Redirect of Facebook to Pricegrabber (Cycbot trojan?)

[ijack1286]

I am having trouble catching this virus. It redirects my facebook to pricegrabber and MalwareBytes is constantly blocking something on chrome and bittorrent whenever I open those programs (it always pops up saying it's blocking something on google chrome). Scanned it my system multiple times with Microsoft Security Essentials, MalwareBytes, SpyDoctor and such. The internet started lagging since it started happening. Please help me fix this.

The instructions for the dds.com program says to right click and run as administrator but it doesn't give me that option?

Thanks in advance.

Isaac.

Attach.txt

DDS.txt

[ijack1286]

Oh and it is scanned with the purchased version of MalwareBytes if there's any difference between it and the free one.

[Maniac]

Hello ijack1286! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  

Step 1

Please uninstall the following applications:

BitTorrent - It is against our policy. Take a look here

vShare.tv plugin 1.3 - A Pugi type toolbar. Redirects home and search pages.

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
   
   
2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
   
   
3. Click the Start Scan button.
   
   
4. If a suspicious object is detected, the default action will be Skip, click on Continue.
   
   
5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
   
6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
   
   
7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
   

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3

• Launch Malwarebytes' Anti-Malware
  
• Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  
• Go to Scanner tab and select Perform Quick Scan, then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

• TDSSKiller log
  
• Malwarebytes' Anti-Malware log
  
• a new fresh DDS log file

[ijack1286]

TDSSKiller log found no threats.

09:42:39.0917 5820 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02

09:42:40.0311 5820 ============================================================

09:42:40.0311 5820 Current date / time: 2012/04/06 09:42:40.0311

09:42:40.0311 5820 SystemInfo:

09:42:40.0311 5820

09:42:40.0312 5820 OS Version: 6.1.7601 ServicePack: 1.0

09:42:40.0312 5820 Product type: Workstation

09:42:40.0312 5820 ComputerName: ISAAC-PC

09:42:40.0312 5820 UserName: Isaac

09:42:40.0312 5820 Windows directory: C:\windows

09:42:40.0312 5820 System windows directory: C:\windows

09:42:40.0312 5820 Running under WOW64

09:42:40.0312 5820 Processor architecture: Intel x64

09:42:40.0312 5820 Number of processors: 4

09:42:40.0312 5820 Page size: 0x1000

09:42:40.0312 5820 Boot type: Normal boot

09:42:40.0312 5820 ============================================================

09:42:40.0957 5820 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

09:42:40.0961 5820 \Device\Harddisk0\DR0:

09:42:40.0962 5820 MBR used

09:42:40.0962 5820 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000

09:42:40.0962 5820 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34BA1000

09:42:40.0990 5820 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x34C06000, BlocksNum 0x39FD800

09:42:41.0336 5820 Initialize success

09:42:41.0336 5820 ============================================================

09:43:35.0514 4452 ============================================================

09:43:35.0514 4452 Scan started

09:43:35.0514 4452 Mode: Manual; SigCheck; TDLFS;

09:43:35.0514 4452 ============================================================

09:43:35.0826 4452 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys

09:43:35.0912 4452 1394ohci - ok

09:43:35.0998 4452 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys

09:43:36.0024 4452 ACPI - ok

09:43:36.0080 4452 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys

09:43:36.0192 4452 AcpiPmi - ok

09:43:36.0308 4452 ACPIVPC (5bbff8b826ec38d32c26334e079c7efc) C:\windows\system32\DRIVERS\AcpiVpc.sys

09:43:36.0336 4452 ACPIVPC - ok

09:43:36.0506 4452 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

09:43:36.0611 4452 AdobeARMservice - ok

09:43:36.0776 4452 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

09:43:36.0863 4452 AdobeFlashPlayerUpdateSvc - ok

09:43:36.0992 4452 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys

09:43:37.0018 4452 adp94xx - ok

09:43:37.0070 4452 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys

09:43:37.0091 4452 adpahci - ok

09:43:37.0140 4452 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys

09:43:37.0159 4452 adpu320 - ok

09:43:37.0189 4452 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll

09:43:37.0346 4452 AeLookupSvc - ok

09:43:37.0488 4452 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys

09:43:37.0602 4452 AFD - ok

09:43:37.0729 4452 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys

09:43:37.0746 4452 agp440 - ok

09:43:37.0808 4452 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe

09:43:37.0903 4452 ALG - ok

09:43:38.0030 4452 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys

09:43:38.0046 4452 aliide - ok

09:43:38.0070 4452 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys

09:43:38.0083 4452 amdide - ok

09:43:38.0138 4452 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys

09:43:38.0178 4452 AmdK8 - ok

09:43:38.0224 4452 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys

09:43:38.0259 4452 AmdPPM - ok

09:43:38.0326 4452 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys

09:43:38.0341 4452 amdsata - ok

09:43:38.0400 4452 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys

09:43:38.0419 4452 amdsbs - ok

09:43:38.0497 4452 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys

09:43:38.0514 4452 amdxata - ok

09:43:38.0590 4452 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys

09:43:38.0674 4452 AppID - ok

09:43:38.0754 4452 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll

09:43:38.0810 4452 AppIDSvc - ok

09:43:38.0889 4452 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll

09:43:38.0944 4452 Appinfo - ok

09:43:39.0089 4452 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

09:43:39.0129 4452 Apple Mobile Device - ok

09:43:39.0307 4452 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys

09:43:39.0322 4452 arc - ok

09:43:39.0375 4452 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys

09:43:39.0407 4452 arcsas - ok

09:43:39.0455 4452 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys

09:43:39.0505 4452 AsyncMac - ok

09:43:39.0597 4452 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys

09:43:39.0614 4452 atapi - ok

09:43:39.0705 4452 athr (782d36bad8ddbf008d02e055dbe70f82) C:\windows\system32\DRIVERS\athrx.sys

09:43:39.0889 4452 athr - ok

09:43:40.0084 4452 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll

09:43:40.0170 4452 AudioEndpointBuilder - ok

09:43:40.0205 4452 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll

09:43:40.0257 4452 AudioSrv - ok

09:43:40.0410 4452 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll

09:43:40.0498 4452 AxInstSV - ok

09:43:40.0570 4452 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys

09:43:40.0688 4452 b06bdrv - ok

09:43:40.0785 4452 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys

09:43:40.0832 4452 b57nd60a - ok

09:43:40.0888 4452 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll

09:43:41.0035 4452 BDESVC - ok

09:43:41.0148 4452 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys

09:43:41.0201 4452 Beep - ok

09:43:41.0354 4452 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll

09:43:41.0427 4452 BFE - ok

09:43:41.0503 4452 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll

09:43:41.0621 4452 BITS - ok

09:43:41.0718 4452 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys

09:43:41.0748 4452 blbdrive - ok

09:43:41.0832 4452 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

09:43:41.0879 4452 Bonjour Service - ok

09:43:41.0974 4452 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys

09:43:42.0048 4452 bowser - ok

09:43:42.0161 4452 BPntDrv (aaa4f992f879977a000fe8b8c730cd2c) C:\windows\system32\drivers\BPntDrv.sys

