - ok 13:44:12.0204 3548 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 13:44:12.0206 3548 HpSAMD - ok 13:44:12.0258 3548 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 13:44:12.0266 3548 HTTP - ok 13:44:12.0298 3548 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 13:44:12.0299 3548 hwpolicy - ok 13:44:12.0318 3548 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 13:44:12.0320 3548 i8042prt - ok 13:44:12.0347 3548 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys 13:44:12.0352 3548 iaStorV - ok 13:44:12.0431 3548 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 13:44:12.0441 3548 idsvc - ok 13:44:12.0453 3548 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 13:44:12.0455 3548 iirsp - ok 13:44:12.0489 3548 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll 13:44:12.0498 3548 IKEEXT - ok 13:44:12.0632 3548 IMFservice (8ae99ebe30e8338907361018d9030835) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe 13:44:12.0641 3548 IMFservice - ok 13:44:12.0723 3548 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 13:44:12.0724 3548 intelide - ok 13:44:12.0731 3548 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 13:44:12.0732 3548 intelppm - ok 13:44:12.0744 3548 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 13:44:12.0746 3548 IPBusEnum - ok 13:44:12.0753 3548 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:44:12.0754 3548 IpFilterDriver - ok 13:44:12.0795 3548 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll 13:44:12.0801 3548 iphlpsvc - ok 13:44:12.0819 3548 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 13:44:12.0820 3548 IPMIDRV - ok 13:44:12.0826 3548 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 13:44:12.0828 3548 IPNAT - ok 13:44:12.0844 3548 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 13:44:12.0845 3548 IRENUM - ok 13:44:12.0867 3548 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 13:44:12.0868 3548 isapnp - ok 13:44:12.0885 3548 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 13:44:12.0888 3548 iScsiPrt - ok 13:44:12.0901 3548 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 13:44:12.0902 3548 kbdclass - ok 13:44:12.0914 3548 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 13:44:12.0915 3548 kbdhid - ok 13:44:12.0923 3548 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe 13:44:12.0924 3548 KeyIso - ok 13:44:12.0935 3548 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 13:44:12.0937 3548 KSecDD - ok 13:44:12.0948 3548 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys 13:44:12.0951 3548 KSecPkg - ok 13:44:12.0961 3548 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 13:44:12.0962 3548 ksthunk - ok 13:44:12.0991 3548 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 13:44:12.0996 3548 KtmRm - ok 13:44:13.0021 3548 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll 13:44:13.0025 3548 LanmanServer - ok 13:44:13.0034 3548 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll 13:44:13.0037 3548 LanmanWorkstation - ok 13:44:13.0045 3548 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 13:44:13.0046 3548 lltdio - ok 13:44:13.0067 3548 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 13:44:13.0071 3548 lltdsvc - ok 13:44:13.0087 3548 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 13:44:13.0087 3548 lmhosts - ok 13:44:13.0158 3548 LMIGuardianSvc (e01fded75312652de448e5aa792afa59) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe 13:44:13.0163 3548 LMIGuardianSvc - ok 13:44:13.0193 3548 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys 13:44:13.0194 3548 LMIInfo - ok 13:44:13.0211 3548 LMIMaint (be53cf6e8ffef255988209a35f184f9f) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe 13:44:13.0214 3548 LMIMaint - ok 13:44:13.0237 3548 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys 13:44:13.0238 3548 lmimirr - ok 13:44:13.0241 3548 LMIRfsClientNP - ok 13:44:13.0271 3548 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys 13:44:13.0273 3548 LMIRfsDriver - ok 13:44:13.0315 3548 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe 13:44:13.0320 3548 LogMeIn - ok 13:44:13.0334 3548 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 13:44:13.0336 3548 LSI_FC - ok 13:44:13.0342 3548 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 13:44:13.0344 3548 LSI_SAS - ok 13:44:13.0348 3548 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 13:44:13.0349 3548 LSI_SAS2 - ok 13:44:13.0375 3548 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 13:44:13.0377 3548 LSI_SCSI - ok 13:44:13.0399 3548 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 13:44:13.0401 3548 luafv - ok 13:44:13.0431 3548 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 13:44:13.0432 3548 MBAMProtector - ok 13:44:13.0482 3548 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 13:44:13.0489 3548 MBAMService - ok 13:44:13.0504 3548 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll 13:44:13.0506 3548 Mcx2Svc - ok 13:44:13.0511 3548 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 13:44:13.0512 3548 megasas - ok 13:44:13.0538 3548 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 13:44:13.0541 3548 MegaSR - ok 13:44:13.0585 3548 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 13:44:13.0588 3548 Microsoft Office Groove Audit Service - ok 13:44:13.0607 3548 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 13:44:13.0609 3548 MMCSS - ok 13:44:13.0622 3548 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 13:44:13.0623 3548 Modem - ok 13:44:13.0637 3548 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 13:44:13.0638 3548 monitor - ok 13:44:13.0653 3548 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 13:44:13.0655 3548 mouclass - ok 13:44:13.0664 3548 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 13:44:13.0666 3548 mouhid - ok 13:44:13.0679 3548 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 13:44:13.0681 3548 mountmgr - ok 13:44:13.0738 3548 MozillaMaintenance (af9b1aa7cf8e486ff703944e56459ba3) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 13:44:13.0740 3548 MozillaMaintenance - ok 13:44:13.0750 3548 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 13:44:13.0752 3548 mpio - ok 13:44:13.0768 3548 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 13:44:13.0769 3548 mpsdrv - ok 13:44:13.0845 3548 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll 13:44:13.0855 3548 MpsSvc - ok 13:44:13.0872 3548 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 13:44:13.0874 3548 MRxDAV - ok 13:44:13.0883 3548 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys 13:44:13.0885 3548 mrxsmb - ok 13:44:13.0901 3548 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:44:13.0904 3548 mrxsmb10 - ok 13:44:13.0915 3548 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:44:13.0916 3548 mrxsmb20 - ok 13:44:13.0927 3548 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 13:44:13.0929 3548 msahci - ok 13:44:13.0939 3548 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 13:44:13.0941 3548 msdsm - ok 13:44:13.0956 3548 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 13:44:13.0959 3548 MSDTC - ok 13:44:13.0974 3548 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 13:44:13.0975 3548 Msfs - ok 13:44:13.0985 3548 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 13:44:13.0986 3548 mshidkmdf - ok 13:44:13.0994 3548 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 13:44:13.0995 3548 msisadrv - ok 13:44:14.0012 3548 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 13:44:14.0014 3548 MSiSCSI - ok 13:44:14.0017 3548 msiserver - ok 13:44:14.0028 3548 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 13:44:14.0029 3548 MSKSSRV - ok 13:44:14.0042 3548 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 13:44:14.0042 3548 MSPCLOCK - ok 13:44:14.0057 3548 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 13:44:14.0058 3548 MSPQM - ok 13:44:14.0079 3548 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 13:44:14.0084 3548 MsRPC - ok 13:44:14.0098 3548 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 13:44:14.0100 3548 mssmbios - ok 13:44:14.0108 3548 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 13:44:14.0109 3548 MSTEE - ok 13:44:14.0122 3548 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 13:44:14.0123 3548 MTConfig - ok 13:44:14.0140 3548 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 13:44:14.0141 3548 Mup - ok 13:44:14.0167 3548 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll 13:44:14.0173 3548 napagent - ok 13:44:14.0215 3548 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 13:44:14.0219 3548 NativeWifiP - ok 13:44:14.0270 3548 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 13:44:14.0280 3548 NDIS - ok 13:44:14.0294 3548 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 13:44:14.0295 3548 NdisCap - ok 13:44:14.0336 3548 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 13:44:14.0337 3548 NdisTapi - ok 13:44:14.0367 3548 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 13:44:14.0367 3548 Ndisuio - ok 13:44:14.0401 3548 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 13:44:14.0403 3548 NdisWan - ok 13:44:14.0439 3548 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 13:44:14.0441 3548 NDProxy - ok 13:44:14.0449 3548 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 13:44:14.0450 3548 NetBIOS - ok 13:44:14.0463 3548 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 13:44:14.0466 3548 NetBT - ok 13:44:14.0479 3548 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe 13:44:14.0481 3548 Netlogon - ok 13:44:14.0496 3548 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 13:44:14.0501 3548 Netman - ok 13:44:14.0585 3548 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:44:14.0588 3548 NetMsmqActivator - ok 13:44:14.0591 3548 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:44:14.0593 3548 NetPipeActivator - ok 13:44:14.0615 3548 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 13:44:14.0621 3548 netprofm - ok 13:44:14.0698 3548 netr28x (d9a089e17112f04f452d22254b959d87) C:\Windows\system32\DRIVERS\netr28x.sys 13:44:14.0706 3548 netr28x - ok 13:44:14.0720 3548 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:44:14.0721 3548 NetTcpActivator - ok 13:44:14.0724 3548 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:44:14.0725 3548 NetTcpPortSharing - ok 13:44:14.0750 3548 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 13:44:14.0751 3548 nfrd960 - ok 13:44:14.0774 3548 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll 13:44:14.0778 3548 NlaSvc - ok 13:44:14.0788 3548 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 13:44:14.0789 3548 Npfs - ok 13:44:14.0792 3548 npggsvc - ok 13:44:14.0798 3548 NPPTNT2 - ok 13:44:14.0822 3548 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 13:44:14.0823 3548 nsi - ok 13:44:14.0831 3548 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 13:44:14.0832 3548 nsiproxy - ok 13:44:14.0880 3548 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys 13:44:14.0906 3548 Ntfs - ok 13:44:14.0984 3548 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 13:44:14.0985 3548 Null - ok 13:44:15.0326 3548 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys 13:44:15.0529 3548 nvlddmkm - ok 13:44:15.0570 3548 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys 13:44:15.0572 3548 nvraid - ok 13:44:15.0589 3548 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys 13:44:15.0591 3548 nvstor - ok 13:44:15.0628 3548 nvsvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe 13:44:15.0637 3548 nvsvc - ok 13:44:15.0715 3548 nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 13:44:15.0745 3548 nvUpdatusService - ok 13:44:15.0787 3548 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 13:44:15.0789 3548 nv_agp - ok 13:44:15.0865 3548 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 13:44:15.0871 3548 odserv - ok 13:44:15.0902 3548 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 13:44:15.0903 3548 ohci1394 - ok 13:44:15.0929 3548 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 13:44:15.0931 3548 ose - ok 13:44:15.0972 3548 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 13:44:15.0977 3548 p2pimsvc - ok 13:44:16.0017 3548 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 13:44:16.0023 3548 p2psvc - ok 13:44:16.0034 3548 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 13:44:16.0036 3548 Parport - ok 13:44:16.0045 3548 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 13:44:16.0047 3548 partmgr - ok 13:44:16.0121 3548 pbfilter (7c0582921913d00180ec2b8518ba135c) C:\Program Files\PeerBlock\pbfilter.sys 13:44:16.0122 3548 pbfilter - ok 13:44:16.0133 3548 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 13:44:16.0136 3548 PcaSvc - ok 13:44:16.0152 3548 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 13:44:16.0154 3548 pci - ok 13:44:16.0170 3548 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 13:44:16.0171 3548 pciide - ok 13:44:16.0196 3548 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 13:44:16.0199 3548 pcmcia - ok 13:44:16.0237 3548 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 13:44:16.0238 3548 pcw - ok 13:44:16.0285 3548 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 13:44:16.0292 3548 PEAUTH - ok 13:44:16.0351 3548 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 13:44:16.0352 3548 PerfHost - ok 13:44:16.0420 3548 pfc - ok 13:44:16.0464 3548 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll 13:44:16.0493 3548 pla - ok 13:44:16.0534 3548 PlugPlay (23157d583244400e1d7fbaee2e4b31b7) C:\Windows\system32\umpnpmgr.dll 13:44:16.0540 3548 PlugPlay - ok 13:44:16.0563 3548 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 13:44:16.0565 3548 PNRPAutoReg - ok 13:44:16.0603 3548 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 13:44:16.0606 3548 PNRPsvc - ok 13:44:16.0658 3548 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll 13:44:16.0664 3548 PolicyAgent - ok 13:44:16.0686 3548 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 13:44:16.0690 3548 Power - ok 13:44:16.0701 3548 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 13:44:16.0702 3548 PptpMiniport - ok 13:44:16.0719 3548 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 13:44:16.0720 3548 Processor - ok 13:44:16.0756 3548 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll 13:44:16.0759 3548 ProfSvc - ok 13:44:16.0798 3548 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe 13:44:16.0800 3548 ProtectedStorage - ok 13:44:16.0813 3548 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 13:44:16.0815 3548 Psched - ok 13:44:16.0862 3548 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 13:44:16.0890 3548 ql2300 - ok 13:44:16.0961 3548 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 13:44:16.0963 3548 ql40xx - ok 13:44:16.0990 3548 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 13:44:16.0994 3548 QWAVE - ok 13:44:17.0003 3548 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 13:44:17.0004 3548 QWAVEdrv - ok 13:44:17.0084 3548 RalinkRegistryWriter (2ee6d9cab03900646d1d3d9077167bd6) C:\Program Files (x86)\Edimax\Common\RaRegistry.exe 13:44:17.0086 3548 RalinkRegistryWriter - ok 13:44:17.0123 3548 RalinkRegistryWriter64 (46358c32af09a57a171bc422649be53b) C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe 13:44:17.0125 3548 RalinkRegistryWriter64 - ok 13:44:17.0139 3548 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 13:44:17.0140 3548 RasAcd - ok 13:44:17.0155 3548 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 13:44:17.0156 3548 RasAgileVpn - ok 13:44:17.0173 3548 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 13:44:17.0175 3548 RasAuto - ok 13:44:17.0192 3548 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 13:44:17.0194 3548 Rasl2tp - ok 13:44:17.0212 3548 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll 13:44:17.0217 3548 RasMan - ok 13:44:17.0229 3548 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 13:44:17.0230 3548 RasPppoe - ok 13:44:17.0255 3548 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 13:44:17.0257 3548 RasSstp - ok 13:44:17.0297 3548 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 13:44:17.0301 3548 rdbss - ok 13:44:17.0335 3548 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 13:44:17.0336 3548 rdpbus - ok 13:44:17.0347 3548 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 13:44:17.0347 3548 RDPCDD - ok 13:44:17.0363 3548 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 13:44:17.0364 3548 RDPENCDD - ok 13:44:17.0380 3548 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 13:44:17.0381 3548 RDPREFMP - ok 13:44:17.0393 3548 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 13:44:17.0396 3548 RDPWD - ok 13:44:17.0413 3548 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 13:44:17.0416 