erikpiercy
-
Posts
7 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by erikpiercy
-
-
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1011
© Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_31
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.064000 GHz
Memory total: 4083007488, free: 2552766464
------------ Kernel report ------------
12/28/2012 12:45:36
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\spse.sys
\SystemRoot\System32\Drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\SCSIPORT.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\stdfltn.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\EMSC.SYS
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\bcmwl664.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\Impcd.sys
\SystemRoot\System32\Drivers\aesl7kw5.SYS
\SystemRoot\system32\DRIVERS\Accelern.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\hamachi.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\drivers\BCM42RLY.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\shell32.dll
\Windows\System32\usp10.dll
\Windows\System32\imagehlp.dll
\Windows\System32\iertutil.dll
\Windows\System32\wininet.dll
\Windows\System32\ole32.dll
\Windows\System32\lpk.dll
\Windows\System32\imm32.dll
\Windows\System32\gdi32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\psapi.dll
\Windows\System32\msvcrt.dll
\Windows\System32\setupapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\sechost.dll
\Windows\System32\ws2_32.dll
\Windows\System32\nsi.dll
\Windows\System32\msctf.dll
\Windows\System32\Wldap32.dll
\Windows\System32\user32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\kernel32.dll
\Windows\System32\urlmon.dll
\Windows\System32\advapi32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\difxapi.dll
\Windows\System32\normaliz.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\devobj.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8007694060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-0\
Lower Device Object: 0xfffffa800569a050
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
DriverEntry returned 0x0
Function returned 0x0
Downloaded database version: v2012.12.28.12
Downloaded database version: v2012.12.27.02
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007694060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80075408b0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007694060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800753f870, DeviceName: Unknown, DriverName: \Driver\stdflt\
DevicePointer: 0xfffffa8005699a00, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800569a050, DeviceName: \Device\Ide\IAAStorageDevice-0\, DriverName: \Driver\iaStor\
------------ End ----------
Upper DeviceData: 0xfffff8a0023a31a0, 0xfffffa8007694060, 0xfffffa800a366790
Lower DeviceData: 0xfffff8a00b8d86c0, 0xfffffa800569a050, 0xfffffa8004c9be40
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
File user open failed: C:\Windows\system32\drivers\sptd.sys (0x00000020)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: F68BE595
Partition information:
Partition 0 type is Other (0xde)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 80262
Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 81920 Numsec = 30720000
Partition file system is NTFS
Partition is bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 30801920 Numsec = 457593200
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 250059350016 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-62-488377168-488397168)...
Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================
-
I had used ComboFix prior to creating this thread. Probably a bad move, I know. I posted the log from the original scan. The application was not saved to my desktop. Again, thanks.
-
05:55:10.0846 7012 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
05:55:11.0487 7012 ============================================================
05:55:11.0487 7012 Current date / time: 2012/12/28 05:55:11.0487
05:55:11.0487 7012 SystemInfo:
05:55:11.0487 7012
05:55:11.0488 7012 OS Version: 6.1.7601 ServicePack: 1.0
05:55:11.0488 7012 Product type: Workstation
05:55:11.0488 7012 ComputerName: PIERCY
05:55:11.0488 7012 UserName: Erik
05:55:11.0488 7012 Windows directory: C:\Windows
05:55:11.0488 7012 System windows directory: C:\Windows
05:55:11.0488 7012 Running under WOW64
05:55:11.0488 7012 Processor architecture: Intel x64
05:55:11.0488 7012 Number of processors: 4
05:55:11.0488 7012 Page size: 0x1000
05:55:11.0488 7012 Boot type: Normal boot
05:55:11.0488 7012 ============================================================
05:55:12.0545 7012 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:55:12.0560 7012 ============================================================
05:55:12.0560 7012 \Device\Harddisk0\DR0:
05:55:12.0561 7012 MBR partitions:
05:55:12.0561 7012 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
05:55:12.0561 7012 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170
05:55:12.0561 7012 ============================================================
05:55:12.0594 7012 C: <-> \Device\Harddisk0\DR0\Partition2
05:55:12.0594 7012 ============================================================
05:55:12.0595 7012 Initialize success
05:55:12.0595 7012 ============================================================
05:55:14.0445 6216 ============================================================
05:55:14.0445 6216 Scan started
05:55:14.0445 6216 Mode: Manual;
05:55:14.0445 6216 ============================================================
05:55:14.0600 6216 ================ Scan system memory ========================
05:55:14.0600 6216 System memory - ok
05:55:14.0600 6216 ================ Scan services =============================
05:55:14.0878 6216 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
05:55:14.0882 6216 1394ohci - ok
05:55:15.0030 6216 [ 5E8EFEB338DEB1F485420B090FE6C85E ] ac.sharedstore C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
05:55:15.0034 6216 ac.sharedstore - ok
05:55:15.0107 6216 [ 627371B2D48F64CECC4D019114FB140D ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
05:55:15.0108 6216 Acceler - ok
05:55:15.0130 6216 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
05:55:15.0134 6216 ACPI - ok
05:55:15.0179 6216 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
05:55:15.0180 6216 AcpiPmi - ok
05:55:15.0266 6216 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
05:55:15.0269 6216 adp94xx - ok
05:55:15.0292 6216 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
05:55:15.0295 6216 adpahci - ok
05:55:15.0313 6216 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
05:55:15.0315 6216 adpu320 - ok
05:55:15.0365 6216 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
05:55:15.0367 6216 AeLookupSvc - ok
05:55:15.0396 6216 Scan interrupted by user!
05:55:15.0396 6216 ================ Scan global ===============================
05:55:15.0396 6216 Scan interrupted by user!
05:55:15.0396 6216 ================ Scan MBR ==================================
05:55:15.0396 6216 Scan interrupted by user!
05:55:15.0396 6216 ================ Scan VBR ==================================
05:55:15.0396 6216 Scan interrupted by user!
