Jump to content

HowDidThisGetHere

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I'm not familiar with WinPatrol so the only thing I would ask is do you just run it and leave it be or does it require some action on my part? Otherwise that is all and I really appreciate your help, so thank you.
  2. Oh boy, it found tons of the same thing I thought was gone... ESET Report: C:\Qoobox\Quarantine\C\Users\Fable\AppData\Local\{edfe05c3-645f-9769-6f6f-9033e04473af}\n.vir Win32/Sirefef.EV trojan C:\Qoobox\Quarantine\C\Users\Fable\AppData\Roaming\dmcexp.dll.vir a variant of Win32/Medfos.AM trojan C:\Qoobox\Quarantine\C\Users\Fable\AppData\Roaming\uireap.dll.vir a variant of Win32/Medfos.AM trojan C:\Qoobox\Quarantine\C\Windows\Installer\{edfe05c3-645f-9769-6f6f-9033e04473af}\n.vir Win32/Sirefef.EV trojan C:\Qoobox\Quarantine\C\Windows\Installer\{edfe05c3-645f-9769-6f6f-9033e04473af}\U\80000000.@.vir a variant of Win32/Sirefef.FA trojan C:\Qoobox\Quarantine\C\Windows\Installer\{edfe05c3-645f-9769-6f6f-9033e04473af}\U\80000032.@.vir a variant of Win32/Sirefef.FD trojan C:\Qoobox\Quarantine\C\Windows\System32\services.exe.vir Win32/Sirefef.FC trojan
  3. MBAM Report: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.10.01 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 Fable :: COMPUTRESS [administrator] 7/9/2012 10:15:24 PM mbam-log-2012-07-09 (22-15-24).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 234881 Time elapsed: 2 minute(s), 23 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|beapl (Trojan.Agent) -> Data: rundll32.exe "C:\Users\Fable\AppData\Roaming\beapl.dll",CleanupGlobalTempFiles -> Quarantined and deleted successfully. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\Fable\AppData\Roaming\beapl.dll (Trojan.Agent) -> Quarantined and deleted successfully. (end) Hijackthis Report: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:27:06 PM, on 7/9/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE F:\Program Files\Razer\Razer TRON\RazerTRONSysTray.exe F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe F:\Skype\Phone\Skype.exe C:\Windows\System32\StikyNot.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Fable\Desktop\HijackThis.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\mspaint.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Razer TRON Driver] F:\Program Files\Razer\Razer TRON\RazerTRONSysTray.exe O4 - HKLM\..\Run: [GrooveMonitor] "F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [skype] "F:\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - F:\Skype\Updater\Updater.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- End of file - 4410 bytes No new problems and MSE was reinstalled just fine. Again, everything seems to be ok but I want to be completely sure before I go and change all my passwords.
  4. Here is the report: ComboFix 12-07-08.02 - Fable 07/09/2012 18:33:16.2.8 - x86 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.3063.2014 [GMT -4:00] Running from: c:\users\Fable\Desktop\ComboFix.exe Command switches used :: c:\users\Fable\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Fable\AppData\Roaming\dmcexp.dll . . ((((((((((((((((((((((((( Files Created from 2012-06-09 to 2012-07-09 ))))))))))))))))))))))))))))))) . . 2012-07-09 22:36 . 2012-07-09 22:36 -------- d-----w- c:\users\Fable\AppData\Local\temp 2012-07-09 22:36 . 2012-07-09 22:36 -------- d-----w- c:\users\Wait\AppData\Local\temp 2012-07-09 22:36 . 2012-07-09 22:36 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-07-09 22:36 . 2012-07-09 22:36 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-05 00:22 . 2012-07-05 00:22 -------- d-----w- c:\users\Fable\AppData\Roaming\Malwarebytes 2012-07-05 00:22 . 2012-07-05 00:22 -------- d-----w- c:\programdata\Malwarebytes 2012-07-05 00:22 . 2012-04-04 19:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-04 23:45 . 2012-07-05 01:38 -------- d-----w- c:\users\Fable\AppData\Local\ElevatedDiagnostics 2012-07-04 22:42 . 2012-07-04 22:42 -------- d-sh--w- c:\windows\system32\%APPDATA% 2012-07-04 01:38 . 2012-07-04 01:38 -------- d-----w- c:\users\Fable\AppData\Roaming\fltk.org 2012-07-04 01:38 . 2012-07-04 01:38 -------- d-----w- c:\programdata\fltk.org 2012-07-03 21:28 . 2012-07-03 21:28 -------- d-----w- c:\users\Fable\AppData\Roaming\LoneSurvivor 2012-07-03 19:32 . 2012-05-12 15:59 713784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2231B3C5-0303-46D3-A73E-447FD132883D}\gapaengine.dll 2012-07-03 19:32 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{21450275-2649-4826-8028-5AEC25A6DAFD}\mpengine.dll 2012-07-02 02:55 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-23 18:09 . 2004-02-27 04:00 962612 ----a-w- c:\windows\system32\mfc42d.dll 2012-06-23 18:09 . 2004-02-17 04:00 434252 ----a-w- c:\windows\system32\MSVCRTD.DLL 2012-06-23 18:09 . 2012-06-23 18:09 -------- d-----w- c:\program files\ASUS 2012-06-23 18:09 . 2007-12-17 21:14 12400 ----a-w- c:\windows\system32\drivers\AsIO.sys 2012-06-23 18:09 . 2006-01-10 20:50 24576 ----a-w- c:\windows\system32\AsIO.dll 2012-06-23 18:07 . 2009-05-13 23:11 6504 ----a-w- c:\windows\system32\drivers\ASACPI.sys 2012-06-22 13:41 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-22 13:41 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-22 13:41 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-22 13:41 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-22 13:41 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-22 13:41 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-22 13:41 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-22 13:41 . 2012-06-02 19:19 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-22 13:41 . 2012-06-02 19:12 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-20 00:44 . 2012-06-20 00:44 -------- d-----w- c:\users\Fable\AppData\Roaming\e-academy Inc 2012-06-15 03:27 . 2012-06-15 03:27 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2012-06-14 22:45 . 2009-02-27 07:42 31640 ----a-w- c:\windows\system32\msonpmon.dll 2012-06-14 22:45 . 2006-10-26 23:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll 2012-06-14 22:45 . 2012-06-18 01:59 -------- d-----w- c:\program files\Microsoft Works 2012-06-14 22:44 . 2012-06-14 22:44 -------- d-----w- c:\windows\PCHEALTH 2012-06-14 22:43 . 2012-06-14 22:43 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2012-06-14 22:43 . 2012-06-27 23:58 -------- d-----w- c:\users\Fable\AppData\Local\Microsoft Help 2012-06-14 22:43 . 2012-06-19 02:34 -------- d-----w- c:\programdata\Microsoft Help 2012-06-13 23:57 . 2012-04-28 03:19 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-13 23:57 . 2012-04-07 11:34 2342400 ----a-w- c:\windows\system32\msi.dll 2012-06-13 23:57 . 2012-05-15 01:12 2342400 ----a-w- c:\windows\system32\win32k.sys 2012-06-13 23:57 . 2012-04-26 04:48 57856 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-13 23:57 . 2012-04-26 04:48 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-13 23:57 . 2012-04-26 04:43 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-13 23:56 . 2012-05-02 04:52 163328 ----a-w- c:\windows\system32\profsvc.dll 2012-06-13 23:56 . 2012-04-24 04:47 139264 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-13 23:56 . 2012-04-24 04:47 103936 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-13 23:56 . 2012-04-24 04:47 1156608 ----a-w- c:\windows\system32\crypt32.dll 2012-06-12 19:15 . 2012-05-12 15:59 713784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-20 18:47 . 2012-05-20 18:29 21840 ----atw- c:\windows\system32\SIntfNT.dll 2012-05-20 18:47 . 2012-05-20 18:29 17212 ----atw- c:\windows\system32\SIntf32.dll 2012-05-20 18:47 . 2012-05-20 18:29 12067 ----atw- c:\windows\system32\SIntf16.dll 2012-05-20 18:22 . 2012-05-20 18:22 94208 ----a-w- c:\windows\DIIUnin.exe 2012-05-20 18:22 . 2012-05-20 18:22 2829 ----a-w- c:\windows\DIIUnin.pif 2012-05-17 02:20 . 2012-05-13 05:27 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-17 02:20 . 2012-05-13 05:27 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-15 10:26 . 2012-05-22 14:43 5982528 ----a-w- c:\windows\system32\nvcuda.dll 2012-05-15 10:26 . 2012-05-22 14:43 2524992 ----a-w- c:\windows\system32\nvcuvid.dll 2012-05-15 10:26 . 2012-05-22 14:43 2445120 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-05-15 10:26 . 2012-05-22 14:43 19607872 ----a-w- c:\windows\system32\nvoglv32.dll 2012-05-15 10:26 . 2012-05-22 14:43 11354944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-05-15 10:26 . 2012-05-22 14:43 17551680 ----a-w- c:\windows\system32\nvcompiler.dll 2012-05-15 10:26 . 2012-05-15 01:47 883008 ----a-w- c:\windows\system32\nvgenco32.dll 2012-05-15 10:26 . 2012-05-15 01:47 61248 ----a-w- c:\windows\system32\OpenCL.dll 2012-05-15 10:26 . 2012-05-15 01:47 2368832 ----a-w- c:\windows\system32\nvapi.dll 2012-05-15 10:26 . 2012-05-15 01:47 1000768 ----a-w- c:\windows\system32\nvdispco32.dll 2012-05-15 10:26 . 2009-07-13 22:09 8105280 ----a-w- c:\windows\system32\nvwgf2um.dll 2012-05-15 10:26 . 2009-06-10 21:19 15322432 ----a-w- c:\windows\system32\nvd3dum.dll 2012-05-15 09:28 . 2012-05-15 01:48 645440 ----a-w- c:\windows\system32\nvvsvc.exe 2012-05-15 09:28 . 2012-05-15 01:48 62272 ----a-w- c:\windows\system32\nvshext.dll 2012-05-15 09:28 . 2012-05-15 01:48 108352 ----a-w- c:\windows\system32\nvmctray.dll 2012-05-15 09:28 . 