3548 rdyboost - ok 13:44:17.0524 3548 RegFilter (c3b79061634fbc3ba3379f557ad952c7) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys 13:44:17.0525 3548 RegFilter - ok 13:44:17.0569 3548 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 13:44:17.0571 3548 RemoteAccess - ok 13:44:17.0592 3548 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 13:44:17.0595 3548 RemoteRegistry - ok 13:44:17.0623 3548 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 13:44:17.0625 3548 RpcEptMapper - ok 13:44:17.0629 3548 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 13:44:17.0630 3548 RpcLocator - ok 13:44:17.0673 3548 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\System32\rpcss.dll 13:44:17.0677 3548 RpcSs - ok 13:44:17.0687 3548 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 13:44:17.0688 3548 rspndr - ok 13:44:17.0713 3548 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys 13:44:17.0715 3548 RTL8167 - ok 13:44:17.0725 3548 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe 13:44:17.0726 3548 SamSs - ok 13:44:17.0742 3548 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 13:44:17.0744 3548 sbp2port - ok 13:44:17.0775 3548 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\Windows\system32\drivers\SBREdrv.sys 13:44:17.0776 3548 SBRE - ok 13:44:17.0801 3548 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 13:44:17.0805 3548 SCardSvr - ok 13:44:17.0813 3548 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 13:44:17.0814 3548 scfilter - ok 13:44:17.0853 3548 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll 13:44:17.0865 3548 Schedule - ok 13:44:17.0893 3548 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 13:44:17.0894 3548 SCPolicySvc - ok 13:44:17.0905 3548 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll 13:44:17.0908 3548 SDRSVC - ok 13:44:17.0930 3548 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 13:44:17.0931 3548 secdrv - ok 13:44:17.0942 3548 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll 13:44:17.0943 3548 seclogon - ok 13:44:17.0955 3548 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 13:44:17.0957 3548 SENS - ok 13:44:17.0962 3548 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 13:44:17.0964 3548 SensrSvc - ok 13:44:17.0994 3548 Sentinel64 (255476b54c82a89416efdf09fd62f107) C:\Windows\System32\Drivers\Sentinel64.sys 13:44:17.0996 3548 Sentinel64 - ok 13:44:18.0039 3548 SentinelKeysServer (1ba2c677c6146a8b3adea7b69d2eed56) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe 13:44:18.0043 3548 SentinelKeysServer - ok 13:44:18.0092 3548 SentinelProtectionServer (d1a2ba8bf092ddf18f3d3db1d5ac7803) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe 13:44:18.0112 3548 SentinelProtectionServer - ok 13:44:18.0128 3548 SentinelSecurityRuntime (e80b91aec007711b1eec9c83487754e2) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe 13:44:18.0131 3548 SentinelSecurityRuntime - ok 13:44:18.0194 3548 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 13:44:18.0195 3548 Serenum - ok 13:44:18.0206 3548 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 13:44:18.0208 3548 Serial - ok 13:44:18.0222 3548 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 13:44:18.0222 3548 sermouse - ok 13:44:18.0303 3548 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll 13:44:18.0312 3548 SessionEnv - ok 13:44:18.0322 3548 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 13:44:18.0323 3548 sffdisk - ok 13:44:18.0338 3548 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 13:44:18.0339 3548 sffp_mmc - ok 13:44:18.0355 3548 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys 13:44:18.0356 3548 sffp_sd - ok 13:44:18.0373 3548 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 13:44:18.0374 3548 sfloppy - ok 13:44:18.0433 3548 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 13:44:18.0438 3548 SharedAccess - ok 13:44:18.0460 3548 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll 13:44:18.0464 3548 ShellHWDetection - ok 13:44:18.0479 3548 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 13:44:18.0480 3548 SiSRaid2 - ok 13:44:18.0494 3548 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 13:44:18.0496 3548 SiSRaid4 - ok 13:44:18.0552 3548 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe 13:44:18.0555 3548 SkypeUpdate - ok 13:44:18.0562 3548 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 13:44:18.0563 3548 Smb - ok 13:44:18.0572 3548 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 13:44:18.0574 3548 SNMPTRAP - ok 13:44:18.0633 3548 speedfan (12583af6cbe0050651eaf2723b3ad7b3) C:\Windows\syswow64\speedfan.sys 13:44:18.0635 3548 speedfan - ok 13:44:18.0645 3548 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 13:44:18.0646 3548 spldr - ok 13:44:18.0665 3548 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe 13:44:18.0672 3548 Spooler - ok 13:44:18.0778 3548 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe 13:44:18.0866 3548 sppsvc - ok 13:44:18.0959 3548 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 13:44:18.0961 3548 sppuinotify - ok 13:44:18.0987 3548 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys 13:44:18.0992 3548 srv - ok 13:44:19.0011 3548 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys 13:44:19.0015 3548 srv2 - ok 13:44:19.0034 3548 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys 13:44:19.0036 3548 srvnet - ok 13:44:19.0072 3548 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 13:44:19.0075 3548 SSDPSRV - ok 13:44:19.0158 3548 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 13:44:19.0160 3548 SstpSvc - ok 13:44:19.0206 3548 Steam Client Service - ok 13:44:19.0276 3548 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 13:44:19.0280 3548 Stereo Service - ok 13:44:19.0296 3548 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 13:44:19.0297 3548 stexstor - ok 13:44:19.0327 3548 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll 13:44:19.0334 3548 stisvc - ok 13:44:19.0348 3548 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 13:44:19.0349 3548 swenum - ok 13:44:19.0398 3548 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 13:44:19.0403 3548 SwitchBoard - ok 13:44:19.0435 3548 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 13:44:19.0441 3548 swprv - ok 13:44:19.0496 3548 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll 13:44:19.0531 3548 SysMain - ok 13:44:19.0595 3548 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll 13:44:19.0598 3548 TabletInputService - ok 13:44:19.0616 3548 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll 13:44:19.0621 3548 TapiSrv - ok 13:44:19.0629 3548 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 13:44:19.0631 3548 TBS - ok 13:44:19.0695 3548 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys 13:44:19.0731 3548 Tcpip - ok 13:44:19.0807 3548 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys 13:44:19.0817 3548 TCPIP6 - ok 13:44:19.0854 3548 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 13:44:19.0856 3548 tcpipreg - ok 13:44:19.0872 3548 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 13:44:19.0873 3548 TDPIPE - ok 13:44:19.0877 3548 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 13:44:19.0878 3548 TDTCP - ok 13:44:19.0888 3548 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 13:44:19.0890 3548 tdx - ok 13:44:19.0899 3548 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 13:44:19.0900 3548 TermDD - ok 13:44:19.0944 3548 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll 13:44:19.0952 3548 TermService - ok 13:44:19.0978 3548 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 13:44:19.0980 3548 Themes - ok 13:44:20.0006 3548 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 13:44:20.0008 3548 THREADORDER - ok 13:44:20.0018 3548 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 13:44:20.0021 3548 TrkWks - ok 13:44:20.0052 3548 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe 13:44:20.0054 3548 TrustedInstaller - ok 13:44:20.0073 3548 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 13:44:20.0074 3548 tssecsrv - ok 13:44:20.0088 3548 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 13:44:20.0090 3548 tunnel - ok 13:44:20.0096 3548 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 13:44:20.0097 3548 uagp35 - ok 13:44:20.0111 3548 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 13:44:20.0115 3548 udfs - ok 13:44:20.0136 3548 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 13:44:20.0138 3548 UI0Detect - ok 13:44:20.0151 3548 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 13:44:20.0152 3548 uliagpkx - ok 13:44:20.0163 3548 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 13:44:20.0164 3548 umbus - ok 13:44:20.0179 3548 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 13:44:20.0180 3548 UmPass - ok 13:44:20.0205 3548 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 13:44:20.0211 3548 upnphost - ok 13:44:20.0369 3548 UrlFilter (401984715693b87fdf4f600fbbebd366) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys 13:44:20.0369 3548 UrlFilter - ok 13:44:20.0418 3548 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys 13:44:20.0419 3548 usbaudio - ok 13:44:20.0433 3548 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys 13:44:20.0435 3548 usbccgp - ok 13:44:20.0471 3548 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 13:44:20.0481 3548 usbcir - ok 13:44:20.0522 3548 usbehci (df9f9afc9aaabd8ed47975d44e38169a) C:\Windows\system32\DRIVERS\usbehci.sys 13:44:20.0523 3548 usbehci - ok 13:44:20.0545 3548 usbhub (372a91bc3c6603080a793880b0873785) C:\Windows\system32\DRIVERS\usbhub.sys 13:44:20.0549 3548 usbhub - ok 13:44:20.0564 3548 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys 13:44:20.0565 3548 usbohci - ok 13:44:20.0579 3548 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 13:44:20.0580 3548 usbprint - ok 13:44:20.0590 3548 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:44:20.0592 3548 USBSTOR - ok 13:44:20.0607 3548 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 13:44:20.0608 3548 usbuhci - ok 13:44:20.0620 3548 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 13:44:20.0622 3548 UxSms - ok 13:44:20.0644 3548 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe 13:44:20.0645 3548 VaultSvc - ok 13:44:20.0655 3548 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 13:44:20.0656 3548 vdrvroot - ok 13:44:20.0679 3548 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe 13:44:20.0686 3548 vds - ok 13:44:20.0701 3548 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 13:44:20.0702 3548 vga - ok 13:44:20.0716 3548 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 13:44:20.0717 3548 VgaSave - ok 13:44:20.0733 3548 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 13:44:20.0735 3548 vhdmp - ok 13:44:20.0739 3548 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 13:44:20.0740 3548 viaide - ok 13:44:20.0757 3548 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 13:44:20.0758 3548 volmgr - ok 13:44:20.0778 3548 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 13:44:20.0783 3548 volmgrx - ok 13:44:20.0817 3548 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 13:44:20.0820 3548 volsnap - ok 13:44:20.0859 3548 vpcbus (abd9b4a7e2d0ae51a3b8df1af3152d61) C:\Windows\system32\DRIVERS\vpchbus.sys 13:44:20.0861 3548 vpcbus - ok 13:44:20.0894 3548 vpcnfltr (8acda395841538ce9713a67fe8b2a3eb) C:\Windows\system32\DRIVERS\vpcnfltr.sys 13:44:20.0896 3548 vpcnfltr - ok 13:44:20.0914 3548 vpcusb (31924e31bc315773e6d149b157db46d5) C:\Windows\system32\DRIVERS\vpcusb.sys 13:44:20.0916 3548 vpcusb - ok 13:44:20.0937 3548 vpcvmm (c5b651e52540e6f46da66574c74b4898) C:\Windows\system32\drivers\vpcvmm.sys 13:44:20.0942 3548 vpcvmm - ok 13:44:20.0953 3548 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 13:44:20.0955 3548 vsmraid - ok 13:44:21.0008 3548 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe 13:44:21.0035 3548 VSS - ok 13:44:21.0104 3548 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 13:44:21.0105 3548 vwifibus - ok 13:44:21.0112 3548 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 13:44:21.0113 3548 vwififlt - ok 13:44:21.0138 3548 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 13:44:21.0143 3548 W32Time - ok 13:44:21.0154 3548 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 13:44:21.0155 3548 WacomPen - ok 13:44:21.0170 3548 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 13:44:21.0172 3548 WANARP - ok 13:44:21.0176 3548 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 13:44:21.0177 3548 Wanarpv6 - ok 13:44:21.0234 3548 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe 13:44:21.0268 3548 wbengine - ok 13:44:21.0323 3548 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 13:44:21.0327 3548 WbioSrvc - ok 13:44:21.0374 3548 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll 13:44:21.0379 3548 wcncsvc - ok 13:44:21.0395 3548 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 13:44:21.0398 3548 WcsPlugInService - ok 13:44:21.0405 3548 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 13:44:21.0406 3548 Wd - ok 13:44:21.0433 3548 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 13:44:21.0440 3548 Wdf01000 - ok 13:44:21.0448 3548 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 13:44:21.0451 3548 WdiServiceHost - ok 13:44:21.0454 3548 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 13:44:21.0456 3548 WdiSystemHost - ok 13:44:21.0477 3548 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll 13:44:21.0480 3548 WebClient - ok 13:44:21.0495 3548 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 13:44:21.0499 3548 Wecsvc - ok 13:44:21.0512 3548 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 13:44:21.0515 3548 wercplsupport - ok 13:44:21.0531 3548 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 13:44:21.0533 3548 WerSvc - ok 13:44:21.0545 3548 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 13:44:21.0546 3548 WfpLwf - ok 13:44:21.0562 3548 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 13:44:21.0563 3548 WIMMount - ok 13:44:21.0609 3548 WinDefend - ok 13:44:21.0619 3548 WinHttpAutoProxySvc - ok 13:44:21.0663 3548 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 13:44:21.0666 3548 Winmgmt - ok 13:44:21.0738 3548 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll 13:44:21.0773 3548 WinRM - ok 13:44:21.0832 3548 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 13:44:21.0833 3548 WinUsb - ok 13:44:21.0867 3548 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 13:44:21.0877 3548 Wlansvc - ok 13:44:22.0014 3548 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 13:44:22.0057 3548 wlidsvc - ok 13:44:22.0087 3548 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 13:44:22.0088 3548 WmiAcpi - ok 13:44:22.0115 3548 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 13:44:22.0118 3548 wmiApSrv - ok 13:44:22.0134 3548 WMPNetworkSvc - ok 13:44:22.0150 3548 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 13:44:22.0153 3548 WPCSvc - ok 13:44:22.0179 3548 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll 13:44:22.0181 3548 WPDBusEnum - ok 13:44:22.0221 3548 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 13:44:22.0222 3548 ws2ifsl - ok 13:44:22.0298 3548 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll 13:44:22.0301 3548 wscsvc - ok 13:44:22.0304 3548 WSearch - ok 13:44:22.0388 3548 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll 13:44:22.0429 3548 wuauserv - ok 13:44:22.0474 3548 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 13:44:22.0476 3548 WudfPf - ok 13:44:22.0496 3548 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 13:44:22.0498 3548 WUDFRd - ok 13:44:22.0506 3548 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll 13:44:22.0508 3548 wudfsvc - ok 13:44:22.0522 3548 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 13:44:22.0540 3548 WwanSvc - ok 13:44:22.0570 3548 X6va005 - ok 13:44:22.0639 3548 xnacc (4a5ce13408945e525503b5f73d29b9c5) C:\Windows\system32\DRIVERS\xnacc.sys 13:44:22.0646 3548 xnacc - ok 13:44:22.0665 3548 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 13:44:22.0942 3548 \Device\Harddisk0\DR0 - ok 13:44:22.0945 3548 Boot (0x1200) (0abed56843fdfb3cc0f99d71652a84d4) \Device\Harddisk0\DR0\Partition0 13:44:22.0946 3548 \Device\Harddisk0\DR0\Partition0 - ok 13:44:22.0950 3548 Boot (0x1200) (fd76dc7f68ee49013e4e965302494e22) \Device\Harddisk0\DR0\Partition1 13:44:22.0951 3548 \Device\Harddisk0\DR0\Partition1 - ok 13:44:22.0952 3548 ============================================================ 13:44:22.0952 3548 Scan finished 13:44:22.0952 3548 ============================================================ 13:44:22.0961 4892 Detected object count: 0 13:44:22.0961 4892 Actual detected object count: 0 Running aswMBR now.