05:55:15.0396 6216 ============================================================
05:55:15.0396 6216 Scan finished
05:55:15.0396 6216 ============================================================
05:55:15.0410 6896 Detected object count: 0
05:55:15.0410 6896 Actual detected object count: 0
05:55:19.0300 3416 ============================================================
05:55:19.0300 3416 Scan started
05:55:19.0300 3416 Mode: Manual; TDLFS;
05:55:19.0300 3416 ============================================================
05:55:19.0436 3416 ================ Scan system memory ========================
05:55:19.0436 3416 System memory - ok
05:55:19.0437 3416 ================ Scan services =============================
05:55:19.0640 3416 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
05:55:19.0643 3416 1394ohci - ok
05:55:19.0758 3416 [ 5E8EFEB338DEB1F485420B090FE6C85E ] ac.sharedstore C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
05:55:19.0762 3416 ac.sharedstore - ok
05:55:19.0786 3416 [ 627371B2D48F64CECC4D019114FB140D ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
05:55:19.0787 3416 Acceler - ok
05:55:19.0834 3416 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
05:55:19.0837 3416 ACPI - ok
05:55:19.0883 3416 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
05:55:19.0884 3416 AcpiPmi - ok
05:55:19.0980 3416 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
05:55:19.0986 3416 adp94xx - ok
05:55:20.0021 3416 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
05:55:20.0023 3416 adpahci - ok
05:55:20.0041 3416 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
05:55:20.0043 3416 adpu320 - ok
05:55:20.0094 3416 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
05:55:20.0095 3416 AeLookupSvc - ok
05:55:20.0121 3416 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
05:55:20.0123 3416 AERTFilters - ok
05:55:20.0197 3416 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
05:55:20.0203 3416 AFD - ok
05:55:20.0286 3416 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
05:55:20.0288 3416 agp440 - ok
05:55:20.0316 3416 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
05:55:20.0317 3416 ALG - ok
05:55:20.0393 3416 [ A99E57669390F265D25288C8BA042D78 ] AlienFusionService C:\Program Files\Alienware\Command Center\AlienFusionService.exe
05:55:20.0394 3416 AlienFusionService - ok
05:55:20.0478 3416 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
05:55:20.0479 3416 aliide - ok
05:55:20.0508 3416 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
05:55:20.0508 3416 amdide - ok
05:55:20.0580 3416 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
05:55:20.0582 3416 AmdK8 - ok
05:55:20.0589 3416 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
05:55:20.0590 3416 AmdPPM - ok
05:55:20.0693 3416 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
05:55:20.0695 3416 amdsata - ok
05:55:20.0726 3416 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
05:55:20.0728 3416 amdsbs - ok
05:55:20.0745 3416 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
05:55:20.0746 3416 amdxata - ok
05:55:20.0829 3416 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
05:55:20.0830 3416 AppID - ok
05:55:20.0877 3416 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
05:55:20.0878 3416 AppIDSvc - ok
05:55:20.0926 3416 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
05:55:20.0928 3416 Appinfo - ok
05:55:21.0070 3416 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:55:21.0072 3416 Apple Mobile Device - ok
05:55:21.0150 3416 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
05:55:21.0151 3416 arc - ok
05:55:21.0170 3416 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
05:55:21.0171 3416 arcsas - ok
05:55:21.0322 3416 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
05:55:21.0324 3416 aspnet_state - ok
05:55:21.0387 3416 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
05:55:21.0388 3416 AsyncMac - ok
05:55:21.0424 3416 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
05:55:21.0424 3416 atapi - ok
05:55:21.0504 3416 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
05:55:21.0513 3416 AudioEndpointBuilder - ok
05:55:21.0534 3416 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
05:55:21.0540 3416 AudioSrv - ok
05:55:21.0616 3416 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
05:55:21.0618 3416 AxInstSV - ok
05:55:21.0659 3416 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
05:55:21.0664 3416 b06bdrv - ok
05:55:21.0704 3416 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
05:55:21.0707 3416 b57nd60a - ok
05:55:21.0809 3416 [ 47480F4260DAE9AA589BCAF924B3767A ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe
05:55:21.0811 3416 BBSvc - ok
05:55:21.0868 3416 [ 6BF743CBF3BCD09DAB79245E60E1AE62 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe
05:55:21.0871 3416 BBUpdate - ok
05:55:21.0895 3416 [ 5C0F919666954885D7760DFFE4B29A25 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
05:55:21.0896 3416 BCM42RLY - ok
05:55:22.0023 3416 [ BAB887A2B2786310A966881F074F4A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
05:55:22.0049 3416 BCM43XX - ok
05:55:22.0131 3416 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
05:55:22.0133 3416 BDESVC - ok
05:55:22.0144 3416 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
05:55:22.0144 3416 Beep - ok
05:55:22.0230 3416 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
05:55:22.0238 3416 BFE - ok
05:55:22.0306 3416 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
05:55:22.0316 3416 BITS - ok
05:55:22.0382 3416 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
05:55:22.0383 3416 blbdrive - ok
05:55:22.0452 3416 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
05:55:22.0453 3416 bowser - ok
05:55:22.0522 3416 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
05:55:22.0522 3416 BrFiltLo - ok
05:55:22.0538 3416 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
05:55:22.0538 3416 BrFiltUp - ok
05:55:22.0577 3416 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
05:55:22.0578 3416 BridgeMP - ok
05:55:22.0620 3416 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
05:55:22.0623 3416 Browser - ok
05:55:22.0647 3416 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
05:55:22.0650 3416 Brserid - ok
05:55:22.0663 3416 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
05:55:22.0664 3416 BrSerWdm - ok
05:55:22.0688 3416 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
05:55:22.0688 3416 BrUsbMdm - ok
05:55:22.0698 3416 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
05:55:22.0699 3416 BrUsbSer - ok
05:55:22.0785 3416 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
05:55:22.0786 3416 BthEnum - ok
05:55:22.0798 3416 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
05:55:22.0799 3416 BTHMODEM - ok
05:55:22.0825 3416 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
05:55:22.0826 3416 BthPan - ok
05:55:22.0891 3416 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
05:55:22.0896 3416 BTHPORT - ok
05:55:22.0953 3416 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
05:55:22.0955 3416 bthserv - ok
05:55:23.0007 3416 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
05:55:23.0009 3416 BTHUSB - ok
05:55:23.0074 3416 [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
05:55:23.0075 3416 btusbflt - ok
05:55:23.0103 3416 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
05:55:23.0104 3416 btwaudio - ok
05:55:23.0169 3416 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
05:55:23.0172 3416 btwavdt - ok
05:55:23.0223 3416 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
05:55:23.0231 3416 btwdins - ok
05:55:23.0257 3416 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
05:55:23.0259 3416 btwl2cap - ok
05:55:23.0319 3416 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
05:55:23.0320 3416 btwrchid - ok
05:55:23.0324 3416 catchme - ok
05:55:23.0378 3416 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
05:55:23.0379 3416 cdfs - ok
05:55:23.0461 3416 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
05:55:23.0463 3416 cdrom - ok
05:55:23.0538 3416 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
05:55:23.0540 3416 CertPropSvc - ok
05:55:23.0545 3416 CHIPDRIVE USB SmartCardReader - ok
05:55:23.0607 3416 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
05:55:23.0608 3416 circlass - ok
05:55:23.0664 3416 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
05:55:23.0670 3416 CLFS - ok
05:55:23.0778 3416 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:55:23.0779 3416 clr_optimization_v2.0.50727_32 - ok
05:55:23.0843 3416 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
05:55:23.0845 3416 clr_optimization_v2.0.50727_64 - ok
05:55:24.0005 3416 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:55:24.0007 3416 clr_optimization_v4.0.30319_32 - ok
05:55:24.0061 3416 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
05:55:24.0064 3416 clr_optimization_v4.0.30319_64 - ok
05:55:24.0115 3416 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
05:55:24.0116 3416 CmBatt - ok
05:55:24.0167 3416 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
05:55:24.0168 3416 cmdide - ok
05:55:24.0232 3416 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
05:55:24.0237 3416 CNG - ok
05:55:24.0303 3416 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
05:55:24.0304 3416 Compbatt - ok
05:55:24.0412 3416 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
05:55:24.0413 3416 CompositeBus - ok
05:55:24.0420 3416 COMSysApp - ok
05:55:24.0442 3416 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
05:55:24.0443 3416 crcdisk - ok
05:55:24.0497 3416 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
05:55:24.0500 3416 CryptSvc - ok
05:55:24.0562 3416 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
05:55:24.0568 3416 DcomLaunch - ok
05:55:24.0623 3416 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
05:55:24.0628 3416 defragsvc - ok
05:55:24.0683 3416 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
05:55:24.0684 3416 DfsC - ok
05:55:24.0704 3416 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