2012-05-15 01:48 3931456 ----a-w- c:\windows\system32\nvcpl.dll 2012-05-15 09:27 . 2012-05-15 01:48 2759488 ----a-w- c:\windows\system32\nvsvc.dll 2012-05-15 06:21 . 2012-05-15 06:21 423744 ----a-w- c:\windows\system32\nvStreaming.exe 2012-05-12 15:59 . 2012-05-12 15:59 86528 ----a-w- c:\windows\system32\iesysprep.dll 2012-05-12 15:59 . 2012-05-12 15:59 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-05-12 15:59 . 2012-05-12 15:59 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-05-12 15:59 . 2012-05-12 15:59 74752 ----a-w- c:\windows\system32\iesetup.dll 2012-05-12 15:59 . 2012-05-12 15:59 63488 ----a-w- c:\windows\system32\tdc.ocx 2012-05-12 15:59 . 2012-05-12 15:59 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-05-12 15:59 . 2012-05-12 15:59 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-05-12 15:59 . 2012-05-12 15:59 367104 ----a-w- c:\windows\system32\html.iec 2012-05-12 15:59 . 2012-05-12 15:59 35840 ----a-w- c:\windows\system32\imgutil.dll 2012-05-12 15:59 . 2012-05-12 15:59 23552 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-12 15:59 . 2012-05-12 15:59 161792 ----a-w- c:\windows\system32\msls31.dll 2012-05-12 15:59 . 2012-05-12 15:59 152064 ----a-w- c:\windows\system32\wextract.exe 2012-05-12 15:59 . 2012-05-12 15:59 150528 ----a-w- c:\windows\system32\iexpress.exe 2012-05-12 15:59 . 2012-05-12 15:59 11776 ----a-w- c:\windows\system32\mshta.exe 2012-05-12 15:59 . 2012-05-12 15:59 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-05-12 15:59 . 2012-05-12 15:59 101888 ----a-w- c:\windows\system32\admparse.dll 2012-05-12 15:59 . 2012-05-12 15:59 3181568 ----a-w- c:\windows\system32\mf.dll 2012-05-12 15:59 . 2012-05-12 15:59 196608 ----a-w- c:\windows\system32\mfreadwrite.dll 2012-05-12 15:59 . 2012-05-12 15:59 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL 2012-05-12 15:59 . 2012-05-12 15:59 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll 2012-05-12 15:59 . 2012-05-12 15:59 135168 ----a-w- c:\windows\system32\XpsRasterService.dll 2012-05-09 09:12 . 2012-05-20 17:21 121600 ----a-w- c:\windows\system32\drivers\WinisoCDBus.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="f:\skype\Phone\Skype.exe" [2012-06-05 17344176] "RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712] "Razer TRON Driver"="f:\program files\Razer\Razer TRON\RazerTRONSysTray.exe" [2011-02-25 958352] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "GrooveMonitor"="f:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x] R2 SkypeUpdate;Skype Updater;f:\skype\Updater\Updater.exe [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [x] R3 skfiltv;skfiltv;c:\windows\system32\drivers\skfiltv.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x] S2 WinisoCDBus;WinISO Virtual CD Drive;c:\windows\system32\drivers\WinisoCDBus.sys [x] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2012-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-876256292-3750786711-1594322207-1001Core.job - c:\users\Fable\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-04 01:41] . 2012-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-876256292-3750786711-1594322207-1001UA.job - c:\users\Fable\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-04 01:41] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/ IE: E&xport to Microsoft Excel - f:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 . - - - - ORPHANS REMOVED - - - - . HKCU-Run-dmcexp - c:\users\Fable\AppData\Roaming\dmcexp.dll . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-07-09 18:37:10 ComboFix-quarantined-files.txt 2012-07-09 22:37 ComboFix2.txt 2012-07-07 16:49 . Pre-Run: 9,392,979,968 bytes free Post-Run: 9,519,136,768 bytes free . - - End Of File - - 1A006E2E2B72FB5DDC1496F4AB5CDCBF It looks like everything is running ok, as in no more redirects, but Microsoft Security Essentialls is still disabled with error code 0x80070424. Those were the only two things that I noticed were going on so I can't really say about anything else.
  5. Here is the TDSKiller: 23:59:38.0781 2572 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08 23:59:39.0171 2572 ============================================================ 23:59:39.0171 2572 Current date / time: 2012/07/07 23:59:39.0171 23:59:39.0171 2572 SystemInfo: 23:59:39.0171 2572 23:59:39.0171 2572 OS Version: 6.1.7600 ServicePack: 0.0 23:59:39.0171 2572 Product type: Workstation 23:59:39.0171 2572 ComputerName: COMPUTRESS 23:59:39.0171 2572 UserName: Fable 23:59:39.0171 2572 Windows directory: C:\Windows 23:59:39.0171 2572 System windows directory: C:\Windows 23:59:39.0171 2572 Processor architecture: Intel x86 23:59:39.0171 2572 Number of processors: 8 23:59:39.0171 2572 Page size: 0x1000 23:59:39.0171 2572 Boot type: Normal boot 23:59:39.0171 2572 ============================================================ 23:59:39.0467 2572 Drive \Device\Harddisk1\DR1 - Size: 0x7745D6000 (29.82 Gb), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 23:59:39.0467 2572 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 23:59:39.0514 2572 ============================================================ 23:59:39.0514 2572 \Device\Harddisk1\DR1: 23:59:39.0514 2572 MBR partitions: 23:59:39.0514 2572 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3BA1800 23:59:39.0514 2572 \Device\Harddisk0\DR0: 23:59:39.0514 2572 MBR partitions: 23:59:39.0514 2572 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 23:59:39.0514 2572 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3000 23:59:39.0514 2572 ============================================================ 23:59:39.0514 2572 C: <-> \Device\Harddisk1\DR1\Partition0 23:59:39.0514 2572 E: <-> \Device\Harddisk0\DR0\Partition0 23:59:39.0514 2572 F: <-> \Device\Harddisk0\DR0\Partition1 23:59:39.0514 2572 ============================================================ 23:59:39.0514 2572 Initialize success 23:59:39.0514 2572 ============================================================ 23:59:51.0589 3736 ============================================================ 23:59:51.0589 3736 Scan started 23:59:51.0589 3736 Mode: Manual; 23:59:51.0589 3736 ============================================================ 23:59:51.0776 3736 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys 23:59:51.0776 3736 1394ohci - ok 23:59:51.0791 3736 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys 23:59:51.0791 3736 ACPI - ok 23:59:51.0791 3736 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys 23:59:51.0791 3736 AcpiPmi - ok 23:59:51.0807 3736 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 23:59:51.0807 3736 AdobeARMservice - ok 23:59:51.0823 3736 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 23:59:51.0823 3736 adp94xx - ok 23:59:51.0823 3736 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 23:59:51.0838 3736 adpahci - ok 23:59:51.0838 3736 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 23:59:51.0838 3736 adpu320 - ok 23:59:51.0838 3736 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll 23:59:51.0838 3736 AeLookupSvc - ok 23:59:51.0854 3736 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys 23:59:51.0854 3736 AFD - ok 23:59:51.0869 3736 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys 23:59:51.0869 3736 agp440 - ok 23:59:51.0869 3736 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 23:59:51.0869 3736 aic78xx - ok 23:59:51.0869 3736 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe 23:59:51.0869 3736 ALG - ok 23:59:51.0869 3736 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys 23:59:51.0869 3736 aliide - ok 23:59:51.0885 3736 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys 23:59:51.0885 3736 amdagp - ok 23:59:51.0885 3736 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys 23:59:51.0885 3736 amdide - ok 23:59:51.0916 3736 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 23:59:51.0916 3736 AmdK8 - ok 23:59:51.0916 3736 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 23:59:51.0916 3736 AmdPPM - ok 23:59:51.0916 3736 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys 23:59:51.0916 3736 amdsata - ok 23:59:51.0932 3736 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 23:59:51.0932 3736 amdsbs - ok 23:59:51.0932 3736 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys 23:59:51.0932 3736 amdxata - ok 23:59:51.0932 3736 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys 23:59:51.0932 3736 AppID - ok 23:59:51.0932 3736 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll 23:59:51.0932 3736 AppIDSvc - ok 23:59:51.0947 3736 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll 23:59:51.0947 3736 Appinfo - ok 23:59:51.0947 3736 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll 23:59:51.0947 3736 AppMgmt - ok 23:59:51.0947 3736 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 23:59:51.0947 3736 arc - ok 23:59:51.0963 3736 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 23:59:51.0963 3736 arcsas - ok 23:59:51.0963 3736 AsIO (2b4e66fac6503494a2c6f32bb6ab3826) C:\Windows\system32\drivers\AsIO.sys 23:59:51.0963 3736 AsIO - ok 23:59:51.0963 3736 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 23:59:51.0963 3736 AsyncMac - ok 23:59:51.0963 3736 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys 23:59:51.0963 3736 atapi - ok 23:59:51.0979 3736 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll 23:59:51.0979 3736 AudioEndpointBuilder - ok 23:59:51.0979 3736 