  5. charade539
    Sorry for the delay, things got a little crazy over here. I'll do the next part of your instructions now.
  6. charade539
    ComboFix 12-07-02.01 - Kyle 07/03/2012 16:18:01.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8191.6724 [GMT -5:00] Running from: c:\users\Kyle\Downloads\ComboFix.exe SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\assembly\GAC_32\Desktop.ini c:\windows\assembly\GAC_64\Desktop.ini c:\windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\@ c:\windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\L\00000004.@ c:\windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\L\1afb2d56 c:\windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\L\201d3dde c:\windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\L\55490ac4 c:\windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\n c:\windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\00000004.@ c:\windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\00000008.@ c:\windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\000000cb.@ c:\windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\80000000.@ c:\windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\80000032.@ c:\windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\80000064.@ . . ((((((((((((((((((((((((( Files Created from 2012-06-03 to 2012-07-03 ))))))))))))))))))))))))))))))) . . 2012-07-03 21:25 . 2012-07-03 21:25 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-07-03 21:25 . 2012-07-03 21:25 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-02 08:11 . 2012-07-02 08:11 -------- d-----w- c:\programdata\Nexon 2012-06-29 22:17 . 2012-06-29 22:18 -------- d-----w- C:\FRST 2012-06-27 00:34 . 2012-06-28 00:21 -------- d-----w- c:\users\Kyle\AppData\Roaming\.minecraft 2012-06-26 22:50 . 2012-01-12 14:28 57976 ----a-r- c:\windows\system32\drivers\SBREDrv.sys 2012-06-26 22:42 . 2012-06-29 19:28 -------- d-----w- C:\sh4ldr 2012-06-26 22:42 . 2012-06-28 00:21 -------- d-----w- c:\program files\Enigma Software Group 2012-06-26 22:42 . 2012-06-29 19:28 -------- d-----w- c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP 2012-06-23 21:25 . 2012-06-23 21:25 -------- d-----w- c:\users\Kyle\AppData\Local\Macromedia 2012-06-23 21:03 . 2012-06-23 21:03 9815752 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-06-23 18:27 . 2012-06-28 19:15 -------- d-----w- c:\program files (x86)\MCSkin3D 2012-06-21 05:56 . 2012-06-28 00:21 -------- d-sh--w- c:\windows\SysWow64\%APPDATA% 2012-06-19 18:16 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4D8DADC4-F81E-4476-A9F1-A093EF46F036}\mpengine.dll 2012-06-18 03:44 . 2003-08-11 15:07 14604 ----a-w- c:\windows\SysWow64\drivers\pfc.sys 2012-06-18 03:44 . 2003-08-11 15:13 344064 ----a-r- c:\windows\SysWow64\msvcr70.dll 2012-06-09 00:40 . 2012-06-09 00:42 -------- d-----w- c:\users\Kyle\AppData\Roaming\Braid 2012-06-09 00:39 . 2008-07-12 13:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll 2012-06-06 19:18 . 2012-07-01 07:44 136672 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll 2012-06-06 19:18 . 2012-06-29 19:25 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-06 19:18 . 2012-06-29 19:25 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll 2012-06-06 02:23 . 2011-11-08 21:00 4227704 ----a-w- c:\windows\SysWow64\GameMon.des 2012-06-06 02:23 . 2005-01-04 00:43 4682 ----a-w- c:\windows\SysWow64\npptNT2.sys 2012-06-06 02:23 . 2003-07-20 09:17 5174 ----a-w- c:\windows\SysWow64\nppt9x.vxd 2012-06-06 02:23 . 2012-06-06 02:23 -------- d-----w- c:\program files\Common Files\INCA Shared 2012-06-05 08:15 . 2012-06-05 08:15 -------- d-----w- c:\program files (x86)\BandiMPEG1 2012-06-05 08:15 . 2012-06-05 08:15 -------- d-----w- C:\gPotato . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-23 21:03 . 2012-06-02 18:10 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-06-23 21:03 . 2011-06-02 14:13 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-22 21:50 . 2012-05-11 19:54 61440 ----a-r- c:\users\Kyle\AppData\Roaming\Microsoft\Installer\{5808DEC3-FD32-42AD-8640-67CF82210D11}\NewShortcut4_5CAB993EDD3D46CC9A9960173F42D18C.exe 2012-05-26 17:49 . 2012-05-26 17:50 955848 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-05-26 17:49 . 2012-05-26 17:50 839112 ----a-w- c:\windows\system32\deployJava1.dll 2012-05-24 15:47 . 2012-03-13 12:02 24448 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2012-05-15 10:48 . 2012-05-22 20:19 8139072 ----a-w- c:\windows\system32\nvcuda.dll 2012-05-15 10:48 . 2012-05-22 20:19 5982528 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-05-15 10:48 . 2012-05-22 20:19 2881856 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-05-15 10:48 . 2012-05-22 20:19 2681664 ----a-w- c:\windows\system32\nvcuvid.dll 2012-05-15 10:48 . 2012-05-22 20:19 25743168 ----a-w- c:\windows\system32\nvoglv64.dll 2012-05-15 10:48 . 2012-05-22 20:19 2524992 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-05-15 10:48 . 2012-05-22 20:19 25248064 ----a-w- c:\windows\system32\nvcompiler.dll 2012-05-15 10:48 . 2012-05-22 20:19 2445120 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2012-05-15 10:48 . 2012-05-22 20:19 19607872 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2012-05-15 10:48 . 2012-05-22 20:19 18044224 ----a-w- c:\windows\system32\nvd3dumx.dll 2012-05-15 10:48 . 2012-05-22 20:19 17551680 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-05-15 10:48 . 2012-05-22 20:19 1738048 ----a-w- c:\windows\system32\nvdispco64.dll 2012-05-15 10:48 . 2012-05-22 20:19 15322432 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-05-15 10:48 . 2012-05-22 20:19 1468224 ----a-w- c:\windows\system32\nvgenco64.dll 2012-05-15 10:48 . 2012-05-22 20:19 14298944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-05-15 10:48 . 2012-05-22 20:19 10194752 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-05-15 10:48 . 2011-06-02 14:21 68928 ----a-w- c:\windows\system32\OpenCL.dll 2012-05-15 10:48 . 2011-06-02 14:21 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll 2012-05-15 10:48 . 2011-06-02 14:21 2741568 ----a-w- c:\windows\system32\nvapi64.dll 2012-05-15 10:48 . 2011-06-02 14:21 2368832 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-05-15 10:48 . 2009-07-13 21:59 8105280 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2012-05-15 09:29 . 2011-06-02 14:22 889664 ----a-w- c:\windows\system32\nvvsvc.exe 2012-05-15 09:29 . 2011-06-02 14:22 63296 ----a-w- c:\windows\system32\nvshext.dll 2012-05-15 09:29 . 2011-06-02 14:22 118080 ----a-w- c:\windows\system32\nvmctray.dll 2012-05-15 09:29 . 2011-06-02 14:22 3149632 ----a-w- c:\windows\system32\nvsvc64.dll 2012-05-15 09:28 . 2011-06-02 14:22 6151488 ----a-w- c:\windows\system32\nvcpl.dll 2012-05-15 07:21 . 2012-05-15 07:21 423744 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2012-04-11 04:31 . 2012-04-11 04:31 2303488 ----a-w- c:\windows\SysWow64\python27.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{20a0be68-8fd9-4539-8712-ce3d1c1fdfc6}] 2011-12-22 21:17 262312 ----a-w- c:\program files (x86)\blekkotb\auxi\blekkoAu.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{26c9e18c-3717-4be1-a225-04e4471f5b6e}] 2011-12-22 21:16 86696 ----a-w- c:\program files (x86)\blekkotb\blekkoDx.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{26c9e18c-3717-4be1-a225-04e4471f5b6e}"= "c:\program files (x86)\blekkotb\blekkoDx.dll" [2011-12-22 86696] . [HKEY_CLASSES_ROOT\clsid\{26c9e18c-3717-4be1-a225-04e4471f5b6e}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 5"="c:\program files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-05-28 288128] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Wireless Utility.lnk - c:\program files (x86)\Edimax\Common\RaUI.exe [2012-5-8 1638400] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux9"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056] R3 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2012-03-05 748440] R3 dump_wmimmc;dump_wmimmc;c:\gpotato\IrisOnline\GameGuard\dump_wmimmc.sys [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384] R3 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-09-26 375176] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-01 113120] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x] R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [2010-11-07 24176] R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2012-04-28 33184] R3 SentinelKeysServer;Sentinel Keys Server;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2009-09-17 369952] R3 SentinelSecurityRuntime;Sentinel Security Runtime;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2009-09-17 292128] R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-04-28 21872] R3 X6va005;X6va005;c:\users\Kyle\AppData\Local\Temp\005510C.tmp [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-28 279616] S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2012-01-12 57976] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792] S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-10 821592] S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Edimax\Common\RaRegistry64.exe [2009-10-06 212256] S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-10-06 737792] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392] . . Contents of the 'Scheduled Tasks' folder . 2012-07-03 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-02 21:03] . 2012-07-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4045259866-2150992624-2669054454-1000Core.job - c:\users\Kyle\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-03 03:40] . 2012-07-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4045259866-2150992624-2669054454-1000UA.job - c:\users\Kyle\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-03 03:40] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3072253 uInternet Settings,ProxyOverride = *.local;<local> IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 192.168.2.1 CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll FF - ProfilePath - c:\users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\tq9u0624.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - about:home . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file) WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file) . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005] "ImagePath"="\??\c:\users\Kyle\AppData\Local\Temp\005510C.tmp" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{32099AAC-C132-4136-9E9A-4E364A424E17}"=hex:51,66,7a,6c,4c,1d,38,12,c2,99,1a, 36,00,8f,58,04,e1,8c,0d,76,4f,1c,0a,03 "{26C9E18C-3717-4BE1-A225-04E4471F5B6E}"=hex:51,66,7a,6c,4c,1d,38,12,e2,e2,da, 22,25,79,8f,0e,dd,33,47,a4,42,41,1f,7a "{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}"=hex:51,66,7a,6c,4c,1d,38,12,07,04,c9, 0f,40,b3,9a,0c,ed,70,a2,bb,05,11,09,9b "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{20A0BE68-8FD9-4539-8712-CE3D1C1FDFC6}"=hex:51,66,7a,6c,4c,1d,38,12,06,bd,b3, 24,eb,c1,57,00,f8,04,8d,7d,19,41,9b,d2 "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96, 76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07, 72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47, 2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85 "{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16, fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17 "{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9, b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:17,7d,6f,95,5e,06,cd,01 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ac,43,92,d0,f1,01,66,40,b0,14,4b,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ac,43,92,d0,f1,01,66,40,b0,14,4b,\ . [HKEY_USERS\S-1-5-21-4045259866-2150992624-2669054454-1000\Software\SecuROM\License information*] "datasecu"=hex:ef,15,8b,66,6a,c4,01,15,05,ad,d2,56,74,f9,9f,4d,ff,a5,ac,2c,52, 64,e8,1d,d0,87,52,aa,e8,26,60,ab,02,33,95,6c,98,77,92,97,8b,17,88,6c,20,66,\ "rkeysecu"=hex:32,18,43,1f,a8,21,27,b7,4e,25,7d,cc,0b,3c,91,c9 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Bonjour\mDNSResponder.exe c:\program files (x86)\Edimax\Common\RaRegistry.exe . ************************************************************************** . Completion time: 2012-07-03 16:32:28 - machine was rebooted ComboFix-quarantined-files.txt 2012-07-03 21:32 . Pre-Run: 1,338,163,392,512 bytes free Post-Run: 1,337,793,167,360 bytes free . - - End Of File - - 153353FEF6CEE3BF3E69966D6A586F96