05:55:24.0708 3416 Dhcp - ok
05:55:24.0771 3416 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
05:55:24.0772 3416 discache - ok
05:55:24.0824 3416 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
05:55:24.0825 3416 Disk - ok
05:55:24.0879 3416 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
05:55:24.0883 3416 Dnscache - ok
05:55:24.0933 3416 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
05:55:24.0936 3416 dot3svc - ok
05:55:24.0992 3416 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
05:55:24.0995 3416 DPS - ok
05:55:25.0068 3416 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
05:55:25.0069 3416 drmkaud - ok
05:55:25.0125 3416 dump_wmimmc - ok
05:55:25.0184 3416 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
05:55:25.0196 3416 DXGKrnl - ok
05:55:25.0241 3416 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
05:55:25.0243 3416 EapHost - ok
05:55:25.0355 3416 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
05:55:25.0383 3416 ebdrv - ok
05:55:25.0441 3416 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
05:55:25.0444 3416 EFS - ok
05:55:25.0524 3416 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
05:55:25.0532 3416 ehRecvr - ok
05:55:25.0589 3416 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
05:55:25.0591 3416 ehSched - ok
05:55:25.0654 3416 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
05:55:25.0658 3416 elxstor - ok
05:55:25.0714 3416 [ E47D9D7E6E53892FC97282482F4AE307 ] EMSC C:\Windows\system32\DRIVERS\EMSC.SYS
05:55:25.0715 3416 EMSC - ok
05:55:25.0732 3416 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
05:55:25.0733 3416 ErrDev - ok
05:55:25.0792 3416 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
05:55:25.0795 3416 EventSystem - ok
05:55:25.0858 3416 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
05:55:25.0861 3416 exfat - ok
05:55:25.0939 3416 [ 2C1D443E14F376E8331F52F135DCA9EF ] FACAP C:\Windows\system32\DRIVERS\facap.sys
05:55:25.0941 3416 FACAP - ok
05:55:26.0023 3416 [ 53E30A6E86AA93C0FFC0BC0439E3E636 ] FAService C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe
05:55:26.0045 3416 FAService - ok
05:55:26.0066 3416 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
05:55:26.0067 3416 fastfat - ok
05:55:26.0191 3416 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
05:55:26.0199 3416 Fax - ok
05:55:26.0255 3416 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
05:55:26.0256 3416 fdc - ok
05:55:26.0313 3416 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
05:55:26.0315 3416 fdPHost - ok
05:55:26.0330 3416 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
05:55:26.0332 3416 FDResPub - ok
05:55:26.0341 3416 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
05:55:26.0342 3416 FileInfo - ok
05:55:26.0351 3416 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
05:55:26.0351 3416 Filetrace - ok
05:55:26.0368 3416 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
05:55:26.0368 3416 flpydisk - ok
05:55:26.0421 3416 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
05:55:26.0425 3416 FltMgr - ok
05:55:26.0494 3416 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
05:55:26.0505 3416 FontCache - ok
05:55:26.0611 3416 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
05:55:26.0613 3416 FontCache3.0.0.0 - ok
05:55:26.0649 3416 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
05:55:26.0651 3416 FsDepends - ok
05:55:26.0705 3416 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
05:55:26.0706 3416 Fs_Rec - ok
05:55:26.0763 3416 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
05:55:26.0766 3416 fvevol - ok
05:55:26.0785 3416 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
05:55:26.0787 3416 gagp30kx - ok
05:55:26.0853 3416 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
05:55:26.0860 3416 gpsvc - ok
05:55:27.0034 3416 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:55:27.0036 3416 gupdate - ok
05:55:27.0108 3416 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:55:27.0110 3416 gupdatem - ok
05:55:27.0172 3416 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
05:55:27.0173 3416 hamachi - ok
05:55:27.0345 3416 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
05:55:27.0367 3416 Hamachi2Svc - ok
05:55:27.0429 3416 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
05:55:27.0430 3416 hcw85cir - ok
05:55:27.0493 3416 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
05:55:27.0496 3416 HDAudBus - ok
05:55:27.0515 3416 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
05:55:27.0515 3416 HidBatt - ok
05:55:27.0533 3416 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
05:55:27.0535 3416 HidBth - ok
05:55:27.0550 3416 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
05:55:27.0551 3416 HidIr - ok
05:55:27.0601 3416 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
05:55:27.0603 3416 hidserv - ok
05:55:27.0672 3416 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
05:55:27.0673 3416 HidUsb - ok
05:55:27.0720 3416 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
05:55:27.0723 3416 hkmsvc - ok
05:55:27.0773 3416 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
05:55:27.0778 3416 HomeGroupListener - ok
05:55:27.0835 3416 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
05:55:27.0840 3416 HomeGroupProvider - ok
05:55:27.0896 3416 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
05:55:27.0897 3416 HpSAMD - ok
05:55:27.0957 3416 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
05:55:27.0967 3416 HTTP - ok
05:55:27.0984 3416 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
05:55:27.0985 3416 hwpolicy - ok
05:55:28.0052 3416 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
05:55:28.0053 3416 i8042prt - ok
05:55:28.0114 3416 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
05:55:28.0118 3416 iaStor - ok
05:55:28.0223 3416 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
05:55:28.0224 3416 IAStorDataMgrSvc - ok
05:55:28.0296 3416 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
05:55:28.0302 3416 iaStorV - ok
05:55:28.0383 3416 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
05:55:28.0384 3416 IDriverT - ok
05:55:28.0463 3416 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
05:55:28.0474 3416 idsvc - ok
05:55:28.0838 3416 [ 0089B53F1BEFD34B7D8CA4AB021335FA ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
05:55:28.0949 3416 igfx - ok
05:55:29.0002 3416 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
05:55:29.0003 3416 iirsp - ok
05:55:29.0091 3416 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
05:55:29.0098 3416 IKEEXT - ok
05:55:29.0150 3416 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
05:55:29.0152 3416 Impcd - ok
05:55:29.0177 3416 [ A4A87C2F228DD2AC93DAE94E103792D3 ] InstallFilterService C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\InstallFilterService.exe
05:55:29.0178 3416 InstallFilterService - ok
05:55:29.0249 3416 [ 0ADF714079AE174A39D69036143E4C50 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
05:55:29.0271 3416 IntcAzAudAddService - ok
05:55:29.0329 3416 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
05:55:29.0332 3416 IntcDAud - ok
05:55:29.0392 3416 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
05:55:29.0393 3416 intelide - ok
05:55:29.0462 3416 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
05:55:29.0463 3416 intelppm - ok
05:55:29.0578 3416 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
05:55:29.0579 3416 IntuitUpdateService - ok
05:55:29.0629 3416 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
05:55:29.0632 3416 IPBusEnum - ok
05:55:29.0680 3416 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
05:55:29.0681 3416 IpFilterDriver - ok
05:55:29.0766 3416 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
05:55:29.0776 3416 iphlpsvc - ok
05:55:29.0826 3416 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
05:55:29.0827 3416 IPMIDRV - ok
05:55:29.0884 3416 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
05:55:29.0886 3416 IPNAT - ok
05:55:29.0938 3416 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
05:55:29.0939 3416 IRENUM - ok
05:55:29.0988 3416 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
05:55:29.0988 3416 isapnp - ok
05:55:30.0015 3416 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
05:55:30.0017 3416 iScsiPrt - ok
05:55:30.0098 3416 [ 1EA84FC4DF200FF77A823078532123BF ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
05:55:30.0101 3416 JMCR - ok
05:55:30.0169 3416 [ 0B585D18C93379227FA2A645181A6DA2 ] johci C:\Windows\system32\DRIVERS\johci.sys
05:55:30.0170 3416 johci - ok
05:55:30.0189 3416 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
05:55:30.0190 3416 kbdclass - ok
05:55:30.0202 3416 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
05:55:30.0203 3416 kbdhid - ok
05:55:30.0218 3416 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
05:55:30.0220 3416 KeyIso - ok
05:55:30.0273 3416 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
05:55:30.0275 3416 KSecDD - ok
05:55:30.0325 3416 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
05:55:30.0326 3416 KSecPkg - ok
05:55:30.0369 3416 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
05:55:30.0369 3416 ksthunk - ok
05:55:30.0425 3416 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
05:55:30.0431 3416 KtmRm - ok
05:55:30.0486 3416 [ 9C46A5421DE9D116C47155317CABB522 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
05:55:30.0487 3416 L1C - ok
05:55:30.0588 3416 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
05:55:30.0592 3416 LanmanServer - ok
05:55:30.0644 3416 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
05:55:30.0649 3416 LanmanWorkstation - ok
05:55:30.0711 3416 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
05:55:30.0712 3416 lltdio - ok
05:55:30.0766 3416 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
05:55:30.0770 3416 lltdsvc - ok
05:55:30.0787 3416 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
05:55:30.0789 3416 lmhosts - ok
05:55:30.0850 3416 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