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll 23:59:51.0979 3736 Audiosrv - ok 23:59:51.0994 3736 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll 23:59:51.0994 3736 AxInstSV - ok 23:59:51.0994 3736 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 23:59:52.0010 3736 b06bdrv - ok 23:59:52.0010 3736 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 23:59:52.0010 3736 b57nd60x - ok 23:59:52.0010 3736 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll 23:59:52.0025 3736 BDESVC - ok 23:59:52.0025 3736 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 23:59:52.0025 3736 Beep - ok 23:59:52.0041 3736 BFE (85ac71c045ceb054ed48a7841aae0c11) C:\Windows\System32\bfe.dll 23:59:52.0041 3736 BFE - ok 23:59:52.0057 3736 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\system32\qmgr.dll 23:59:52.0057 3736 BITS - ok 23:59:52.0057 3736 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 23:59:52.0057 3736 blbdrive - ok 23:59:52.0057 3736 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys 23:59:52.0057 3736 bowser - ok 23:59:52.0057 3736 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 23:59:52.0072 3736 BrFiltLo - ok 23:59:52.0072 3736 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 23:59:52.0072 3736 BrFiltUp - ok 23:59:52.0072 3736 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys 23:59:52.0072 3736 BridgeMP - ok 23:59:52.0072 3736 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll 23:59:52.0072 3736 Browser - ok 23:59:52.0088 3736 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 23:59:52.0088 3736 Brserid - ok 23:59:52.0088 3736 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 23:59:52.0088 3736 BrSerWdm - ok 23:59:52.0088 3736 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 23:59:52.0088 3736 BrUsbMdm - ok 23:59:52.0088 3736 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 23:59:52.0088 3736 BrUsbSer - ok 23:59:52.0103 3736 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 23:59:52.0103 3736 BTHMODEM - ok 23:59:52.0103 3736 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll 23:59:52.0103 3736 bthserv - ok 23:59:52.0103 3736 catchme - ok 23:59:52.0103 3736 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 23:59:52.0103 3736 cdfs - ok 23:59:52.0119 3736 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys 23:59:52.0119 3736 cdrom - ok 23:59:52.0119 3736 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll 23:59:52.0119 3736 CertPropSvc - ok 23:59:52.0119 3736 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 23:59:52.0119 3736 circlass - ok 23:59:52.0135 3736 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 23:59:52.0135 3736 CLFS - ok 23:59:52.0135 3736 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:59:52.0135 3736 clr_optimization_v2.0.50727_32 - ok 23:59:52.0150 3736 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 23:59:52.0150 3736 clr_optimization_v4.0.30319_32 - ok 23:59:52.0150 3736 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 23:59:52.0150 3736 CmBatt - ok 23:59:52.0150 3736 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys 23:59:52.0150 3736 cmdide - ok 23:59:52.0166 3736 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys 23:59:52.0166 3736 CNG - ok 23:59:52.0166 3736 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 23:59:52.0166 3736 Compbatt - ok 23:59:52.0166 3736 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys 23:59:52.0166 3736 CompositeBus - ok 23:59:52.0166 3736 COMSysApp - ok 23:59:52.0181 3736 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 23:59:52.0181 3736 crcdisk - ok 23:59:52.0181 3736 CryptSvc (520a108a2657f4bca7fced9ca7d885de) C:\Windows\system32\cryptsvc.dll 23:59:52.0181 3736 CryptSvc - ok 23:59:52.0197 3736 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys 23:59:52.0197 3736 CSC - ok 23:59:52.0213 3736 CscService (56fb5f222ea30d3d3fc459879772cb73) C:\Windows\System32\cscsvc.dll 23:59:52.0213 3736 CscService - ok 23:59:52.0228 3736 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll 23:59:52.0228 3736 DcomLaunch - ok 23:59:52.0228 3736 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll 23:59:52.0228 3736 defragsvc - ok 23:59:52.0244 3736 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys 23:59:52.0244 3736 DfsC - ok 23:59:52.0244 3736 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll 23:59:52.0244 3736 Dhcp - ok 23:59:52.0259 3736 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 23:59:52.0259 3736 discache - ok 23:59:52.0259 3736 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 23:59:52.0259 3736 Disk - ok 23:59:52.0259 3736 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\Windows\System32\dnsrslvr.dll 23:59:52.0259 3736 Dnscache - ok 23:59:52.0275 3736 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll 23:59:52.0275 3736 dot3svc - ok 23:59:52.0275 3736 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll 23:59:52.0275 3736 DPS - ok 23:59:52.0275 3736 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 23:59:52.0275 3736 drmkaud - ok 23:59:52.0291 3736 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys 23:59:52.0306 3736 DXGKrnl - ok 23:59:52.0306 3736 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll 23:59:52.0306 3736 EapHost - ok 23:59:52.0384 3736 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 23:59:52.0400 3736 ebdrv - ok 23:59:52.0415 3736 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\System32\lsass.exe 23:59:52.0415 3736 EFS - ok 23:59:52.0431 3736 ehRecvr (1697c39978cd69f6fbc15302edcece1f) C:\Windows\ehome\ehRecvr.exe 23:59:52.0447 3736 ehRecvr - ok 23:59:52.0447 3736 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe 23:59:52.0447 3736 ehSched - ok 23:59:52.0462 3736 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 23:59:52.0462 3736 elxstor - ok 23:59:52.0462 3736 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys 23:59:52.0462 3736 ErrDev - ok 23:59:52.0478 3736 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll 23:59:52.0478 3736 EventSystem - ok 23:59:52.0478 3736 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 23:59:52.0478 3736 exfat - ok 23:59:52.0493 3736 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 23:59:52.0493 3736 fastfat - ok 23:59:52.0509 3736 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe 23:59:52.0509 3736 Fax - ok 23:59:52.0509 3736 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 23:59:52.0509 3736 fdc - ok 23:59:52.0509 3736 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll 23:59:52.0509 3736 fdPHost - ok 23:59:52.0509 3736 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll 23:59:52.0509 3736 FDResPub - ok 23:59:52.0525 3736 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 23:59:52.0525 3736 FileInfo - ok 23:59:52.0525 3736 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 23:59:52.0525 3736 Filetrace - ok 23:59:52.0525 3736 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 23:59:52.0525 3736 flpydisk - ok 23:59:52.0525 3736 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 23:59:52.0525 3736 FltMgr - ok 23:59:52.0556 3736 FontCache (7fe4995528a7529a761875151ee3d512) C:\Windows\system32\FntCache.dll 23:59:52.0556 3736 FontCache - ok 23:59:52.0556 3736 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 23:59:52.0556 3736 FontCache3.0.0.0 - ok 23:59:52.0571 3736 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 23:59:52.0571 3736 FsDepends - ok 23:59:52.0571 3736 Fs_Rec (500a9814fd9446a8126858a5a7f7d273) C:\Windows\system32\drivers\Fs_Rec.sys 23:59:52.0571 3736 Fs_Rec - ok 23:59:52.0571 3736 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys 23:59:52.0571 3736 fvevol - ok 23:59:52.0587 3736 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 23:59:52.0587 3736 gagp30kx - ok 23:59:52.0603 3736 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll 23:59:52.0603 3736 gpsvc - ok 23:59:52.0603 3736 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 23:59:52.0603 3736 hcw85cir - ok 23:59:52.0618 3736 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys 23:59:52.0618 3736 HdAudAddService - ok 23:59:52.0618 3736 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys 23:59:52.0618 3736 HDAudBus - ok 23:59:52.0618 3736 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 23:59:52.0618 3736 HidBatt - ok 23:59:52.0634 3736 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 23:59:52.0634 3736 HidBth - ok 23:59:52.0634 3736 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 23:59:52.0634 3736 HidIr - ok 23:59:52.0634 3736 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll 23:59:52.0634 3736 hidserv - ok 23:59:52.0634 3736 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys 23:59:52.0634 3736 HidUsb - ok 23:59:52.0649 3736 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll 23:59:52.0649 3736 hkmsvc - ok 23:59:52.0649 3736 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll 23:59:52.0649 3736 HomeGroupListener - ok 23:59:52.0665 3736 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll 23:59:52.0665 3736 HomeGroupProvider - ok 23:59:52.0665 3736 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys 23:59:52.0665 3736 HpSAMD - ok 23:59:52.0681 3736 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys 23:59:52.0681 3736 HTTP - ok 23:59:52.0681 3736 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys 23:59:52.0681 3736 hwpolicy - ok 23:59:52.0696 3736 