Jump to content

DesertLion

Members
 View Profile  See their activity

  • Posts

    9

  • Joined

  • Last visited

 Content Type 

Everything posted by DesertLion

  1. DesertLion
    I'll execute the cleanup steps. Thank you again for your time.
  2. DesertLion
    Finished running every scan I can think of and they all indicate that the problem is resolved. Thank you for your help. It is much appreciated.
  3. DesertLion
    I am in the process of running various malware/virus scans now. I will let you know tomorrow if anything else pops up. Thanks for all of your help Catbyte. I may yet be persuaded that cats are better than dogs. ComboFix 12-12-01.02 - Joe 12/03/2012 18:33:35.2.8 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8182.6595 [GMT -6:00] Running from: c:\users\Joe\Desktop\ComboFix.exe Command switches used :: c:\users\Joe\Desktop\CFScript.txt SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\programdata\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip" "c:\programdata\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric1.zip" "c:\programdata\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric2.zip" "c:\users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip" "c:\users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric1.zip" "c:\users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric2.zip" "c:\users\Joe\AppData\Local\AOL\AIM\update\install.exe" "f:\users\Joe\Documents\Installers\vlcmediaplayer-setup.exe" "f:\users\Joe\Documents\Installers\WormsArmageddon-dm.exe" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip c:\programdata\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric1.zip c:\programdata\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric2.zip c:\users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip c:\users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric1.zip c:\users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric2.zip c:\users\Joe\AppData\Local\AOL\AIM\update\install.exe f:\users\Joe\Documents\Installers\vlcmediaplayer-setup.exe f:\users\Joe\Documents\Installers\WormsArmageddon-dm.exe . . ((((((((((((((((((((((((( Files Created from 2012-11-04 to 2012-12-04 ))))))))))))))))))))))))))))))) . . 2012-12-04 00:36 . 2012-12-04 00:36 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-04 00:23 . 2012-12-04 00:23 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D9912CB4-54D9-4ACC-BB50-85CC8C111901}\offreg.dll 2012-12-03 01:35 . 2012-11-19 07:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D9912CB4-54D9-4ACC-BB50-85CC8C111901}\mpengine.dll 2012-12-03 01:21 . 2012-12-03 01:21 -------- d-----w- c:\windows\ERUNT 2012-12-03 01:21 . 2012-12-03 01:21 -------- d-----w- C:\JRT 2012-12-02 23:14 . 2012-12-02 23:14 -------- d-----w- C:\TDSSKiller_Quarantine 2012-12-02 04:45 . 2012-12-02 04:45 -------- d-----w- c:\users\Joe\AppData\Roaming\Malwarebytes 2012-12-02 04:45 . 2012-12-02 04:45 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-12-02 04:45 . 2012-12-02 04:45 -------- d-----w- c:\programdata\Malwarebytes 2012-12-02 04:45 . 2012-09-30 01:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-12-02 04:10 . 2012-12-02 04:10 -------- d-----w- c:\program files (x86)\PC Tools 2012-12-02 04:08 . 2012-12-02 04:51 -------- d-----w- c:\program files (x86)\Common Files\PC Tools 2012-12-02 04:08 . 2012-11-01 21:35 253256 ----a-w- c:\windows\system32\drivers\PCTSD64.sys 2012-12-02 04:08 . 2012-12-02 04:44 -------- d-----w- c:\programdata\PC Tools 2012-12-02 04:08 . 2012-12-02 04:08 -------- d-----w- c:\users\Joe\AppData\Roaming\TestApp 2012-11-19 23:07 . 2012-11-19 23:07 -------- d-----w- c:\programdata\OptiTex 2012-11-17 23:29 . 2012-11-17 23:30 -------- d-----w- c:\users\UpdatusUser 2012-11-17 23:29 . 2012-11-17 23:30 -------- d-----w- c:\program files (x86)\NVIDIA Corporation 2012-11-17 23:29 . 2012-12-04 00:12 -------- d-----w- c:\programdata\NVIDIA 2012-11-17 23:29 . 2012-10-02 19:51 3293544 ----a-w- c:\windows\system32\nvsvc64.dll 2012-11-17 23:29 . 2012-10-02 19:51 6200680 ----a-w- c:\windows\system32\nvcpl.dll 2012-11-17 23:29 . 2012-10-02 19:50 891240 ----a-w- c:\windows\system32\nvvsvc.exe 2012-11-17 23:29 . 2012-10-02 19:50 63336 ----a-w- c:\windows\system32\nvshext.dll 2012-11-17 23:29 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll 2012-11-17 23:29 . 2012-10-02 19:50 118120 ----a-w- c:\windows\system32\nvmctray.dll 2012-11-14 12:10 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-11-14 12:10 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-11-14 12:10 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui 2012-11-14 12:10 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-11-14 12:05 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll 2012-11-14 12:05 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll 2012-11-14 12:05 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2012-11-14 12:05 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2012-11-14 12:05 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe 2012-11-14 12:05 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll 2012-11-14 12:05 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2012-11-14 12:02 . 2012-10-03 17:56 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-11-14 12:02 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll 2012-11-14 12:02 . 2012-10-03 17:44 303104 ----a-w- c:\windows\system32\nlasvc.dll 2012-11-14 12:02 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll 2012-11-14 12:02 . 2012-10-03 17:44 18944 ----a-w- c:\windows\system32\netevent.dll 2012-11-14 12:02 . 2012-10-03 17:44 216576 ----a-w- c:\windows\system32\ncsi.dll 2012-11-14 12:02 . 2012-10-03 17:42 569344 ----a-w- c:\windows\system32\iphlpsvc.dll 2012-11-14 12:02 . 2012-10-03 16:42 18944 ----a-w- c:\windows\SysWow64\netevent.dll 2012-11-14 12:02 . 2012-10-03 16:42 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll 2012-11-14 12:02 . 2012-10-03 16:42 156672 ----a-w- c:\windows\SysWow64\ncsi.dll 2012-11-14 12:02 . 2012-10-03 16:07 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-11-14 12:02 . 2012-01-13 07:12 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll 2012-11-14 11:56 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll 2012-11-14 11:56 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll 2012-11-14 11:53 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-11-14 11:53 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-11-14 11:53 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll 2012-11-14 11:53 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll 2012-11-14 11:53 . 2012-10-18 18:25 3149824 ----a-w- c:\windows\system32\win32k.sys 2012-11-06 23:33 . 2012-11-06 23:33 -------- d-----w- c:\windows\[systemFolder] 2012-11-06 01:56 . 2012-11-06 01:56 -------- d-----w- c:\users\Joe\AppData\Roaming\CocotronLibrary . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-19 14:06 . 2012-08-16 01:46 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-11-19 14:06 . 2012-08-16 01:46 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-11-14 12:06 . 2012-08-16 00:03 66395536 ----a-w- c:\windows\system32\MRT.exe 2012-10-16 08:38 . 2012-11-28 11:04 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38 . 2012-11-28 11:04 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39 . 2012-11-28 11:04 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-11 03:23 . 2012-10-11 03:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2012-10-11 03:23 . 2012-10-11 03:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll 2012-10-11 03:23 . 2012-10-11 03:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll 2012-10-11 03:23 . 2012-10-11 03:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll 2012-10-11 03:23 . 2012-10-11 03:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-10-11 03:23 . 2012-10-11 03:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll 2012-10-11 03:23 . 2012-10-11 03:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll 2012-10-11 03:23 . 2012-10-11 03:23 2731880 ----a-w- c:\windows\system32\nvapi64.dll 2012-10-11 03:23 . 2012-10-11 03:23 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-10-11 03:23 . 2012-10-11 03:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll 2012-10-11 03:23 . 2012-10-11 03:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-10-11 03:23 . 2012-10-11 03:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-10-11 03:23 . 2012-10-11 03:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2012-10-11 03:22 . 2012-10-11 03:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-10-11 03:22 . 2012-10-11 03:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll 2012-10-11 03:22 . 2012-02-10 03:43 1760104 ----a-w- c:\windows\system32\nvdispco64.dll 2012-10-11 03:22 . 2012-10-11 03:22 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-10-11 03:22 . 2012-10-11 03:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll 2012-10-11 03:22 . 2012-10-11 03:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2012-10-11 03:22 . 2012-10-11 03:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-10-11 03:22 . 2012-10-11 03:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-10-02 19:15 . 2012-10-02 19:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2012-09-14 19:19 . 2012-10-10 10:08 2048 ----a-w- c:\windows\system32\tzres.dll 2012-09-14 18:28 . 2012-10-10 10:08 2048 ----a-w- c:\windows\SysWow64\tzres.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "Calendarscope"="c:\program files (x86)\Calendarscope\csde.exe" [2012-09-17 2848696] "TivoTransfer"="c:\program files (x86)\TiVo\Desktop\TiVoTransfer.exe" [2010-08-24 608528] "TranscodingService"="c:\program files (x86)\TiVo\Desktop\Plus\\TranscodingService.exe" [2010-08-24 856336] "TivoNotify"="c:\program files (x86)\TiVo\Desktop\TiVoNotify.exe" [2010-08-24 437520] "TivoServer"="c:\program files (x86)\TiVo\Desktop\TiVoServer.exe" [2010-08-24 2264336] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "Memeo Backup Premium"="c:\program files (x86)\Memeo\AutoBackupPro\MemeoLauncher2.exe" [2012-04-14 131072] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-30 676936] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736] R3 USTOR2K;USB Mass Storage Windows Driver;c:\windows\system32\DRIVERS\ustor2k.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-16 1255736] R4 TivoBeacon2;TiVo Beacon Service;c:\program files (x86)\TiVo\Desktop\TiVoBeacon.exe [2010-08-24 1104656] S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-30 399432] S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackupPro\MemeoBackgroundService.exe [2010-03-22 25824] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] S3 UsbFltr;WayTech USB Filter Driver;c:\windows\system32\Drivers\UsbFltr.sys [2007-04-09 12288] . . Contents of the 'Scheduled Tasks' folder . 2012-11-19 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job - c:\program files (x86)\Spybot - Search & Destroy\SpybotSD.exe [2012-08-16 22:31] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.yahoo.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local;<local> IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 Trusted Zone: comiclife.com TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS REMOVED - - - - . SafeBoot-18182204.sys WebBrowser-{A13C2648-91D4-4BF3-BC6D-0079707C4389} - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-12-03 18:37:16 ComboFix-quarantined-files.txt 2012-12-04 00:37 . Pre-Run: 913,705,095,168 bytes free Post-Run: 913,320,488,960 bytes free . - - End Of File - - 90565DE443915274D1CF697C2A87EE33
  4. DesertLion
    I will give it a try after I get home from work tonight.