09:43:42.0176 4452 BPntDrv - ok

09:43:42.0215 4452 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys

09:43:42.0323 4452 BrFiltLo - ok

09:43:42.0420 4452 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys

09:43:42.0454 4452 BrFiltUp - ok

09:43:42.0523 4452 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll

09:43:42.0574 4452 Browser - ok

09:43:42.0616 4452 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys

09:43:42.0672 4452 Brserid - ok

09:43:42.0693 4452 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys

09:43:42.0719 4452 BrSerWdm - ok

09:43:42.0758 4452 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys

09:43:42.0796 4452 BrUsbMdm - ok

09:43:42.0816 4452 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys

09:43:42.0848 4452 BrUsbSer - ok

09:43:42.0929 4452 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys

09:43:43.0062 4452 BthEnum - ok

09:43:43.0157 4452 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys

09:43:43.0186 4452 BTHMODEM - ok

09:43:43.0227 4452 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys

09:43:43.0258 4452 BthPan - ok

09:43:43.0346 4452 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys

09:43:43.0405 4452 BTHPORT - ok

09:43:43.0481 4452 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll

09:43:43.0537 4452 bthserv - ok

09:43:43.0600 4452 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys

09:43:43.0672 4452 BTHUSB - ok

09:43:43.0742 4452 BTWAMPFL (9de56fa4533e485ae5409d3c11747143) C:\windows\system32\DRIVERS\btwampfl.sys

09:43:43.0761 4452 BTWAMPFL - ok

09:43:43.0782 4452 btwaudio (f6135859a582a7294ba7a3336e08baa1) C:\windows\system32\drivers\btwaudio.sys

09:43:43.0797 4452 btwaudio - ok

09:43:43.0818 4452 btwavdt (3def2370e414b4e299673558ba171a51) C:\windows\system32\drivers\btwavdt.sys

09:43:43.0835 4452 btwavdt - ok

09:43:43.0909 4452 btwdins (7987fffda812abc69047d1b029d446a2) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe

09:43:44.0005 4452 btwdins - ok

09:43:44.0088 4452 btwl2cap (e8d2bcd080ea91e74775b9f5ea051f97) C:\windows\system32\DRIVERS\btwl2cap.sys

09:43:44.0102 4452 btwl2cap - ok

09:43:44.0113 4452 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\windows\system32\DRIVERS\btwrchid.sys

09:43:44.0125 4452 btwrchid - ok

09:43:44.0187 4452 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys

09:43:44.0248 4452 cdfs - ok

09:43:44.0325 4452 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys

09:43:44.0383 4452 cdrom - ok

09:43:44.0512 4452 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll

09:43:44.0596 4452 CertPropSvc - ok

09:43:44.0653 4452 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys

09:43:44.0704 4452 circlass - ok

09:43:44.0741 4452 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys

09:43:44.0764 4452 CLFS - ok

09:43:44.0843 4452 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:43:44.0867 4452 clr_optimization_v2.0.50727_32 - ok

09:43:44.0910 4452 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

09:43:44.0928 4452 clr_optimization_v2.0.50727_64 - ok

09:43:45.0039 4452 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

09:43:45.0081 4452 clr_optimization_v4.0.30319_32 - ok

09:43:45.0167 4452 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

09:43:45.0186 4452 clr_optimization_v4.0.30319_64 - ok

09:43:45.0339 4452 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\windows\system32\DRIVERS\clwvd.sys

09:43:45.0377 4452 clwvd - ok

09:43:45.0426 4452 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys

09:43:45.0452 4452 CmBatt - ok

09:43:45.0496 4452 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys

09:43:45.0510 4452 cmdide - ok

09:43:45.0590 4452 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys

09:43:45.0643 4452 CNG - ok

09:43:45.0766 4452 CnxtHdAudService (99b1b888b793de320c5479b3c953781f) C:\windows\system32\drivers\CHDRT64.sys

09:43:45.0827 4452 CnxtHdAudService - ok

09:43:45.0898 4452 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys

09:43:45.0912 4452 Compbatt - ok

09:43:45.0971 4452 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys

09:43:46.0002 4452 CompositeBus - ok

09:43:46.0021 4452 COMSysApp - ok

09:43:46.0058 4452 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys

09:43:46.0073 4452 crcdisk - ok

09:43:46.0141 4452 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll

09:43:46.0361 4452 CryptSvc - ok

09:43:46.0488 4452 dc3d (1ca90212a99db6975c344826d11055c9) C:\windows\system32\DRIVERS\dc3d.sys

09:43:46.0503 4452 dc3d - ok

09:43:46.0574 4452 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll

09:43:46.0638 4452 DcomLaunch - ok

09:43:46.0726 4452 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll

09:43:46.0793 4452 defragsvc - ok

09:43:46.0941 4452 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys

09:43:46.0997 4452 DfsC - ok

09:43:47.0120 4452 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll

09:43:47.0173 4452 Dhcp - ok

09:43:47.0238 4452 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys

09:43:47.0328 4452 discache - ok

09:43:47.0468 4452 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys

09:43:47.0485 4452 Disk - ok

09:43:47.0555 4452 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll

09:43:47.0639 4452 Dnscache - ok

09:43:47.0751 4452 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll

09:43:47.0805 4452 dot3svc - ok

09:43:47.0866 4452 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll

09:43:47.0920 4452 DPS - ok

09:43:48.0039 4452 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys

09:43:48.0072 4452 drmkaud - ok

09:43:48.0523 4452 dump_wmimmc - ok

09:43:48.0663 4452 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys

09:43:48.0710 4452 DXGKrnl - ok

09:43:48.0786 4452 EagleX64 - ok

09:43:48.0853 4452 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll

09:43:48.0972 4452 EapHost - ok

09:43:49.0101 4452 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys

09:43:49.0208 4452 ebdrv - ok

09:43:49.0291 4452 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe

09:43:49.0352 4452 EFS - ok

09:43:49.0429 4452 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe

09:43:49.0534 4452 ehRecvr - ok

09:43:49.0598 4452 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe

09:43:49.0659 4452 ehSched - ok

09:43:49.0734 4452 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys

09:43:49.0760 4452 elxstor - ok

09:43:49.0834 4452 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys

09:43:49.0891 4452 ErrDev - ok

09:43:49.0997 4452 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll

09:43:50.0060 4452 EventSystem - ok

09:43:50.0134 4452 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys

09:43:50.0205 4452 exfat - ok

09:43:50.0649 4452 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys

09:43:50.0699 4452 fastfat - ok

09:43:50.0828 4452 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe

09:43:51.0000 4452 Fax - ok

09:43:51.0087 4452 fbfmon (3191aca33088ee2481044fc0db736442) C:\windows\system32\drivers\fbfmon.sys