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys 23:59:52.0696 3736 i8042prt - ok 23:59:52.0696 3736 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys 23:59:52.0696 3736 iaStorV - ok 23:59:52.0727 3736 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 23:59:52.0727 3736 idsvc - ok 23:59:52.0727 3736 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 23:59:52.0727 3736 iirsp - ok 23:59:52.0759 3736 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll 23:59:52.0759 3736 IKEEXT - ok 23:59:52.0759 3736 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys 23:59:52.0759 3736 intelide - ok 23:59:52.0759 3736 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 23:59:52.0774 3736 intelppm - ok 23:59:52.0774 3736 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll 23:59:52.0774 3736 IPBusEnum - ok 23:59:52.0774 3736 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:59:52.0774 3736 IpFilterDriver - ok 23:59:52.0790 3736 iphlpsvc (477397b432a256a50ee7e4339eb9ea14) C:\Windows\System32\iphlpsvc.dll 23:59:52.0790 3736 iphlpsvc - ok 23:59:52.0790 3736 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys 23:59:52.0790 3736 IPMIDRV - ok 23:59:52.0805 3736 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 23:59:52.0805 3736 IPNAT - ok 23:59:52.0805 3736 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 23:59:52.0805 3736 IRENUM - ok 23:59:52.0805 3736 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys 23:59:52.0805 3736 isapnp - ok 23:59:52.0821 3736 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys 23:59:52.0821 3736 iScsiPrt - ok 23:59:52.0821 3736 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 23:59:52.0821 3736 kbdclass - ok 23:59:52.0821 3736 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys 23:59:52.0821 3736 kbdhid - ok 23:59:52.0821 3736 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe 23:59:52.0821 3736 KeyIso - ok 23:59:52.0837 3736 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys 23:59:52.0837 3736 KSecDD - ok 23:59:52.0837 3736 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys 23:59:52.0837 3736 KSecPkg - ok 23:59:52.0852 3736 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll 23:59:52.0868 3736 KtmRm - ok 23:59:52.0899 3736 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\Windows\System32\srvsvc.dll 23:59:52.0899 3736 LanmanServer - ok 23:59:52.0899 3736 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll 23:59:52.0915 3736 LanmanWorkstation - ok 23:59:52.0915 3736 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 23:59:52.0915 3736 lltdio - ok 23:59:53.0086 3736 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll 23:59:53.0102 3736 lltdsvc - ok 23:59:53.0102 3736 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll 23:59:53.0102 3736 lmhosts - ok 23:59:53.0117 3736 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 23:59:53.0117 3736 LSI_FC - ok 23:59:53.0117 3736 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 23:59:53.0117 3736 LSI_SAS - ok 23:59:53.0117 3736 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 23:59:53.0117 3736 LSI_SAS2 - ok 23:59:53.0133 3736 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 23:59:53.0133 3736 LSI_SCSI - ok 23:59:53.0133 3736 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 23:59:53.0133 3736 luafv - ok 23:59:53.0133 3736 LVRS (ed643e777ba3f7151ef3f0fb6be4f7f0) C:\Windows\system32\DRIVERS\lvrs.sys 23:59:53.0149 3736 LVRS - ok 23:59:53.0336 3736 LVUVC (5bc80451109a8dd7f2ddd35bce2929a3) C:\Windows\system32\DRIVERS\lvuvc.sys 23:59:53.0351 3736 LVUVC - ok 23:59:53.0383 3736 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll 23:59:53.0383 3736 Mcx2Svc - ok 23:59:53.0383 3736 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 23:59:53.0383 3736 megasas - ok 23:59:53.0383 3736 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 23:59:53.0398 3736 MegaSR - ok 23:59:53.0398 3736 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) F:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 23:59:53.0398 3736 Microsoft Office Groove Audit Service - ok 23:59:53.0398 3736 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 23:59:53.0398 3736 MMCSS - ok 23:59:53.0398 3736 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 23:59:53.0398 3736 Modem - ok 23:59:53.0414 3736 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 23:59:53.0414 3736 monitor - ok 23:59:53.0414 3736 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 23:59:53.0414 3736 mouclass - ok 23:59:53.0414 3736 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 23:59:53.0414 3736 mouhid - ok 23:59:53.0414 3736 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys 23:59:53.0414 3736 mountmgr - ok 23:59:53.0429 3736 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys 23:59:53.0429 3736 MpFilter - ok 23:59:53.0429 3736 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys 23:59:53.0429 3736 mpio - ok 23:59:53.0429 3736 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 23:59:53.0429 3736 mpsdrv - ok 23:59:53.0461 3736 MpsSvc (5cd996cecf45cbc3e8d109c86b82d69e) C:\Windows\system32\mpssvc.dll 23:59:53.0461 3736 MpsSvc - ok 23:59:53.0476 3736 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys 23:59:53.0476 3736 MRxDAV - ok 23:59:53.0492 3736 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys 23:59:53.0492 3736 mrxsmb - ok 23:59:53.0523 3736 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:59:53.0523 3736 mrxsmb10 - ok 23:59:53.0523 3736 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:59:53.0523 3736 mrxsmb20 - ok 23:59:53.0539 3736 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys 23:59:53.0539 3736 msahci - ok 23:59:53.0554 3736 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys 23:59:53.0554 3736 msdsm - ok 23:59:53.0570 3736 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe 23:59:53.0570 3736 MSDTC - ok 23:59:53.0585 3736 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 23:59:53.0585 3736 Msfs - ok 23:59:53.0585 3736 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 23:59:53.0585 3736 mshidkmdf - ok 23:59:53.0585 3736 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys 23:59:53.0585 3736 msisadrv - ok 23:59:53.0601 3736 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll 23:59:53.0601 3736 MSiSCSI - ok 23:59:53.0601 3736 msiserver - ok 23:59:53.0601 3736 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 23:59:53.0601 3736 MSKSSRV - ok 23:59:53.0617 3736 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 23:59:53.0617 3736 MSPCLOCK - ok 23:59:53.0617 3736 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 23:59:53.0617 3736 MSPQM - ok 23:59:53.0632 3736 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 23:59:53.0632 3736 MsRPC - ok 23:59:53.0632 3736 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys 23:59:53.0632 3736 mssmbios - ok 23:59:53.0632 3736 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 23:59:53.0632 3736 MSTEE - ok 23:59:53.0648 3736 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 23:59:53.0648 3736 MTConfig - ok 23:59:53.0648 3736 MTsensor (0f24624106d8042e7f27882d9d6ff5c0) C:\Windows\system32\DRIVERS\ASACPI.sys 23:59:53.0648 3736 MTsensor - ok 23:59:53.0648 3736 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 23:59:53.0648 3736 Mup - ok 23:59:53.0695 3736 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll 23:59:53.0695 3736 napagent - ok 23:59:53.0726 3736 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 23:59:53.0726 3736 NativeWifiP - ok 23:59:53.0804 3736 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys 23:59:53.0819 3736 NDIS - ok 23:59:53.0819 3736 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 23:59:53.0819 3736 NdisCap - ok 23:59:53.0819 3736 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 23:59:53.0819 3736 NdisTapi - ok 23:59:53.0835 3736 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys 23:59:53.0835 3736 Ndisuio - ok 23:59:53.0851 3736 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys 23:59:53.0851 3736 NdisWan - ok 23:59:53.0851 3736 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys 23:59:53.0851 3736 NDProxy - ok 23:59:53.0866 3736 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 23:59:53.0866 3736 NetBIOS - ok 23:59:53.0882 3736 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys 23:59:53.0882 3736 NetBT - ok 23:59:53.0897 3736 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe 23:59:53.0897 3736 Netlogon - ok 23:59:53.0929 3736 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll 23:59:53.0929 3736 Netman - ok 23:59:53.0960 3736 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll 23:59:53.0975 3736 netprofm - ok 23:59:53.0991 3736 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 23:59:53.0991 3736 NetTcpPortSharing - ok 23:59:53.0991 3736 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 23:59:53.0991 3736 nfrd960 - ok 23:59:54.0007 3736 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 23:59:54.0007 3736 NisDrv - ok 23:59:54.0038 3736 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe 23:59:54.0038 3736 NisSrv - ok 23:59:54.0053 3736 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll 23:59:54.0053 3736 NlaSvc - ok 23:59:54.0053 3736 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 23:59:54.0053 3736 Npfs - ok 23:59:54.0053 3736 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll 23:59:54.0053 3736 nsi - ok 23:59:54.0069 3736 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 23:59:54.0069 3736 nsiproxy - ok 23:59:54.0209 3736 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys 23:59:54.0209 3736 Ntfs - ok 23:59:54.0209 3736 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 23:59:54.0209 3736 Null - ok 23:59:54.0880 3736 nvlddmkm (afb33a823aabc112fc7bd62afbcdb0cd) C:\Windows\system32\DRIVERS\nvlddmkm.sys 23:59:54.0927 3736 nvlddmkm - ok 23:59:54.0974 3736 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys 23:59:54.0974 3736 nvraid - ok 23:59:54.0974 3736 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys 23:59:54.0974 3736 nvstor - ok 23:59:54.0989 3736 nvsvc (782945716ad010ac3d41758e8e52c735) C:\Windows\system32\nvvsvc.exe 23:59:55.0005 3736 nvsvc - ok 23:59:55.0036 3736 nvUpdatusService (a974e5c310b9b00894070ceb055d467f) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 23:59:55.0036 3736 nvUpdatusService - ok 23:59:55.0052 3736 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys 23:59:55.0052 3736 nv_agp - ok 23:59:55.0067 3736 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 23:59:55.0067 3736 odserv - ok 23:59:55.0083 3736 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys 23:59:55.0083 3736 ohci1394 - ok 23:59:55.0083 3736 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 23:59:55.0083 3736 ose - ok 23:59:55.0099 3736 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 23:59:55.0099 3736 p2pimsvc - ok 23:59:55.0099 3736 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll 23:59:55.0114 3736 p2psvc - ok 23:59:55.0114 3736 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 23:59:55.0114 3736 Parport - ok 23:59:55.0114 3736 partmgr (66d3415c159741ade7038a277efff99f) C:\Windows\system32\drivers\partmgr.sys 23:59:55.0114 3736 partmgr - ok 23:59:55.0114 3736 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 23:59:55.0114 3736 Parvdm - ok 23:59:55.0130 3736 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll 23:59:55.0130 3736 PcaSvc - ok 23:59:55.0130 3736 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys 23:59:55.0130 3736 pci - ok 23:59:55.0130 3736 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys 23:59:55.0130 3736 pciide - ok 23:59:55.0145 3736 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 23:59:55.0145 3736 pcmcia - ok 23:59:55.0145 3736 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 23:59:55.0145 3736 pcw - ok 23:59:55.0161 3736 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 23:59:55.0161 3736 PEAUTH - ok 23:59:55.0192 3736 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll 23:59:55.0192 3736 PeerDistSvc - ok 23:59:55.0239 3736 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll 23:59:55.0239 3736 pla - ok 23:59:55.0270 3736 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\Windows\system32\umpnpmgr.dll 23:59:55.0270 3736 PlugPlay - ok 23:59:55.0270 3736 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll 23:59:55.0270 3736 PNRPAutoReg - ok 23:59:55.0286 3736 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 23:59:55.0286 3736 PNRPsvc - ok 23:59:55.0286 3736 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll 23:59:55.0301 3736 PolicyAgent - ok 23:59:55.0301 3736 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll 23:59:55.0301 3736 Power - ok 23:59:55.0301 3736 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 23:59:55.0301 3736 PptpMiniport - ok 23:59:55.0317 3736 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 23:59:55.0317 3736 Processor - ok 23:59:55.0317 3736 ProfSvc (aea3bdbdba667aa6f678cb38907e4f5e) C:\Windows\system32\profsvc.dll 23:59:55.0317 3736 ProfSvc - ok 23:59:55.0317 3736 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe 23:59:55.0317 3736 ProtectedStorage - ok 23:59:55.0333 3736 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 23:59:55.0333 3736 Psched - ok 23:59:55.0364 3736 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 23:59:55.0379 3736 ql2300 - ok 23:59:55.0395 3736 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 23:59:55.0395 3736 ql40xx - ok 23:59:55.0395 3736 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll 23:59:55.0411 3736 QWAVE - ok 23:59:55.0411 3736 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 23:59:55.0411 3736 QWAVEdrv - ok 23:59:55.0411 3736 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 23:59:55.0411 3736 RasAcd - ok 23:59:55.0411 3736 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 23:59:55.0411 3736 RasAgileVpn - ok 23:59:55.0411 3736 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll 23:59:55.0426 3736 RasAuto - ok 23:59:55.0426 3736 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 23:59:55.0426 3736 Rasl2tp - ok 23:59:55.0426 3736 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll 23:59:55.0442 3736 RasMan - ok 23:59:55.0442 3736 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 23:59:55.0442 3736 RasPppoe - ok 23:59:55.0442 3736 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 23:59:55.0442 3736 RasSstp - ok 23:59:55.0457 3736 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys 23:59:55.0457 3736 rdbss - ok 23:59:55.0457 3736 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 23:59:55.0457 3736 rdpbus - ok 23:59:55.0457 3736 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys 23:59:55.0457 3736 RDPCDD - ok 23:59:55.0457 3736 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys 23:59:55.0473 3736 RDPDR - ok 23:59:55.0473 3736 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 23:59:55.0473 3736 RDPENCDD - ok 23:59:55.0473 3736 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 23:59:55.0473 3736 RDPREFMP - ok 23:59:55.0473 3736 RDPWD (c5b8d47a4688de9d335204ea757c2240) C:\Windows\system32\drivers\RDPWD.sys 23:59:55.0473 3736 RDPWD - ok 23:59:55.0489 3736 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys 23:59:55.0489 3736 rdyboost - ok 23:59:55.0489 3736 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll 23:59:55.0489 3736 RemoteAccess - ok 23:59:55.0504 3736 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll 23:59:55.0504 3736 RemoteRegistry - ok 23:59:55.0504 3736 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll 23:59:55.0504 3736 RpcEptMapper - ok 23:59:55.0504 3736 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe 23:59:55.0504 3736 RpcLocator - ok 23:59:55.0520 3736 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll 23:59:55.0520 3736 RpcSs - ok 23:59:55.0520 3736 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 23:59:55.0520 3736 rspndr - ok 23:59:55.0535 3736 RzSynapse (f6fcb0021680c2e91f2432a1b50703fc) C:\Windows\system32\DRIVERS\RzSynapse.sys 23:59:55.0535 3736 RzSynapse - ok 23:59:55.0535 3736 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys 23:59:55.0535 3736 s3cap - ok 23:59:55.0535 3736 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe 23:59:55.0535 3736 SamSs - ok 23:59:55.0535 3736 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys 23:59:55.0535 3736 sbp2port - ok 23:59:55.0551 3736 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll 23:59:55.0551 3736 SCardSvr - ok 23:59:55.0551 3736 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys 23:59:55.0551 3736 scfilter - ok 23:59:55.0567 3736 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\Windows\system32\schedsvc.dll 23:59:55.0567 3736 Schedule - ok 23:59:55.0582 3736 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll 23:59:55.0582 3736 SCPolicySvc - ok 23:59:55.0582 3736 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll 23:59:55.0582 3736 SDRSVC - ok 23:59:55.0582 3736 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 23:59:55.0582 3736 secdrv - ok 23:59:55.0598 3736 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll 23:59:55.0598 3736 seclogon - ok 23:59:55.0598 3736 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll 23:59:55.0598 3736 SENS - ok 23:59:55.0598 3736 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll 23:59:55.0598 3736 SensrSvc - ok 23:59:55.0598 3736 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 23:59:55.0598 3736 Serenum - ok 23:59:55.0613 3736 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 23:59:55.0613 3736 Serial - ok 23:59:55.0613 3736 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 23:59:55.0613 3736 sermouse - ok 23:59:55.0629 3736 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll 23:59:55.0629 3736 SessionEnv - ok 23:59:55.0629 3736 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys 23:59:55.0629 3736 sffdisk - ok 23:59:55.0629 3736 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys 23:59:55.0629 3736 sffp_mmc - ok 23:59:55.0629 3736 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys 23:59:55.0629 3736 sffp_sd - ok 23:59:55.0645 3736 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 23:59:55.0645 3736 sfloppy - ok 23:59:55.0645 3736 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll 23:59:55.0660 3736 SharedAccess - ok 23:59:55.0660 3736 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll 23:59:55.0660 3736 ShellHWDetection - ok 23:59:55.0676 3736 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys 23:59:55.0676 3736 sisagp - ok 23:59:55.0676 3736 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 23:59:55.0676 3736 SiSRaid2 - ok 23:59:55.0676 3736 