  5. DesertLion
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 3.7.4 (12.02.2012:1) OS: Windows 7 Professional x64 Ran by Joe on Sun 12/02/2012 at 19:21:39.91 Blog: http://thisisudax.blogspot.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\escort.dll" Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\escortapp.dll" Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\escorteng.dll" Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\escortlbr.dll" Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afbcb7e0-f91a-4951-9f31-58fee57a25c4} ~~~ Files Successfully deleted: [File] "C:\Users\Joe\appdata\local\funmoods-speeddial.crx" ~~~ Folders Successfully deleted: [Folder] "C:\Users\Joe\appdata\locallow\minibar" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sun 12/02/2012 at 19:23:53.91 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v2.011 - Logfile created 12/02/2012 at 19:27:00 # Updated 02/12/2012 by Xplode # Operating system : Windows 7 Professional Service Pack 1 (64 bits) # User : Joe - JOE-PC # Boot Mode : Normal # Running from : C:\Users\Joe\Desktop\AdwCleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136} Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16455 [OK] Registry is clean. -\\ Google Chrome v [unable to get version] File : C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[s1].txt - [2578 octets] - [02/12/2012 19:27:00] ########## EOF - C:\AdwCleaner[s1].txt - [2638 octets] ########## ESET Results... C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip Win32/Bagle.gen.zip worm C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric1.zip Win32/Bagle.gen.zip worm C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric2.zip Win32/Bagle.gen.zip worm C:\TDSSKiller_Quarantine\02.12.2012_17.13.33\mbr0000\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan C:\TDSSKiller_Quarantine\02.12.2012_17.13.33\mbr0000\tdlfs0000\tsk0001.dta a variant of Win64/Olmarik.AM trojan C:\TDSSKiller_Quarantine\02.12.2012_17.13.33\mbr0000\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.QM trojan C:\TDSSKiller_Quarantine\02.12.2012_17.13.33\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AN trojan C:\TDSSKiller_Quarantine\02.12.2012_17.13.33\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan C:\TDSSKiller_Quarantine\02.12.2012_17.13.33\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan C:\Users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip Win32/Bagle.gen.zip worm C:\Users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric1.zip Win32/Bagle.gen.zip worm C:\Users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric2.zip Win32/Bagle.gen.zip worm C:\Users\Joe\AppData\Local\AOL\AIM\update\install.exe Win32/OpenCandy application F:\Users\Joe\Documents\Installers\vlcmediaplayer-setup.exe Win32/DownloadAdmin.A.Gen application F:\Users\Joe\Documents\Installers\WormsArmageddon-dm.exe a variant of Win32/Adware.Trymedia.A application
  6. DesertLion
    TDSS Killer... 17:13:33.0524 3636 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 17:13:33.0524 3636 ============================================================ 17:13:33.0524 3636 Current date / time: 2012/12/02 17:13:33.0524 17:13:33.0524 3636 SystemInfo: 17:13:33.0524 3636 17:13:33.0524 3636 OS Version: 6.1.7601 ServicePack: 1.0 17:13:33.0524 3636 Product type: Workstation 17:13:33.0524 3636 ComputerName: JOE-PC 17:13:33.0524 3636 UserName: Joe 17:13:33.0524 3636 Windows directory: C:\Windows 17:13:33.0524 3636 System windows directory: C:\Windows 17:13:33.0524 3636 Running under WOW64 17:13:33.0524 3636 Processor architecture: Intel x64 17:13:33.0524 3636 Number of processors: 8 17:13:33.0524 3636 Page size: 0x1000 17:13:33.0524 3636 Boot type: Normal boot 17:13:33.0524 3636 ============================================================ 17:13:34.0304 3636 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:13:34.0304 3636 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:13:34.0319 3636 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:13:34.0335 3636 ============================================================ 17:13:34.0335 3636 \Device\Harddisk2\DR2: 17:13:34.0335 3636 MBR partitions: 17:13:34.0335 3636 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800 17:13:34.0335 3636 \Device\Harddisk0\DR0: 17:13:34.0335 3636 MBR partitions: 17:13:34.0335 3636 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 17:13:34.0335 3636 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800 17:13:34.0335 3636 \Device\Harddisk1\DR1: 17:13:34.0350 3636 MBR partitions: 17:13:34.0350 3636 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1 17:13:34.0350 3636 ============================================================ 17:13:34.0397 3636 C: <-> \Device\Harddisk0\DR0\Partition2 17:13:34.0444 3636 E: <-> \Device\Harddisk1\DR1\Partition1 17:13:34.0460 3636 F: <-> \Device\Harddisk2\DR2\Partition1 17:13:34.0460 3636 ============================================================ 17:13:34.0460 3636 Initialize success 17:13:34.0460 3636 ============================================================ 17:13:51.0729 3840 ============================================================ 17:13:51.0729 3840 Scan started 17:13:51.0729 3840 Mode: Manual; TDLFS; 17:13:51.0729 3840 ============================================================ 17:13:52.0150 3840 ================ Scan system memory ======================== 17:13:52.0150 3840 System memory - ok 17:13:52.0150 3840 ================ Scan services ============================= 17:13:52.0244 3840 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 17:13:52.0244 3840 1394ohci - ok 17:13:52.0259 3840 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 17:13:52.0259 3840 ACPI - ok 17:13:52.0259 3840 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 17:13:52.0259 3840 AcpiPmi - ok 17:13:52.0322 3840 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 17:13:52.0322 3840 AdobeARMservice - ok 17:13:52.0337 3840 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 17:13:52.0353 3840 adp94xx - ok 17:13:52.0368 3840 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 17:13:52.0368 3840 adpahci - ok 17:13:52.0368 3840 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 17:13:52.0368 3840 adpu320 - ok 17:13:52.0400 3840 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 17:13:52.0400 3840 AeLookupSvc - ok 17:13:52.0431 3840 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 17:13:52.0446 3840 AFD - ok 17:13:52.0446 3840 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 17:13:52.0446 3840 agp440 - ok 17:13:52.0462 3840 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 17:13:52.0462 3840 ALG - ok 17:13:52.0478 3840 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 17:13:52.0478 3840 aliide - ok 17:13:52.0493 3840 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 17:13:52.0493 3840 amdide - ok 17:13:52.0509 3840 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 17:13:52.0509 3840 AmdK8 - ok 17:13:52.0524 3840 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 17:13:52.0524 3840 AmdPPM - ok 17:13:52.0524 3840 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 17:13:52.0524 3840 amdsata - ok 17:13:52.0540 3840 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 17:13:52.0540 3840 amdsbs - ok 17:13:52.0556 3840 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 17:13:52.0556 3840 amdxata - ok 17:13:52.0571 3840 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 17:13:52.0571 3840 AppID - ok 17:13:52.0587 3840 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 17:13:52.0587 3840 AppIDSvc - ok 17:13:52.0618 3840 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 17:13:52.0618 3840 Appinfo - ok 17:13:52.0680 3840 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 17:13:52.0680 3840 Apple Mobile Device - ok 17:13:52.0712 3840 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll 17:13:52.0712 3840 AppMgmt - ok 17:13:52.0727 3840 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 17:13:52.0727 3840 arc - ok 17:13:52.0727 3840 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 17:13:52.0727 3840 arcsas - ok 17:13:52.0774 3840 [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys 17:13:52.0774 3840 AsIO - ok 17:13:52.0805 3840 [ 26D66E32E78D3059715B3A17BC679CD9 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys 17:13:52.0805 3840 AsUpIO - ok 17:13:52.0821 3840 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 17:13:52.0821 3840 AsyncMac - ok 17:13:52.0821 3840 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 17:13:52.0821 3840 atapi - ok 17:13:52.0836 3840 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 17:13:52.0852 3840 AudioEndpointBuilder - ok 17:13:52.0852 3840 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 17:13:52.0852 3840 AudioSrv - ok 17:13:52.0868 3840 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 17:13:52.0883 3840 AxInstSV - ok 17:13:52.0899 3840 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 17:13:52.0899 3840 b06bdrv - ok 17:13:52.0914 3840 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 17:13:52.0914 3840 b57nd60a - ok 17:13:52.0946 3840 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 17:13:52.0946 3840 BDESVC - ok 17:13:52.0946 3840 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 17:13:52.0946 3840 Beep - ok 17:13:52.0977 3840 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 17:13:52.0992 3840 BFE - ok 17:13:53.0008 3840 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll 17:13:53.0024 3840 BITS - ok 17:13:53.0024 3840 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 17:13:53.0039 3840 blbdrive - ok 17:13:53.0070 3840 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 17:13:53.0086 3840 Bonjour Service - ok 17:13:53.0102 3840 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 17:13:53.0102 3840 bowser - ok 17:13:53.0117 3840 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 17:13:53.0117 3840 BrFiltLo - ok 17:13:53.0117 3840 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 17:13:53.0117 3840 BrFiltUp - ok 17:13:53.0133 3840 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 17:13:53.0133 3840 BridgeMP - ok 17:13:53.0148 3840 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 17:13:53.0148 3840 Browser - ok 17:13:53.0164 3840 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 17:13:53.0164 3840 Brserid - ok 17:13:53.0180 3840 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 17:13:53.0180 3840 BrSerWdm - ok 17:13:53.0180 3840 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 17:13:53.0180 3840 BrUsbMdm - ok 17:13:53.0195 3840 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 17:13:53.0195 3840 BrUsbSer - ok 17:13:53.0211 3840 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 17:13:53.0211 3840 BTHMODEM - ok 17:13:53.0226 3840 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 17:13:53.0226 3840 bthserv - ok 17:13:53.0242 3840 catchme - ok 17:13:53.0258 3840 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 17:13:53.0258 3840 cdfs - ok 17:13:53.0289 3840 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 17:13:53.0289 3840 cdrom - ok 17:13:53.0320 3840 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 17:13:53.0320 3840 CertPropSvc - ok 17:13:53.0336 3840 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 17:13:53.0336 3840 