  7. charade539
    Here it is. Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 25-06-2012 Ran by SYSTEM at 2012-07-01 14:37:53 Run:1 Running from G:\ ============================================== C:\Windows\System32\services.exe moved successfully. C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe C:\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16} moved successfully. C:\Users\Kyle\AppData\Local\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16} moved successfully. ==== End of Fixlog ====
  8. charade539
    Here you go. Farbar Recovery Scan Tool Version: 25-06-2012 Ran by SYSTEM at 2012-06-30 17:04:55 Running from G:\ ================== Search: "services.exe" =================== C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB C:\Windows\System32\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 014A9CB92514E27C0107614DF764BC06 ====== End Of Search ======
  9. charade539
    Here you go. Scan result of Farbar Recovery Scan Tool Version: 25-06-2012 Ran by SYSTEM at 29-06-2012 14:17:28 Running from F:\ Windows 7 Home Premium (X64) OS Language: English(US) The current controlset is ControlSet001 ========================== Registry (Whitelisted) ============= HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [446392 2012-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462408 2012-04-04] (Malwarebytes Corporation) HKLM-x32\...\Run: [] [x] HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart [4464472 2012-05-09] (IObit) HKU\Kyle\...\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart [288128 2012-05-28] (IObit) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Startup: C:\Users\All Users\Start Menu\Programs\Startup\Wireless Utility.lnk ShortcutTarget: Wireless Utility.lnk -> C:\Program Files (x86)\Edimax\Common\RaUI.exe (Edimax Technology Co.) ==================== Services (Whitelisted) ====== 2 AdvancedSystemCareService5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [913792 2012-05-26] (IObit) 3 Application Updater; "C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe" [748440 2012-03-04] (Spigot, Inc.) 2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [821592 2012-01-09] (IObit) 3 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe" [375176 2011-09-26] (LogMeIn, Inc.) 4 LMIMaint; "C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe" [147336 2011-09-26] (LogMeIn, Inc.) 4 LogMeIn; "C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe" [407424 2011-09-16] (LogMeIn, Inc.) 2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [654408 2012-04-04] (Malwarebytes Corporation) 2 RalinkRegistryWriter; C:\Program Files (x86)\Edimax\Common\RaRegistry.exe [185632 2009-10-06] (Ralink Technology, Corp.) 2 RalinkRegistryWriter64; C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe [212256 2009-10-06] (Ralink Technology, Corp.) 3 SentinelKeysServer; "C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe" [369952 2009-09-16] (SafeNet, Inc.) 3 SentinelProtectionServer; "C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe" [1246496 2009-09-17] (SafeNet, Inc) 3 SentinelSecurityRuntime; "C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe" [292128 2009-09-16] (SafeNet, Inc.) 2 SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [1019328 2012-06-02] (Enigma Software Group USA, LLC.) 2 szserver; "C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe" [67408 2012-04-25] (iS3, Inc.) ========================== Drivers (Whitelisted) ============= 1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [279616 2011-12-27] (DT Soft Ltd) 3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] () 3 FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [21384 2012-01-05] (IObit) 0 is3srv; C:\Windows\SysWow64\drivers\is3srv64.sys [74768 2011-09-26] (iS3 Inc.) 2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [15928 2011-09-16] (LogMeIn, Inc.) 3 lmimirr; C:\Windows\System32\Drivers\lmimirr.sys [11552 2011-09-16] (LogMeIn, Inc.) 2 LMIRfsDriver; C:\Windows\System32\Drivers\LMIRfsDriver.sys [72216 2011-09-16] (LogMeIn, Inc.) 3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-04-04] (Malwarebytes Corporation) 3 pfc; C:\Windows\SysWow64\Drivers\pfc.sys [14604 2003-08-11] (Padus, Inc.) 3 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [33184 2012-04-28] (IObit.com) 1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [57976 2012-01-12] (GFI Software) 2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.) 0 speedfan; C:\Windows\SysWow64\speedfan.sys [29592 2011-03-18] (Almico Software) 0 szkg5; C:\Windows\SysWow64\DRIVERS\szkg64.sys [74768 2011-09-26] (iS3 Inc.) 3 UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [21872 2012-04-28] (IObit.com) 3 dump_wmimmc; \??\C:\gPotato\IrisOnline\GameGuard\dump_wmimmc.sys [x] 4 LMIRfsClientNP; [x] 3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x] 3 X6va005; \??\C:\Users\Kyle\AppData\Local\Temp\005510C.tmp [x] ========================== NetSvcs (Whitelisted) =========== ============ One Month Created Files and Folders ============== 2012-06-28 10:37 - 2012-06-28 10:37 - 00000240 ____A C:\Windows\System32\Drivers\kgpcpy.cfg 2012-06-27 01:24 - 2012-06-27 01:24 - 00020299 ____A C:\Users\Kyle\Desktop\Combofix Error.PNG 2012-06-27 01:21 - 2012-06-27 16:22 - 00000000 ___SD C:\32788R22FWJFW 2012-06-27 01:21 - 2012-06-27 16:22 - 00000000 ____D C:\Windows\erdnt 2012-06-27 01:21 - 2012-06-27 01:21 - 00000000 ____D C:\Qoobox 2012-06-27 01:17 - 2012-06-27 01:17 - 04569121 ___RA (Swearware) C:\Users\Kyle\Downloads\ComboFix.exe 2012-06-27 01:15 - 2012-06-27 01:15 - 00000184 ____A C:\Windows\SysWOW64\Drivers\kgpfr2.cfg 2012-06-27 01:14 - 2012-06-27 01:14 - 00881475 ____A C:\Users\Kyle\Downloads\SecurityCheck.exe 2012-06-26 16:34 - 2012-06-27 16:21 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\.minecraft 2012-06-26 16:33 - 2012-06-26 16:35 - 00000000 ____D C:\Users\Kyle\Desktop\New folder 2012-06-26 16:07 - 2012-06-26 16:07 - 00607260 ____R (Swearware) C:\Users\Kyle\Downloads\dds.com 2012-06-26 14:50 - 2012-06-28 22:59 - 00000000 ____D C:\Users\All Users\STOPzilla! 2012-06-26 14:50 - 2012-06-27 16:22 - 00000000 ____D C:\Program Files (x86)\STOPzilla! 2012-06-26 14:50 - 2012-01-12 06:28 - 00057976 ___RA (GFI Software) C:\Windows\System32\Drivers\SBREDrv.sys 2012-06-26 14:48 - 2012-06-26 14:48 - 00509440 ____A (iS3, Inc.) C:\Users\Kyle\Downloads\SZSetupAV.exe 2012-06-26 14:42 - 2012-06-27 16:22 - 00000000 ____D C:\Windows\18F97AF04F884494AFE25A5702E142CC.TMP 2012-06-26 14:42 - 2012-06-27 16:21 - 00000000 ____D C:\Program Files\Enigma Software Group 2012-06-26 14:42 - 2012-06-26 14:43 - 00000000 ____D C:\sh4ldr 2012-06-26 14:42 - 2012-06-26 14:42 - 00002256 ____A C:\Users\Kyle\Desktop\SpyHunter.lnk 2012-06-26 14:40 - 2012-06-26 14:41 - 00725440 ____A (Enigma Software Group USA, LLC.) C:\Users\Kyle\Downloads\SpyHunter-Installer(1).exe 2012-06-26 14:40 - 2012-06-26 14:40 - 00725440 ____A (Enigma Software Group USA, LLC.) C:\Users\Kyle\Downloads\SpyHunter-Installer.exe 2012-06-25 14:33 - 2012-06-25 14:33 - 00000000 ____D C:\Users\Kyle\Downloads\attachments 2012-06-25 14:05 - 2012-06-25 14:06 - 04402056 ____A C:\Users\Kyle\Downloads\attachments.zip 2012-06-23 13:53 - 2012-06-23 13:53 - 65994752 ____A C:\Windows\System32\config\SOFTWARE.iobit 2012-06-23 13:53 - 2012-06-23 13:53 - 18915328 ____A C:\Windows\System32\config\SYSTEM.iobit 2012-06-23 13:53 - 2012-06-23 13:53 - 00167936 ____A C:\Windows\System32\config\DEFAULT.iobit 2012-06-23 13:53 - 2012-06-23 13:53 - 00057344 ____A C:\Windows\System32\config\SAM.iobit 2012-06-23 13:53 - 2012-06-23 13:53 - 00028672 ____A C:\Windows\System32\config\SECURITY.iobit 2012-06-23 13:25 - 2012-06-23 13:25 - 00000000 ____D C:\Users\Kyle\AppData\Local\Macromedia 2012-06-23 13:03 - 2012-06-23 13:03 - 09815752 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2012-06-23 10:27 - 2012-06-28 11:15 - 00000000 ____D C:\Program Files (x86)\MCSkin3D 2012-06-23 10:27 - 2012-06-23 10:27 - 01965549 ____A (Altered Softworks ) C:\Users\Kyle\Downloads\mcskin3d_1_4_0_235.exe 2012-06-23 10:27 - 2012-06-23 10:27 - 00001011 ____A C:\Users\Public\Desktop\MCSkin3D.lnk 2012-06-22 17:46 - 2012-06-25 13:39 - 00001070 ____A C:\Windows\PFRO.log 2012-06-22 13:23 - 2012-06-22 13:23 - 00001177 ____A C:\Users\Public\Desktop\IObit Malware Fighter.lnk 2012-06-22 13:20 - 2012-06-22 13:21 - 19551736 ____A (IObit ) C:\Users\Kyle\Downloads\imf-setup.exe 2012-06-22 12:35 - 2012-06-29 11:03 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2012-06-22 11:50 - 2012-06-28 10:33 - 00000672 ____A C:\Windows\setupact.log 2012-06-22 11:50 - 2012-06-22 11:50 - 00000000 ____A C:\Windows\setuperr.log 2012-06-22 02:18 - 2012-06-22 02:19 - 01012656 ____A C:\Users\Kyle\Downloads\rkill.exe 2012-06-22 02:16 - 2012-06-22 02:16 - 00000618 ____A C:\Users\Kyle\Documents\cc_20120622_051608.reg 2012-06-22 00:55 - 2012-06-22 17:42 - 00000361 ____A C:\rkill.log 2012-06-22 00:54 - 2012-06-22 00:54 - 01012656 ____A C:\Users\Kyle\Downloads\rkill.com 2012-06-22 00:39 - 2012-06-22 00:39 - 00045664 ____A C:\Users\Kyle\Desktop\GMer.log 2012-06-22 00:00 - 2012-06-22 00:00 - 00302592 ____A C:\Users\Kyle\Downloads\odp539no.exe 2012-06-21 19:23 - 2012-06-27 16:22 - 00000000 ____D C:\Users\Kyle\Downloads\tdsskiller 2012-06-21 19:23 - 2012-06-21 19:23 - 02109806 ____A C:\Users\Kyle\Downloads\tdsskiller.zip 2012-06-20 22:03 - 2012-06-20 22:03 - 00278561 ____A C:\Users\Kyle\Downloads\Minecraft.exe 2012-06-20 22:02 - 2012-06-20 22:02 - 01589718 ____A C:\Users\Kyle\Downloads\Minecraft_Server.exe 2012-06-20 21:56 - 2012-06-27 16:21 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA% 2012-06-20 21:44 - 2012-06-20 21:45 - 00000000 ____D C:\Users\Kyle\Downloads\Minecraft_key_code_generator 2012-06-20 21:35 - 2012-06-20 21:35 - 00000000 ____D C:\Users\Kyle\Downloads\Minecraft Gift Code Generator v1.9.1 2012-06-20 09:04 - 2012-06-22 02:01 - 00001584 ____A C:\Users\Kyle\Desktop\F-list.lnk 2012-06-20 09:02 - 2012-06-27 16:21 - 00000000 ____D C:\Users\Kyle\Downloads\F-list Messenger 0-8-3 beta 2012-06-19 11:54 - 2012-06-19 11:54 - 00951853 ____A C:\Users\Kyle\Downloads\RK_00262_HD25.mp4 2012-06-19 11:49 - 2012-06-19 11:49 - 00001822 ____A C:\Users\Kyle\Downloads\backfill.mov 2012-06-19 11:49 - 2012-06-19 11:49 - 00001817 ____A C:\Users\Kyle\Downloads\welding.mov 2012-06-19 11:48 - 2012-06-19 11:48 - 00997888 ____A C:\Users\Kyle\Downloads\sparks.avi 2012-06-18 16:29 - 2012-06-27 16:22 - 00000000 ____D C:\Users\Kyle\Downloads\The Secret World of Arrietty 2012 DVDRip XViD-sC0rp 2012-06-18 12:25 - 2012-06-18 12:25 - 00001196 ____A C:\Users\Kyle\Desktop\FileZilla.lnk 2012-06-17 19:44 - 2003-08-11 07:13 - 00344064 ___RA (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll 2012-06-17 19:44 - 2003-08-11 07:07 - 00014604 ____A (Padus, Inc.) C:\Windows\SysWOW64\Drivers\pfc.sys 2012-06-17 18:57 - 2012-06-17 18:58 - 00000000 ____D C:\Users\Kyle\Downloads\PremierePro_6_Content_LS7 2012-06-17 18:45 - 2012-06-17 18:56 - 768928646 ____A C:\Users\Kyle\Downloads\PremierePro_6_Content_LS7.7z 2012-06-17 18:29 - 2012-06-17 18:29 - 00000000 ____D C:\Users\Kyle\Downloads\Encore Working 2012-06-16 22:25 - 2012-06-17 12:38 - 00000000 ____D C:\Users\Kyle\Desktop\Flea Market 2012-06-14 18:21 - 2012-06-14 18:21 - 02446584 ____A (pepsoft.org) C:\Users\Kyle\Documents\worldpainter_64_0.8.9.exe 2012-06-13 15:08 - 2012-06-13 15:10 - 09813457 ____A C:\Users\Kyle\Downloads\F-list Messenger 0-8-3 beta.zip 2012-06-13 12:05 - 2012-06-23 12:32 - 00002119 ____A C:\Users\Public\Desktop\Legend of Grimrock.lnk 2012-06-13 12:05 - 2012-06-13 12:07 - 00000000 ____D C:\Users\Kyle\Downloads\The Legend of Korra 2012-06-13 12:05 - 2012-06-13 12:05 - 00000000 ____D C:\Users\Kyle\Documents\Almost Human 2012-06-11 23:31 - 2012-06-11 23:31 - 00036210 ____A C:\Users\Kyle\Documents\Loki_009.htm 2012-06-11 08:58 - 2012-06-11 08:58 - 00024032 ____A C:\Users\Kyle\Documents\cc_20120611_115807.reg 