05:55:30.0852 3416 LSI_FC - ok
05:55:30.0861 3416 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
05:55:30.0862 3416 LSI_SAS - ok
05:55:30.0868 3416 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
05:55:30.0869 3416 LSI_SAS2 - ok
05:55:30.0883 3416 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
05:55:30.0885 3416 LSI_SCSI - ok
05:55:30.0944 3416 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
05:55:30.0946 3416 luafv - ok
05:55:31.0035 3416 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
05:55:31.0036 3416 MBAMProtector - ok
05:55:31.0150 3416 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
05:55:31.0155 3416 MBAMScheduler - ok
05:55:31.0236 3416 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
05:55:31.0242 3416 MBAMService - ok
05:55:31.0288 3416 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
05:55:31.0291 3416 Mcx2Svc - ok
05:55:31.0311 3416 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
05:55:31.0311 3416 megasas - ok
05:55:31.0330 3416 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
05:55:31.0332 3416 MegaSR - ok
05:55:31.0386 3416 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
05:55:31.0389 3416 MMCSS - ok
05:55:31.0411 3416 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
05:55:31.0412 3416 Modem - ok
05:55:31.0430 3416 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
05:55:31.0431 3416 monitor - ok
05:55:31.0551 3416 [ 2443B978E80F8A3D1F39855AA25882AF ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
05:55:31.0554 3416 MotoHelper - ok
05:55:31.0620 3416 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
05:55:31.0621 3416 mouclass - ok
05:55:31.0686 3416 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
05:55:31.0687 3416 mouhid - ok
05:55:31.0742 3416 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
05:55:31.0743 3416 mountmgr - ok
05:55:31.0882 3416 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
05:55:31.0884 3416 MozillaMaintenance - ok
05:55:31.0988 3416 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
05:55:31.0993 3416 MpFilter - ok
05:55:32.0013 3416 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
05:55:32.0014 3416 mpio - ok
05:55:32.0033 3416 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
05:55:32.0034 3416 mpsdrv - ok
05:55:32.0147 3416 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
05:55:32.0156 3416 MpsSvc - ok
05:55:32.0214 3416 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
05:55:32.0216 3416 MRxDAV - ok
05:55:32.0272 3416 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
05:55:32.0274 3416 mrxsmb - ok
05:55:32.0327 3416 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:55:32.0329 3416 mrxsmb10 - ok
05:55:32.0347 3416 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:55:32.0348 3416 mrxsmb20 - ok
05:55:32.0395 3416 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
05:55:32.0396 3416 msahci - ok
05:55:32.0450 3416 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
05:55:32.0453 3416 msdsm - ok
05:55:32.0507 3416 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
05:55:32.0511 3416 MSDTC - ok
05:55:32.0563 3416 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
05:55:32.0565 3416 Msfs - ok
05:55:32.0638 3416 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
05:55:32.0639 3416 mshidkmdf - ok
05:55:32.0651 3416 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
05:55:32.0652 3416 msisadrv - ok
05:55:32.0709 3416 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
05:55:32.0712 3416 MSiSCSI - ok
05:55:32.0719 3416 msiserver - ok
05:55:32.0784 3416 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
05:55:32.0785 3416 MSKSSRV - ok
05:55:32.0902 3416 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
05:55:32.0903 3416 MsMpSvc - ok
05:55:32.0959 3416 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
05:55:32.0960 3416 MSPCLOCK - ok
05:55:32.0977 3416 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
05:55:32.0977 3416 MSPQM - ok
05:55:33.0032 3416 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
05:55:33.0035 3416 MsRPC - ok
05:55:33.0052 3416 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
05:55:33.0053 3416 mssmbios - ok
05:55:33.0066 3416 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
05:55:33.0067 3416 MSTEE - ok
05:55:33.0080 3416 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
05:55:33.0080 3416 MTConfig - ok
05:55:33.0092 3416 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
05:55:33.0093 3416 Mup - ok
05:55:33.0167 3416 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
05:55:33.0172 3416 napagent - ok
05:55:33.0240 3416 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
05:55:33.0244 3416 NativeWifiP - ok
05:55:33.0328 3416 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
05:55:33.0336 3416 NDIS - ok
05:55:33.0391 3416 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
05:55:33.0392 3416 NdisCap - ok
05:55:33.0447 3416 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
05:55:33.0448 3416 NdisTapi - ok
05:55:33.0494 3416 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
05:55:33.0495 3416 Ndisuio - ok
05:55:33.0549 3416 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
05:55:33.0551 3416 NdisWan - ok
05:55:33.0598 3416 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
05:55:33.0600 3416 NDProxy - ok
05:55:33.0616 3416 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
05:55:33.0617 3416 NetBIOS - ok
05:55:33.0670 3416 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
05:55:33.0674 3416 NetBT - ok
05:55:33.0691 3416 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
05:55:33.0693 3416 Netlogon - ok
05:55:33.0765 3416 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
05:55:33.0771 3416 Netman - ok
05:55:33.0823 3416 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:55:33.0826 3416 NetMsmqActivator - ok
05:55:33.0833 3416 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:55:33.0834 3416 NetPipeActivator - ok
05:55:33.0860 3416 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
05:55:33.0865 3416 netprofm - ok
05:55:33.0871 3416 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:55:33.0873 3416 NetTcpActivator - ok
05:55:33.0878 3416 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:55:33.0880 3416 NetTcpPortSharing - ok
05:55:33.0899 3416 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
05:55:33.0899 3416 nfrd960 - ok
05:55:33.0979 3416 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
05:55:33.0983 3416 NisDrv - ok
05:55:34.0053 3416 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
05:55:34.0058 3416 NisSrv - ok
05:55:34.0125 3416 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
05:55:34.0130 3416 NlaSvc - ok
05:55:34.0144 3416 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
05:55:34.0145 3416 Npfs - ok
05:55:34.0186 3416 npggsvc - ok
05:55:34.0192 3416 NPPTNT2 - ok
05:55:34.0235 3416 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
05:55:34.0237 3416 nsi - ok
05:55:34.0252 3416 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
05:55:34.0253 3416 nsiproxy - ok
05:55:34.0335 3416 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
05:55:34.0351 3416 Ntfs - ok
05:55:34.0397 3416 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
05:55:34.0398 3416 Null - ok
05:55:34.0751 3416 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
05:55:34.0890 3416 nvlddmkm - ok
05:55:34.0954 3416 [ 715D45ED30003FC70CFA0D9C6DD0B538 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
05:55:34.0956 3416 nvpciflt - ok
05:55:35.0014 3416 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
05:55:35.0017 3416 nvraid - ok
05:55:35.0088 3416 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
05:55:35.0089 3416 nvstor - ok
05:55:35.0149 3416 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
05:55:35.0157 3416 nvsvc - ok
05:55:35.0269 3416 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
05:55:35.0278 3416 nvUpdatusService - ok
05:55:35.0341 3416 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
05:55:35.0343 3416 nv_agp - ok
05:55:35.0393 3416 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
05:55:35.0394 3416 ohci1394 - ok
05:55:35.0451 3416 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
05:55:35.0457 3416 p2pimsvc - ok
05:55:35.0479 3416 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
05:55:35.0484 3416 p2psvc - ok
05:55:35.0537 3416 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
05:55:35.0538 3416 Parport - ok
05:55:35.0589 3416 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
05:55:35.0591 3416 partmgr - ok
05:55:35.0612 3416 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
05:55:35.0615 3416 PcaSvc - ok
05:55:35.0632 3416 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
05:55:35.0634 3416 pci - ok
05:55:35.0692 3416 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
05:55:35.0692 3416 pciide - ok
05:55:35.0704 3416 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
05:55:35.0706 3416 pcmcia - ok
05:55:35.0721 3416 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
05:55:35.0722 3416 pcw - ok
05:55:35.0748 3416 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
05:55:35.0753 3416 PEAUTH - ok
05:55:35.0893 3416 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
05:55:35.0895 3416 PerfHost - ok
05:55:35.0983 3416 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
05:55:35.0997 3416 pla - ok
05:55:36.0070 3416 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
05:55:36.0075 3416 PlugPlay - ok
05:55:36.0120 3416 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
05:55:36.0123 3416 PNRPAutoReg - ok
05:55:36.0168 3416 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
05:55:36.0174 3416 PNRPsvc - ok
05:55:36.0211 3416 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
05:55:36.0217 3416 PolicyAgent - ok
05:55:36.0268 3416 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
05:55:36.0273 3416 Power - ok
05:55:36.0347 3416 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
05:55:36.0349 3416 PptpMiniport - ok