circlass - ok 17:13:53.0351 3840 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 17:13:53.0367 3840 CLFS - ok 17:13:53.0398 3840 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 17:13:53.0398 3840 clr_optimization_v2.0.50727_32 - ok 17:13:53.0429 3840 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 17:13:53.0429 3840 clr_optimization_v2.0.50727_64 - ok 17:13:53.0460 3840 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 17:13:53.0460 3840 clr_optimization_v4.0.30319_32 - ok 17:13:53.0492 3840 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 17:13:53.0492 3840 clr_optimization_v4.0.30319_64 - ok 17:13:53.0507 3840 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 17:13:53.0507 3840 CmBatt - ok 17:13:53.0507 3840 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 17:13:53.0507 3840 cmdide - ok 17:13:53.0538 3840 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 17:13:53.0538 3840 CNG - ok 17:13:53.0554 3840 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 17:13:53.0554 3840 Compbatt - ok 17:13:53.0570 3840 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 17:13:53.0570 3840 CompositeBus - ok 17:13:53.0585 3840 COMSysApp - ok 17:13:53.0601 3840 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 17:13:53.0601 3840 crcdisk - ok 17:13:53.0616 3840 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 17:13:53.0616 3840 CryptSvc - ok 17:13:53.0648 3840 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys 17:13:53.0648 3840 CSC - ok 17:13:53.0663 3840 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll 17:13:53.0679 3840 CscService - ok 17:13:53.0726 3840 [ 958EF96991ABCCFDAC0953C4A24081DC ] DAZContentManagementService C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe 17:13:53.0726 3840 DAZContentManagementService - ok 17:13:53.0757 3840 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 17:13:53.0772 3840 DcomLaunch - ok 17:13:53.0788 3840 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 17:13:53.0788 3840 defragsvc - ok 17:13:53.0819 3840 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 17:13:53.0819 3840 DfsC - ok 17:13:53.0850 3840 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 17:13:53.0850 3840 Dhcp - ok 17:13:53.0866 3840 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 17:13:53.0866 3840 discache - ok 17:13:53.0882 3840 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 17:13:53.0882 3840 Disk - ok 17:13:53.0897 3840 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 17:13:53.0897 3840 Dnscache - ok 17:13:53.0928 3840 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 17:13:53.0928 3840 dot3svc - ok 17:13:53.0944 3840 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 17:13:53.0944 3840 DPS - ok 17:13:53.0960 3840 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 17:13:53.0960 3840 drmkaud - ok 17:13:53.0991 3840 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 17:13:53.0991 3840 DXGKrnl - ok 17:13:54.0022 3840 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 17:13:54.0022 3840 EapHost - ok 17:13:54.0069 3840 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 17:13:54.0116 3840 ebdrv - ok 17:13:54.0131 3840 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 17:13:54.0131 3840 EFS - ok 17:13:54.0162 3840 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 17:13:54.0162 3840 ehRecvr - ok 17:13:54.0178 3840 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 17:13:54.0178 3840 ehSched - ok 17:13:54.0194 3840 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 17:13:54.0194 3840 elxstor - ok 17:13:54.0225 3840 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 17:13:54.0225 3840 ErrDev - ok 17:13:54.0240 3840 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 17:13:54.0240 3840 EventSystem - ok 17:13:54.0256 3840 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 17:13:54.0256 3840 exfat - ok 17:13:54.0256 3840 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 17:13:54.0272 3840 fastfat - ok 17:13:54.0303 3840 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 17:13:54.0303 3840 Fax - ok 17:13:54.0318 3840 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 17:13:54.0318 3840 fdc - ok 17:13:54.0334 3840 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 17:13:54.0334 3840 fdPHost - ok 17:13:54.0334 3840 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 17:13:54.0334 3840 FDResPub - ok 17:13:54.0350 3840 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 17:13:54.0350 3840 FileInfo - ok 17:13:54.0350 3840 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 17:13:54.0365 3840 Filetrace - ok 17:13:54.0365 3840 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 17:13:54.0365 3840 flpydisk - ok 17:13:54.0381 3840 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 17:13:54.0381 3840 FltMgr - ok 17:13:54.0412 3840 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 17:13:54.0428 3840 FontCache - ok 17:13:54.0443 3840 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 17:13:54.0443 3840 FontCache3.0.0.0 - ok 17:13:54.0459 3840 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 17:13:54.0459 3840 FsDepends - ok 17:13:54.0474 3840 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 17:13:54.0474 3840 Fs_Rec - ok 17:13:54.0506 3840 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 17:13:54.0506 3840 fvevol - ok 17:13:54.0506 3840 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 17:13:54.0521 3840 gagp30kx - ok 17:13:54.0537 3840 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 17:13:54.0537 3840 GEARAspiWDM - ok 17:13:54.0568 3840 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 17:13:54.0568 3840 gpsvc - ok 17:13:54.0584 3840 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 17:13:54.0584 3840 hcw85cir - ok 17:13:54.0615 3840 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 17:13:54.0630 3840 HdAudAddService - ok 17:13:54.0646 3840 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 17:13:54.0646 3840 HDAudBus - ok 17:13:54.0646 3840 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 17:13:54.0646 3840 HidBatt - ok 17:13:54.0662 3840 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 17:13:54.0662 3840 HidBth - ok 17:13:54.0662 3840 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 17:13:54.0662 3840 HidIr - ok 17:13:54.0677 3840 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 17:13:54.0677 3840 hidserv - ok 17:13:54.0724 3840 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 17:13:54.0724 3840 HidUsb - ok 17:13:54.0755 3840 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 17:13:54.0755 3840 hkmsvc - ok 17:13:54.0755 3840 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 17:13:54.0755 3840 HomeGroupListener - ok 17:13:54.0771 3840 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 17:13:54.0771 3840 HomeGroupProvider - ok 17:13:54.0786 3840 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 17:13:54.0786 3840 HpSAMD - ok 17:13:54.0833 3840 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 17:13:54.0833 3840 HTTP - ok 17:13:54.0849 3840 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 17:13:54.0849 3840 hwpolicy - ok 17:13:54.0864 3840 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 17:13:54.0880 3840 i8042prt - ok 17:13:54.0896 3840 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 17:13:54.0896 3840 iaStorV - ok 17:13:54.0927 3840 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 17:13:54.0942 3840 idsvc - ok 17:13:54.0942 3840 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 17:13:54.0942 3840 iirsp - ok 17:13:54.0974 3840 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 17:13:54.0974 3840 IKEEXT - ok 17:13:55.0052 3840 [ C2F868881D48A568B525255F084EF063 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 17:13:55.0067 3840 IntcAzAudAddService - ok 17:13:55.0083 3840 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 17:13:55.0083 3840 intelide - ok 17:13:55.0098 3840 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 17:13:55.0098 3840 intelppm - ok 17:13:55.0114 3840 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 17:13:55.0114 3840 IPBusEnum - ok 17:13:55.0130 3840 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 17:13:55.0130 3840 IpFilterDriver - ok 17:13:55.0161 3840 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 17:13:55.0161 3840 iphlpsvc - ok 17:13:55.0161 3840 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 17:13:55.0161 3840 IPMIDRV - ok 17:13:55.0176 3840 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 17:13:55.0176 3840 IPNAT - ok 17:13:55.0223 3840 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 17:13:55.0223 3840 iPod Service - ok 17:13:55.0239 3840 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 17:13:55.0239 3840 IRENUM - ok 17:13:55.0239 3840 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 17:13:55.0239 3840 isapnp - ok 17:13:55.0270 3840 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 17:13:55.0270 3840 iScsiPrt - ok 17:13:55.0286 3840 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 17:13:55.0286 3840 kbdclass - ok 17:13:55.0301 3840 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 17:13:55.0301 3840 kbdhid - ok 17:13:55.0317 3840 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 17:13:55.0317 3840 KeyIso - ok 17:13:55.0332 3840 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 17:13:55.0332 3840 KSecDD - ok 17:13:55.0332 3840 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 17:13:55.0348 3840 KSecPkg - ok 17:13:55.0348 3840 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 17:13:55.0348 3840 ksthunk - ok 17:13:55.0364 3840 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 17:13:55.0379 3840 KtmRm - ok 17:13:55.0395 3840 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll 17:13:55.0395 3840 LanmanServer - ok 17:13:55.0426 3840 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 17:13:55.0426 3840 LanmanWorkstation - ok 17:13:55.0442 3840 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 17:13:55.0442 3840 lltdio - ok 17:13:55.0457 3840 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 17:13:55.0457 3840 lltdsvc - ok 17:13:55.0473 3840 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 17:13:55.0473 3840 lmhosts - ok 17:13:55.0504 3840 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 17:13:55.0504 3840 LSI_FC - ok 17:13:55.0520 3840 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 17:13:55.0520 3840 LSI_SAS - ok 17:13:55.0520 3840 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 17:13:55.0520 3840 LSI_SAS2 - ok 17:13:55.0535 3840 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 17:13:55.0535 3840 LSI_SCSI - ok 17:13:55.0551 3840 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 17:13:55.0551 3840 luafv - ok 17:13:55.0566 3840 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 17:13:55.0566 3840 MBAMProtector - ok 17:13:55.0629 3840 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 17:13:55.0629 3840 MBAMScheduler - ok 17:13:55.0660 3840 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 17:13:55.0660 3840 MBAMService - ok 17:13:55.0676 3840 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 17:13:55.0676 3840 Mcx2Svc - ok 17:13:55.0691 3840 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 17:13:55.0691 3840 megasas - ok 17:13:55.0707 3840 