2012-06-10 23:07 - 2012-06-10 23:07 - 00107753 ____A C:\Users\Kyle\Documents\Loki_008.htm 2012-06-10 18:46 - 2012-06-10 18:46 - 00323997 ____A C:\Users\Kyle\Downloads\Remaster Patch.zip 2012-06-10 18:46 - 2012-06-10 18:46 - 00000000 ____D C:\Users\Kyle\Downloads\Remaster Patch 2012-06-08 22:01 - 2012-06-08 22:01 - 00070272 ____A C:\Users\Kyle\Documents\Loki_007.htm 2012-06-08 17:37 - 2012-06-08 17:37 - 00000000 ____D C:\Users\Kyle\Downloads\StarForge_V0.1 2012-06-08 17:30 - 2012-06-08 17:36 - 315470531 ____A C:\Users\Kyle\Downloads\StarForge_V0.1.zip 2012-06-08 16:40 - 2012-06-08 16:42 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\Braid 2012-06-08 16:39 - 2008-07-12 05:18 - 03851784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2012-06-07 21:19 - 2012-06-07 21:58 - 00017140 ____A C:\Users\Kyle\Documents\Loki_006.htm 2012-06-07 20:45 - 2012-06-07 20:51 - 00000028 ____A C:\Windows\encore_launcher.ini 2012-06-07 18:55 - 2012-06-07 18:55 - 00000000 ____D C:\Users\Kyle\Downloads\grendel_cage 2012-06-07 14:14 - 2012-06-07 14:14 - 01114119 ____A C:\Users\Kyle\Downloads\Creatures_Update_2.exe 2012-06-07 14:09 - 2012-06-07 14:09 - 00002395 ____A C:\Users\Kyle\Downloads\tomato_soup.zip 2012-06-07 14:06 - 2012-06-07 14:06 - 00014335 ____A C:\Users\Kyle\Downloads\peartree.zip 2012-06-07 14:04 - 2012-06-07 14:04 - 00023323 ____A C:\Users\Kyle\Downloads\grapevine.zip 2012-06-07 14:04 - 2012-06-07 14:04 - 00013553 ____A C:\Users\Kyle\Downloads\grendel_cage.zip 2012-06-07 14:03 - 2012-06-07 14:03 - 00049380 ____A C:\Users\Kyle\Downloads\de_theme.zip 2012-06-07 12:53 - 2012-06-07 12:53 - 00000000 ____D C:\Users\Kyle\Downloads\c_albian_years_manuals 2012-06-07 12:24 - 2012-06-10 18:57 - 00002340 ____A C:\Users\Public\Desktop\Creatures 2.lnk 2012-06-07 12:24 - 2012-06-10 18:57 - 00002331 ____A C:\Users\Public\Desktop\Creatures 1.lnk 2012-06-07 12:23 - 2012-06-07 12:24 - 00000000 ____D C:\Users\Kyle\Documents\Creatures 2012-06-07 12:16 - 2012-06-07 12:19 - 116171848 ____A (GOG.com ) C:\Users\Kyle\Downloads\setup_creatures_albian_years.exe 2012-06-07 12:16 - 2012-06-07 12:16 - 01207334 ____A C:\Users\Kyle\Downloads\c_albian_years_manuals.zip 2012-06-07 00:33 - 2012-06-07 00:34 - 00025288 ____A C:\Users\Kyle\Documents\LokiThor3some_001.htm 2012-06-06 18:15 - 2012-06-14 12:20 - 00000000 ____D C:\Users\Kyle\Documents\Island Stuff 2012-06-06 11:06 - 2012-06-06 11:06 - 17151152 ____A (Mozilla) C:\Users\Kyle\Downloads\Firefox Setup 13.0b7.exe 2012-06-06 01:41 - 2012-06-06 01:41 - 00094869 ____A C:\Users\Kyle\Documents\Loki_005.htm 2012-06-05 19:47 - 2012-06-05 19:49 - 31733248 ____A C:\Users\Kyle\Downloads\dockingstation_195.exe 2012-06-05 18:23 - 2012-06-05 18:23 - 00000000 ____D C:\Program Files\Common Files\INCA Shared 2012-06-05 18:23 - 2011-11-08 13:00 - 04227704 ____A (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des 2012-06-05 18:23 - 2005-01-03 16:43 - 00004682 ____A (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys 2012-06-05 18:23 - 2003-07-20 01:17 - 00005174 ____A C:\Windows\SysWOW64\nppt9x.vxd 2012-06-05 00:52 - 2012-06-05 00:52 - 00077900 ____A C:\Users\Kyle\Documents\Loki_004.htm 2012-06-05 00:15 - 2012-06-05 00:15 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1 2012-06-05 00:15 - 2012-06-05 00:15 - 00000000 ____D C:\gPotato 2012-06-04 23:46 - 2012-06-05 00:15 - 1764105178 ____A (Acresso Software Inc. ) C:\Users\Kyle\Downloads\Iris_US_v1.20.31086.exe 2012-06-04 23:45 - 2012-06-04 23:45 - 00773400 ____A C:\Users\Kyle\Downloads\IRIS_US_Downloader.exe 2012-06-03 13:02 - 2012-06-03 13:03 - 00000000 ____D C:\Python27 2012-06-03 13:00 - 2012-06-03 13:02 - 15867904 ____A C:\Users\Kyle\Downloads\python-2.7.3.msi 2012-06-03 12:56 - 2012-06-03 13:03 - 00000000 ____D C:\Program Files (x86)\OpenRPG 2012-06-03 12:55 - 2012-06-03 12:56 - 00829561 ____A C:\Users\Kyle\Downloads\openrpg-1.7.1.exe 2012-06-03 00:38 - 2012-06-03 00:38 - 00105831 ____A C:\Users\Kyle\Documents\Loki_003.htm 2012-06-02 10:36 - 2012-06-03 20:50 - 00000000 ____D C:\Users\Kyle\Downloads\Doctor Who 2012-06-02 10:28 - 2012-06-02 10:30 - 00000000 ____D C:\Users\Kyle\Downloads\Doctor Who 2005 Season 1-5 2012-06-02 10:10 - 2012-06-23 13:03 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-05-31 17:56 - 2012-05-31 18:05 - 00000000 ____D C:\Users\Kyle\Documents\Recipes 2012-05-31 10:33 - 2012-05-31 10:34 - 27070144 ____A (IObit ) C:\Users\Kyle\Downloads\asc-setup.exe 2012-05-31 00:34 - 2012-05-31 00:34 - 00047292 ____A C:\Users\Kyle\Documents\Loki_002.htm ============ 3 Months Modified Files and Folders ============= 2012-06-29 14:17 - 2012-06-29 14:17 - 00000000 ____D C:\FRST 2012-06-29 11:10 - 2011-12-20 10:46 - 01872412 ____A C:\Windows\WindowsUpdate.log 2012-06-29 11:10 - 2011-10-02 19:40 - 00000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4045259866-2150992624-2669054454-1000Core.job 2012-06-29 11:09 - 2011-06-04 13:24 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\.purple 2012-06-29 11:03 - 2012-06-22 12:35 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2012-06-29 11:03 - 2011-10-02 19:40 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4045259866-2150992624-2669054454-1000UA.job 2012-06-28 23:55 - 2011-06-26 16:01 - 00000132 ____A C:\Users\Kyle\AppData\Roaming\Adobe PNG Format CS5 Prefs 2012-06-28 22:59 - 2012-06-26 14:50 - 00000000 ____D C:\Users\All Users\STOPzilla! 2012-06-28 16:02 - 2011-06-04 13:20 - 00000000 ____D C:\Program Files (x86)\Steam 2012-06-28 11:27 - 2011-06-04 13:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2012-06-28 11:15 - 2012-06-23 10:27 - 00000000 ____D C:\Program Files (x86)\MCSkin3D 2012-06-28 10:43 - 2009-07-13 20:45 - 00019312 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-06-28 10:43 - 2009-07-13 20:45 - 00019312 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-06-28 10:37 - 2012-06-28 10:37 - 00000240 ____A C:\Windows\System32\Drivers\kgpcpy.cfg 2012-06-28 10:33 - 2012-06-22 11:50 - 00000672 ____A C:\Windows\setupact.log 2012-06-28 10:33 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-06-28 10:32 - 2011-06-02 06:22 - 00000000 ____D C:\Users\All Users\NVIDIA 2012-06-27 16:22 - 2012-06-27 01:21 - 00000000 ___SD C:\32788R22FWJFW 2012-06-27 16:22 - 2012-06-27 01:21 - 00000000 ____D C:\Windows\erdnt 2012-06-27 16:22 - 2012-06-26 14:50 - 00000000 ____D C:\Program Files (x86)\STOPzilla! 2012-06-27 16:22 - 2012-06-26 14:42 - 00000000 ____D C:\Windows\18F97AF04F884494AFE25A5702E142CC.TMP 2012-06-27 16:22 - 2012-06-21 19:23 - 00000000 ____D C:\Users\Kyle\Downloads\tdsskiller 2012-06-27 16:22 - 2012-06-18 16:29 - 00000000 ____D C:\Users\Kyle\Downloads\The Secret World of Arrietty 2012 DVDRip XViD-sC0rp 2012-06-27 16:22 - 2012-05-11 11:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2012-06-27 16:22 - 2012-03-12 17:57 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\IObit 2012-06-27 16:22 - 2011-11-15 19:21 - 00000000 ____D C:\Windows\System32\Macromed 2012-06-27 16:22 - 2011-06-02 06:13 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2012-06-27 16:22 - 2011-06-02 05:25 - 00000000 ____D C:\users\Kyle 2012-06-27 16:22 - 2009-07-13 23:44 - 00000000 ___RD C:\Users\Public\Recorded TV 2012-06-27 16:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF 2012-06-27 16:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration 2012-06-27 16:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat 2012-06-27 16:21 - 2012-06-26 16:34 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\.minecraft 2012-06-27 16:21 - 2012-06-26 14:42 - 00000000 ____D C:\Program Files\Enigma Software Group 2012-06-27 16:21 - 2012-06-20 21:56 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA% 2012-06-27 16:21 - 2012-06-20 09:02 - 00000000 ____D C:\Users\Kyle\Downloads\F-list Messenger 0-8-3 beta 2012-06-27 16:21 - 2011-08-26 20:31 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\Skype 2012-06-27 16:21 - 2011-06-19 11:45 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\Winamp 2012-06-27 16:21 - 2011-06-02 10:20 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\Malwarebytes 2012-06-27 16:20 - 2012-03-12 17:57 - 00000000 ____D C:\Program Files (x86)\IObit 2012-06-27 15:34 - 2012-05-29 18:07 - 00000000 ____D C:\Users\Kyle\AppData\Local\Conduit 2012-06-27 01:24 - 2012-06-27 01:24 - 00020299 ____A C:\Users\Kyle\Desktop\Combofix Error.PNG 2012-06-27 01:21 - 2012-06-27 01:21 - 00000000 ____D C:\Qoobox 2012-06-27 01:17 - 2012-06-27 01:17 - 04569121 ___RA (Swearware) C:\Users\Kyle\Downloads\ComboFix.exe 2012-06-27 01:15 - 2012-06-27 01:15 - 00000184 ____A C:\Windows\SysWOW64\Drivers\kgpfr2.cfg 2012-06-27 01:14 - 2012-06-27 01:14 - 00881475 ____A C:\Users\Kyle\Downloads\SecurityCheck.exe 2012-06-26 16:35 - 2012-06-26 16:33 - 00000000 ____D C:\Users\Kyle\Desktop\New folder 2012-06-26 16:22 - 2012-05-26 09:48 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin 2012-06-26 16:07 - 2012-06-26 16:07 - 00607260 ____R (Swearware) C:\Users\Kyle\Downloads\dds.com 2012-06-26 14:52 - 2012-03-11 10:57 - 00000000 ____D C:\Users\Kyle\Desktop\Stories 2012-06-26 14:48 - 2012-06-26 14:48 - 00509440 ____A (iS3, Inc.) C:\Users\Kyle\Downloads\SZSetupAV.exe 2012-06-26 14:43 - 2012-06-26 14:42 - 00000000 ____D C:\sh4ldr 2012-06-26 14:42 - 2012-06-26 14:42 - 00002256 ____A C:\Users\Kyle\Desktop\SpyHunter.lnk 2012-06-26 14:41 - 2012-06-26 14:40 - 00725440 ____A (Enigma Software Group USA, LLC.) C:\Users\Kyle\Downloads\SpyHunter-Installer(1).exe 2012-06-26 14:40 - 2012-06-26 14:40 - 00725440 ____A (Enigma Software Group USA, LLC.) C:\Users\Kyle\Downloads\SpyHunter-Installer.exe 2012-06-26 13:33 - 2012-05-11 11:56 - 00000000 ____D C:\Users\Kyle\Desktop\TGWTG 2012-06-25 14:33 - 2012-06-25 14:33 - 00000000 ____D C:\Users\Kyle\Downloads\attachments 2012-06-25 14:06 - 2012-06-25 14:05 - 04402056 ____A C:\Users\Kyle\Downloads\attachments.zip 2012-06-25 13:55 - 2009-07-13 21:13 - 00006346 ____A C:\Windows\System32\PerfStringBackup.INI 2012-06-25 13:39 - 2012-06-22 17:46 - 00001070 ____A C:\Windows\PFRO.log 2012-06-23 13:53 - 2012-06-23 13:53 - 65994752 ____A C:\Windows\System32\config\SOFTWARE.iobit 2012-06-23 13:53 - 2012-06-23 13:53 - 18915328 ____A C:\Windows\System32\config\SYSTEM.iobit 2012-06-23 13:53 - 2012-06-23 13:53 - 00167936 ____A C:\Windows\System32\config\DEFAULT.iobit 2012-06-23 13:53 - 2012-06-23 13:53 - 00057344 ____A C:\Windows\System32\config\SAM.iobit 2012-06-23 13:53 - 2012-06-23 13:53 - 00028672 ____A C:\Windows\System32\config\SECURITY.iobit 2012-06-23 13:25 - 2012-06-23 13:25 - 00000000 ____D C:\Users\Kyle\AppData\Local\Macromedia 2012-06-23 13:03 - 2012-06-23 13:03 - 09815752 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2012-06-23 13:03 - 2012-06-02 10:10 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-06-23 13:03 - 2011-06-02 06:13 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2012-06-23 12:32 - 2012-06-13 12:05 - 00002119 ____A C:\Users\Public\Desktop\Legend of Grimrock.lnk 2012-06-23 10:27 - 2012-06-23 10:27 - 01965549 ____A (Altered Softworks ) C:\Users\Kyle\Downloads\mcskin3d_1_4_0_235.exe 2012-06-23 10:27 - 2012-06-23 10:27 - 00001011 ____A C:\Users\Public\Desktop\MCSkin3D.lnk 2012-06-22 17:42 - 2012-06-22 00:55 - 00000361 ____A C:\rkill.log 2012-06-22 13:23 - 2012-06-22 13:23 - 00001177 ____A C:\Users\Public\Desktop\IObit Malware Fighter.lnk 2012-06-22 13:21 - 2012-06-22 13:20 - 19551736 ____A (IObit ) C:\Users\Kyle\Downloads\imf-setup.exe 2012-06-22 11:50 - 2012-06-22 11:50 - 00000000 ____A C:\Windows\setuperr.log 2012-06-22 02:19 - 2012-06-22 02:18 - 01012656 ____A C:\Users\Kyle\Downloads\rkill.exe 2012-06-22 02:16 - 2012-06-22 02:16 - 00000618 ____A C:\Users\Kyle\Documents\cc_20120622_051608.reg 2012-06-22 02:01 - 2012-06-20 09:04 - 00001584 ____A C:\Users\Kyle\Desktop\F-list.lnk 2012-06-22 00:54 - 2012-06-22 00:54 - 01012656 ____A C:\Users\Kyle\Downloads\rkill.com 2012-06-22 00:39 - 2012-06-22 00:39 - 00045664 ____A C:\Users\Kyle\Desktop\GMer.log 2012-06-22 00:00 - 2012-06-22 00:00 - 00302592 ____A C:\Users\Kyle\Downloads\odp539no.exe 2012-06-21 19:23 - 2012-06-21 19:23 - 02109806 ____A C:\Users\Kyle\Downloads\tdsskiller.zip 2012-06-21 11:33 - 2011-12-09 23:31 - 00000000 ____D