09:43:51.0102 4452 fbfmon - ok

09:43:51.0152 4452 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys

09:43:51.0185 4452 fdc - ok

09:43:51.0266 4452 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll

09:43:51.0318 4452 fdPHost - ok

09:43:51.0367 4452 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll

09:43:51.0430 4452 FDResPub - ok

09:43:51.0546 4452 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys

09:43:51.0564 4452 FileInfo - ok

09:43:51.0609 4452 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys

09:43:51.0658 4452 Filetrace - ok

09:43:51.0735 4452 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys

09:43:51.0752 4452 flpydisk - ok

09:43:51.0832 4452 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys

09:43:51.0856 4452 FltMgr - ok

09:43:51.0926 4452 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll

09:43:52.0009 4452 FontCache - ok

09:43:52.0130 4452 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

09:43:53.0209 4452 FontCache3.0.0.0 - ok

09:43:53.0292 4452 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys

09:43:53.0309 4452 FsDepends - ok

09:43:53.0330 4452 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys

09:43:53.0345 4452 Fs_Rec - ok

09:43:53.0419 4452 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys

09:43:53.0442 4452 fvevol - ok

09:43:53.0537 4452 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys

09:43:53.0554 4452 gagp30kx - ok

09:43:53.0614 4452 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys

09:43:53.0627 4452 GEARAspiWDM - ok

09:43:53.0688 4452 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll

09:43:53.0771 4452 gpsvc - ok

09:43:53.0831 4452 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys

09:43:53.0938 4452 hcw85cir - ok

09:43:54.0065 4452 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys

09:43:54.0101 4452 HdAudAddService - ok

09:43:54.0227 4452 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys

09:43:54.0256 4452 HDAudBus - ok

09:43:54.0300 4452 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys

09:43:54.0358 4452 HidBatt - ok

09:43:54.0450 4452 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys

09:43:54.0481 4452 HidBth - ok

09:43:54.0523 4452 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys

09:43:54.0599 4452 HidIr - ok

09:43:54.0664 4452 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll

09:43:54.0717 4452 hidserv - ok

09:43:54.0876 4452 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys

09:43:54.0891 4452 HidUsb - ok

09:43:54.0942 4452 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll

09:43:55.0017 4452 hkmsvc - ok

09:43:55.0071 4452 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll

09:43:55.0169 4452 HomeGroupListener - ok

09:43:55.0216 4452 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll

09:43:55.0250 4452 HomeGroupProvider - ok

09:43:55.0336 4452 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys

09:43:55.0351 4452 HpSAMD - ok

09:43:55.0552 4452 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys

09:43:55.0610 4452 HTTP - ok

09:43:55.0683 4452 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys

09:43:55.0697 4452 hwpolicy - ok

09:43:55.0786 4452 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys

09:43:55.0805 4452 i8042prt - ok

09:43:55.0862 4452 iaStor (d469b77687e12fe43e344806740b624d) C:\windows\system32\DRIVERS\iaStor.sys

09:43:55.0883 4452 iaStor - ok

09:43:55.0982 4452 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

09:43:55.0999 4452 IAStorDataMgrSvc - ok

09:43:56.0119 4452 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys

09:43:56.0144 4452 iaStorV - ok

09:43:56.0228 4452 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

09:43:56.0275 4452 idsvc - ok

09:43:56.0574 4452 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\windows\system32\DRIVERS\igdkmd64.sys

09:43:56.0909 4452 igfx - ok

09:43:56.0989 4452 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys

09:43:57.0004 4452 iirsp - ok

09:43:57.0073 4452 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll

09:43:57.0140 4452 IKEEXT - ok

09:43:57.0188 4452 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys

09:43:57.0240 4452 IntcDAud - ok

09:43:57.0361 4452 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys

09:43:57.0375 4452 intelide - ok

09:43:57.0422 4452 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys

09:43:57.0448 4452 intelppm - ok

09:43:57.0479 4452 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll

09:43:57.0531 4452 IPBusEnum - ok

09:43:57.0610 4452 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys

09:43:57.0653 4452 IpFilterDriver - ok

09:43:57.0781 4452 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll

09:43:57.0847 4452 iphlpsvc - ok

09:43:57.0950 4452 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys

09:43:57.0969 4452 IPMIDRV - ok

09:43:58.0005 4452 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys

09:43:58.0057 4452 IPNAT - ok

09:43:58.0158 4452 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe

09:43:58.0238 4452 iPod Service - ok

09:43:58.0332 4452 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys

09:43:58.0411 4452 IRENUM - ok

09:43:58.0472 4452 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys

09:43:58.0487 4452 isapnp - ok

09:43:58.0542 4452 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys

09:43:58.0563 4452 iScsiPrt - ok

09:43:58.0620 4452 k57nd60a (7dbafe10c1b777305c80bea42fbda710) C:\windows\system32\DRIVERS\k57nd60a.sys

09:43:58.0652 4452 k57nd60a - ok

09:43:58.0717 4452 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys

09:43:58.0733 4452 kbdclass - ok

09:43:58.0798 4452 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys

09:43:58.0823 4452 kbdhid - ok

09:43:58.0876 4452 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

09:43:58.0896 4452 KeyIso - ok

09:43:58.0916 4452 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys

09:43:58.0932 4452 KSecDD - ok

09:43:58.0992 4452 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys

09:43:59.0012 4452 KSecPkg - ok

09:43:59.0065 4452 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys

09:43:59.0115 4452 ksthunk - ok

09:43:59.0147 4452 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll

09:43:59.0205 4452 KtmRm - ok

09:43:59.0250 4452 L1C (95ca93fc12be372bb952669f37fff9c5) C:\windows\system32\DRIVERS\L1C62x64.sys