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 23:59:55.0676 3736 SiSRaid4 - ok 23:59:55.0676 3736 skfiltv (a48b5af8e18e4765acdec5bbb8343f84) C:\Windows\system32\drivers\skfiltv.sys 23:59:55.0676 3736 skfiltv - ok 23:59:55.0691 3736 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) F:\Skype\Updater\Updater.exe 23:59:55.0691 3736 SkypeUpdate - ok 23:59:55.0691 3736 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 23:59:55.0691 3736 Smb - ok 23:59:55.0707 3736 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe 23:59:55.0707 3736 SNMPTRAP - ok 23:59:55.0707 3736 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 23:59:55.0707 3736 spldr - ok 23:59:55.0707 3736 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\Windows\System32\spoolsv.exe 23:59:55.0723 3736 Spooler - ok 23:59:55.0801 3736 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe 23:59:55.0816 3736 sppsvc - ok 23:59:55.0847 3736 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll 23:59:55.0847 3736 sppuinotify - ok 23:59:55.0863 3736 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys 23:59:55.0863 3736 srv - ok 23:59:55.0863 3736 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys 23:59:55.0879 3736 srv2 - ok 23:59:55.0879 3736 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys 23:59:55.0879 3736 srvnet - ok 23:59:55.0879 3736 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll 23:59:55.0879 3736 SSDPSRV - ok 23:59:55.0894 3736 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll 23:59:55.0894 3736 SstpSvc - ok 23:59:55.0894 3736 Steam Client Service - ok 23:59:55.0910 3736 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 23:59:55.0910 3736 Stereo Service - ok 23:59:55.0910 3736 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 23:59:55.0910 3736 stexstor - ok 23:59:55.0925 3736 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll 23:59:55.0925 3736 StiSvc - ok 23:59:55.0925 3736 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys 23:59:55.0941 3736 storflt - ok 23:59:55.0941 3736 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll 23:59:55.0941 3736 StorSvc - ok 23:59:55.0941 3736 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys 23:59:55.0941 3736 storvsc - ok 23:59:55.0941 3736 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys 23:59:55.0941 3736 swenum - ok 23:59:55.0957 3736 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll 23:59:55.0957 3736 swprv - ok 23:59:55.0988 3736 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll 23:59:55.0988 3736 SysMain - ok 23:59:55.0988 3736 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll 23:59:55.0988 3736 TabletInputService - ok 23:59:56.0003 3736 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll 23:59:56.0003 3736 TapiSrv - ok 23:59:56.0003 3736 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll 23:59:56.0003 3736 TBS - ok 23:59:56.0050 3736 Tcpip (55e9965552741f3850cb22cbba9671ed) C:\Windows\system32\drivers\tcpip.sys 23:59:56.0050 3736 Tcpip - ok 23:59:56.0066 3736 TCPIP6 (55e9965552741f3850cb22cbba9671ed) C:\Windows\system32\DRIVERS\tcpip.sys 23:59:56.0066 3736 TCPIP6 - ok 23:59:56.0066 3736 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys 23:59:56.0066 3736 tcpipreg - ok 23:59:56.0081 3736 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys 23:59:56.0081 3736 TDPIPE - ok 23:59:56.0081 3736 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\Windows\system32\drivers\tdtcp.sys 23:59:56.0081 3736 TDTCP - ok 23:59:56.0081 3736 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys 23:59:56.0081 3736 tdx - ok 23:59:56.0081 3736 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys 23:59:56.0081 3736 TermDD - ok 23:59:56.0097 3736 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll 23:59:56.0097 3736 TermService - ok 23:59:56.0113 3736 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll 23:59:56.0113 3736 Themes - ok 23:59:56.0113 3736 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 23:59:56.0113 3736 THREADORDER - ok 23:59:56.0113 3736 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll 23:59:56.0113 3736 TrkWks - ok 23:59:56.0128 3736 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe 23:59:56.0128 3736 TrustedInstaller - ok 23:59:56.0128 3736 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys 23:59:56.0128 3736 tssecsrv - ok 23:59:56.0128 3736 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys 23:59:56.0128 3736 tunnel - ok 23:59:56.0144 3736 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 23:59:56.0144 3736 uagp35 - ok 23:59:56.0144 3736 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys 23:59:56.0144 3736 udfs - ok 23:59:56.0144 3736 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe 23:59:56.0159 3736 UI0Detect - ok 23:59:56.0159 3736 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys 23:59:56.0159 3736 uliagpkx - ok 23:59:56.0159 3736 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys 23:59:56.0159 3736 umbus - ok 23:59:56.0159 3736 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 23:59:56.0159 3736 UmPass - ok 23:59:56.0175 3736 UmRdpService (8ecaca5454844f66386f7be4ae0d7cd1) C:\Windows\System32\umrdp.dll 23:59:56.0175 3736 UmRdpService - ok 23:59:56.0175 3736 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 23:59:56.0191 3736 UMVPFSrv - ok 23:59:56.0191 3736 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll 23:59:56.0191 3736 upnphost - ok 23:59:56.0206 3736 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys 23:59:56.0206 3736 usbaudio - ok 23:59:56.0206 3736 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys 23:59:56.0206 3736 usbccgp - ok 23:59:56.0206 3736 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys 23:59:56.0206 3736 usbcir - ok 23:59:56.0206 3736 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys 23:59:56.0206 3736 usbehci - ok 23:59:56.0222 3736 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys 23:59:56.0222 3736 usbhub - ok 23:59:56.0222 3736 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys 23:59:56.0222 3736 usbohci - ok 23:59:56.0222 3736 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 23:59:56.0222 3736 usbprint - ok 23:59:56.0237 3736 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:59:56.0237 3736 USBSTOR - ok 23:59:56.0237 3736 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\DRIVERS\usbuhci.sys 23:59:56.0237 3736 usbuhci - ok 23:59:56.0237 3736 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll 23:59:56.0237 3736 UxSms - ok 23:59:56.0237 3736 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe 23:59:56.0237 3736 VaultSvc - ok 23:59:56.0237 3736 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys 23:59:56.0237 3736 vdrvroot - ok 23:59:56.0253 3736 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe 23:59:56.0253 3736 vds - ok 23:59:56.0269 3736 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 23:59:56.0269 3736 vga - ok 23:59:56.0269 3736 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 23:59:56.0269 3736 VgaSave - ok 23:59:56.0269 3736 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys 23:59:56.0269 3736 vhdmp - ok 23:59:56.0269 3736 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys 23:59:56.0284 3736 viaagp - ok 23:59:56.0284 3736 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 23:59:56.0284 3736 ViaC7 - ok 23:59:56.0284 3736 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys 23:59:56.0284 3736 viaide - ok 23:59:56.0284 3736 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys 23:59:56.0284 3736 vmbus - ok 23:59:56.0284 3736 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys 23:59:56.0284 3736 VMBusHID - ok 23:59:56.0300 3736 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys 23:59:56.0300 3736 volmgr - ok 23:59:56.0300 3736 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 23:59:56.0300 3736 volmgrx - ok 23:59:56.0315 3736 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys 23:59:56.0315 3736 volsnap - ok 23:59:56.0315 3736 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 23:59:56.0315 3736 vsmraid - ok 23:59:56.0347 3736 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe 23:59:56.0347 3736 VSS - ok 23:59:56.0362 3736 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 23:59:56.0362 3736 vwifibus - ok 23:59:56.0362 3736 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll 23:59:56.0362 3736 W32Time - ok 23:59:56.0378 3736 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 23:59:56.0378 3736 WacomPen - ok 23:59:56.0378 3736 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 23:59:56.0378 3736 WANARP - ok 23:59:56.0378 3736 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 23:59:56.0378 3736 Wanarpv6 - ok 23:59:56.0409 3736 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe 23:59:56.0425 3736 WatAdminSvc - ok 23:59:56.0456 3736 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe 23:59:56.0456 3736 wbengine - ok 23:59:56.0471 3736 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll 23:59:56.0471 3736 WbioSrvc - ok 23:59:56.0487 3736 wcncsvc (6d9b75275c3e3a5f51aef81affadb2b6) C:\Windows\System32\wcncsvc.dll 23:59:56.0487 3736 wcncsvc - ok 23:59:56.0487 3736 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll 23:59:56.0487 3736 WcsPlugInService - ok 23:59:56.0487 3736 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 23:59:56.0487 3736 Wd - ok 23:59:56.0503 