05:55:36.0366 3416 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
05:55:36.0367 3416 Processor - ok
05:55:36.0387 3416 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
05:55:36.0390 3416 ProfSvc - ok
05:55:36.0405 3416 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
05:55:36.0407 3416 ProtectedStorage - ok
05:55:36.0473 3416 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
05:55:36.0475 3416 Psched - ok
05:55:36.0611 3416 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
05:55:36.0614 3416 PSI_SVC_2 - ok
05:55:36.0713 3416 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
05:55:36.0726 3416 ql2300 - ok
05:55:36.0763 3416 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
05:55:36.0765 3416 ql40xx - ok
05:55:36.0817 3416 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
05:55:36.0823 3416 QWAVE - ok
05:55:36.0840 3416 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
05:55:36.0841 3416 QWAVEdrv - ok
05:55:36.0860 3416 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
05:55:36.0861 3416 RasAcd - ok
05:55:36.0928 3416 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
05:55:36.0929 3416 RasAgileVpn - ok
05:55:36.0975 3416 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
05:55:36.0979 3416 RasAuto - ok
05:55:37.0024 3416 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
05:55:37.0026 3416 Rasl2tp - ok
05:55:37.0078 3416 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
05:55:37.0082 3416 RasMan - ok
05:55:37.0096 3416 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
05:55:37.0097 3416 RasPppoe - ok
05:55:37.0113 3416 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
05:55:37.0114 3416 RasSstp - ok
05:55:37.0171 3416 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
05:55:37.0175 3416 rdbss - ok
05:55:37.0192 3416 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
05:55:37.0193 3416 rdpbus - ok
05:55:37.0214 3416 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
05:55:37.0215 3416 RDPCDD - ok
05:55:37.0274 3416 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
05:55:37.0275 3416 RDPENCDD - ok
05:55:37.0296 3416 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
05:55:37.0296 3416 RDPREFMP - ok
05:55:37.0350 3416 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
05:55:37.0353 3416 RDPWD - ok
05:55:37.0400 3416 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
05:55:37.0402 3416 rdyboost - ok
05:55:37.0470 3416 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
05:55:37.0474 3416 RemoteAccess - ok
05:55:37.0524 3416 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
05:55:37.0529 3416 RemoteRegistry - ok
05:55:37.0600 3416 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
05:55:37.0602 3416 RFCOMM - ok
05:55:37.0617 3416 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
05:55:37.0620 3416 RpcEptMapper - ok
05:55:37.0646 3416 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
05:55:37.0648 3416 RpcLocator - ok
05:55:37.0691 3416 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
05:55:37.0701 3416 RpcSs - ok
05:55:37.0749 3416 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
05:55:37.0751 3416 rspndr - ok
05:55:37.0812 3416 [ CA9C2A75C2AC1787C807DC72068BF5B7 ] S3XXx64 C:\Windows\system32\DRIVERS\S3XXx64.sys
05:55:37.0814 3416 S3XXx64 - ok
05:55:37.0850 3416 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
05:55:37.0853 3416 SamSs - ok
05:55:37.0901 3416 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
05:55:37.0903 3416 sbp2port - ok
05:55:37.0923 3416 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
05:55:37.0926 3416 SCardSvr - ok
05:55:37.0974 3416 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
05:55:37.0975 3416 scfilter - ok
05:55:38.0046 3416 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
05:55:38.0059 3416 Schedule - ok
05:55:38.0109 3416 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
05:55:38.0111 3416 SCPolicySvc - ok
05:55:38.0168 3416 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
05:55:38.0173 3416 SDRSVC - ok
05:55:38.0235 3416 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
05:55:38.0236 3416 secdrv - ok
05:55:38.0251 3416 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
05:55:38.0253 3416 seclogon - ok
05:55:38.0265 3416 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
05:55:38.0268 3416 SENS - ok
05:55:38.0322 3416 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
05:55:38.0325 3416 SensrSvc - ok
05:55:38.0397 3416 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
05:55:38.0398 3416 Serenum - ok
05:55:38.0425 3416 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
05:55:38.0427 3416 Serial - ok
05:55:38.0460 3416 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
05:55:38.0461 3416 sermouse - ok
05:55:38.0521 3416 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
05:55:38.0525 3416 SessionEnv - ok
05:55:38.0578 3416 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
05:55:38.0579 3416 sffdisk - ok
05:55:38.0597 3416 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
05:55:38.0597 3416 sffp_mmc - ok
05:55:38.0610 3416 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
05:55:38.0611 3416 sffp_sd - ok
05:55:38.0631 3416 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
05:55:38.0632 3416 sfloppy - ok
05:55:38.0719 3416 [ 38F88F0DF46C4D42125EF721ABD7F6B9 ] SftService C:\Program Files (x86)\AlienRespawn\sftservice.EXE
05:55:38.0724 3416 SftService - ok
05:55:38.0813 3416 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
05:55:38.0819 3416 SharedAccess - ok
05:55:38.0840 3416 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
05:55:38.0844 3416 ShellHWDetection - ok
05:55:38.0851 3416 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
05:55:38.0852 3416 SiSRaid2 - ok
05:55:38.0858 3416 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
05:55:38.0859 3416 SiSRaid4 - ok
05:55:39.0033 3416 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
05:55:39.0061 3416 Skype C2C Service - ok
05:55:39.0189 3416 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
05:55:39.0192 3416 SkypeUpdate - ok
05:55:39.0247 3416 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
05:55:39.0249 3416 Smb - ok
05:55:39.0331 3416 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
05:55:39.0333 3416 SNMPTRAP - ok
05:55:39.0350 3416 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
05:55:39.0351 3416 spldr - ok
05:55:39.0402 3416 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
05:55:39.0408 3416 Spooler - ok
05:55:39.0526 3416 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
05:55:39.0558 3416 sppsvc - ok
05:55:39.0577 3416 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
05:55:39.0580 3416 sppuinotify - ok
05:55:39.0669 3416 [ 4C33F139236FD9BD14A920F60C1CB072 ] sptd C:\Windows\system32\Drivers\sptd.sys
05:55:39.0670 3416 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 4C33F139236FD9BD14A920F60C1CB072
05:55:39.0672 3416 sptd ( LockedFile.Multi.Generic ) - warning
05:55:39.0672 3416 sptd - detected LockedFile.Multi.Generic (1)
05:55:39.0734 3416 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
05:55:39.0739 3416 srv - ok
05:55:39.0759 3416 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
05:55:39.0762 3416 srv2 - ok
05:55:39.0779 3416 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
05:55:39.0780 3416 srvnet - ok
05:55:39.0842 3416 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
05:55:39.0845 3416 SSDPSRV - ok
05:55:39.0861 3416 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
05:55:39.0864 3416 SstpSvc - ok
05:55:39.0940 3416 [ C568FDB21CE77A44FD166F28F104AC46 ] stdflt C:\Windows\system32\DRIVERS\stdfltn.sys
05:55:39.0941 3416 stdflt - ok
05:55:39.0966 3416 Steam Client Service - ok
05:55:40.0056 3416 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
05:55:40.0061 3416 Stereo Service - ok
05:55:40.0113 3416 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
05:55:40.0113 3416 stexstor - ok
05:55:40.0173 3416 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
05:55:40.0180 3416 stisvc - ok
05:55:40.0223 3416 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
05:55:40.0224 3416 swenum - ok
05:55:40.0249 3416 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
05:55:40.0255 3416 swprv - ok
05:55:40.0309 3416 [ BE2B928DE9AF2848289DB7A54C7E2398 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
05:55:40.0313 3416 SynTP - ok
05:55:40.0392 3416 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
05:55:40.0408 3416 SysMain - ok
05:55:40.0449 3416 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
05:55:40.0453 3416 TabletInputService - ok
05:55:40.0509 3416 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
05:55:40.0517 3416 TapiSrv - ok
05:55:40.0531 3416 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
05:55:40.0534 3416 TBS - ok
05:55:40.0639 3416 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
05:55:40.0656 3416 Tcpip - ok
05:55:40.0708 3416 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
05:55:40.0724 3416 TCPIP6 - ok
05:55:40.0775 3416 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
05:55:40.0776 3416 tcpipreg - ok
05:55:40.0826 3416 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
05:55:40.0827 3416 TDPIPE - ok
05:55:40.0878 3416 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
05:55:40.0879 3416 TDTCP - ok
05:55:40.0933 3416 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
05:55:40.0935 3416 tdx - ok
05:55:40.0982 3416 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
05:55:40.0984 3416 TermDD - ok
05:55:41.0049 3416 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
05:55:41.0060 3416 TermService - ok
05:55:41.0076 3416 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
05:55:41.0078 3416 Themes - ok
05:55:41.0130 3416 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
05:55:41.0133 3416 THREADORDER - ok
05:55:41.0150 3416 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
05:55:41.0153 3416 TrkWks - ok
05:55:41.0248 3416 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
05:55:41.0251 3416 TrustedInstaller - ok