09:43:59.0265 4452 L1C - ok

09:43:59.0359 4452 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll

09:43:59.0418 4452 LanmanServer - ok

09:43:59.0488 4452 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll

09:43:59.0538 4452 LanmanWorkstation - ok

09:43:59.0655 4452 LHDmgr (be166935083f9c38edfdc21b9a7a679b) C:\windows\system32\DRIVERS\LhdX64.sys

09:43:59.0667 4452 LHDmgr - ok

09:43:59.0722 4452 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys

09:43:59.0773 4452 lltdio - ok

09:43:59.0809 4452 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll

09:43:59.0866 4452 lltdsvc - ok

09:43:59.0946 4452 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll

09:43:59.0987 4452 lmhosts - ok

09:44:00.0078 4452 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

09:44:00.0137 4452 LMS - ok

09:44:00.0232 4452 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys

09:44:00.0248 4452 LSI_FC - ok

09:44:00.0293 4452 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys

09:44:00.0309 4452 LSI_SAS - ok

09:44:00.0337 4452 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys

09:44:00.0352 4452 LSI_SAS2 - ok

09:44:00.0374 4452 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys

09:44:00.0390 4452 LSI_SCSI - ok

09:44:00.0426 4452 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys

09:44:00.0474 4452 luafv - ok

09:44:00.0616 4452 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\windows\system32\drivers\mbam.sys

09:44:00.0629 4452 MBAMProtector - ok

09:44:00.0724 4452 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

09:44:00.0781 4452 MBAMService - ok

09:44:00.0798 4452 McAfee SiteAdvisor Service - ok

09:44:00.0913 4452 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll

09:44:00.0957 4452 Mcx2Svc - ok

09:44:01.0017 4452 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys

09:44:01.0031 4452 megasas - ok

09:44:01.0062 4452 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys

09:44:01.0077 4452 MegaSR - ok

09:44:01.0129 4452 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys

09:44:01.0145 4452 MEIx64 - ok

09:44:01.0249 4452 Microsoft SharePoint Workspace Audit Service - ok

09:44:01.0348 4452 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll

09:44:01.0405 4452 MMCSS - ok

09:44:01.0454 4452 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys

09:44:01.0501 4452 Modem - ok

09:44:01.0566 4452 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys

09:44:01.0596 4452 monitor - ok

09:44:01.0709 4452 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys

09:44:01.0725 4452 mouclass - ok

09:44:01.0782 4452 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys

09:44:01.0817 4452 mouhid - ok

09:44:01.0918 4452 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys

09:44:01.0935 4452 mountmgr - ok

09:44:01.0988 4452 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\windows\system32\DRIVERS\MpFilter.sys

09:44:02.0009 4452 MpFilter - ok

09:44:02.0058 4452 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys

09:44:02.0076 4452 mpio - ok

09:44:02.0111 4452 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\windows\system32\DRIVERS\MpNWMon.sys

09:44:02.0121 4452 MpNWMon - ok

09:44:02.0208 4452 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys

09:44:02.0251 4452 mpsdrv - ok

09:44:02.0389 4452 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll

09:44:02.0467 4452 MpsSvc - ok

09:44:02.0531 4452 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys

09:44:02.0576 4452 MRxDAV - ok

09:44:02.0638 4452 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys

09:44:02.0730 4452 mrxsmb - ok

09:44:02.0808 4452 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys

09:44:02.0846 4452 mrxsmb10 - ok

09:44:02.0923 4452 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys

09:44:02.0943 4452 mrxsmb20 - ok

09:44:02.0998 4452 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys

09:44:03.0012 4452 msahci - ok

09:44:03.0057 4452 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys

09:44:03.0075 4452 msdsm - ok

09:44:03.0104 4452 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe

09:44:03.0145 4452 MSDTC - ok

09:44:03.0162 4452 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys

09:44:03.0193 4452 Msfs - ok

09:44:03.0224 4452 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys

09:44:03.0268 4452 mshidkmdf - ok

09:44:03.0312 4452 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys

09:44:03.0344 4452 msisadrv - ok

09:44:03.0406 4452 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll

09:44:03.0458 4452 MSiSCSI - ok

09:44:03.0468 4452 msiserver - ok

09:44:03.0527 4452 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys

09:44:03.0626 4452 MSKSSRV - ok

09:44:03.0766 4452 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

09:44:03.0782 4452 MsMpSvc - ok

09:44:03.0893 4452 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys

09:44:03.0947 4452 MSPCLOCK - ok

09:44:03.0987 4452 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys

09:44:04.0037 4452 MSPQM - ok

09:44:04.0092 4452 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys

09:44:04.0121 4452 MsRPC - ok

09:44:04.0221 4452 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys

09:44:04.0231 4452 mssmbios - ok

09:44:04.0317 4452 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys

09:44:04.0361 4452 MSTEE - ok

09:44:04.0385 4452 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys

09:44:04.0412 4452 MTConfig - ok

09:44:04.0447 4452 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys

09:44:04.0464 4452 Mup - ok

09:44:04.0522 4452 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll

09:44:04.0587 4452 napagent - ok

09:44:04.0724 4452 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys

09:44:04.0766 4452 NativeWifiP - ok

09:44:04.0880 4452 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys

09:44:04.0929 4452 NDIS - ok

09:44:04.0978 4452 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys

09:44:05.0025 4452 NdisCap - ok

09:44:05.0084 4452 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys

09:44:05.0118 4452 NdisTapi - ok

09:44:05.0192 4452 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys

09:44:05.0245 4452 Ndisuio - ok

09:44:05.0381 4452 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys

09:44:05.0428 4452 NdisWan - ok

09:44:05.0473 4452 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys

09:44:05.0508 4452 NDProxy - ok

09:44:05.0553 4452 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys

09:44:05.0599 4452 NetBIOS - ok

09:44:05.0652 4452 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys

09:44:05.0721 4452 NetBT - ok

09:44:05.0819 4452 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

09:44:05.0839 4452 Netlogon - ok

09:44:05.0882 4452 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll

09:44:05.0935 4452 Netman - ok

09:44:05.0966 4452 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll

09:44:06.0023 4452 netprofm - ok

09:44:06.0075 4452 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

09:44:06.0095 4452 NetTcpPortSharing - ok

09:44:06.0271 4452 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\windows\system32\DRIVERS\netw5v64.sys