3736 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 23:59:56.0503 3736 Wdf01000 - ok 23:59:56.0503 3736 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 23:59:56.0518 3736 WdiServiceHost - ok 23:59:56.0518 3736 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 23:59:56.0518 3736 WdiSystemHost - ok 23:59:56.0518 3736 WebClient (bb5ec38f8d4600119b4720bc5d4211f1) C:\Windows\System32\webclnt.dll 23:59:56.0518 3736 WebClient - ok 23:59:56.0534 3736 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll 23:59:56.0534 3736 Wecsvc - ok 23:59:56.0534 3736 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll 23:59:56.0534 3736 wercplsupport - ok 23:59:56.0549 3736 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll 23:59:56.0549 3736 WerSvc - ok 23:59:56.0549 3736 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 23:59:56.0549 3736 WfpLwf - ok 23:59:56.0549 3736 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 23:59:56.0549 3736 WIMMount - ok 23:59:56.0565 3736 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 23:59:56.0565 3736 WinDefend - ok 23:59:56.0581 3736 WinHttpAutoProxySvc - ok 23:59:56.0581 3736 WinisoCDBus (2e099c98a64f891de47a28fb8b9455fc) C:\Windows\system32\drivers\WinisoCDBus.sys 23:59:56.0581 3736 WinisoCDBus - ok 23:59:56.0596 3736 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll 23:59:56.0596 3736 Winmgmt - ok 23:59:56.0627 3736 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll 23:59:56.0627 3736 WinRM - ok 23:59:56.0659 3736 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll 23:59:56.0659 3736 Wlansvc - ok 23:59:56.0659 3736 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys 23:59:56.0659 3736 WmiAcpi - ok 23:59:56.0674 3736 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe 23:59:56.0674 3736 wmiApSrv - ok 23:59:56.0705 3736 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe 23:59:56.0705 3736 WMPNetworkSvc - ok 23:59:56.0705 3736 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll 23:59:56.0705 3736 WPCSvc - ok 23:59:56.0721 3736 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll 23:59:56.0721 3736 WPDBusEnum - ok 23:59:56.0721 3736 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 23:59:56.0721 3736 ws2ifsl - ok 23:59:56.0721 3736 wscsvc (a661a76333057b383a06e65f0073222f) C:\Windows\system32\wscsvc.dll 23:59:56.0721 3736 wscsvc - ok 23:59:56.0721 3736 WSearch - ok 23:59:56.0783 3736 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll 23:59:56.0783 3736 wuauserv - ok 23:59:56.0799 3736 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys 23:59:56.0815 3736 WudfPf - ok 23:59:56.0815 3736 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys 23:59:56.0815 3736 WUDFRd - ok 23:59:56.0815 3736 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll 23:59:56.0815 3736 wudfsvc - ok 23:59:56.0830 3736 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll 23:59:56.0830 3736 WwanSvc - ok 23:59:56.0830 3736 yukonw7 (b07c5b7efdf936ff93d4f540938725be) C:\Windows\system32\DRIVERS\yk62x86.sys 23:59:56.0846 3736 yukonw7 - ok 23:59:56.0846 3736 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1 23:59:56.0893 3736 \Device\Harddisk1\DR1 - ok 23:59:56.0893 3736 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 23:59:56.0971 3736 \Device\Harddisk0\DR0 - ok 23:59:56.0971 3736 Boot (0x1200) (06b83b71ac872132e1401c8c22c79bed) \Device\Harddisk1\DR1\Partition0 23:59:56.0971 3736 \Device\Harddisk1\DR1\Partition0 - ok 23:59:56.0971 3736 Boot (0x1200) (f8c08ff3cef97accb85180926c7e0c2a) \Device\Harddisk0\DR0\Partition0 23:59:56.0971 3736 \Device\Harddisk0\DR0\Partition0 - ok 23:59:56.0971 3736 Boot (0x1200) (a71120c5542f53f74b474e50fe4a7311) \Device\Harddisk0\DR0\Partition1 23:59:56.0971 3736 \Device\Harddisk0\DR0\Partition1 - ok 23:59:56.0971 3736 ============================================================ 23:59:56.0971 3736 Scan finished 23:59:56.0971 3736 ============================================================ 23:59:56.0986 2192 Detected object count: 0 23:59:56.0986 2192 Actual detected object count: 0 And here is the aswMBR: aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-07-08 00:01:23 ----------------------------- 00:01:23.571 OS Version: Windows 6.1.7600 00:01:23.571 Number of processors: 8 586 0x1A05 00:01:23.571 ComputerName: COMPUTRESS UserName: Fable 00:01:28.333 Initialize success 00:02:28.121 AVAST engine defs: 12070701 00:02:35.204 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 00:02:35.204 Disk 0 Vendor: SAMSUNG_HD103SI 1AG01118 Size: 953869MB BusType: 3 00:02:35.219 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0 00:02:35.219 Disk 1 Vendor: OCZ-VERTEX 1.5 Size: 30533MB BusType: 3 00:02:35.219 Disk 1 MBR read successfully 00:02:35.219 Disk 1 MBR scan 00:02:35.219 Disk 1 Windows 7 default MBR code 00:02:35.235 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 30531 MB offset 2048 00:02:35.235 Disk 1 scanning sectors +62529536 00:02:35.251 Disk 1 scanning C:\Windows\system32\drivers 00:02:37.481 Service scanning 00:02:43.846 Modules scanning 00:02:45.921 Disk 1 trace - called modules: 00:02:45.921 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll pciide.sys PCIIDEX.SYS atapi.sys 00:02:45.921 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x85e9aac8] 00:02:45.921 3 CLASSPNP.SYS[8b1b059e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84fd4908] 00:02:46.046 AVAST engine scan C:\Windows 00:02:46.514 AVAST engine scan C:\Windows\system32 00:03:31.566 AVAST engine scan C:\Windows\system32\drivers 00:03:34.046 AVAST engine scan C:\Users\Fable 00:03:46.542 AVAST engine scan C:\ProgramData 00:03:48.170 Scan finished successfully 00:04:22.140 Disk 1 MBR has been saved successfully to "C:\Users\Fable\Desktop\MBR.dat" 00:04:22.140 The log file has been saved successfully to "C:\Users\Fable\Desktop\aswMBR.txt" How's it looking, boss?
  6. Thank you so much for responding so promptly! Here is the Security Check: Results of screen317's Security Check version 0.99.42 Windows 7 x86 (UAC is enabled) Out of date service pack!! Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Microsoft Security Essentials (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.61.0.1400 JavaFX 2.1.0 Java 6 Update 22 Java 7 Update 4 Java version out of Date! Adobe Flash Player 11.2.202.235 Adobe Reader X (10.1.3) Google Chrome 19.0.1084.56 Google Chrome 20.0.1132.47 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials msseces.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 6% ````````````````````End of Log`````````````````````` And here is the ComboFix log: 1ComboFix 12-07-07.04 - Fable 07/07/2012 12:44:46.1.8 - x86 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.3063.2327 [GMT -4:00] Running from: c:\users\Fable\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Fable\AppData\Local\{edfe05c3-645f-9769-6f6f-9033e04473af}\@ c:\users\Fable\AppData\Local\{edfe05c3-645f-9769-6f6f-9033e04473af}\n c:\users\Fable\AppData\Roaming\uireap.dll c:\windows\assembly\GAC\Desktop.ini c:\windows\Installer\{edfe05c3-645f-9769-6f6f-9033e04473af}\@ c:\windows\Installer\{edfe05c3-645f-9769-6f6f-9033e04473af}\L\00000004.@ c:\windows\Installer\{edfe05c3-645f-9769-6f6f-9033e04473af}\L\1afb2d56 c:\windows\Installer\{edfe05c3-645f-9769-6f6f-9033e04473af}\L\201d3dde c:\windows\Installer\{edfe05c3-645f-9769-6f6f-9033e04473af}\n c:\windows\Installer\{edfe05c3-645f-9769-6f6f-9033e04473af}\U\00000004.@ c:\windows\Installer\{edfe05c3-645f-9769-6f6f-9033e04473af}\U\00000008.@ c:\windows\Installer\{edfe05c3-645f-9769-6f6f-9033e04473af}\U\000000cb.@ c:\windows\Installer\{edfe05c3-645f-9769-6f6f-9033e04473af}\U\80000000.@ c:\windows\Installer\{edfe05c3-645f-9769-6f6f-9033e04473af}\U\80000032.@ . Infected copy of c:\windows\system32\services.exe was found and disinfected Restored copy from - c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe . . ((((((((((((((((((((((((( Files Created from 2012-06-07 to 2012-07-07 ))))))))))))))))))))))))))))))) . . 2012-07-07 16:47 . 2012-07-07 16:48 -------- d-----w- c:\users\Fable\AppData\Local\temp 2012-07-07 16:47 . 2012-07-07 16:47 -------- d-----w- c:\users\Wait\AppData\Local\temp 2012-07-07 16:47 . 2012-07-07 16:47 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-07-07 16:47 . 2012-07-07 16:47 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-05 00:22 . 2012-07-05 00:22 -------- d-----w- c:\users\Fable\AppData\Roaming\Malwarebytes 2012-07-05 00:22 . 2012-07-05 00:22 -------- d-----w- c:\programdata\Malwarebytes 2012-07-05 00:22 . 2012-04-04 19:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-04 23:45 . 2012-07-05 01:38 -------- d-----w- c:\users\Fable\AppData\Local\ElevatedDiagnostics 2012-07-04 22:42 . 2012-07-04 22:42 -------- d-sh--w- c:\windows\system32\%APPDATA% 2012-07-04 01:38 . 2012-07-04 01:38 -------- d-----w- c:\users\Fable\AppData\Roaming\fltk.org 2012-07-04 01:38 . 2012-07-04 01:38 -------- d-----w- c:\programdata\fltk.org 2012-07-03 21:28 . 2012-07-03 21:28 -------- d-----w- c:\users\Fable\AppData\Roaming\LoneSurvivor 2012-07-03 19:32 . 2012-05-12 15:59 713784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2231B3C5-0303-46D3-A73E-447FD132883D}\gapaengine.dll 2012-07-03 19:32 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{21450275-2649-4826-8028-5AEC25A6DAFD}\mpengine.dll 2012-07-02 02:55 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-23 18:09 . 