05:55:41.0305 3416 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
05:55:41.0306 3416 tssecsrv - ok
05:55:41.0381 3416 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
05:55:41.0382 3416 TsUsbFlt - ok
05:55:41.0451 3416 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
05:55:41.0453 3416 tunnel - ok
05:55:41.0496 3416 TwkMs - ok
05:55:41.0505 3416 TWKSER2K - ok
05:55:41.0547 3416 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
05:55:41.0548 3416 uagp35 - ok
05:55:41.0577 3416 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
05:55:41.0580 3416 udfs - ok
05:55:41.0604 3416 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
05:55:41.0607 3416 UI0Detect - ok
05:55:41.0667 3416 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
05:55:41.0669 3416 uliagpkx - ok
05:55:41.0736 3416 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
05:55:41.0737 3416 umbus - ok
05:55:41.0760 3416 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
05:55:41.0760 3416 UmPass - ok
05:55:41.0785 3416 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
05:55:41.0789 3416 upnphost - ok
05:55:41.0868 3416 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
05:55:41.0870 3416 usbaudio - ok
05:55:41.0923 3416 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
05:55:41.0925 3416 usbccgp - ok
05:55:41.0974 3416 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
05:55:41.0976 3416 usbcir - ok
05:55:41.0997 3416 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
05:55:41.0998 3416 usbehci - ok
05:55:42.0018 3416 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
05:55:42.0021 3416 usbhub - ok
05:55:42.0042 3416 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
05:55:42.0043 3416 usbohci - ok
05:55:42.0116 3416 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
05:55:42.0117 3416 usbprint - ok
05:55:42.0188 3416 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
05:55:42.0189 3416 usbscan - ok
05:55:42.0200 3416 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
05:55:42.0202 3416 USBSTOR - ok
05:55:42.0222 3416 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
05:55:42.0223 3416 usbuhci - ok
05:55:42.0288 3416 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
05:55:42.0290 3416 usbvideo - ok
05:55:42.0333 3416 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
05:55:42.0335 3416 UxSms - ok
05:55:42.0379 3416 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
05:55:42.0382 3416 VaultSvc - ok
05:55:42.0437 3416 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
05:55:42.0438 3416 vdrvroot - ok
05:55:42.0498 3416 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
05:55:42.0504 3416 vds - ok
05:55:42.0527 3416 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
05:55:42.0528 3416 vga - ok
05:55:42.0549 3416 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
05:55:42.0550 3416 VgaSave - ok
05:55:42.0570 3416 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
05:55:42.0572 3416 vhdmp - ok
05:55:42.0608 3416 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
05:55:42.0609 3416 viaide - ok
05:55:42.0642 3416 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
05:55:42.0643 3416 volmgr - ok
05:55:42.0694 3416 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
05:55:42.0698 3416 volmgrx - ok
05:55:42.0713 3416 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
05:55:42.0715 3416 volsnap - ok
05:55:42.0741 3416 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
05:55:42.0744 3416 vsmraid - ok
05:55:42.0830 3416 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
05:55:42.0846 3416 VSS - ok
05:55:42.0864 3416 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
05:55:42.0865 3416 vwifibus - ok
05:55:42.0928 3416 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
05:55:42.0929 3416 vwififlt - ok
05:55:42.0991 3416 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
05:55:42.0998 3416 W32Time - ok
05:55:43.0022 3416 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
05:55:43.0023 3416 WacomPen - ok
05:55:43.0082 3416 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
05:55:43.0083 3416 WANARP - ok
05:55:43.0089 3416 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
05:55:43.0091 3416 Wanarpv6 - ok
05:55:43.0195 3416 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
05:55:43.0205 3416 WatAdminSvc - ok
05:55:43.0283 3416 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
05:55:43.0297 3416 wbengine - ok
05:55:43.0316 3416 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
05:55:43.0319 3416 WbioSrvc - ok
05:55:43.0377 3416 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
05:55:43.0386 3416 wcncsvc - ok
05:55:43.0398 3416 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
05:55:43.0400 3416 WcsPlugInService - ok
05:55:43.0453 3416 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
05:55:43.0454 3416 Wd - ok
05:55:43.0482 3416 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
05:55:43.0487 3416 Wdf01000 - ok
05:55:43.0502 3416 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
05:55:43.0505 3416 WdiServiceHost - ok
05:55:43.0511 3416 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
05:55:43.0514 3416 WdiSystemHost - ok
05:55:43.0533 3416 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
05:55:43.0537 3416 WebClient - ok
05:55:43.0554 3416 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
05:55:43.0558 3416 Wecsvc - ok
05:55:43.0575 3416 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
05:55:43.0577 3416 wercplsupport - ok
05:55:43.0631 3416 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
05:55:43.0635 3416 WerSvc - ok
05:55:43.0692 3416 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
05:55:43.0693 3416 WfpLwf - ok
05:55:43.0764 3416 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
05:55:43.0767 3416 WimFltr - ok
05:55:43.0784 3416 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
05:55:43.0784 3416 WIMMount - ok
05:55:43.0843 3416 WinDefend - ok
05:55:43.0851 3416 WinHttpAutoProxySvc - ok
05:55:43.0939 3416 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
05:55:43.0942 3416 Winmgmt - ok
05:55:44.0034 3416 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
05:55:44.0055 3416 WinRM - ok
05:55:44.0139 3416 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
05:55:44.0141 3416 WinUsb - ok
05:55:44.0240 3416 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
05:55:44.0248 3416 Wlansvc - ok
05:55:44.0428 3416 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
05:55:44.0450 3416 wlidsvc - ok
05:55:44.0479 3416 [ A96D6C0613DCF84F2D07FAEB75663072 ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
05:55:44.0480 3416 wltrysvc - ok
05:55:44.0547 3416 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
05:55:44.0548 3416 WmiAcpi - ok
05:55:44.0614 3416 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
05:55:44.0616 3416 wmiApSrv - ok
05:55:44.0666 3416 WMPNetworkSvc - ok
05:55:44.0712 3416 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
05:55:44.0715 3416 WPCSvc - ok
05:55:44.0749 3416 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
05:55:44.0754 3416 WPDBusEnum - ok
05:55:44.0801 3416 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
05:55:44.0801 3416 ws2ifsl - ok
05:55:44.0882 3416 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
05:55:44.0885 3416 wscsvc - ok
05:55:44.0890 3416 WSearch - ok
05:55:44.0995 3416 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
05:55:45.0019 3416 wuauserv - ok
05:55:45.0066 3416 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
05:55:45.0068 3416 WudfPf - ok
05:55:45.0093 3416 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
05:55:45.0095 3416 WUDFRd - ok
05:55:45.0145 3416 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
05:55:45.0150 3416 wudfsvc - ok
05:55:45.0170 3416 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
05:55:45.0174 3416 WwanSvc - ok
05:55:45.0222 3416 ================ Scan global ===============================
05:55:45.0260 3416 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
05:55:45.0308 3416 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
05:55:45.0324 3416 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
05:55:45.0366 3416 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
05:55:45.0422 3416 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
05:55:45.0427 3416 [Global] - ok
05:55:45.0427 3416 ================ Scan MBR ==================================
05:55:45.0440 3416 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
05:55:45.0906 3416 \Device\Harddisk0\DR0 - ok
05:55:45.0910 3416 ================ Scan VBR ==================================
05:55:45.0911 3416 [ 0C8F1D469FE55511B23C144C4F279F42 ] \Device\Harddisk0\DR0\Partition1
05:55:45.0914 3416 \Device\Harddisk0\DR0\Partition1 - ok
05:55:45.0955 3416 [ 3B0D3FC9F4D80C0F5B74137AF6D4051A ] \Device\Harddisk0\DR0\Partition2
05:55:45.0959 3416 \Device\Harddisk0\DR0\Partition2 - ok
05:55:45.0960 3416 ============================================================
05:55:45.0960 3416 Scan finished
05:55:45.0960 3416 ============================================================
05:55:45.0971 5812 Detected object count: 1
05:55:45.0971 5812 Actual detected object count: 1
05:55:50.0200 5812 sptd ( LockedFile.Multi.Generic ) - skipped by user
05:55:50.0201 5812 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
-
ComboFix 12-12-28.02 - Erik 12/28/2012 3:23.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.1810 [GMT -10:00]
Running from: c:\users\Erik\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Vid-Saver
c:\program files (x86)\Vid-Saver\Vid-Saver.exe
c:\program files (x86)\Vid-Saver\Vid-Saver.ico
c:\program files (x86)\Vid-Saver\Vid-Saver.ini
c:\program files (x86)\Vid-Saver\Vid-SaverGui.exe
c:\program files (x86)\Vid-Saver\Vid-SaverInstaller.log
c:\users\Noelle\AppData\Local\Vid-Saver
c:\users\Noelle\AppData\Local\Vid-Saver\Chrome\Vid-Saver.crx
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Files Created from 2012-11-28 to 2012-12-28 )))))))))))))))))))))))))))))))
.