09:44:06.0515 4452 netw5v64 - ok

09:44:06.0582 4452 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys

09:44:06.0596 4452 nfrd960 - ok

09:44:06.0654 4452 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\windows\system32\DRIVERS\NisDrvWFP.sys

09:44:06.0674 4452 NisDrv - ok

09:44:06.0810 4452 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

09:44:06.0841 4452 NisSrv - ok

09:44:06.0952 4452 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll

09:44:07.0020 4452 NlaSvc - ok

09:44:07.0184 4452 nmservice (cd569fa91ec6f59d045c19d0d3850f44) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

09:44:07.0444 4452 nmservice - ok

09:44:07.0581 4452 NPF (c31fa031335eff434b2d94278e74bcce) C:\windows\system32\drivers\npf.sys

09:44:07.0603 4452 NPF - ok

09:44:07.0647 4452 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys

09:44:07.0682 4452 Npfs - ok

09:44:07.0690 4452 npggsvc - ok

09:44:07.0699 4452 NPPTNT2 - ok

09:44:07.0737 4452 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll

09:44:07.0786 4452 nsi - ok

09:44:07.0810 4452 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys

09:44:07.0844 4452 nsiproxy - ok

09:44:07.0930 4452 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys

09:44:07.0995 4452 Ntfs - ok

09:44:08.0017 4452 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys

09:44:08.0067 4452 Null - ok

09:44:08.0135 4452 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys

09:44:08.0160 4452 nvraid - ok

09:44:08.0185 4452 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys

09:44:08.0202 4452 nvstor - ok

09:44:08.0363 4452 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys

09:44:08.0382 4452 nv_agp - ok

09:44:08.0456 4452 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys

09:44:08.0517 4452 ohci1394 - ok

09:44:08.0623 4452 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:44:08.0681 4452 ose - ok

09:44:08.0913 4452 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

09:44:09.0165 4452 osppsvc - ok

09:44:09.0265 4452 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll

09:44:09.0353 4452 p2pimsvc - ok

09:44:09.0403 4452 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll

09:44:09.0434 4452 p2psvc - ok

09:44:09.0502 4452 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys

09:44:09.0521 4452 Parport - ok

09:44:09.0583 4452 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys

09:44:09.0600 4452 partmgr - ok

09:44:09.0631 4452 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll

09:44:09.0673 4452 PcaSvc - ok

09:44:09.0724 4452 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys

09:44:09.0744 4452 pci - ok

09:44:09.0794 4452 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys

09:44:09.0808 4452 pciide - ok

09:44:09.0842 4452 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys

09:44:09.0861 4452 pcmcia - ok

09:44:09.0892 4452 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys

09:44:09.0907 4452 pcw - ok

09:44:09.0940 4452 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys

09:44:09.0994 4452 PEAUTH - ok

09:44:10.0058 4452 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe

09:44:10.0095 4452 PerfHost - ok

09:44:10.0196 4452 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll

09:44:10.0276 4452 pla - ok

09:44:10.0344 4452 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll

09:44:10.0430 4452 PlugPlay - ok

09:44:10.0531 4452 pnarp (fb83b6c62dff5abe36304351d2bed581) C:\windows\system32\DRIVERS\pnarp.sys

09:44:10.0544 4452 pnarp - ok

09:44:10.0577 4452 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll

09:44:10.0608 4452 PNRPAutoReg - ok

09:44:10.0640 4452 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll

09:44:10.0667 4452 PNRPsvc - ok

09:44:10.0728 4452 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll

09:44:10.0784 4452 PolicyAgent - ok

09:44:10.0815 4452 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll

09:44:10.0872 4452 Power - ok

09:44:11.0008 4452 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys

09:44:11.0046 4452 PptpMiniport - ok

09:44:11.0086 4452 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys

09:44:11.0112 4452 Processor - ok

09:44:11.0218 4452 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll

09:44:11.0279 4452 ProfSvc - ok

09:44:11.0333 4452 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

09:44:11.0353 4452 ProtectedStorage - ok

09:44:11.0438 4452 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys

09:44:11.0482 4452 Psched - ok

09:44:11.0618 4452 purendis (1b3434642ce3c26e6f24d3a76d749c2a) C:\windows\system32\DRIVERS\purendis.sys

09:44:11.0632 4452 purendis - ok

09:44:11.0760 4452 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys

09:44:11.0817 4452 ql2300 - ok

09:44:11.0843 4452 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys

09:44:11.0859 4452 ql40xx - ok

09:44:11.0898 4452 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll

09:44:11.0929 4452 QWAVE - ok

09:44:11.0957 4452 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys

09:44:11.0995 4452 QWAVEdrv - ok

09:44:12.0020 4452 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys

09:44:12.0069 4452 RasAcd - ok

09:44:12.0174 4452 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys

09:44:12.0219 4452 RasAgileVpn - ok

09:44:12.0245 4452 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll

09:44:12.0295 4452 RasAuto - ok

09:44:12.0371 4452 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys

09:44:12.0422 4452 Rasl2tp - ok

09:44:12.0486 4452 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll

09:44:12.0527 4452 RasMan - ok

09:44:12.0567 4452 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys

09:44:12.0623 4452 RasPppoe - ok

09:44:12.0652 4452 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys

09:44:12.0695 4452 RasSstp - ok

09:44:12.0746 4452 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys

09:44:12.0795 4452 rdbss - ok

09:44:12.0820 4452 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys

09:44:12.0848 4452 rdpbus - ok

09:44:12.0907 4452 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys

09:44:12.0957 4452 RDPCDD - ok

09:44:12.0977 4452 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys

09:44:13.0027 4452 RDPENCDD - ok

09:44:13.0052 4452 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys

09:44:13.0085 4452 RDPREFMP - ok

09:44:13.0132 4452 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys

09:44:13.0196 4452 RDPWD - ok

09:44:13.0270 4452 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys

09:44:13.0290 4452 rdyboost - ok

09:44:13.0325 4452 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll

09:44:13.0378 4452 RemoteAccess - ok

09:44:13.0415 4452 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll

09:44:13.0470 4452 RemoteRegistry - ok

09:44:13.0547 4452 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys

09:44:13.0576 4452 RFCOMM - ok

09:44:13.0678 4452 rpcapd (a780d3eaa74582ea1deb6bd9c7a3d9c9) C:\Program Files (x86)\WinPcap\rpcapd.exe