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 17:13:55.0707 3840 MegaSR - ok 17:13:55.0769 3840 [ D0067EAA04400314A1E95D70020F7403 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackupPro\MemeoBackgroundService.exe 17:13:55.0769 3840 MemeoBackgroundService - ok 17:13:55.0769 3840 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 17:13:55.0769 3840 MMCSS - ok 17:13:55.0785 3840 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 17:13:55.0785 3840 Modem - ok 17:13:55.0800 3840 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 17:13:55.0800 3840 monitor - ok 17:13:55.0800 3840 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 17:13:55.0800 3840 mouclass - ok 17:13:55.0832 3840 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 17:13:55.0832 3840 mouhid - ok 17:13:55.0863 3840 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 17:13:55.0863 3840 mountmgr - ok 17:13:55.0878 3840 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 17:13:55.0878 3840 mpio - ok 17:13:55.0894 3840 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 17:13:55.0894 3840 mpsdrv - ok 17:13:55.0910 3840 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 17:13:55.0925 3840 MpsSvc - ok 17:13:55.0941 3840 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 17:13:55.0956 3840 MRxDAV - ok 17:13:55.0972 3840 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 17:13:55.0972 3840 mrxsmb - ok 17:13:55.0988 3840 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 17:13:55.0988 3840 mrxsmb10 - ok 17:13:56.0003 3840 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 17:13:56.0003 3840 mrxsmb20 - ok 17:13:56.0019 3840 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 17:13:56.0019 3840 msahci - ok 17:13:56.0034 3840 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 17:13:56.0034 3840 msdsm - ok 17:13:56.0050 3840 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 17:13:56.0050 3840 MSDTC - ok 17:13:56.0050 3840 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 17:13:56.0050 3840 Msfs - ok 17:13:56.0066 3840 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 17:13:56.0066 3840 mshidkmdf - ok 17:13:56.0081 3840 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 17:13:56.0081 3840 msisadrv - ok 17:13:56.0097 3840 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 17:13:56.0097 3840 MSiSCSI - ok 17:13:56.0097 3840 msiserver - ok 17:13:56.0112 3840 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 17:13:56.0112 3840 MSKSSRV - ok 17:13:56.0112 3840 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 17:13:56.0112 3840 MSPCLOCK - ok 17:13:56.0128 3840 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 17:13:56.0128 3840 MSPQM - ok 17:13:56.0159 3840 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 17:13:56.0159 3840 MsRPC - ok 17:13:56.0159 3840 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 17:13:56.0159 3840 mssmbios - ok 17:13:56.0175 3840 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 17:13:56.0175 3840 MSTEE - ok 17:13:56.0175 3840 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 17:13:56.0190 3840 MTConfig - ok 17:13:56.0206 3840 [ 2219A3D695405E7BA2186BA6B9EDE14A ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys 17:13:56.0206 3840 MTsensor - ok 17:13:56.0222 3840 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 17:13:56.0222 3840 Mup - ok 17:13:56.0253 3840 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 17:13:56.0253 3840 napagent - ok 17:13:56.0268 3840 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 17:13:56.0268 3840 NativeWifiP - ok 17:13:56.0315 3840 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 17:13:56.0315 3840 NDIS - ok 17:13:56.0331 3840 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 17:13:56.0331 3840 NdisCap - ok 17:13:56.0346 3840 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 17:13:56.0346 3840 NdisTapi - ok 17:13:56.0378 3840 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 17:13:56.0378 3840 Ndisuio - ok 17:13:56.0393 3840 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 17:13:56.0393 3840 NdisWan - ok 17:13:56.0409 3840 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 17:13:56.0409 3840 NDProxy - ok 17:13:56.0409 3840 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 17:13:56.0424 3840 NetBIOS - ok 17:13:56.0440 3840 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 17:13:56.0440 3840 NetBT - ok 17:13:56.0456 3840 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 17:13:56.0456 3840 Netlogon - ok 17:13:56.0487 3840 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 17:13:56.0487 3840 Netman - ok 17:13:56.0502 3840 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 17:13:56.0502 3840 netprofm - ok 17:13:56.0518 3840 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 17:13:56.0518 3840 NetTcpPortSharing - ok 17:13:56.0534 3840 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 17:13:56.0534 3840 nfrd960 - ok 17:13:56.0549 3840 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 17:13:56.0549 3840 NlaSvc - ok 17:13:56.0565 3840 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 17:13:56.0565 3840 Npfs - ok 17:13:56.0565 3840 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 17:13:56.0565 3840 nsi - ok 17:13:56.0580 3840 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 17:13:56.0580 3840 nsiproxy - ok 17:13:56.0612 3840 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 17:13:56.0643 3840 Ntfs - ok 17:13:56.0658 3840 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 17:13:56.0658 3840 Null - ok 17:13:56.0674 3840 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys 17:13:56.0674 3840 NVENETFD - ok 17:13:56.0846 3840 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 17:13:56.0892 3840 nvlddmkm - ok 17:13:56.0939 3840 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 17:13:56.0939 3840 nvraid - ok 17:13:56.0955 3840 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 17:13:56.0955 3840 nvstor - ok 17:13:57.0002 3840 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe 17:13:57.0017 3840 nvsvc - ok 17:13:57.0048 3840 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 17:13:57.0048 3840 nvUpdatusService - ok 17:13:57.0064 3840 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 17:13:57.0064 3840 nv_agp - ok 17:13:57.0126 3840 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 17:13:57.0126 3840 odserv - ok 17:13:57.0142 3840 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 17:13:57.0142 3840 ohci1394 - ok 17:13:57.0173 3840 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 17:13:57.0173 3840 ose - ok 17:13:57.0204 3840 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 17:13:57.0204 3840 p2pimsvc - ok 17:13:57.0220 3840 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 17:13:57.0236 3840 p2psvc - ok 17:13:57.0251 3840 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 17:13:57.0251 3840 Parport - ok 17:13:57.0267 3840 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 17:13:57.0282 3840 partmgr - ok 17:13:57.0282 3840 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 17:13:57.0298 3840 PcaSvc - ok 17:13:57.0298 3840 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 17:13:57.0298 3840 pci - ok 17:13:57.0314 3840 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 17:13:57.0314 3840 pciide - ok 17:13:57.0314 3840 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 17:13:57.0329 3840 pcmcia - ok 17:13:57.0329 3840 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 17:13:57.0329 3840 pcw - ok 17:13:57.0345 3840 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 17:13:57.0345 3840 PEAUTH - ok 17:13:57.0392 3840 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 17:13:57.0423 3840 PeerDistSvc - ok 17:13:57.0454 3840 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 17:13:57.0454 3840 PerfHost - ok 17:13:57.0501 3840 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 17:13:57.0516 3840 pla - ok 17:13:57.0548 3840 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 17:13:57.0548 3840 PlugPlay - ok 17:13:57.0563 3840 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 17:13:57.0563 3840 PNRPAutoReg - ok 17:13:57.0579 3840 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 17:13:57.0579 3840 PNRPsvc - ok 17:13:57.0610 3840 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 17:13:57.0610 3840 PolicyAgent - ok 17:13:57.0626 3840 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 17:13:57.0626 3840 Power - ok 17:13:57.0641 3840 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 17:13:57.0641 3840 PptpMiniport - ok 17:13:57.0657 3840 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 17:13:57.0657 3840 Processor - ok 17:13:57.0688 3840 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 17:13:57.0688 3840 ProfSvc - ok 17:13:57.0704 3840 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 17:13:57.0704 3840 ProtectedStorage - ok 17:13:57.0719 3840 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 17:13:57.0719 3840 Psched - ok 17:13:57.0735 3840 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 17:13:57.0766 3840 ql2300 - ok 17:13:57.0766 3840 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 17:13:57.0766 3840 ql40xx - ok 17:13:57.0797 3840 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 17:13:57.0797 3840 QWAVE - ok 17:13:57.0813 3840 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 17:13:57.0813 3840 QWAVEdrv - ok 17:13:57.0828 3840 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 17:13:57.0828 3840 RasAcd - ok 17:13:57.0844 3840 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 17:13:57.0844 3840 RasAgileVpn - ok 17:13:57.0844 3840 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 17:13:57.0844 3840 RasAuto - ok 17:13:57.0875 3840 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 17:13:57.0875 3840 Rasl2tp - ok 17:13:57.0891 3840 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 17:13:57.0891 3840 RasMan - ok 17:13:57.0906 3840 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 17:13:57.0906 3840 RasPppoe - ok 17:13:57.0906 3840 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 17:13:57.0906 3840 RasSstp - ok 17:13:57.0938 3840 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 17:13:57.0938 3840 rdbss - ok 17:13:57.0953 3840 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 17:13:57.0953 3840 rdpbus - ok 17:13:57.0969 3840 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 17:13:57.0969 3840 RDPCDD - ok 17:13:57.0984 3840 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 17:13:57.0984 3840 RDPDR - ok 17:13:58.0000 3840 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 17:13:58.0000 3840 RDPENCDD - ok 17:13:58.0016 3840 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 17:13:58.0016 3840 RDPREFMP - ok 17:13:58.0031 3840 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 17:13:58.0031 3840 RDPWD - ok 17:13:58.0047 3840 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 17:13:58.0047 3840 rdyboost - ok 17:13:58.0078 3840 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 17:13:58.0078 3840 RemoteAccess - ok 17:13:58.0078 3840 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 17:13:58.0094 3840 RemoteRegistry - ok 17:13:58.0109 3840 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 17:13:58.0109 3840 RpcEptMapper - ok 17:13:58.0125 3840 