.
2012-12-28 13:33 . 2012-12-28 13:33 -------- d-----w- c:\users\Noelle\AppData\Local\temp
2012-12-28 13:33 . 2012-12-28 13:33 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-28 13:33 . 2012-12-28 13:33 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-12-28 13:33 . 2012-12-28 13:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-28 13:22 . 2012-12-28 13:21 972264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{506747F7-014A-4969-A3D5-1D6D92166375}\gapaengine.dll
2012-12-28 13:21 . 2012-11-08 19:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D4C84349-3346-4460-BD39-1C709CD8EF0F}\mpengine.dll
2012-12-28 13:07 . 2012-12-28 13:07 -------- dc----w- c:\users\Erik\AppData\Local\MigWiz
2012-12-28 13:02 . 2012-12-28 13:02 -------- d-----w- c:\users\Erik\AppData\Local\Programs
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-15 02:49 . 2011-05-22 08:33 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Erik\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-09-18 205976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-18 218408]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-19 254696]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-27 1159168]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ActivClient Agent.lnk - c:\program files\ActivIdentity\ActivClient\acsagent.exe [2009-6-3 164904]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess]
2010-04-04 18:43 144712 ----a-w- c:\program files\Alienware\Command Center\AlienSense\FALogNot.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli FAPassSync
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R0 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys [2010-04-16 24176]
R0 TwkMs;CHIPDRIVE Mouse Adapter; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-14 240408]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-14 54824]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-07-02 35104]
R3 CHIPDRIVE USB SmartCardReader;CHIPDRIVE USB SmartCardReader;c:\windows\system32\DRIVERS\TwkUsb2K.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [x]
R3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [2008-09-25 238848]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-03-30 158320]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-27 291696]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 S3XXx64;SCR3xx USB SmartCardReader64;c:\windows\system32\DRIVERS\S3XXx64.sys [2007-06-21 66816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TWKSER2K;CHIPDRIVE Serial SmartCardReader;c:\windows\system32\DRIVERS\TWKSER2K.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-15 1255736]
R4 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2010-04-18 98208]
R4 FAService;FAService;c:\program files\Alienware\Command Center\AlienSense\FAService.exe [2010-04-04 2409800]
R4 InstallFilterService;FF Install Filter Service;c:\program files (x86)\STMicroelectronics\AccelerometerP11\InstallFilterService.exe [2010-01-26 60928]
R4 SftService;SoftThinks Agent Service;c:\program files (x86)\AlienRespawn\sftservice.EXE [2011-01-13 705856]
S0 EMSC;COMPAL Embedded System Control;c:\windows\system32\DRIVERS\EMSC.SYS [2009-06-26 16752]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-05-15 28992]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-08-13 868848]
S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdfltn.sys [2010-01-26 21040]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-04 277032]
S2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe [2010-05-21 14648]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-14 193816]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-15 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-15 682344]
S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-01-27 226624]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-01-26 26160]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-05-03 158976]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-05-03 271872]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-12-28 67072]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-15 24176]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1114862642-981339933-1874714411-1002Core.job
- c:\users\Erik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-02 02:56]
.
2012-09-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1114862642-981339933-1874714411-1002UA.job
- c:\users\Erik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-02 02:56]
.
2012-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 06:02]
.
2012-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 06:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-18 10144288]
"AlienFX Controller"="c:\program files\Alienware\Command Center\AlienwareAlienFXController.exe" [2010-05-21 63304]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2009-12-16 5470208]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-04-13 5016112]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-22 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-22 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-22 416024]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 1271168]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-06-04 196648]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2009-06-04 483880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: intuit.com\ttlc
FF - ProfilePath - c:\users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\tjkohgpn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=hp
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-FAStartup - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Vid-Saver - c:\program files (x86)\Vid-Saver\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
c:\program files\Alienware\Command Center\AlienFusionController.exe
c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
.
**************************************************************************
.
Completion time: 2012-12-28 03:43:21 - machine was rebooted
ComboFix-quarantined-files.txt 2012-12-28 13:43
.
Pre-Run: 7,000,690,688 bytes free
Post-Run: 8,273,805,312 bytes free
.
- - End Of File - - 8C6E7ABF8716AF154E868298B958BAE0
-
My ability to attach files is disabled, I am assuming by this malware/virus. The website is telling me my posts are too long.
-
The malware or virus has pretty much locked my system down. I am unable to run malwarebytes or install any new applications. Microsoft Security Essentials is supposedly still running but I have no access to it. Ive tried system restore in safe mode but, all my good restore points are gone. In normal mode there is no response when clicking system restore. Cant open IExplorer. I cant attacks files so I have to copy and paste these two DDS logs. Thank you for your time.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16448 BrowserJavaVersion: 1.6.0_31
Run by Erik at 3:57:30 on 2012-12-28
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2096 [GMT -10:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\Alienware\Command Center\AlienFusionService.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Program Files\Alienware\Command Center\AlienFusionController.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Users\Erik\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uRun: [Facebook Update] "C:\Users\Erik\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
mRun: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [uCam_Menu] "c:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [brMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACTIVC~1.LNK - C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{86325130-D2B8-42A7-BD48-92915EB7637F} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{86325130-D2B8-42A7-BD48-92915EB7637F}\05F6F6275684F6573756 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{86325130-D2B8-42A7-BD48-92915EB7637F}\25D4 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{86325130-D2B8-42A7-BD48-92915EB7637F}\2656C6B696E6E233564656 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{86325130-D2B8-42A7-BD48-92915EB7637F}\74544597F65727F475E477966696 : DHCPNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{86325130-D2B8-42A7-BD48-92915EB7637F}\D697177756374743530353 : DHCPNameServer = 192.168.0.1 205.171.3.25
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
Notify: FastAccess - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli FAPassSync
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - <is not referencing any dll>
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [AlienFX Controller] "C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe"
x64-Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
x64-Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\tjkohgpn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=hp
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Users\Erik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Erik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\tjkohgpn.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
============= SERVICES / DRIVERS ===============
.