2004-02-27 04:00 962612 ----a-w- c:\windows\system32\mfc42d.dll 2012-06-23 18:09 . 2004-02-17 04:00 434252 ----a-w- c:\windows\system32\MSVCRTD.DLL 2012-06-23 18:09 . 2012-06-23 18:09 -------- d-----w- c:\program files\ASUS 2012-06-23 18:09 . 2007-12-17 21:14 12400 ----a-w- c:\windows\system32\drivers\AsIO.sys 2012-06-23 18:09 . 2006-01-10 20:50 24576 ----a-w- c:\windows\system32\AsIO.dll 2012-06-23 18:07 . 2009-05-13 23:11 6504 ----a-w- c:\windows\system32\drivers\ASACPI.sys 2012-06-22 13:41 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-22 13:41 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-22 13:41 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-22 13:41 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-22 13:41 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-22 13:41 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-22 13:41 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-22 13:41 . 2012-06-02 19:19 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-22 13:41 . 2012-06-02 19:12 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-20 00:44 . 2012-06-20 00:44 -------- d-----w- c:\users\Fable\AppData\Roaming\e-academy Inc 2012-06-15 03:27 . 2012-06-15 03:27 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2012-06-14 22:45 . 2009-02-27 07:42 31640 ----a-w- c:\windows\system32\msonpmon.dll 2012-06-14 22:45 . 2006-10-26 23:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll 2012-06-14 22:45 . 2012-06-18 01:59 -------- d-----w- c:\program files\Microsoft Works 2012-06-14 22:44 . 2012-06-14 22:44 -------- d-----w- c:\windows\PCHEALTH 2012-06-14 22:43 . 2012-06-14 22:43 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2012-06-14 22:43 . 2012-06-27 23:58 -------- d-----w- c:\users\Fable\AppData\Local\Microsoft Help 2012-06-14 22:43 . 2012-06-19 02:34 -------- d-----w- c:\programdata\Microsoft Help 2012-06-13 23:57 . 2012-04-28 03:19 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-13 23:57 . 2012-04-07 11:34 2342400 ----a-w- c:\windows\system32\msi.dll 2012-06-13 23:57 . 2012-05-15 01:12 2342400 ----a-w- c:\windows\system32\win32k.sys 2012-06-13 23:57 . 2012-04-26 04:48 57856 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-13 23:57 . 2012-04-26 04:48 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-13 23:57 . 2012-04-26 04:43 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-13 23:56 . 2012-05-02 04:52 163328 ----a-w- c:\windows\system32\profsvc.dll 2012-06-13 23:56 . 2012-04-24 04:47 139264 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-13 23:56 . 2012-04-24 04:47 103936 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-13 23:56 . 2012-04-24 04:47 1156608 ----a-w- c:\windows\system32\crypt32.dll 2012-06-12 19:15 . 2012-05-12 15:59 713784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-20 18:47 . 2012-05-20 18:29 21840 ----atw- c:\windows\system32\SIntfNT.dll 2012-05-20 18:47 . 2012-05-20 18:29 17212 ----atw- c:\windows\system32\SIntf32.dll 2012-05-20 18:47 . 2012-05-20 18:29 12067 ----atw- c:\windows\system32\SIntf16.dll 2012-05-20 18:22 . 2012-05-20 18:22 94208 ----a-w- c:\windows\DIIUnin.exe 2012-05-20 18:22 . 2012-05-20 18:22 2829 ----a-w- c:\windows\DIIUnin.pif 2012-05-17 02:20 . 2012-05-13 05:27 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-17 02:20 . 2012-05-13 05:27 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-15 10:26 . 2012-05-22 14:43 5982528 ----a-w- c:\windows\system32\nvcuda.dll 2012-05-15 10:26 . 2012-05-22 14:43 2524992 ----a-w- c:\windows\system32\nvcuvid.dll 2012-05-15 10:26 . 2012-05-22 14:43 2445120 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-05-15 10:26 . 2012-05-22 14:43 19607872 ----a-w- c:\windows\system32\nvoglv32.dll 2012-05-15 10:26 . 2012-05-22 14:43 11354944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-05-15 10:26 . 2012-05-22 14:43 17551680 ----a-w- c:\windows\system32\nvcompiler.dll 2012-05-15 10:26 . 2012-05-15 01:47 883008 ----a-w- c:\windows\system32\nvgenco32.dll 2012-05-15 10:26 . 2012-05-15 01:47 61248 ----a-w- c:\windows\system32\OpenCL.dll 2012-05-15 10:26 . 2012-05-15 01:47 2368832 ----a-w- c:\windows\system32\nvapi.dll 2012-05-15 10:26 . 2012-05-15 01:47 1000768 ----a-w- c:\windows\system32\nvdispco32.dll 2012-05-15 10:26 . 2009-07-13 22:09 8105280 ----a-w- c:\windows\system32\nvwgf2um.dll 2012-05-15 10:26 . 2009-06-10 21:19 15322432 ----a-w- c:\windows\system32\nvd3dum.dll 2012-05-15 09:28 . 2012-05-15 01:48 645440 ----a-w- c:\windows\system32\nvvsvc.exe 2012-05-15 09:28 . 2012-05-15 01:48 62272 ----a-w- c:\windows\system32\nvshext.dll 2012-05-15 09:28 . 2012-05-15 01:48 108352 ----a-w- c:\windows\system32\nvmctray.dll 2012-05-15 09:28 . 2012-05-15 01:48 3931456 ----a-w- c:\windows\system32\nvcpl.dll 2012-05-15 09:27 . 2012-05-15 01:48 2759488 ----a-w- c:\windows\system32\nvsvc.dll 2012-05-15 06:21 . 2012-05-15 06:21 423744 ----a-w- c:\windows\system32\nvStreaming.exe 2012-05-12 15:59 . 2012-05-12 15:59 86528 ----a-w- c:\windows\system32\iesysprep.dll 2012-05-12 15:59 . 2012-05-12 15:59 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-05-12 15:59 . 2012-05-12 15:59 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-05-12 15:59 . 2012-05-12 15:59 74752 ----a-w- c:\windows\system32\iesetup.dll 2012-05-12 15:59 . 2012-05-12 15:59 63488 ----a-w- c:\windows\system32\tdc.ocx 2012-05-12 15:59 . 2012-05-12 15:59 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-05-12 15:59 . 2012-05-12 15:59 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-05-12 15:59 . 2012-05-12 15:59 367104 ----a-w- c:\windows\system32\html.iec 2012-05-12 15:59 . 2012-05-12 15:59 35840 ----a-w- c:\windows\system32\imgutil.dll 2012-05-12 15:59 . 2012-05-12 15:59 23552 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-12 15:59 . 2012-05-12 15:59 161792 ----a-w- c:\windows\system32\msls31.dll 2012-05-12 15:59 . 2012-05-12 15:59 152064 ----a-w- c:\windows\system32\wextract.exe 2012-05-12 15:59 . 2012-05-12 15:59 150528 ----a-w- c:\windows\system32\iexpress.exe 2012-05-12 15:59 . 2012-05-12 15:59 11776 ----a-w- c:\windows\system32\mshta.exe 2012-05-12 15:59 . 2012-05-12 15:59 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-05-12 15:59 . 2012-05-12 15:59 101888 ----a-w- c:\windows\system32\admparse.dll 2012-05-12 15:59 . 2012-05-12 15:59 3181568 ----a-w- c:\windows\system32\mf.dll 2012-05-12 15:59 . 2012-05-12 15:59 196608 ----a-w- c:\windows\system32\mfreadwrite.dll 2012-05-12 15:59 . 2012-05-12 15:59 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL 2012-05-12 15:59 . 2012-05-12 15:59 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll 2012-05-12 15:59 . 2012-05-12 15:59 135168 ----a-w- c:\windows\system32\XpsRasterService.dll 2012-05-09 09:12 . 2012-05-20 17:21 121600 ----a-w- c:\windows\system32\drivers\WinisoCDBus.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="f:\skype\Phone\Skype.exe" [2012-06-05 17344176] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712] "Razer TRON Driver"="f:\program files\Razer\Razer TRON\RazerTRONSysTray.exe" [2011-02-25 958352] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "GrooveMonitor"="f:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [x] R3 skfiltv;skfiltv;c:\windows\system32\drivers\skfiltv.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x] S2 SkypeUpdate;Skype Updater;f:\skype\Updater\Updater.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x] S2 WinisoCDBus;WinISO Virtual CD Drive;c:\windows\system32\drivers\WinisoCDBus.sys [x] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2012-07-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-876256292-3750786711-1594322207-1001Core.job - c:\users\Fable\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-04 01:41] . 2012-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-876256292-3750786711-1594322207-1001UA.job - c:\users\Fable\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-04 01:41] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/ IE: E&xport to Microsoft Excel - f:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 . - - - - ORPHANS REMOVED - - - - . HKCU-Run-uireap - c:\users\Fable\AppData\Roaming\uireap.dll SafeBoot-MsMpSvc . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\NVIDIA Corporation\Display\nvxdsync.exe c:\windows\system32\nvvsvc.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe c:\program files\NVIDIA Corporation\Display\nvtray.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Completion time: 2012-07-07 12:49:52 - machine was rebooted ComboFix-quarantined-files.txt 2012-07-07 16:49 . Pre-Run: 9,175,777,280 bytes free Post-Run: 9,470,136,320 bytes free . - - End Of File - - B8A2E81750DE810BBF1EC5FBD0A4712D Ok so it does looks like it worked. There are still desktop.inis on my desktop but from what I understand those might be the harmless ones. Also my Microsoft Security Essentialls is still disabled with error code 0x80070424. Is this a symptom of something still going on or does that just need a reinstall? Also is there any other damage clean ups I need to perform?
  7. Hello good people, So Malewarebytes finds trojan.0access in desktop.ini. Microsoft Safety Scanner finds sirefef. Both programs claim to delete these but upon restart they're always still there. Attached are the requested files. Please assist because I need help. Attach.txt DDS.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.