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 17:13:58.0140 3840 RpcLocator - ok 17:13:58.0156 3840 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 17:13:58.0156 3840 RpcSs - ok 17:13:58.0156 3840 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 17:13:58.0172 3840 rspndr - ok 17:13:58.0187 3840 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 17:13:58.0187 3840 RTL8167 - ok 17:13:58.0203 3840 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 17:13:58.0203 3840 s3cap - ok 17:13:58.0218 3840 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 17:13:58.0218 3840 SamSs - ok 17:13:58.0234 3840 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 17:13:58.0234 3840 sbp2port - ok 17:13:58.0281 3840 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 17:13:58.0281 3840 SBSDWSCService - ok 17:13:58.0296 3840 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 17:13:58.0296 3840 SCardSvr - ok 17:13:58.0312 3840 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 17:13:58.0328 3840 scfilter - ok 17:13:58.0343 3840 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 17:13:58.0359 3840 Schedule - ok 17:13:58.0374 3840 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 17:13:58.0374 3840 SCPolicySvc - ok 17:13:58.0406 3840 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 17:13:58.0406 3840 SDRSVC - ok 17:13:58.0421 3840 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 17:13:58.0421 3840 secdrv - ok 17:13:58.0437 3840 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 17:13:58.0437 3840 seclogon - ok 17:13:58.0452 3840 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll 17:13:58.0452 3840 SENS - ok 17:13:58.0468 3840 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 17:13:58.0468 3840 SensrSvc - ok 17:13:58.0484 3840 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 17:13:58.0484 3840 Serenum - ok 17:13:58.0484 3840 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 17:13:58.0484 3840 Serial - ok 17:13:58.0499 3840 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 17:13:58.0499 3840 sermouse - ok 17:13:58.0530 3840 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 17:13:58.0530 3840 SessionEnv - ok 17:13:58.0546 3840 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 17:13:58.0546 3840 sffdisk - ok 17:13:58.0546 3840 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 17:13:58.0562 3840 sffp_mmc - ok 17:13:58.0562 3840 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 17:13:58.0562 3840 sffp_sd - ok 17:13:58.0577 3840 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 17:13:58.0577 3840 sfloppy - ok 17:13:58.0593 3840 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 17:13:58.0593 3840 SharedAccess - ok 17:13:58.0608 3840 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 17:13:58.0608 3840 ShellHWDetection - ok 17:13:58.0624 3840 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 17:13:58.0624 3840 SiSRaid2 - ok 17:13:58.0640 3840 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 17:13:58.0640 3840 SiSRaid4 - ok 17:13:58.0655 3840 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 17:13:58.0655 3840 Smb - ok 17:13:58.0686 3840 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 17:13:58.0686 3840 SNMPTRAP - ok 17:13:58.0686 3840 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 17:13:58.0686 3840 spldr - ok 17:13:58.0718 3840 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 17:13:58.0718 3840 Spooler - ok 17:13:58.0764 3840 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 17:13:58.0796 3840 sppsvc - ok 17:13:58.0827 3840 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 17:13:58.0827 3840 sppuinotify - ok 17:13:58.0842 3840 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 17:13:58.0842 3840 srv - ok 17:13:58.0858 3840 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 17:13:58.0874 3840 srv2 - ok 17:13:58.0874 3840 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 17:13:58.0889 3840 srvnet - ok 17:13:58.0905 3840 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 17:13:58.0905 3840 SSDPSRV - ok 17:13:58.0920 3840 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 17:13:58.0920 3840 SstpSvc - ok 17:13:58.0967 3840 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 17:13:58.0967 3840 Stereo Service - ok 17:13:58.0983 3840 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 17:13:58.0983 3840 stexstor - ok 17:13:58.0998 3840 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 17:13:58.0998 3840 stisvc - ok 17:13:59.0014 3840 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 17:13:59.0014 3840 storflt - ok 17:13:59.0045 3840 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll 17:13:59.0045 3840 StorSvc - ok 17:13:59.0061 3840 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 17:13:59.0061 3840 storvsc - ok 17:13:59.0076 3840 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 17:13:59.0076 3840 swenum - ok 17:13:59.0092 3840 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 17:13:59.0092 3840 swprv - ok 17:13:59.0139 3840 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 17:13:59.0170 3840 SysMain - ok 17:13:59.0170 3840 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 17:13:59.0170 3840 TabletInputService - ok 17:13:59.0186 3840 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 17:13:59.0201 3840 TapiSrv - ok 17:13:59.0217 3840 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 17:13:59.0217 3840 TBS - ok 17:13:59.0248 3840 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 17:13:59.0264 3840 Tcpip - ok 17:13:59.0295 3840 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 17:13:59.0295 3840 TCPIP6 - ok 17:13:59.0310 3840 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 17:13:59.0310 3840 tcpipreg - ok 17:13:59.0326 3840 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 17:13:59.0326 3840 TDPIPE - ok 17:13:59.0342 3840 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 17:13:59.0342 3840 TDTCP - ok 17:13:59.0357 3840 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 17:13:59.0357 3840 tdx - ok 17:13:59.0373 3840 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 17:13:59.0373 3840 TermDD - ok 17:13:59.0388 3840 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 17:13:59.0404 3840 TermService - ok 17:13:59.0420 3840 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 17:13:59.0420 3840 Themes - ok 17:13:59.0420 3840 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 17:13:59.0420 3840 THREADORDER - ok 17:13:59.0482 3840 [ 4DE3FAEE834E9EF5151A71866F6DB55D ] TivoBeacon2 C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe 17:13:59.0498 3840 TivoBeacon2 - ok 17:13:59.0513 3840 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 17:13:59.0513 3840 TrkWks - ok 17:13:59.0544 3840 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 17:13:59.0544 3840 TrustedInstaller - ok 17:13:59.0560 3840 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 17:13:59.0560 3840 tssecsrv - ok 17:13:59.0591 3840 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 17:13:59.0591 3840 TsUsbFlt - ok 17:13:59.0607 3840 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 17:13:59.0622 3840 tunnel - ok 17:13:59.0622 3840 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 17:13:59.0622 3840 uagp35 - ok 17:13:59.0638 3840 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 17:13:59.0654 3840 udfs - ok 17:13:59.0669 3840 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 17:13:59.0669 3840 UI0Detect - ok 17:13:59.0685 3840 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 17:13:59.0685 3840 uliagpkx - ok 17:13:59.0700 3840 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys 17:13:59.0700 3840 umbus - ok 17:13:59.0716 3840 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 17:13:59.0716 3840 UmPass - ok 17:13:59.0732 3840 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 17:13:59.0732 3840 UmRdpService - ok 17:13:59.0747 3840 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 17:13:59.0747 3840 upnphost - ok 17:13:59.0763 3840 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 17:13:59.0778 3840 USBAAPL64 - ok 17:13:59.0778 3840 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 17:13:59.0778 3840 usbccgp - ok 17:13:59.0810 3840 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 17:13:59.0810 3840 usbcir - ok 17:13:59.0810 3840 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 17:13:59.0810 3840 usbehci - ok 17:13:59.0841 3840 [ 68BAD03835873D4BBBDE95CBB135A395 ] UsbFltr C:\Windows\system32\Drivers\UsbFltr.sys 17:13:59.0841 3840 UsbFltr - ok 17:13:59.0856 3840 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 17:13:59.0856 3840 usbhub - ok 17:13:59.0856 3840 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 17:13:59.0856 3840 usbohci - ok 17:13:59.0872 3840 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 17:13:59.0872 3840 usbprint - ok 17:13:59.0888 3840 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 17:13:59.0888 3840 USBSTOR - ok 17:13:59.0888 3840 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 17:13:59.0888 3840 usbuhci - ok 17:13:59.0903 3840 USTOR2K - ok 17:13:59.0919 3840 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 17:13:59.0919 3840 UxSms - ok 17:13:59.0919 3840 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 17:13:59.0919 3840 VaultSvc - ok 17:13:59.0950 3840 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 17:13:59.0950 3840 vdrvroot - ok 17:13:59.0981 3840 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 17:13:59.0997 3840 vds - ok 17:13:59.0997 3840 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 17:14:00.0012 3840 vga - ok 17:14:00.0012 3840 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 17:14:00.0012 3840 VgaSave - ok 17:14:00.0044 3840 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 17:14:00.0044 3840 vhdmp - ok 17:14:00.0059 3840 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 17:14:00.0059 3840 viaide - ok 17:14:00.0075 3840 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 17:14:00.0075 3840 vmbus - ok 17:14:00.0075 3840 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 17:14:00.0090 3840 VMBusHID - ok 17:14:00.0106 3840 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 17:14:00.0106 3840 volmgr - ok 17:14:00.0137 3840 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 17:14:00.0137 3840 volmgrx - ok 17:14:00.0153 3840 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 17:14:00.0153 3840 volsnap - ok 17:14:00.0168 3840 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 17:14:00.0168 3840 vsmraid - ok 17:14:00.0200 3840 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 17:14:00.0231 3840 VSS - ok 17:14:00.0231 3840 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 17:14:00.0231 3840 vwifibus - ok 17:14:00.0278 3840 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 17:14:00.0278 3840 W32Time - ok 17:14:00.0278 3840 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 17:14:00.0293 3840 WacomPen - ok 17:14:00.0309 3840 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 17:14:00.0309 3840 WANARP - ok 17:14:00.0309 3840 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 17:14:00.0309 3840 Wanarpv6 - ok 17:14:00.0340 3840 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 17:14:00.0371 3840 WatAdminSvc - ok 17:14:00.0402 3840 