09:44:13.0743 4452 rpcapd - ok

09:44:13.0822 4452 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll

09:44:13.0875 4452 RpcEptMapper - ok

09:44:13.0912 4452 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe

09:44:13.0953 4452 RpcLocator - ok

09:44:13.0998 4452 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll

09:44:14.0045 4452 RpcSs - ok

09:44:14.0114 4452 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys

09:44:14.0175 4452 rspndr - ok

09:44:14.0279 4452 RSUSBVSTOR (e57fac2cdb73f06586ed2ed310b80932) C:\windows\system32\Drivers\RtsUVStor.sys

09:44:14.0295 4452 RSUSBVSTOR - ok

09:44:14.0348 4452 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

09:44:14.0368 4452 SamSs - ok

09:44:14.0428 4452 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys

09:44:14.0444 4452 sbp2port - ok

09:44:14.0481 4452 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll

09:44:14.0526 4452 SCardSvr - ok

09:44:14.0593 4452 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys

09:44:14.0637 4452 scfilter - ok

09:44:14.0707 4452 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll

09:44:14.0791 4452 Schedule - ok

09:44:14.0896 4452 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll

09:44:14.0936 4452 SCPolicySvc - ok

09:44:14.0980 4452 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll

09:44:15.0053 4452 SDRSVC - ok

09:44:15.0095 4452 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys

09:44:15.0131 4452 secdrv - ok

09:44:15.0181 4452 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll

09:44:15.0237 4452 seclogon - ok

09:44:15.0266 4452 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll

09:44:15.0319 4452 SENS - ok

09:44:15.0365 4452 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll

09:44:15.0459 4452 SensrSvc - ok

09:44:15.0547 4452 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys

09:44:15.0578 4452 Serenum - ok

09:44:15.0625 4452 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys

09:44:15.0643 4452 Serial - ok

09:44:15.0704 4452 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys

09:44:15.0760 4452 sermouse - ok

09:44:15.0801 4452 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll

09:44:15.0861 4452 SessionEnv - ok

09:44:15.0916 4452 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys

09:44:15.0968 4452 sffdisk - ok

09:44:16.0093 4452 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys

09:44:16.0119 4452 sffp_mmc - ok

09:44:16.0151 4452 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys

09:44:16.0181 4452 sffp_sd - ok

09:44:16.0213 4452 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys

09:44:16.0246 4452 sfloppy - ok

09:44:16.0289 4452 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll

09:44:16.0357 4452 SharedAccess - ok

09:44:16.0419 4452 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll

09:44:16.0480 4452 ShellHWDetection - ok

09:44:16.0539 4452 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys

09:44:16.0553 4452 SiSRaid2 - ok

09:44:16.0574 4452 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys

09:44:16.0590 4452 SiSRaid4 - ok

09:44:16.0627 4452 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys

09:44:16.0663 4452 Smb - ok

09:44:16.0719 4452 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe

09:44:16.0774 4452 SNMPTRAP - ok

09:44:16.0858 4452 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys

09:44:16.0873 4452 spldr - ok

09:44:16.0931 4452 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe

09:44:17.0011 4452 Spooler - ok

09:44:17.0120 4452 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe

09:44:17.0277 4452 sppsvc - ok

09:44:17.0368 4452 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll

09:44:17.0418 4452 sppuinotify - ok

09:44:17.0518 4452 SPUVCbv (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys

09:44:17.0541 4452 SPUVCbv - ok

09:44:17.0613 4452 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys

09:44:17.0701 4452 srv - ok

09:44:17.0798 4452 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys

09:44:17.0823 4452 srv2 - ok

09:44:17.0844 4452 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys

09:44:17.0874 4452 srvnet - ok

09:44:17.0907 4452 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll

09:44:17.0967 4452 SSDPSRV - ok

09:44:17.0989 4452 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll

09:44:18.0029 4452 SstpSvc - ok

09:44:18.0100 4452 Steam Client Service - ok

09:44:18.0154 4452 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys

09:44:18.0174 4452 stexstor - ok

09:44:18.0234 4452 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll

09:44:18.0294 4452 stisvc - ok

09:44:18.0364 4452 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys

09:44:18.0394 4452 swenum - ok

09:44:18.0484 4452 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll

09:44:18.0554 4452 swprv - ok

09:44:18.0644 4452 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\windows\system32\DRIVERS\SynTP.sys

09:44:18.0704 4452 SynTP - ok

09:44:18.0774 4452 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll

09:44:18.0854 4452 SysMain - ok

09:44:18.0904 4452 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll

09:44:18.0924 4452 TabletInputService - ok

09:44:18.0984 4452 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll

09:44:19.0044 4452 TapiSrv - ok

09:44:19.0074 4452 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll

09:44:19.0114 4452 TBS - ok

09:44:19.0237 4452 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys

09:44:19.0316 4452 Tcpip - ok

09:44:19.0403 4452 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys

09:44:19.0446 4452 TCPIP6 - ok

09:44:19.0522 4452 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys

09:44:19.0580 4452 tcpipreg - ok

09:44:19.0657 4452 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys

09:44:19.0692 4452 TDPIPE - ok

09:44:19.0816 4452 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys

09:44:19.0839 4452 TDTCP - ok

09:44:19.0919 4452 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys

09:44:19.0971 4452 tdx - ok

09:44:20.0005 4452 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys

09:44:20.0021 4452 TermDD - ok

09:44:20.0075 4452 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll

09:44:20.0140 4452 TermService - ok

09:44:20.0165 4452 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll

09:44:20.0208 4452 Themes - ok

09:44:20.0244 4452 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll

09:44:20.0282 4452 THREADORDER - ok

09:44:20.0297 4452 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll

09:44:20.0351 4452 TrkWks - ok

09:44:20.0425 4452 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe

09:44:20.0498 4452 TrustedInstaller - ok

09:44:20.0597 4452 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys

09:44:20.0653 4452 tssecsrv - ok

09:44:20.0716 4452 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys

09:44:20.0770 4452 TsUsbFlt - ok

09:44:20.0892 4452 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys

09:44:20.0971 4452 tunnel - ok

09:44:21.0010 4452 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys

09:44:21.0052 4452 uagp35 - ok

09:44:21.0110 4452 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys

09:44:21.0162 4452 udfs - ok

09:44:21.0246 4452 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe

09:44:21.0270 4452 UI0Detect - ok

09:44:21.0367 4452 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys

09:44:21.0385 4452 uliagpkx - ok

09:44:21.0550 4452 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys

09:44:21.0583 4452 umbus - ok

09:44:21.0628 4452 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys

09:44:21.0656 4452 UmPass - ok

09:44:21.0787 4452 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

09:44:22.0008 4452 UNS - ok

09:44:22.0109 4452 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll

09:44:22.0172 4452 upnphost - ok

09:44:22.0268 4452 usbbus (5fcc71487888589a9244af54cfefab29) C:\windows\system32\DRIVERS\lgx64bus.sys