R0 EMSC;COMPAL Embedded System Control;C:\Windows\System32\drivers\EMSC.sys [2009-6-26 16752]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-10-24 203888]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-6-13 28992]
R0 stdflt;Disk Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdfltn.sys [2010-10-14 21040]
R2 ac.sharedstore;ActivIdentity Shared Store Service;C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-6-3 277032]
R2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2010-5-21 14648]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE [2012-2-13 193816]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-8-29 2369960]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-10-14 13336]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-12 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-12 682344]
R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-1-27 226624]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-8-13 3064000]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2010-10-14 26160]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-8-29 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-8-29 271872]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-8-29 67072]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-5-21 24176]
S0 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2010-8-29 24176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE [2012-2-13 240408]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2010-4-14 54824]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-10-14 35104]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-24 238848]
S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2010-8-29 158320]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 98688]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 S3XXx64;SCR3xx USB SmartCardReader64;C:\Windows\System32\drivers\S3XXx64.sys [2007-6-21 66816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-27 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-15 1255736]
S4 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-8-29 98208]
S4 FAService;FAService;C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe [2010-4-4 2409800]
S4 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\InstallFilterService.exe [2010-10-14 60928]
S4 SftService;SoftThinks Agent Service;C:\Program Files (x86)\AlienRespawn\SftService.exe [2010-10-14 705856]
.
=============== Created Last 30 ================
.
2012-12-28 13:42:23 -------- d-----w- C:\Windows\pss
2012-12-28 13:36:30 -------- d-sh--w- C:\$RECYCLE.BIN
2012-12-28 13:22:58 972264 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{506747F7-014A-4969-A3D5-1D6D92166375}\gapaengine.dll
2012-12-28 13:21:47 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D4C84349-3346-4460-BD39-1C709CD8EF0F}\mpengine.dll
2012-12-28 13:19:01 208896 ----a-w- C:\Windows\MBR.exe
2012-12-28 13:19:00 98816 ----a-w- C:\Windows\sed.exe
2012-12-28 13:19:00 256000 ----a-w- C:\Windows\PEV.exe
2012-12-28 13:07:47 -------- dc----w- C:\Users\Erik\AppData\Local\MigWiz
2012-12-28 13:02:23 -------- d-----w- C:\Users\Erik\AppData\Local\Programs
.
==================== Find3M ====================
.
2012-12-15 02:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
.
============= FINISH: 3:58:04.45 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2/14/2011 9:16:06 PM
System Uptime: 12/28/2012 3:45:51 AM (0 hours ago)
.
Motherboard: Alienware | | M11x R2
Processor: Intel® Core i5 CPU U 520 @ 1.07GHz | CPU | 1067/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 218 GiB total, 7.761 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: facap, FastAccess Video Capture
Device ID: ROOT\IMAGE\0000
Manufacturer: Sensible Vision
Name: facap, FastAccess Video Capture
PNP Device ID: ROOT\IMAGE\0000
Service: FACAP
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown Device
Device ID: USB\VID_0000&PID_0000\6&150DA55D&0&1
Manufacturer: (Standard USB Host Controller)
Name: Unknown Device
PNP Device ID: USB\VID_0000&PID_0000\6&150DA55D&0&1
Service:
.
==== System Restore Points ===================
.
RP207: 12/28/2012 3:19:12 AM - ComboFix created restore point
RP208: 12/28/2012 3:19:28 AM - Windows Update
.
==== Installed Programs ======================
.
AccelerometerP11
ActivClient CAC x64
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.2
Adobe Shockwave Player 11.6
Alarm Clock version 1.0
AlienRespawn
AlienRespawn - Support Software
Alienware On-Screen Display
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASPCA Reminder by We-Care.com v4.0.19.1
Banctec Service Agreement
Bing Bar
BitTorrent
BookSmart® 3.1.0 3.1.0
Brother MFL-Pro Suite MFC-295CN
CHIPDRIVE extern/intern/micro treiber 3.1
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
ComicRack v0.9.155
Command Center
Corel PaintShop Pro X4
Corel PaintShop Pro X4 Ultimate Bonus Pack
CyberLink YouCam
DW WLAN Card Utility
EMSC
Endless.Space
ESET Online Scanner v3
Facebook Video Calling 1.2.0.159
Fallout: New Vegas
Free RAR Extract Frog
Free Studio version 5.5.0
Google Earth
Google Update Helper
ICA
Intel® Control Center
Intel® Graphics Media Accelerator Driver
Intel® Rapid Storage Technology
IPM_PSP_COM
Java Auto Updater
Java 6 Update 20 (64-bit)
Java 6 Update 31
Java 7 Update 4 (64-bit)
LogMeIn Hamachi
Malwarebytes Anti-Malware version 1.70.0.1100
Medieval II: Total War
Medieval II: Total War Kingdoms
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft XNA Framework Redistributable 4.0
MotoHelper 2.0.45 Driver 5.0.0
MotoHelper MergeModules
Motorola Mobile Drivers Installation 5.0.0
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Numen: Contest of Heroes
NVIDIA 3D Vision Driver 301.42
NVIDIA Control Panel 301.42
NVIDIA Graphics Driver 301.42
NVIDIA Install Application
NVIDIA Optimus 1.8.15
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0213
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.8.15
NVIDIA Update Components
NVIDIA Updatus
Portal
Prince of Qin
PSPPContent
PSPPHelp
PSPPro64
Realtek High Definition Audio Driver
Red Faction: Guerrilla
RetRO 1.0
RF Uninstall
RIFT
Sacred Gold
Samorost 2
SCR3xxx Smart Card Reader
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Setup
Skype Click to Call
Skype™ 5.10
SoulSeek 157 NS 13e
Steam
Synaptics Pointing Device Driver
Terraria
The Secret World
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 woriper
TurboTax 2010 wrapper
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Vid-Saver
VLC media player 2.0.1
WIDCOMM Bluetooth Software
Windows Live ID Sign-in Assistant
WinRAR 4.00 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
12/28/2012 3:53:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
12/28/2012 3:48:47 AM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
12/28/2012 3:48:47 AM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
12/28/2012 3:37:45 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{87e5d658-d7fe-11df-9aad-806e6f6e6963}\System Volume Information\SystemRestore\New-software' was corrupted and it has been recovered. Some data might have been lost.
12/28/2012 3:34:00 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
12/28/2012 3:32:33 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
12/28/2012 3:27:22 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
12/28/2012 3:16:59 AM, Error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).
12/28/2012 3:06:49 AM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
12/28/2012 3:05:59 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
12/28/2012 3:05:55 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
12/28/2012 3:05:53 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
12/28/2012 3:03:48 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
12/28/2012 3:01:43 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
12/28/2012 3:01:26 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21
12/28/2012 3:01:26 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/28/2012 3:01:26 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/28/2012 3:01:24 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/28/2012 3:01:18 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/28/2012 3:01:12 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter spldr Wanarpv6
12/28/2012 3:01:08 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
12/28/2012 2:59:49 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
12/28/2012 2:59:48 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
12/28/2012 2:59:48 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
12/28/2012 2:57:42 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
12/28/2012 2:57:41 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/28/2012 2:57:41 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
12/28/2012 2:57:41 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
12/28/2012 2:57:41 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
12/28/2012 2:57:41 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/28/2012 2:57:39 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
12/28/2012 2:57:39 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
12/28/2012 2:57:39 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/28/2012 2:57:39 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
.
==== End Of File ===========================
Malware Removal Help. Please!
in Resolved Malware Removal Logs
Posted
Security Essentials is working now. Malware bytes isnt working still.