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 17:14:00.0434 3840 wbengine - ok 17:14:00.0449 3840 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 17:14:00.0449 3840 WbioSrvc - ok 17:14:00.0480 3840 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 17:14:00.0480 3840 wcncsvc - ok 17:14:00.0480 3840 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 17:14:00.0480 3840 WcsPlugInService - ok 17:14:00.0496 3840 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 17:14:00.0496 3840 Wd - ok 17:14:00.0527 3840 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 17:14:00.0543 3840 Wdf01000 - ok 17:14:00.0543 3840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 17:14:00.0558 3840 WdiServiceHost - ok 17:14:00.0558 3840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 17:14:00.0558 3840 WdiSystemHost - ok 17:14:00.0574 3840 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 17:14:00.0574 3840 WebClient - ok 17:14:00.0590 3840 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 17:14:00.0590 3840 Wecsvc - ok 17:14:00.0605 3840 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 17:14:00.0605 3840 wercplsupport - ok 17:14:00.0621 3840 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 17:14:00.0621 3840 WerSvc - ok 17:14:00.0636 3840 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 17:14:00.0636 3840 WfpLwf - ok 17:14:00.0652 3840 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 17:14:00.0652 3840 WIMMount - ok 17:14:00.0652 3840 WinDefend - ok 17:14:00.0668 3840 WinHttpAutoProxySvc - ok 17:14:00.0699 3840 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 17:14:00.0699 3840 Winmgmt - ok 17:14:00.0746 3840 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 17:14:00.0761 3840 WinRM - ok 17:14:00.0792 3840 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 17:14:00.0808 3840 Wlansvc - ok 17:14:00.0839 3840 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 17:14:00.0839 3840 WmiAcpi - ok 17:14:00.0870 3840 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 17:14:00.0870 3840 wmiApSrv - ok 17:14:00.0886 3840 WMPNetworkSvc - ok 17:14:00.0902 3840 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 17:14:00.0902 3840 WPCSvc - ok 17:14:00.0933 3840 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 17:14:00.0933 3840 WPDBusEnum - ok 17:14:00.0948 3840 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 17:14:00.0948 3840 ws2ifsl - ok 17:14:00.0964 3840 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 17:14:00.0964 3840 wscsvc - ok 17:14:00.0980 3840 WSearch - ok 17:14:01.0026 3840 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 17:14:01.0042 3840 wuauserv - ok 17:14:01.0058 3840 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 17:14:01.0058 3840 WudfPf - ok 17:14:01.0073 3840 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 17:14:01.0073 3840 WUDFRd - ok 17:14:01.0104 3840 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 17:14:01.0104 3840 wudfsvc - ok 17:14:01.0120 3840 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 17:14:01.0120 3840 WwanSvc - ok 17:14:01.0120 3840 ================ Scan global =============================== 17:14:01.0136 3840 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 17:14:01.0167 3840 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 17:14:01.0182 3840 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 17:14:01.0198 3840 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 17:14:01.0214 3840 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 17:14:01.0214 3840 [Global] - ok 17:14:01.0214 3840 ================ Scan MBR ================================== 17:14:01.0214 3840 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2 17:14:01.0307 3840 \Device\Harddisk2\DR2 - ok 17:14:01.0323 3840 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 17:14:01.0323 3840 Suspicious mbr (Forged): \Device\Harddisk0\DR0 17:14:01.0370 3840 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected 17:14:01.0370 3840 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0) 17:14:01.0432 3840 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 17:14:01.0432 3840 \Device\Harddisk0\DR0 - detected TDSS File System (1) 17:14:01.0432 3840 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1 17:14:01.0635 3840 \Device\Harddisk1\DR1 - ok 17:14:01.0635 3840 ================ Scan VBR ================================== 17:14:01.0635 3840 [ B1FE8DBABFD3A74283B7D3E455C52A3D ] \Device\Harddisk2\DR2\Partition1 17:14:01.0635 3840 \Device\Harddisk2\DR2\Partition1 - ok 17:14:01.0635 3840 [ 16EFC8C64E0CF222BA05584B82E62A82 ] \Device\Harddisk0\DR0\Partition1 17:14:01.0635 3840 \Device\Harddisk0\DR0\Partition1 - ok 17:14:01.0635 3840 [ 94D9420588193CF908B782161F6A7BFC ] \Device\Harddisk0\DR0\Partition2 17:14:01.0635 3840 \Device\Harddisk0\DR0\Partition2 - ok 17:14:01.0635 3840 [ E69EB3FEE1D4493D8900E2FF4CE2E6A8 ] \Device\Harddisk1\DR1\Partition1 17:14:01.0635 3840 \Device\Harddisk1\DR1\Partition1 - ok 17:14:01.0635 3840 ============================================================ 17:14:01.0635 3840 Scan finished 17:14:01.0635 3840 ============================================================ 17:14:01.0650 3424 Detected object count: 2 17:14:01.0650 3424 Actual detected object count: 2 17:14:36.0829 3424 \Device\Harddisk0\DR0\# - copied to quarantine 17:14:36.0829 3424 \Device\Harddisk0\DR0 - copied to quarantine 17:14:36.0875 3424 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine 17:14:36.0875 3424 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine 17:14:36.0875 3424 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 17:14:36.0891 3424 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 17:14:36.0891 3424 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine 17:14:36.0891 3424 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine 17:14:36.0891 3424 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine 17:14:36.0891 3424 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 17:14:36.0891 3424 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 17:14:36.0891 3424 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine 17:14:36.0891 3424 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine 17:14:36.0891 3424 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine 17:14:36.0922 3424 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot 17:14:36.0922 3424 \Device\Harddisk0\DR0 - ok 17:14:42.0523 3424 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure 17:14:42.0523 3424 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 17:14:42.0523 3424 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 17:15:16.0843 3820 Deinitialize success 17:16:44.0622 2536 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 17:16:44.0732 2536 ============================================================ 17:16:44.0732 2536 Current date / time: 2012/12/02 17:16:44.0732 17:16:44.0732 2536 SystemInfo: 17:16:44.0732 2536 17:16:44.0732 2536 OS Version: 6.1.7601 ServicePack: 1.0 17:16:44.0732 2536 Product type: Workstation 17:16:44.0732 2536 ComputerName: JOE-PC 17:16:44.0732 2536 UserName: Joe 17:16:44.0732 2536 Windows directory: C:\Windows 17:16:44.0732 2536 System windows directory: C:\Windows 17:16:44.0732 2536 Running under WOW64 17:16:44.0732 2536 Processor architecture: Intel x64 17:16:44.0732 2536 Number of processors: 8 17:16:44.0732 2536 Page size: 0x1000 17:16:44.0732 2536 Boot type: Normal boot 17:16:44.0732 2536 ============================================================ 17:16:45.0621 2536 BG loaded 17:16:45.0917 2536 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:16:45.0917 2536 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:16:45.0933 2536 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:16:45.0948 2536 ============================================================ 17:16:45.0948 2536 \Device\Harddisk2\DR2: 17:16:45.0948 2536 MBR partitions: 17:16:45.0948 2536 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800 17:16:45.0948 2536 \Device\Harddisk0\DR0: 17:16:45.0948 2536 MBR partitions: 17:16:45.0948 2536 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 17:16:45.0948 2536 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800 17:16:45.0948 2536 \Device\Harddisk1\DR1: 17:16:45.0948 2536 MBR partitions: 17:16:45.0948 2536 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1 17:16:45.0948 2536 ============================================================ 17:16:45.0995 2536 C: <-> \Device\Harddisk0\DR0\Partition2 17:16:46.0026 2536 E: <-> \Device\Harddisk1\DR1\Partition1 17:16:46.0026 2536 F: <-> \Device\Harddisk2\DR2\Partition1 17:16:46.0026 2536 ============================================================ 17:16:46.0026 2536 Initialize success 17:16:46.0026 2536 ============================================================ Malwarebytes Anti-Rootkit 1.1.0.1009 www.malwarebytes.org Database version: v2012.12.02.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Joe :: JOE-PC [administrator] 12/2/2012 5:26:16 PM mbar-log-2012-12-02 (17-26-16).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: PUP | PUM | P2P Objects scanned: 27175 Time elapsed: 4 minute(s), 43 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Malwarebytes Anti-Rootkit 1.1.0.1009 www.malwarebytes.org Database version: v2012.12.02.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Joe :: JOE-PC [administrator] 12/2/2012 5:34:45 PM mbar-log-2012-12-02 (17-34-45).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: PUP | PUM | P2P Objects scanned: 27164 Time elapsed: 4 minute(s), 51 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  7. DesertLion
    Hi again. I was unable to disable all of the norton services as they were grayed out in my services menu. Rather than fight through that, I've temporarily uninstalled Norton Antivirus so that I could run ComboFix. ComboFix 12-12-01.02 - Joe 12/02/2012 10:35:35.1.8 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.12278.10313 [GMT -6:00] Running from: c:\users\Joe\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Joe\AppData\Local\TempDIR c:\windows\svchost.exe . . ((((((((((((((((((((((((( Files Created from 2012-11-02 to 2012-12-02 ))))))))))))))))))))))))))))))) . . 2012-12-02 16:38 . 2012-12-02 16:38 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-02 04:45 . 2012-12-02 04:45 -------- d-----w- c:\users\Joe\AppData\Roaming\Malwarebytes 2012-12-02 04:45 . 2012-12-02 04:45 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-12-02 04:45 . 2012-12-02 04:45 -------- d-----w- c:\programdata\Malwarebytes 2012-12-02 04:45 . 2012-09-30 01:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-12-02 04:10 . 2012-12-02 04:10 -------- d-----w- c:\program files (x86)\PC Tools 2012-12-02 04:08 . 2012-12-02 04:51 -------- d-----w- c:\program files (x86)\Common Files\PC Tools 2012-12-02 04:08 . 2012-11-01 21:35 253256 ----a-w- c:\windows\system32\drivers\PCTSD64.sys 2012-12-02 04:08 . 2012-12-02 04:44 -------- d-----w- c:\programdata\PC Tools 2012-12-02 04:08 . 2012-12-02 04:08 -------- d-----w- c:\users\Joe\AppData\Roaming\TestApp 2012-11-19 23:07 . 2012-11-19 23:07 -------- d-----w- c:\programdata\OptiTex 2012-11-17 23:29 . 2012-11-17 23:30 -------- d-----w- c:\users\UpdatusUser 2012-11-17 23:29 . 2012-11-17 23:30 -------- d-----w- c:\program files (x86)\NVIDIA Corporation 2012-11-17 23:29 . 