09:44:22.0335 4452 usbbus - ok

09:44:22.0399 4452 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys

09:44:22.0431 4452 usbccgp - ok

09:44:22.0516 4452 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys

09:44:22.0537 4452 usbcir - ok

09:44:22.0601 4452 UsbDiag (3fb6e423f7567c92c32ea786f5fd0c69) C:\windows\system32\DRIVERS\lgx64diag.sys

09:44:22.0634 4452 UsbDiag - ok

09:44:22.0690 4452 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys

09:44:22.0728 4452 usbehci - ok

09:44:22.0817 4452 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys

09:44:22.0856 4452 usbhub - ok

09:44:22.0939 4452 USBModem (78d551f5b93488b4666f5fc8dd4815f3) C:\windows\system32\DRIVERS\lgx64modem.sys

09:44:22.0954 4452 USBModem - ok

09:44:23.0006 4452 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys

09:44:23.0041 4452 usbohci - ok

09:44:23.0099 4452 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys

09:44:23.0129 4452 usbprint - ok

09:44:23.0159 4452 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys

09:44:23.0189 4452 usbscan - ok

09:44:23.0289 4452 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS

09:44:23.0359 4452 USBSTOR - ok

09:44:23.0429 4452 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys

09:44:23.0459 4452 usbuhci - ok

09:44:23.0569 4452 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys

09:44:23.0589 4452 usbvideo - ok

09:44:23.0619 4452 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll

09:44:23.0709 4452 UxSms - ok

09:44:23.0809 4452 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

09:44:23.0829 4452 VaultSvc - ok

09:44:23.0929 4452 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys

09:44:23.0939 4452 vdrvroot - ok

09:44:24.0009 4452 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe

09:44:24.0061 4452 vds - ok

09:44:24.0091 4452 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys

09:44:24.0112 4452 vga - ok

09:44:24.0131 4452 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys

09:44:24.0173 4452 VgaSave - ok

09:44:24.0242 4452 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys

09:44:24.0262 4452 vhdmp - ok

09:44:24.0310 4452 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys

09:44:24.0324 4452 viaide - ok

09:44:24.0351 4452 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys

09:44:24.0368 4452 volmgr - ok

09:44:24.0435 4452 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys

09:44:24.0458 4452 volmgrx - ok

09:44:24.0515 4452 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys

09:44:24.0537 4452 volsnap - ok

09:44:24.0590 4452 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys

09:44:24.0608 4452 vsmraid - ok

09:44:24.0691 4452 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe

09:44:24.0781 4452 VSS - ok

09:44:24.0823 4452 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys

09:44:24.0858 4452 vwifibus - ok

09:44:24.0925 4452 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys

09:44:24.0946 4452 vwififlt - ok

09:44:25.0010 4452 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll

09:44:25.0057 4452 W32Time - ok

09:44:25.0092 4452 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys

09:44:25.0128 4452 WacomPen - ok

09:44:25.0254 4452 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys

09:44:25.0290 4452 WANARP - ok

09:44:25.0294 4452 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys

09:44:25.0329 4452 Wanarpv6 - ok

09:44:25.0424 4452 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe

09:44:25.0683 4452 WatAdminSvc - ok

09:44:25.0802 4452 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe

09:44:25.0963 4452 wbengine - ok

09:44:26.0063 4452 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll

09:44:26.0093 4452 WbioSrvc - ok

09:44:26.0181 4452 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll

09:44:26.0221 4452 wcncsvc - ok

09:44:26.0271 4452 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll

09:44:26.0371 4452 WcsPlugInService - ok

09:44:26.0521 4452 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys

09:44:26.0531 4452 Wd - ok

09:44:26.0581 4452 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys

09:44:26.0601 4452 Wdf01000 - ok

09:44:26.0651 4452 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll

09:44:26.0751 4452 WdiServiceHost - ok

09:44:26.0751 4452 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll

09:44:26.0781 4452 WdiSystemHost - ok

09:44:26.0851 4452 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll

09:44:26.0891 4452 WebClient - ok

09:44:26.0991 4452 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll

09:44:27.0051 4452 Wecsvc - ok

09:44:27.0091 4452 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll

09:44:27.0151 4452 wercplsupport - ok

09:44:27.0199 4452 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll

09:44:27.0262 4452 WerSvc - ok

09:44:27.0309 4452 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys

09:44:27.0343 4452 WfpLwf - ok

09:44:27.0377 4452 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys

09:44:27.0392 4452 WIMMount - ok

09:44:27.0432 4452 WinDefend - ok

09:44:27.0530 4452 WinDriver6 (7922583c802203a54cdd47d9ecf028f2) C:\windows\system32\drivers\windrvr6.sys

09:44:27.0572 4452 WinDriver6 - ok

09:44:27.0574 4452 WinHttpAutoProxySvc - ok

09:44:27.0639 4452 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll

09:44:27.0697 4452 Winmgmt - ok

09:44:27.0942 4452 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll

09:44:28.0058 4452 WinRM - ok

09:44:28.0177 4452 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys

09:44:28.0212 4452 WinUsb - ok

09:44:28.0257 4452 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll

09:44:28.0321 4452 Wlansvc - ok

09:44:28.0402 4452 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

09:44:28.0425 4452 wlcrasvc - ok

09:44:28.0523 4452 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

09:44:28.0671 4452 wlidsvc - ok

09:44:28.0791 4452 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys

09:44:28.0819 4452 WmiAcpi - ok

09:44:28.0881 4452 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe

09:44:28.0917 4452 wmiApSrv - ok

09:44:28.0973 4452 WMPNetworkSvc - ok

09:44:29.0051 4452 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll

09:44:29.0098 4452 WPCSvc - ok

09:44:29.0144 4452 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll

09:44:29.0193 4452 WPDBusEnum - ok

09:44:29.0241 4452 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys

09:44:29.0303 4452 ws2ifsl - ok

09:44:29.0342 4452 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll

09:44:29.0389 4452 wscsvc - ok

09:44:29.0398 4452 WSearch - ok

09:44:29.0467 4452 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys

09:44:29.0484 4452 wsvd - ok

09:44:29.0571 4452 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll

09:44:29.0670 4452 wuauserv - ok

09:44:29.0736 4452 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys

09:44:29.0791 4452 WudfPf - ok

09:44:29.0867 4452 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys

09:44:29.0923 4452 WUDFRd - ok

09:44:29.0986 4452 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll

09:44:30.0049 4452 wudfsvc - ok

09:44:30.0096 4452 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll

09:44:30.0154 4452 WwanSvc - ok

09:44:30.0265 4452 XilinxPC4Driver (0d7d5def542cf01ad9665f398a0d0c78) C:\windows\System32\drivers\xpc4drvr.sys