C:\Users\Kyle\Documents\Morrowind Mods 2012-06-20 22:26 - 2012-03-03 13:37 - 00000693 ____A C:\Users\Kyle\Desktop\Minecraft.lnk 2012-06-20 22:03 - 2012-06-20 22:03 - 00278561 ____A C:\Users\Kyle\Downloads\Minecraft.exe 2012-06-20 22:02 - 2012-06-20 22:02 - 01589718 ____A C:\Users\Kyle\Downloads\Minecraft_Server.exe 2012-06-20 21:45 - 2012-06-20 21:44 - 00000000 ____D C:\Users\Kyle\Downloads\Minecraft_key_code_generator 2012-06-20 21:35 - 2012-06-20 21:35 - 00000000 ____D C:\Users\Kyle\Downloads\Minecraft Gift Code Generator v1.9.1 2012-06-19 11:54 - 2012-06-19 11:54 - 00951853 ____A C:\Users\Kyle\Downloads\RK_00262_HD25.mp4 2012-06-19 11:49 - 2012-06-19 11:49 - 00001822 ____A C:\Users\Kyle\Downloads\backfill.mov 2012-06-19 11:49 - 2012-06-19 11:49 - 00001817 ____A C:\Users\Kyle\Downloads\welding.mov 2012-06-19 11:48 - 2012-06-19 11:48 - 00997888 ____A C:\Users\Kyle\Downloads\sparks.avi 2012-06-18 12:25 - 2012-06-18 12:25 - 00001196 ____A C:\Users\Kyle\Desktop\FileZilla.lnk 2012-06-17 19:44 - 2011-08-07 13:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2012-06-17 19:44 - 2011-06-02 06:14 - 00000000 ____D C:\Program Files (x86)\Adobe 2012-06-17 18:59 - 2011-06-26 15:07 - 00000000 ____D C:\Program Files\Adobe 2012-06-17 18:59 - 2011-06-26 15:06 - 00000000 ____D C:\Program Files\Common Files\Adobe 2012-06-17 18:58 - 2012-06-17 18:57 - 00000000 ____D C:\Users\Kyle\Downloads\PremierePro_6_Content_LS7 2012-06-17 18:58 - 2011-06-02 06:14 - 00000000 ____D C:\Users\Kyle\AppData\Local\Adobe 2012-06-17 18:56 - 2012-06-17 18:45 - 768928646 ____A C:\Users\Kyle\Downloads\PremierePro_6_Content_LS7.7z 2012-06-17 18:29 - 2012-06-17 18:29 - 00000000 ____D C:\Users\Kyle\Downloads\Encore Working 2012-06-17 12:38 - 2012-06-16 22:25 - 00000000 ____D C:\Users\Kyle\Desktop\Flea Market 2012-06-17 11:58 - 2011-08-26 20:31 - 00000000 ____D C:\Users\All Users\Skype 2012-06-14 19:43 - 2012-05-26 09:50 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\WorldPainter 2012-06-14 18:46 - 2012-05-26 09:50 - 00000000 ____D C:\Program Files\WorldPainter 2012-06-14 18:21 - 2012-06-14 18:21 - 02446584 ____A (pepsoft.org) C:\Users\Kyle\Documents\worldpainter_64_0.8.9.exe 2012-06-14 12:20 - 2012-06-06 18:15 - 00000000 ____D C:\Users\Kyle\Documents\Island Stuff 2012-06-13 15:10 - 2012-06-13 15:08 - 09813457 ____A C:\Users\Kyle\Downloads\F-list Messenger 0-8-3 beta.zip 2012-06-13 15:01 - 2012-05-11 11:56 - 00001107 ____A C:\Users\Kyle\Desktop\Modeler.lnk 2012-06-13 15:01 - 2012-05-11 11:56 - 00001100 ____A C:\Users\Kyle\Desktop\Layout.lnk 2012-06-13 14:26 - 2011-11-27 11:40 - 00000000 ____D C:\Program Files (x86)\SpeedFan 2012-06-13 12:07 - 2012-06-13 12:05 - 00000000 ____D C:\Users\Kyle\Downloads\The Legend of Korra 2012-06-13 12:05 - 2012-06-13 12:05 - 00000000 ____D C:\Users\Kyle\Documents\Almost Human 2012-06-13 12:04 - 2012-01-30 17:47 - 00000000 ____D C:\Program Files (x86)\GOG.com 2012-06-13 00:09 - 2011-06-02 11:33 - 00000000 ____D C:\Users\All Users\Microsoft Help 2012-06-13 00:04 - 2012-03-12 18:45 - 58957832 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2012-06-11 23:31 - 2012-06-11 23:31 - 00036210 ____A C:\Users\Kyle\Documents\Loki_009.htm 2012-06-11 19:04 - 2011-10-02 19:43 - 00002358 ____A C:\Users\Kyle\Desktop\Google Chrome.lnk 2012-06-11 08:58 - 2012-06-11 08:58 - 00024032 ____A C:\Users\Kyle\Documents\cc_20120611_115807.reg 2012-06-11 08:55 - 2011-07-22 17:14 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\DAEMON Tools Lite 2012-06-10 23:07 - 2012-06-10 23:07 - 00107753 ____A C:\Users\Kyle\Documents\Loki_008.htm 2012-06-10 18:57 - 2012-06-07 12:24 - 00002340 ____A C:\Users\Public\Desktop\Creatures 2.lnk 2012-06-10 18:57 - 2012-06-07 12:24 - 00002331 ____A C:\Users\Public\Desktop\Creatures 1.lnk 2012-06-10 18:46 - 2012-06-10 18:46 - 00323997 ____A C:\Users\Kyle\Downloads\Remaster Patch.zip 2012-06-10 18:46 - 2012-06-10 18:46 - 00000000 ____D C:\Users\Kyle\Downloads\Remaster Patch 2012-06-08 22:01 - 2012-06-08 22:01 - 00070272 ____A C:\Users\Kyle\Documents\Loki_007.htm 2012-06-08 17:37 - 2012-06-08 17:37 - 00000000 ____D C:\Users\Kyle\Downloads\StarForge_V0.1 2012-06-08 17:36 - 2012-06-08 17:30 - 315470531 ____A C:\Users\Kyle\Downloads\StarForge_V0.1.zip 2012-06-08 16:42 - 2012-06-08 16:40 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\Braid 2012-06-07 21:58 - 2012-06-07 21:19 - 00017140 ____A C:\Users\Kyle\Documents\Loki_006.htm 2012-06-07 20:51 - 2012-06-07 20:45 - 00000028 ____A C:\Windows\encore_launcher.ini 2012-06-07 18:55 - 2012-06-07 18:55 - 00000000 ____D C:\Users\Kyle\Downloads\grendel_cage 2012-06-07 14:14 - 2012-06-07 14:14 - 01114119 ____A C:\Users\Kyle\Downloads\Creatures_Update_2.exe 2012-06-07 14:09 - 2012-06-07 14:09 - 00002395 ____A C:\Users\Kyle\Downloads\tomato_soup.zip 2012-06-07 14:06 - 2012-06-07 14:06 - 00014335 ____A C:\Users\Kyle\Downloads\peartree.zip 2012-06-07 14:04 - 2012-06-07 14:04 - 00023323 ____A C:\Users\Kyle\Downloads\grapevine.zip 2012-06-07 14:04 - 2012-06-07 14:04 - 00013553 ____A C:\Users\Kyle\Downloads\grendel_cage.zip 2012-06-07 14:03 - 2012-06-07 14:03 - 00049380 ____A C:\Users\Kyle\Downloads\de_theme.zip 2012-06-07 12:53 - 2012-06-07 12:53 - 00000000 ____D C:\Users\Kyle\Downloads\c_albian_years_manuals 2012-06-07 12:24 - 2012-06-07 12:23 - 00000000 ____D C:\Users\Kyle\Documents\Creatures 2012-06-07 12:19 - 2012-06-07 12:16 - 116171848 ____A (GOG.com ) C:\Users\Kyle\Downloads\setup_creatures_albian_years.exe 2012-06-07 12:16 - 2012-06-07 12:16 - 01207334 ____A C:\Users\Kyle\Downloads\c_albian_years_manuals.zip 2012-06-07 00:34 - 2012-06-07 00:33 - 00025288 ____A C:\Users\Kyle\Documents\LokiThor3some_001.htm 2012-06-06 18:32 - 2011-08-30 18:31 - 00000000 ____D C:\Users\Kyle\Desktop\Lizzie's Couch 2012-06-06 11:18 - 2011-06-04 13:18 - 00001053 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk 2012-06-06 11:06 - 2012-06-06 11:06 - 17151152 ____A (Mozilla) C:\Users\Kyle\Downloads\Firefox Setup 13.0b7.exe 2012-06-06 01:41 - 2012-06-06 01:41 - 00094869 ____A C:\Users\Kyle\Documents\Loki_005.htm 2012-06-05 19:54 - 2012-03-13 15:51 - 00000000 ____D C:\Program Files (x86)\Docking Station 2012-06-05 19:49 - 2012-06-05 19:47 - 31733248 ____A C:\Users\Kyle\Downloads\dockingstation_195.exe 2012-06-05 18:23 - 2012-06-05 18:23 - 00000000 ____D C:\Program Files\Common Files\INCA Shared 2012-06-05 01:32 - 2011-07-18 18:54 - 00000000 ____D C:\Program Files\PeerBlock 2012-06-05 00:52 - 2012-06-05 00:52 - 00077900 ____A C:\Users\Kyle\Documents\Loki_004.htm 2012-06-05 00:15 - 2012-06-05 00:15 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1 2012-06-05 00:15 - 2012-06-05 00:15 - 00000000 ____D C:\gPotato 2012-06-05 00:15 - 2012-06-04 23:46 - 1764105178 ____A (Acresso Software Inc. ) C:\Users\Kyle\Downloads\Iris_US_v1.20.31086.exe 2012-06-04 23:45 - 2012-06-04 23:45 - 00773400 ____A C:\Users\Kyle\Downloads\IRIS_US_Downloader.exe 2012-06-03 20:50 - 2012-06-02 10:36 - 00000000 ____D C:\Users\Kyle\Downloads\Doctor Who 2012-06-03 13:03 - 2012-06-03 13:02 - 00000000 ____D C:\Python27 2012-06-03 13:03 - 2012-06-03 12:56 - 00000000 ____D C:\Program Files (x86)\OpenRPG 2012-06-03 13:02 - 2012-06-03 13:00 - 15867904 ____A C:\Users\Kyle\Downloads\python-2.7.3.msi 2012-06-03 12:56 - 2012-06-03 12:55 - 00829561 ____A C:\Users\Kyle\Downloads\openrpg-1.7.1.exe 2012-06-03 00:38 - 2012-06-03 00:38 - 00105831 ____A C:\Users\Kyle\Documents\Loki_003.htm 2012-06-02 10:30 - 2012-06-02 10:28 - 00000000 ____D C:\Users\Kyle\Downloads\Doctor Who 2005 Season 1-5 2012-06-01 17:22 - 2012-05-22 16:59 - 00000000 ____D C:\Users\Kyle\Downloads\Hentai 2012-05-31 18:05 - 2012-05-31 17:56 - 00000000 ____D C:\Users\Kyle\Documents\Recipes 2012-05-31 13:28 - 2011-06-30 19:02 - 00000000 ____D C:\LiberKey 2012-05-31 10:34 - 2012-05-31 10:33 - 27070144 ____A (IObit ) C:\Users\Kyle\Downloads\asc-setup.exe 2012-05-31 10:34 - 2012-03-12 17:57 - 00001276 ____A C:\Users\Public\Desktop\Uninstaller.lnk 2012-05-31 10:34 - 2012-03-12 17:57 - 00001225 ____A C:\Users\Public\Desktop\Advanced SystemCare 5.lnk 2012-05-31 00:34 - 2012-05-31 00:34 - 00047292 ____A C:\Users\Kyle\Documents\Loki_002.htm 2012-05-29 18:13 - 2012-05-29 18:10 - 00000000 ____D C:\Users\Kyle\Downloads\Captain America The First Avenger (2011) DVDRip XviD-MAXSPEED 2012-05-29 18:07 - 2012-05-29 18:07 - 00000000 ____D C:\Users\Kyle\AppData\Local\CRE 2012-05-29 18:07 - 2012-05-29 18:07 - 00000000 ____D C:\Program Files (x86)\Conduit 2012-05-28 22:27 - 2012-05-28 22:27 - 00810743 ____A C:\Users\Kyle\Downloads\BTWMod3-64.zip 2012-05-28 19:03 - 2012-05-28 19:03 - 00001911 ____A C:\Users\Kyle\Desktop\WorldPainter.lnk 2012-05-28 18:57 - 2012-05-28 18:56 - 06766449 ____A (Sytexis Software ) C:\Users\Kyle\Downloads\playclaw3.1969.exe 2012-05-28 17:16 - 2012-05-28 17:16 - 00999771 ____A C:\Users\Kyle\Downloads\SinglePlayerCommands-MC1.2.5_V3.2.2.jar 2012-05-28 14:50 - 2012-05-28 14:50 - 00000029 ____A C:\Windows\Index.ini 2012-05-28 14:45 - 2012-05-28 14:45 - 00189894 ____A C:\Users\Kyle\Documents\cc_20120528_174523.reg 2012-05-26 16:58 - 2012-05-26 16:29 - 00000000 ____D C:\Users\Kyle\Downloads\Legend.of.Grimrock-RELOADED 2012-05-26 16:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system 2012-05-26 16:31 - 2012-05-26 16:27 - 00000000 ____D C:\Users\Kyle\Downloads\Creatures Trilogy 2012-05-26 14:54 - 2012-05-26 14:52 - 00000000 ___HD C:\Windows\msdownld.tmp 2012-05-26 14:53 - 2012-05-26 14:53 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\Hi-Rez Studios 2012-05-26 14:52 - 2012-05-26 14:52 - 00000000 ____D C:\Windows\SysWOW64\directx 2012-05-26 14:52 - 2012-05-26 14:52 - 00000000 ____D C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP 2012-05-26 14:52 - 2012-05-26 14:52 - 00000000 ____D C:\Users\Kyle\AppData\Local\Aeria Games 2012-05-26 14:51 - 2012-05-26 14:51 - 00000000 ____D C:\Users\All Users\Aeria Games 2012-05-26 11:34 - 2012-05-26 11:34 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA 2012-05-26 10:38 - 2012-05-26 10:38 - 00000000 ____D C:\Users\Kyle\Documents\WorldPainterSaves 2012-05-26 10:05 - 2012-05-26 10:04 - 00000000 ____D C:\Users\Kyle\.minecraft 2012-05-26 09:51 - 2012-05-26 09:51 - 00001615 ____A C:\Users\Kyle\Desktop\Dream of Mirror Online.lnk 2012-05-26 09:49 - 2012-05-26 09:50 - 00955848 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll 2012-05-26 09:49 - 2012-05-26 09:50 - 00839112 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll 2012-05-26 09:49 - 2012-05-26 09:50 - 00268744 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe 2012-05-26 09:49 - 2012-05-26 09:49 - 00189384 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe 2012-05-26 09:49 - 2012-05-26 09:49 - 00188872 ____A (Oracle Corporation) C:\Windows\System32\java.exe 2012-05-26 09:49 - 2012-05-26 09:49 - 00000000 ____D C:\Program Files\Java 2012-05-26 09:48 - 2012-05-26 08:36 - 00000000 ____D C:\AeriaGames 2012-05-26 08:28 - 2012-01-28 22:48 - 00000000 ____D C:\Program Files (x86)\horse6.6 2012-05-26 08:27 - 2011-08-28 21:00 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2012-05-26 08:26 - 2011-07-23 12:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Games 2012-05-25 13:51 - 2012-05-22 00:01 - 00003211 ____A C:\Users\Kyle\Documents\Lokisms.txt 2012-05-24 07:47 - 2012-03-13 04:02 - 00024448 ____A (IObit) C:\Windows\System32\RegistryDefragBootTime.exe 2012-05-23 19:36 - 2012-05-23 19:16 - 732221440 ____A C:\Users\Kyle\Downloads\Ralph Bakshi's Wizards.avi 2012-05-23 12:29 - 2012-05-23 12:29 - 00000000 ____D C:\Users\Kyle\Downloads\Adobe Premier Pro 2 Keygen & Activation 2012-05-22 12:36 - 2011-09-24 15:11 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\NVIDIA 2012-05-22 12:20 - 2011-08-08 18:13 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2012-05-22 12:20 - 2011-06-02 06:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2012-05-21 17:24 - 2012-05-21 17:24 - 00000258 ____A C:\Users\Kyle\Documents\cc_20120521_202457.reg 2012-05-21 14:05 - 2012-05-21 14:05 - 00002467 ____A C:\Users\Kyle\Documents\Spelling Song Lyrics.txt 2012-05-21 00:02 - 2012-05-21 00:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2012-05-21 00:02 - 2012-05-21 00:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2012-05-19 