2012-12-02 14:43 -------- d-----w- c:\programdata\NVIDIA 2012-11-17 23:29 . 2012-10-02 19:51 3293544 ----a-w- c:\windows\system32\nvsvc64.dll 2012-11-17 23:29 . 2012-10-02 19:51 6200680 ----a-w- c:\windows\system32\nvcpl.dll 2012-11-17 23:29 . 2012-10-02 19:50 891240 ----a-w- c:\windows\system32\nvvsvc.exe 2012-11-17 23:29 . 2012-10-02 19:50 63336 ----a-w- c:\windows\system32\nvshext.dll 2012-11-17 23:29 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll 2012-11-17 23:29 . 2012-10-02 19:50 118120 ----a-w- c:\windows\system32\nvmctray.dll 2012-11-14 12:10 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-11-14 12:10 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-11-14 12:10 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui 2012-11-14 12:10 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-11-14 12:05 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll 2012-11-14 12:05 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll 2012-11-14 12:05 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2012-11-14 12:05 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2012-11-14 12:05 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe 2012-11-14 12:05 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll 2012-11-14 12:05 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2012-11-14 12:02 . 2012-10-03 17:56 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-11-14 12:02 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll 2012-11-14 12:02 . 2012-10-03 17:44 303104 ----a-w- c:\windows\system32\nlasvc.dll 2012-11-14 12:02 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll 2012-11-14 12:02 . 2012-10-03 17:44 18944 ----a-w- c:\windows\system32\netevent.dll 2012-11-14 12:02 . 2012-10-03 17:44 216576 ----a-w- c:\windows\system32\ncsi.dll 2012-11-14 12:02 . 2012-10-03 17:42 569344 ----a-w- c:\windows\system32\iphlpsvc.dll 2012-11-14 12:02 . 2012-10-03 16:42 18944 ----a-w- c:\windows\SysWow64\netevent.dll 2012-11-14 12:02 . 2012-10-03 16:42 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll 2012-11-14 12:02 . 2012-10-03 16:42 156672 ----a-w- c:\windows\SysWow64\ncsi.dll 2012-11-14 12:02 . 2012-10-03 16:07 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-11-14 12:02 . 2012-01-13 07:12 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll 2012-11-14 11:56 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll 2012-11-14 11:56 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll 2012-11-14 11:53 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-11-14 11:53 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-11-14 11:53 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll 2012-11-14 11:53 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll 2012-11-14 11:53 . 2012-10-18 18:25 3149824 ----a-w- c:\windows\system32\win32k.sys 2012-11-06 23:33 . 2012-11-06 23:33 -------- d-----w- c:\windows\[systemFolder] 2012-11-06 01:56 . 2012-11-06 01:56 -------- d-----w- c:\users\Joe\AppData\Roaming\CocotronLibrary . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-19 14:06 . 2012-08-16 01:46 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-11-19 14:06 . 2012-08-16 01:46 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-11-14 12:06 . 2012-08-16 00:03 66395536 ----a-w- c:\windows\system32\MRT.exe 2012-10-16 08:38 . 2012-11-28 11:04 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38 . 2012-11-28 11:04 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39 . 2012-11-28 11:04 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-11 03:23 . 2012-10-11 03:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2012-10-11 03:23 . 2012-10-11 03:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll 2012-10-11 03:23 . 2012-10-11 03:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll 2012-10-11 03:23 . 2012-10-11 03:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll 2012-10-11 03:23 . 2012-10-11 03:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-10-11 03:23 . 2012-10-11 03:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll 2012-10-11 03:23 . 2012-10-11 03:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll 2012-10-11 03:23 . 2012-10-11 03:23 2731880 ----a-w- c:\windows\system32\nvapi64.dll 2012-10-11 03:23 . 2012-10-11 03:23 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-10-11 03:23 . 2012-10-11 03:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll 2012-10-11 03:23 . 2012-10-11 03:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-10-11 03:23 . 2012-10-11 03:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-10-11 03:23 . 2012-10-11 03:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2012-10-11 03:22 . 2012-10-11 03:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-10-11 03:22 . 2012-10-11 03:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll 2012-10-11 03:22 . 2012-02-10 03:43 1760104 ----a-w- c:\windows\system32\nvdispco64.dll 2012-10-11 03:22 . 2012-10-11 03:22 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-10-11 03:22 . 2012-10-11 03:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll 2012-10-11 03:22 . 2012-10-11 03:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2012-10-11 03:22 . 2012-10-11 03:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-10-11 03:22 . 2012-10-11 03:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-10-02 19:15 . 2012-10-02 19:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2012-09-14 19:19 . 2012-10-10 10:08 2048 ----a-w- c:\windows\system32\tzres.dll 2012-09-14 18:28 . 2012-10-10 10:08 2048 ----a-w- c:\windows\SysWow64\tzres.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "Calendarscope"="c:\program files (x86)\Calendarscope\csde.exe" [2012-09-17 2848696] "TivoTransfer"="c:\program files (x86)\TiVo\Desktop\TiVoTransfer.exe" [2010-08-24 608528] "TranscodingService"="c:\program files (x86)\TiVo\Desktop\Plus\\TranscodingService.exe" [2010-08-24 856336] "TivoNotify"="c:\program files (x86)\TiVo\Desktop\TiVoNotify.exe" [2010-08-24 437520] "TivoServer"="c:\program files (x86)\TiVo\Desktop\TiVoServer.exe" [2010-08-24 2264336] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "Memeo Backup Premium"="c:\program files (x86)\Memeo\AutoBackupPro\MemeoLauncher2.exe" [2012-04-14 131072] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x] S4 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAVx64\1402000.013\ccSetx64.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - ASWMBR *Deregistered* - aswMBR . Contents of the 'Scheduled Tasks' folder . 2012-11-19 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job - c:\program files (x86)\Spybot - Search & Destroy\SpybotSD.exe [2012-08-16 22:31] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.yahoo.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local;<local> IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 Trusted Zone: comiclife.com TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS REMOVED - - - - . WebBrowser-{A13C2648-91D4-4BF3-BC6D-0079707C4389} - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-12-02 10:40:19 ComboFix-quarantined-files.txt 2012-12-02 16:40 . Pre-Run: 908,337,442,816 bytes free Post-Run: 908,470,022,144 bytes free . - - End Of File - - 35FE22B65D62B1408DE6ECDAF29463D2
  8. DesertLion
    aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software Run date: 2012-12-02 09:51:39 ----------------------------- 09:51:39.533 OS Version: Windows x64 6.1.7601 Service Pack 1 09:51:39.533 Number of processors: 8 586 0x1A05 09:51:39.533 ComputerName: JOE-PC UserName: Joe 09:51:41.311 Initialize success 09:51:49.862 AVAST engine download error: 0 09:52:02.248 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3 09:52:02.264 Disk 0 Vendor: ST31000528AS CC37 Size: 953869MB BusType: 3 09:52:02.264 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T1L0-5 09:52:02.264 Disk 1 Vendor: ST3320620AS 3.AAE Size: 305245MB BusType: 3 09:52:02.264 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP2T1L0-7 09:52:02.264 Disk 2 Vendor: Hitachi_HDS721010CLA332 JP4OA25C Size: 953869MB BusType: 3 09:52:02.264 Device \Driver\atapi -> MajorFunction fffffa800b89a5e8 09:52:02.264 Disk 0 MBR read successfully 09:52:02.264 Disk 0 MBR scan 09:52:02.264 Disk 0 Windows 7 default MBR code 09:52:02.279 Disk 0 MBR hidden 09:52:02.279 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 09:52:02.295 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848 09:52:02.310 Disk 0 scanning C:\Windows\system32\drivers 09:52:07.989 Service scanning 09:52:18.082 Modules scanning 09:52:18.082 Disk 0 trace - called modules: 09:52:18.082 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa800b89a5e8]<< 09:52:18.082 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800adfd790] 09:52:18.082 3 CLASSPNP.SYS[fffff88001b8d43f] -> nt!IofCallDriver -> [0xfffffa800abba520] 09:52:18.082 5 ACPI.sys[fffff88000d4c7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0xfffffa800abbf060] 09:52:18.098 \Driver\atapi[0xfffffa8009d75e70] -> IRP_MJ_CREATE -> 0xfffffa800b89a5e8 09:52:18.098 Scan finished successfully 09:52:33.058 Disk 0 MBR has been saved successfully to "C:\Users\Joe\Desktop\MBR.dat" 09:52:33.058 The log file has been saved successfully to "C:\Users\Joe\Desktop\aswMBR.txt" MBR.zip
  9. DesertLion
    Hi, when someone has a moment, I am needing some expert assistance to deal with this issue. Spybot located it, but does not seem to be able to completely remove it - as it comes back after a restart. I have disconnected the infected PC from the internet and am working from a laptop. Per the sticky topic at the head of the forum, I have pasted the dds output below. My appologies in advance if I overlooked a step or instruction for posting issues. Thank you for your time. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16455 Run by Joe at 9:13:52 on 2012-12-02 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.12278.10210 [GMT -6:00] . AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Memeo\AutoBackupPro\MemeoBackgroundService.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Norton AntiVirus\Engine\20.2.0.19\ccSvcHst.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\ccSvcHst.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files (x86)\Norton AntiVirus\Engine\20.2.0.19\ccSvcHst.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\ccSvcHst.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\Calendarscope\csde.exe C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\Memeo\AutoBackupPro\MemeoBackup.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.yahoo.com/ mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.2.0.19\ips\ipsbho.dll BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\CoIEPlg.dll TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\CoIEPlg.dll TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\CoIEPlg.dll uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe uRun: [Calendarscope] "C:\Program Files (x86)\Calendarscope\csde.exe" uRun: [TivoTransfer] C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe uRun: [TranscodingService] C:\Program Files (x86)\TiVo\Desktop\Plus\\TranscodingService.exe uRun: [TivoNotify] C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe /service /registry /auto:TivoNotify uRun: [TivoServer] C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe /service /registry mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Memeo Backup Premium] C:\Program Files (x86)\Memeo\AutoBackupPro\MemeoLauncher2.exe --silent --no_ui mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{A6CC02DE-205E-408F-AC2A-557803A57E90} : DHCPNameServer = 192.168.1.1 SSODL: WebCheck - <orphaned> x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-SSODL: WebCheck - <orphaned> Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NAVx64\1402000.013\symds64.sys [2012-10-20 493216] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NAVx64\1402000.013\symefa64.sys [2012-10-20 1133216] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.2\Definitions\BASHDefs\20121106.001\BHDrvx64.sys [2012-10-23 1384608] R1 ccSet_NAV;Norton AntiVirus Settings Manager;C:\Windows\System32\drivers\NAVx64\1402000.013\ccsetx64.sys [2012-10-20 168096] R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\Windows\System32\drivers\NSTx64\7DD02000.012\ccSetx64.sys [2012-10-29 168096] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.2\Definitions\IPSDefs\20121130.001\IDSviA64.sys [2012-11-30 513184] R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NAVx64\1402000.013\ironx64.sys [2012-10-20 224416] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NAVx64\1402000.013\symnets.sys [2012-10-20 432800] R2 DAZContentManagementService;DAZ Content Management Service;C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [2012-9-8 22528] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-1 399432] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-1 676936] R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackupPro\MemeoBackgroundService.exe [2010-3-22 25824] R2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\20.2.0.19\ccsvchst.exe [2012-10-20 143928] R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\ccSvcHst.exe [2012-10-29 143928] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-8-15 1153368] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-15 138912] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-12-1 25928] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240] R3 UsbFltr;WayTech USB Filter Driver;C:\Windows\System32\drivers\UsbFltr.sys [2007-4-9 12288] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-8-16 59392] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-4-25 52736] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-15 1255736] S4 TivoBeacon2;TiVo Beacon Service;C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe [2010-8-24 1104656] . =============== Created Last 30 ================ . 2012-12-02 14:44:16 20480 ----a-w- C:\Windows\svchost.exe 2012-12-02 04:45:42 -------- d-----w- C:\Users\Joe\AppData\Roaming\Malwarebytes 2012-12-02 04:45:30 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-12-02 04:45:30 -------- d-----w- C:\ProgramData\Malwarebytes 2012-12-02 04:45:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-12-02 04:10:43 -------- d-----w- C:\Program Files (x86)\PC Tools 2012-12-02 04:08:35 253256 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys 2012-12-02 04:08:35 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools 2012-12-02 04:08:23 -------- d-----w- C:\ProgramData\PC Tools 2012-12-02 04:08:22 -------- d-----w- C:\Users\Joe\AppData\Roaming\TestApp 2012-11-19 23:07:28 -------- d-----w- C:\ProgramData\OptiTex 2012-11-17 23:29:56 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation 2012-11-17 23:29:41 891240 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-11-17 23:29:41 63336 ----a-w- C:\Windows\System32\nvshext.dll 2012-11-17 23:29:41 6200680 ----a-w- C:\Windows\System32\nvcpl.dll 2012-11-17 23:29:41 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-11-17 23:29:41 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll 2012-11-17 23:29:41 118120 ----a-w- C:\Windows\System32\nvmctray.dll 2012-11-14 12:10:44 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2012-11-14 12:10:44 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2012-11-14 12:10:44 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2012-11-14 12:10:44 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2012-11-14 12:05:54 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2012-11-14 12:05:54 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll 2012-11-14 12:05:54 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2012-11-14 12:05:54 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2012-11-14 12:05:53 744448 ----a-w- C:\Windows\System32\WUDFx.dll 2012-11-14 12:05:53 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2012-11-14 12:05:53 229888 ----a-w- C:\Windows\System32\WUDFHost.exe 2012-11-14 12:02:22 70656 ----a-w- C:\Windows\System32\nlaapi.dll 2012-11-14 12:02:22 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll 2012-11-14 12:02:22 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll 2012-11-14 12:02:22 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys 2012-11-14 12:02:22 303104 ----a-w- C:\Windows\System32\nlasvc.dll 2012-11-14 12:02:22 246272 ----a-w- C:\Windows\System32\netcorehc.dll 2012-11-14 12:02:22 216576 ----a-w- C:\Windows\System32\ncsi.dll 2012-11-14 12:02:22 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-11-14 12:02:22 18944 ----a-w- C:\Windows\SysWow64\netevent.dll 2012-11-14 12:02:22 18944 ----a-w- C:\Windows\System32\netevent.dll 2012-11-14 12:02:22 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll 2012-11-14 12:02:22 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll 2012-11-14 11:56:36 95744 ----a-w- C:\Windows\System32\synceng.dll 2012-11-14 11:56:36 78336 ----a-w- C:\Windows\SysWow64\synceng.dll 2012-11-14 11:53:17 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll 2012-11-14 11:53:17 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll 2012-11-14 11:53:17 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll 2012-11-14 11:53:17 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll 2012-11-14 11:53:16 3149824 ----a-w- C:\Windows\System32\win32k.sys 2012-11-06 23:33:02 -------- d-----w- C:\Windows\[systemFolder] 2012-11-06 01:56:53 -------- d-----w- C:\Users\Joe\AppData\Roaming\CocotronLibrary . ==================== Find3M ==================== . 2012-11-19 14:06:57 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-11-19 14:06:57 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll 2012-10-11 03:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll 2012-10-11 03:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll 2012-10-11 03:22:52 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll 2012-10-11 03:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll 2012-10-11 03:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll 2012-10-11 03:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll 2012-10-11 03:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys 2012-10-11 03:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll 2012-10-09 01:00:02 776864 ----a-w- C:\Windows\System32\drivers\NAVx64\1402000.013\srtsp64.sys 2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-10-04 01:40:35 1133216 ----a-w- C:\Windows\System32\drivers\NAVx64\1402000.013\symefa64.sys 2012-10-04 01:40:20 493216 ----a-w- C:\Windows\System32\drivers\NAVx64\1402000.013\symds64.sys 2012-10-04 01:19:14 168096 ----a-w- C:\Windows\System32\drivers\NAVx64\1402000.013\ccsetx64.sys 2012-10-04 01:19:14 168096 ----a-r- C:\Windows\System32\drivers\NSTx64\7DD02000.012\ccSetx64.sys 2012-10-02 19:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-09-08 03:27:07 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2012-09-07 02:05:14 432800 ----a-w- C:\Windows\System32\drivers\NAVx64\1402000.013\symnets.sys 2012-09-07 01:48:08 224416 ----a-w- C:\Windows\System32\drivers\NAVx64\1402000.013\ironx64.sys . ============= FINISH: 9:14:14.85 =============== . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2 Install Date: 8/15/2012 8:47:12 PM System Uptime: 12/2/2012 8:42:46 AM (1 hours ago) . Motherboard: ASUSTeK Computer INC. | | P6T Processor: Intel® Core i7 CPU 960 @ 3.20GHz | LGA1366 | 3201/133mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 931 GiB total, 847.567 GiB free. D: is CDROM () E: is FIXED (NTFS) - 298 GiB total, 90.369 GiB free. F: is FIXED (NTFS) - 932 GiB total, 711.069 GiB free. G: is Removable H: is Removable I: is Removable K: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP32: 9/4/2012 5:59:17 PM - Windows Update RP33: 9/12/2012 5:16:23 AM - Windows Update RP34: 9/22/2012 8:33:03 AM - Windows Update RP35: 9/26/2012 7:12:18 AM - Windows Update RP36: 10/4/2012 7:42:28 PM - Scheduled Checkpoint RP37: 10/6/2012 11:34:52 AM - Installed Comic Life RP38: 10/6/2012 2:44:50 PM - Windows Update RP39: 10/7/2012 8:32:26 AM - Windows Update RP40: 10/8/2012 6:00:28 AM - Windows Update RP41: 10/10/2012 5:58:16 AM - Windows Update RP42: 10/17/2012 8:00:04 PM - Scheduled Checkpoint RP43: 10/25/2012 6:48:59 AM - Scheduled Checkpoint RP44: 11/1/2012 8:27:28 PM - Scheduled Checkpoint RP45: 11/5/2012 7:55:49 PM - Installed Comic Life 2 RP46: 11/6/2012 5:32:33 PM - Installed Memeo LifeAgent Explorer Extension RP47: 11/14/2012 6:05:09 AM - Windows Update RP48: 11/17/2012 5:28:02 PM - Windows Update RP49: 11/25/2012 8:54:13 PM - Scheduled Checkpoint RP50: 11/28/2012 6:04:15 AM - Windows Update . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.4) AIM for Windows Apple Application Support Apple Mobile Device Support Apple Software Update Bonjour Calendarscope Canon MX880 series MP Drivers CCleaner Comic Life Comic Life 2 Cool & Quiet DAZ Content Management Service DAZ Studio 4.5 (64bit) Dynamic Clothing Control DS4 (64bit) GIMP 2.8.2 iTunes Java 7 Update 7 (64-bit) Malwarebytes Anti-Malware version 1.65.1.1000 Memeo Backup Premium Memeo LifeAgent Explorer Extension Microsoft .NET Framework 4 Client Profile Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Norton AntiVirus Norton Identity Safe NVIDIA 3D Vision Driver 306.97 NVIDIA Control Panel 306.97 NVIDIA Graphics Driver 306.97 NVIDIA Install Application NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.10.8 NVIDIA Update Components Real Alternative 1.50 Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition Spybot - Search & Destroy TiVo Desktop 2.8.3 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VLC media player 2.0.0 WinRAR archiver . ==== Event Viewer Messages From Past Week ======== . 12/1/2012 5:54:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 12/1/2012 5:54:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 12/1/2012 5:54:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 12/1/2012 5:54:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 12/1/2012 5:54:07 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AsIO AsUpIO BHDrvx64 ccSet_NAV ccSet_NST discache eeCtrl IDSVia64 spldr SRTSP SRTSPX SymIRON SymNetS Wanarpv6 12/1/2012 3:29:49 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa800b8afbb0, 0x0000000000000000, 0x000000007ef98000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 120112-29109-01. 12/1/2012 2:57:37 PM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107. 12/1/2012 2:57:37 PM, Error: Schannel [36874] - An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. 12/1/2012 10:15:28 PM, Error: PCTCore [280] - 12/1/2012 10:10:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} 11/30/2012 9:31:01 PM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.