02:52 - 2012-05-19 02:52 - 00072954 ____A C:\Users\Kyle\Documents\NoisyBoy_002.htm 2012-05-18 16:20 - 2011-12-21 22:21 - 00001920 ____A C:\Users\Kyle\Documents\Ad.txt 2012-05-18 07:55 - 2012-05-18 07:55 - 00069905 ____A C:\Users\Kyle\Documents\NoisyBoy_001.htm 2012-05-17 16:31 - 2012-05-17 16:28 - 00000000 ____D C:\Users\Kyle\Downloads\Thor (2011) DVDRip XviD-MAXSPEED 2012-05-17 00:35 - 2012-05-17 00:35 - 00043817 ____A C:\Users\Kyle\Documents\IronMan_001.htm 2012-05-15 02:48 - 2012-05-22 12:19 - 25743168 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll 2012-05-15 02:48 - 2012-05-22 12:19 - 25248064 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll 2012-05-15 02:48 - 2012-05-22 12:19 - 19607872 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2012-05-15 02:48 - 2012-05-22 12:19 - 18044224 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll 2012-05-15 02:48 - 2012-05-22 12:19 - 17551680 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2012-05-15 02:48 - 2012-05-22 12:19 - 15322432 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2012-05-15 02:48 - 2012-05-22 12:19 - 14298944 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys 2012-05-15 02:48 - 2012-05-22 12:19 - 10194752 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll 2012-05-15 02:48 - 2012-05-22 12:19 - 08139072 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll 2012-05-15 02:48 - 2012-05-22 12:19 - 05982528 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2012-05-15 02:48 - 2012-05-22 12:19 - 02881856 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll 2012-05-15 02:48 - 2012-05-22 12:19 - 02681664 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll 2012-05-15 02:48 - 2012-05-22 12:19 - 02524992 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2012-05-15 02:48 - 2012-05-22 12:19 - 02445120 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2012-05-15 02:48 - 2012-05-22 12:19 - 01738048 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco64.dll 2012-05-15 02:48 - 2012-05-22 12:19 - 01468224 ____A (NVIDIA Corporation) C:\Windows\System32\nvgenco64.dll 2012-05-15 02:48 - 2011-06-02 06:21 - 02741568 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll 2012-05-15 02:48 - 2011-06-02 06:21 - 02368832 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2012-05-15 02:48 - 2011-06-02 06:21 - 00068928 ____A (Khronos Group) C:\Windows\System32\OpenCL.dll 2012-05-15 02:48 - 2011-06-02 06:21 - 00061248 ____A (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2012-05-15 02:48 - 2011-06-02 06:21 - 00014324 ____A C:\Windows\System32\nvinfo.pb 2012-05-15 02:48 - 2009-07-13 13:59 - 08105280 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2012-05-15 01:29 - 2011-06-02 06:22 - 03149632 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll 2012-05-15 01:29 - 2011-06-02 06:22 - 00889664 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe 2012-05-15 01:29 - 2011-06-02 06:22 - 00118080 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll 2012-05-15 01:29 - 2011-06-02 06:22 - 00063296 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll 2012-05-15 01:28 - 2011-06-02 06:22 - 06151488 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll 2012-05-14 23:56 - 2012-05-14 23:56 - 00030278 ____A C:\Users\Kyle\Documents\Loki_001.htm 2012-05-14 23:21 - 2012-05-14 23:21 - 00423744 ____A C:\Windows\SysWOW64\nvStreaming.exe 2012-05-11 11:55 - 2012-05-11 11:55 - 00002231 ____A C:\Users\Kyle\Desktop\Fusion 5.2.lnk 2012-05-11 11:54 - 2012-05-11 11:54 - 00000000 ____D C:\Program Files (x86)\eyeon 2012-05-11 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Setup 2012-05-11 11:49 - 2012-05-11 11:49 - 00000000 ____D C:\Users\Kyle\Downloads\eyeon fusion 5.2 2012-05-11 11:46 - 2012-05-11 11:42 - 52374122 ____A C:\Users\Kyle\Downloads\eyeon fusion 5.2.rar 2012-05-11 11:34 - 2012-05-11 11:34 - 00000000 ____D C:\Users\All Users\Mozilla 2012-05-10 00:26 - 2011-06-02 10:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-05-09 21:51 - 2012-02-15 05:08 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-05-09 15:49 - 2011-12-25 09:16 - 00000000 ____D C:\Users\Kyle\AppData\Local\Skyrim 2012-05-09 13:45 - 2011-11-27 16:58 - 00000000 ___RD C:\Users\Kyle\Virtual Machines 2012-05-09 13:39 - 2012-03-09 17:40 - 00002120 ____A C:\Users\Kyle\Desktop\VisualBoyAdvance - Shortcut.lnk 2012-05-09 13:39 - 2011-08-07 14:17 - 00001869 ____A C:\Users\Kyle\Desktop\Star Wars Knights of the Old Republic.lnk 2012-05-09 13:39 - 2011-07-18 18:54 - 00001780 ____A C:\Users\Kyle\Desktop\PeerBlock.lnk 2012-05-09 13:39 - 2011-06-19 18:17 - 00002058 ____A C:\Users\Public\Desktop\Media Player Classic - Home Cinema x64.lnk 2012-05-08 18:23 - 2012-05-08 18:18 - 00000000 ____D C:\Users\All Users\Ralink 2012-05-08 17:56 - 2012-05-08 17:56 - 00000000 ____D C:\Program Files (x86)\Edimax 2012-05-08 17:56 - 2012-05-08 16:35 - 00000000 ____D C:\Users\All Users\Edimax Driver 2012-05-08 17:56 - 2009-07-13 18:34 - 00000512 ____A C:\Windows\win.ini 2012-05-08 16:40 - 2012-05-08 16:40 - 00000000 ____D C:\Program Files (x86)\Cisco 2012-05-08 16:35 - 2012-05-08 16:35 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\InstallShield 2012-05-08 16:35 - 2012-05-08 16:35 - 00000000 ____D C:\Users\All Users\InstallShield 2012-04-28 19:27 - 2012-04-13 15:46 - 00000000 ____D C:\Windows\Minidump 2012-04-28 19:13 - 2012-04-28 19:13 - 00000000 ____D C:\Program Files (x86)\LucasArts 2012-04-25 08:35 - 2012-04-25 08:35 - 00546640 ___RA (iS3, Inc.) C:\Windows\SysWOW64\SZComp5.dll 2012-04-25 08:35 - 2012-04-25 08:35 - 00481104 ___RA (iS3, Inc.) C:\Windows\SysWOW64\SZBase5.dll 2012-04-25 08:35 - 2012-04-25 08:35 - 00023376 ___RA (iS3, Inc.) C:\Windows\SysWOW64\SZIO5.dll 2012-04-19 14:39 - 2012-04-19 14:39 - 00808784 ___RA (iS3, Inc.) C:\Windows\SysWOW64\IS3Base5.dll 2012-04-19 14:39 - 2012-04-19 14:39 - 00456528 ___RA (iS3, Inc.) C:\Windows\SysWOW64\IS3DBA5.dll 2012-04-19 14:39 - 2012-04-19 14:39 - 00390992 ___RA (iS3, Inc.) C:\Windows\SysWOW64\IS3UI5.dll 2012-04-19 14:39 - 2012-04-19 14:39 - 00231248 ___RA (iS3, Inc.) C:\Windows\SysWOW64\IS3Win325.dll 2012-04-19 14:39 - 2012-04-19 14:39 - 00132944 ___RA (iS3, Inc.) C:\Windows\SysWOW64\IS3HTUI5.dll 2012-04-19 14:39 - 2012-04-19 14:39 - 00104272 ___RA (iS3, Inc.) C:\Windows\SysWOW64\IS3Inet5.dll 2012-04-19 14:39 - 2012-04-19 14:39 - 00100176 ___RA (iS3, Inc.) C:\Windows\SysWOW64\IS3Svc5.dll 2012-04-19 14:39 - 2012-04-19 14:39 - 00067408 ___RA (iS3, Inc.) C:\Windows\SysWOW64\IS3Hks5.dll 2012-04-19 14:39 - 2012-04-19 14:39 - 00029008 ___RA (iS3, Inc.) C:\Windows\SysWOW64\IS3XDat5.dll 2012-04-18 14:56 - 2011-08-27 15:55 - 00000000 ____D C:\Users\Kyle\Desktop\Lightwave 2012-04-10 20:31 - 2012-04-10 20:31 - 02303488 ____A (Python Software Foundation) C:\Windows\SysWOW64\python27.dll 2012-04-05 20:46 - 2012-04-05 20:46 - 00000000 ____D C:\Users\Kyle\AppData\Local\Freelancer 2012-04-05 20:46 - 2011-06-04 14:26 - 00000000 ____D C:\Users\Kyle\Documents\My Games 2012-04-05 20:42 - 2012-04-05 20:42 - 00002231 ____A C:\Users\Public\Desktop\Freelancer.lnk 2012-04-04 12:56 - 2011-06-02 10:20 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2012-04-04 00:10 - 2012-04-03 16:58 - 00000000 ____D C:\Users\All Users\FarmFrenzy_Rome 2012-04-03 16:58 - 2012-04-03 16:58 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper 2012-04-03 16:58 - 2012-04-03 16:58 - 00000000 ____D C:\Users\All Users\AlawarWrapper 2012-04-03 16:57 - 2012-04-03 16:57 - 00000000 ____D C:\Windows\Farm Frenzy Ancient Rome ZeroAccess: C:\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16} C:\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\L C:\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U C:\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\L\00000004.@ C:\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\L\201d3dde C:\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\00000004.@ C:\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\00000008.@ C:\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\000000cb.@ C:\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\80000000.@ C:\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\80000032.@ C:\Windows\Installer\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U\80000064.@ ZeroAccess: C:\Users\Kyle\AppData\Local\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16} C:\Users\Kyle\AppData\Local\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\@ C:\Users\Kyle\AppData\Local\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\L C:\Users\Kyle\AppData\Local\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\n C:\Users\Kyle\AppData\Local\{d270f3b2-8255-d6f6-5ea1-c9a2db5cbd16}\U ========================= Known DLLs (Whitelisted) ============ ========================= Bamital & volsnap Check ============ C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!. C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ========================= Memory info ====================== Percentage of memory in use: 9% Total physical RAM: 8191.24 MB Available physical RAM: 7392.3 MB Total Pagefile: 8189.39 MB Available Pagefile: 7371.6 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ======================= Partitions ========================= 1 Drive c: () (Fixed) (Total:1862.92 GB) (Free:1242.71 GB) NTFS 2 Drive e: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF 3 Drive f: () (Removable) (Total:1.9 GB) (Free:1.9 GB) FAT32 4 Drive g: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS 5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS 6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 1863 GB 0 B Disk 1 Online 1952 MB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 100 MB 1024 KB Partition 2 Primary 1862 GB 101 MB ====================================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 Y System Rese NTFS Partition 100 MB Healthy ====================================================================================================== Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 C NTFS Partition 1862 GB Healthy ====================================================================================================== Partitions of Disk 1: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- * Partition 1 Primary 1952 MB 0 B ====================================================================================================== Disk: 1 There is no partition selected. There is no partition selected. Please select a partition and try again. ====================================================================================================== ========================================================== Last Boot: 2012-06-28 13:04 ======================= End Of Log ==========================
  10. charade539
    I did, and I am now able to get back into Windows. Will retry your instructions.
  11. charade539
    Yes, we removed the CD.
  12. charade539
    Also, I need to add that there was no option to choose my account, it automatically ran a diagnostic and rebooted, and then this began.
  13. charade539
    I attempted to follow your instructions and am now stuck on a boot loop. It continously returns the the 'start windows normally/safe mode/etc' screen. No matter what I choose it just restarts.
  14. charade539
    I downloaded the file, put it on a thumb drive, and followed your instructions, but the option to "Repair your computer" did not appear. I removed all other files from the flash drive and tried again, but it still did not show up.
  15. charade539
    This is what happened when I ran Combofix.
  16. charade539
    Hello Gringo, nice to meet you. Here's the Security Check report: Results of screen317's Security Check version 0.99.42 Windows 7 x64 (UAC is disabled!) Out of date service pack!! Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.61.0.1400 AVG PC Tuneup 2011 Adobe Reader X (10.1.3) Mozilla Firefox (14.0) Google Chrome 19.0.1084.52 Google Chrome 19.0.1084.56 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe IObit IObit Malware Fighter IMFsrv.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` I will run combofix as soon as I post this so I can close the browser.
  17. charade539
    Malwarebytes keeps popping up with this virus, but when I tell it to remove it, it shows up again anyway. Also, I'm not sure if it is directly related to this virus or if another might be causing the problem, but I am continuously getting redirects and popups on my Firefox browser. It usually takes 5-10 tries of clicking a link to get to the site I wanted in the first place. Per your instructions, the information is below: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Kyle at 19:18:59 on 2012-06-26 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8191.6115 [GMT -5:00] . SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Edimax\Common\RaUI.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\Edimax\Common\RaRegistry.exe C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\SysWOW64\NOTEPAD.EXE "C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3072253 uInternet Settings,ProxyOverride = *.local;<local> uURLSearchHooks: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - C:\Program Files (x86)\IObit Toolbar\IE\5.1\iobitToolbarIE.dll uURLSearchHooks: H - No File mWinlogon: Userinit=userinit.exe, BHO: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - C:\Program Files (x86)\IObit Toolbar\IE\5.1\iobitToolbarIE.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Updater For Spam Free Search Bar: {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll BHO: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll TB: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll TB: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - C:\Program Files (x86)\IObit Toolbar\IE\5.1\iobitToolbarIE.dll TB: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File uRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [<NO NAME>] mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WIRELE~1.LNK - C:\Program Files (x86)\Edimax\Common\RaUI.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL LSP: mswsock.dll Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{4B151ABF-B89E-41C3-AEC3-A607F2CC3AD9} : DhcpNameServer = 192.168.2.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: IObit Toolbar: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\5.1\iobitToolbarIE.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Updater For Spam Free Search Bar: {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll BHO-X64: Updater For Spam Free Search Bar - No File BHO-X64: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll BHO-X64: Spam Free Search Bar - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll TB-X64: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll TB-X64: IObit Toolbar: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\5.1\iobitToolbarIE.dll TB-X64: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [(Default)] mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\tq9u0624.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - about:home FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Users\Kyle\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\tq9u0624.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll . ============= SERVICES / DRIVERS =============== . R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?] R1 SBRE;SBRE;\??\C:\Windows\system32\drivers\SBREdrv.sys --> C:\Windows\system32\drivers\SBREdrv.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-3-12 913792] R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-6-22 821592] R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928] R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-10 654408] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-5-22 1262400] R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Edimax\Common\RaRegistry.exe [2012-5-8 185632] R2 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe [2012-5-8 212256] R2 Sentinel64;Sentinel64;C:\Windows\system32\Drivers\Sentinel64.sys --> C:\Windows\system32\Drivers\Sentinel64.sys [?] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272] R3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088] R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-6-22 21384] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?] R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2012-6-22 33184] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-5 160944] S2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2012-6-2 1019328] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-2 250056] S3 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2012-3-4 748440] S3 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-9-26 375176] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-11 113120] S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?] S3 SentinelKeysServer;Sentinel Keys Server;C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2009-9-17 369952] S3 SentinelSecurityRuntime;Sentinel Security Runtime;C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2009-9-17 292128] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2012-6-22 21872] . =============== Created Last 30 ================ . 2012-06-26 22:50:53 57976 ----a-r- C:\Windows\System32\drivers\SBREDrv.sys 2012-06-26 22:50:46 -------- d-----w- C:\Program Files (x86)\STOPzilla! 2012-06-26 22:50:45 -------- d-----w- C:\ProgramData\STOPzilla! 2012-06-26 22:50:45 -------- d-----w- C:\Program Files (x86)\Common Files\iS3 2012-06-26 22:42:56 110080 ----a-r- C:\Users\Kyle\AppData\Roaming\Microsoft\Installer\{18F97AF0-4F88-4494-AFE2-5A5702E142CC}\IconF7A21AF7.exe 2012-06-26 22:42:56 110080 ----a-r- C:\Users\Kyle\AppData\Roaming\Microsoft\Installer\{18F97AF0-4F88-4494-AFE2-5A5702E142CC}\IconD7F16134.exe 2012-06-26 22:42:56 110080 ----a-r- C:\Users\Kyle\AppData\Roaming\Microsoft\Installer\{18F97AF0-4F88-4494-AFE2-5A5702E142CC}\Icon1226A4C5.exe 2012-06-26 22:42:56 -------- d-----w- C:\sh4ldr 2012-06-26 22:42:56 -------- d-----w- C:\Program Files\Enigma Software Group 2012-06-26 22:42:20 -------- d-----w- C:\Windows\18F97AF04F884494AFE25A5702E142CC.TMP 2012-06-23 21:25:31 -------- d-----w- C:\Users\Kyle\AppData\Local\Macromedia 2012-06-23 21:03:09 9815752 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-06-23 18:27:49 -------- d-----w- C:\Program Files (x86)\MCSkin3D 2012-06-21 05:56:21 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA% 2012-06-19 18:16:25 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4D8DADC4-F81E-4476-A9F1-A093EF46F036}\mpengine.dll 2012-06-18 03:44:46 14604 ----a-w- C:\Windows\SysWow64\drivers\pfc.sys 2012-06-18 03:44:43 344064 ----a-r- C:\Windows\SysWow64\msvcr70.dll 2012-06-09 00:40:11 -------- d-----w- C:\Users\Kyle\AppData\Roaming\Braid 2012-06-09 00:39:59 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll 2012-06-06 19:18:50 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-06 19:18:50 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll 2012-06-06 19:18:50 136672 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll 2012-06-06 02:23:24 4227704 ----a-w- C:\Windows\SysWow64\GameMon.des 2012-06-06 02:23:10 5174 ----a-w- C:\Windows\SysWow64\nppt9x.vxd 2012-06-06 02:23:10 4682 ----a-w- C:\Windows\SysWow64\npptNT2.sys 2012-06-06 02:23:00 -------- d-----w- C:\Program Files\Common Files\INCA Shared 2012-06-05 08:15:47 -------- d-----w- C:\Program Files (x86)\BandiMPEG1 2012-06-05 08:15:46 -------- d-----w- C:\gPotato 2012-06-03 21:02:48 -------- d-----w- C:\Python27 2012-06-03 20:56:13 -------- d-----w- C:\Program Files (x86)\OpenRPG 2012-06-02 18:10:13 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-05-30 02:07:21 -------- d-----w- C:\Users\Kyle\AppData\Local\CRE 2012-05-30 02:07:20 -------- d-----w- C:\Program Files (x86)\Conduit 2012-05-30 02:07:19 -------- d-----w- C:\Users\Kyle\AppData\Local\Conduit . ==================== Find3M ==================== . 2012-06-23 21:03:12 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-26 17:49:43 955848 ----a-w- C:\Windows\System32\npDeployJava1.dll 2012-05-26 17:49:43 839112 ----a-w- C:\Windows\System32\deployJava1.dll 2012-05-24 15:47:56 24448 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe 2012-05-15 09:29:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-05-15 09:29:46 63296 ----a-w- C:\Windows\System32\nvshext.dll 2012-05-15 09:29:46 118080 ----a-w- C:\Windows\System32\nvmctray.dll 2012-05-15 09:29:25 3149632 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-05-15 09:28:42 6151488 ----a-w- C:\Windows\System32\nvcpl.dll 2012-05-15 07:21:50 423744 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-04-25 16:35:32 23376 ----a-r- C:\Windows\SysWow64\SZIO5.dll 2012-04-25 16:35:22 546640 ----a-r- C:\Windows\SysWow64\SZComp5.dll 2012-04-25 16:35:16 481104 ----a-r- C:\Windows\SysWow64\SZBase5.dll 2012-04-19 22:39:44 29008 ----a-r- C:\Windows\SysWow64\IS3XDat5.dll 2012-04-19 22:39:44 231248 ----a-r- C:\Windows\SysWow64\IS3Win325.dll 2012-04-19 22:39:42 390992 ----a-r- C:\Windows\SysWow64\IS3UI5.dll 2012-04-19 22:39:42 100176 ----a-r- C:\Windows\SysWow64\IS3Svc5.dll 2012-04-19 22:39:36 104272 ----a-r- C:\Windows\SysWow64\IS3Inet5.dll 2012-04-19 22:39:34 67408 ----a-r- C:\Windows\SysWow64\IS3Hks5.dll 2012-04-19 22:39:34 132944 ----a-r- C:\Windows\SysWow64\IS3HTUI5.dll 2012-04-19 22:39:32 456528 ----a-r- C:\Windows\SysWow64\IS3DBA5.dll 2012-04-19 22:39:30 808784 ----a-r- C:\Windows\SysWow64\IS3Base5.dll 2012-04-11 04:31:54 2303488 ----a-w- C:\Windows\SysWow64\python27.dll 2012-04-04 20:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys . ============= FINISH: 19:19:23.51 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 6/2/2011 8:25:26 AM System Uptime: 6/26/2012 6:51:51 PM (1 hours ago) . Motherboard: MSI | | G41M-P33 (MS-7592) Processor: Intel® Core2 Quad CPU Q8400 @ 2.66GHz | CPU 1 | 2670/333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 1863 GiB total, 1248.091 GiB free. D: is CDROM (CDFS) E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP243: 6/17/2012 2:11:57 PM - Windows Update RP244: 6/17/2012 10:44:29 PM - Installed Adobe Premiere Pro RP245: 6/18/2012 3:00:12 AM - Windows Update RP246: 6/18/2012 11:42:55 PM - Windows Update RP247: 6/19/2012 1:13:15 PM - Windows Update RP248: 6/19/2012 1:15:24 PM - Windows Update RP249: 6/20/2012 11:57:23 AM - Windows Update RP250: 6/21/2012 3:00:13 AM - Windows Update RP251: 6/22/2012 3:00:11 AM - Windows Update RP252: 6/22/2012 5:27:10 AM - Removed Java 6 Update 31 RP253: 6/22/2012 5:36:44 AM - Windows Update RP254: 6/23/2012 12:34:53 AM - Windows Update RP255: 6/23/2012 1:15:26 PM - Windows Update RP256: 6/23/2012 11:24:57 PM - Windows Update RP257: 6/24/2012 2:44:31 PM - Windows Update RP258: 6/25/2012 3:00:16 AM - Windows Update RP259: 6/26/2012 2:00:43 AM - Windows Update RP260: 6/26/2012 3:05:09 PM - Windows Update RP261: 6/26/2012 5:36:49 PM - Restore Operation RP262: 6/26/2012 5:42:23 PM - Installed SpyHunter RP263: 6/26/2012 5:50:10 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later. RP264: 6/26/2012 6:16:56 PM - StopZILLA! Restore Point. RP265: 6/26/2012 6:56:01 PM - StopZILLA! Restore Point. . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Adobe AIR Adobe Community Help Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe Photoshop CS5 Adobe Premiere Pro Adobe Premiere Pro CS6 Functional Content Adobe Reader X (10.1.3) ADRIFT 5.0 Advanced SystemCare 5 Aeria Ignite Age of Mythology Anti-phishing Domain Advisor Apple Application Support Apple Software Update Armed and Dangerous Artisteer 3 AVG PC Tuneup 2011 Azada In Libro Collectors Edition Bandisoft MPEG-1 Decoder Black & White® 2 Black & White® 2 Battle of the Gods Black and White Champions Online: Free For All Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Creatures Albian Years DAEMON Tools Lite DAEMON Tools Toolbar Docking Station Drawn 2 Dark Flight Dream of Mirror Online Dungeon Siege Legends of Aranna Edimax RT2860 Wireless LAN Card EverQuest II EverQuest II Extended eyeon Fusion 5.2 Fallout: New Vegas Freedom Force vs the 3rd Reich Freelancer Gemini Lost . Google Chrome Green Moon horseExpress IBM ViaVoice Command and Control Runtime 5.3 - UK English IBM ViaVoice Outloud Runtime - UK English IObit Malware Fighter IObit Toolbar v5.1 Legend of Grimrock LightWave 10.0 64-bit LogMeIn Malwarebytes Anti-Malware version 1.61.0.1400 MCSkin3D version 1.4 Microsoft Game Studios Common Redistributables Pack 1 Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft WSE 3.0 Runtime Microsoft XML Parser Microsoft XNA Framework Redistributable 4.0 Microsoft Zoo Tycoon Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Minecraft Beta Cracked Morrowind Mozilla Firefox 14.0 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MSXML4 Parser NVIDIA 3D Vision Controller Driver NVIDIA PhysX NVIDIA Stereoscopic 3D Driver Oblivion OpenRPG (Remove Only) Otherworld - Spring of Shadows CE PDF Settings CS5 Pet Workshop Petz 4 (remove only) PetzA 2.2.5 Pidgin Portal Portal 2 Portal 2 Authoring Tools - Beta Python 2.7.3 QuickTime Requiem Rockets and Robots Clipart Sci-Fi Clipart Series Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Sentinel Protection Installer 7.6.1 Skype™ 5.9 Spam Free Search Bar SpeedFan (remove only) Spiral Knights SPORE™ SPORE™ Creepy & Cute Parts Pack Star Wars®: Knights of the Old Republic StarTopia Steam STOPzilla TES Construction Set The Elder Scrolls V: Skyrim Total Video Converter 3.71 100812 Ubisoft Game Launcher Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Winamp Winamp Detector Plug-in WinArchiver World of Warcraft . ==== Event Viewer Messages From Past Week ======== . 6/26/2012 6:54:38 PM, Error: Service Control Manager [7000] - The UrlFilter service failed to start due to the following error: There are no more endpoints available from the endpoint mapper. 6/26/2012 6:53:18 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 6/26/2012 6:53:18 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 6/26/2012 6:53:18 PM, Error: Service Control Manager [7000] - The Hardlock service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. 6/26/2012 6:52:48 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 6/26/2012 6:52:07 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 6/26/2012 6:13:40 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143. 6/25/2012 4:52:48 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 6/25/2012 4:45:44 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 6/23/2012 1:12:40 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 6/22/2012 4:38:07 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 6/22/2012 4:38:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 6/22/2012 4:38:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 6/22/2012 4:38:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 6/22/2012 4:38:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 6/22/2012 4:38:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 6/22/2012 4:37:57 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 6/22/2012 4:37:47 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vpcnfltr vpcvmm vwififlt Wanarpv6 WfpLwf 6/22/2012 4:37:46 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 6/22/2012 4:37:46 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 6/22/2012 4:37:46 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 6/22/2012 4:37:46 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 6/22/2012 4:37:46 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 6/22/2012 4:37:46 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 6/22/2012 4:37:46 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 6/22/2012 4:37:46 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 6/22/2012 4:37:46 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 6/22/2012 4:37:46 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 6/19/2012 6:01:23 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.