09:44:30.0284 4452 XilinxPC4Driver - ok

09:44:30.0374 4452 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\windows\system32\DRIVERS\xusb21.sys

09:44:30.0425 4452 xusb21 - ok

09:44:30.0458 4452 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

09:44:30.0625 4452 \Device\Harddisk0\DR0 - ok

09:44:30.0627 4452 Boot (0x1200) (34c891ed44f62270a22b5119730876b4) \Device\Harddisk0\DR0\Partition0

09:44:30.0629 4452 \Device\Harddisk0\DR0\Partition0 - ok

09:44:30.0665 4452 Boot (0x1200) (8bcc533718521799b23b6294394bfbd1) \Device\Harddisk0\DR0\Partition1

09:44:30.0668 4452 \Device\Harddisk0\DR0\Partition1 - ok

09:44:30.0698 4452 Boot (0x1200) (76c7d03d44b807bd4e87d6a6ab27f283) \Device\Harddisk0\DR0\Partition2

09:44:30.0700 4452 \Device\Harddisk0\DR0\Partition2 - ok

09:44:30.0701 4452 ============================================================

09:44:30.0701 4452 Scan finished

09:44:30.0701 4452 ============================================================

09:44:30.0709 3188 Detected object count: 0

09:44:30.0709 3188 Actual detected object count: 0

[ijack1286]

Malwarebytes Anti-Malware (PRO) 1.60.1.1000

www.malwarebytes.org

Database version: v2012.04.06.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Isaac :: ISAAC-PC [administrator]

Protection: Enabled

4/6/2012 9:46:46 AM

mbam-log-2012-04-06 (09-46-46).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 194419

Time elapsed: 4 minute(s), 3 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[ijack1286]

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31

Run by Isaac at 9:51:26 on 2012-04-06

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4040.2017 [GMT -7:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

C:\windows\system32\taskhost.exe

C:\windows\Explorer.EXE

c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Microsoft IntelliType Pro\itype.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe

C:\Program Files (x86)\Winamp\winampa.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe

C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\iPod\bin\iPodService.exe

C:\windows\system32\DllHost.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Users\Isaac\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\windows\system32\svchost.exe -k SDRSVC

C:\windows\system32\taskhost.exe

C:\Users\Isaac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Isaac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Isaac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Isaac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Isaac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\windows\SysWOW64\rundll32.exe

C:\Users\Isaac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Isaac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Isaac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\servicing\TrustedInstaller.exe

C:\Users\Isaac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\system32\conhost.exe

C:\windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://lenovo.msn.com

mStart Page = hxxp://lenovo.msn.com

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll

uRun: [Google Update] "C:\Users\Isaac\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"

mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"

mRun: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

StartupFolder: C:\Users\Isaac\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Isaac\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\Isaac\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: DhcpNameServer = 24.205.224.36 24.205.192.61 68.116.46.115

TCP: Interfaces\{4DFDA558-14AD-4D2E-9F7D-598306404A19} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{BCEA6C5C-A4EE-41C0-858B-79FB21955A32} : DhcpNameServer = 24.205.224.36 24.205.192.61 68.116.46.115

TCP: Interfaces\{BCEA6C5C-A4EE-41C0-858B-79FB21955A32}\44F6E6470235475616C602D4970294E6475627E65647 : DhcpNameServer = 24.205.224.36 24.205.192.61 68.116.46.115

TCP: Interfaces\{BCEA6C5C-A4EE-41C0-858B-79FB21955A32}\C6F6C6775747 : DhcpNameServer = 192.168.1.1 24.205.224.36 24.205.192.61

TCP: Interfaces\{BCEA6C5C-A4EE-41C0-858B-79FB21955A32}\D4F63686561647F6 : DhcpNameServer = 24.205.224.36 24.205.192.61 68.116.46.115

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

mASetup: OrCAD_16.5 - C:\OrCAD\OrCAD_16.5_Lite\tools\ConfigUtility\CheckOrCAD165.vbs

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll

BHO-X64: Yontoo Layers - No File

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"

mRun-x64: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"

mRun-x64: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"

mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun-x64: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

mRun-x64: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Isaac\AppData\Roaming\Mozilla\Firefox\Profiles\rni0klpa.default\

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll

FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll

FF - plugin: C:\Users\Isaac\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll

.

---- FIREFOX POLICIES ----

.

FF - user.js: general.useragent.extra.brc -

.

============= SERVICES / DRIVERS ===============

.

R0 fbfmon;fbfmon;C:\windows\system32\drivers\fbfmon.sys --> C:\windows\system32\drivers\fbfmon.sys [?]

R0 LHDmgr;LHDmgr;C:\windows\system32\DRIVERS\LhdX64.sys --> C:\windows\system32\DRIVERS\LhdX64.sys [?]

R1 BPntDrv;BPntDrv;C:\windows\system32\drivers\BPntDrv.sys --> C:\windows\system32\drivers\BPntDrv.sys [?]

R1 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-3-22 13336]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-29 652360]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-3-23 2656280]

R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\system32\DRIVERS\AcpiVpc.sys --> C:\windows\system32\DRIVERS\AcpiVpc.sys [?]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\system32\DRIVERS\clwvd.sys --> C:\windows\system32\DRIVERS\clwvd.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]

R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\windows\system32\DRIVERS\MpNWMon.sys --> C:\windows\system32\DRIVERS\MpNWMon.sys [?]

R3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]

R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

R3 SPUVCbv;SPUVCb Driver Service;C:\windows\system32\Drivers\usbvideo.sys --> C:\windows\system32\Drivers\usbvideo.sys [?]

S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe --> c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [?]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-29 253600]

S3 BTWAMPFL;BTWAMPFL;C:\windows\system32\DRIVERS\btwampfl.sys --> C:\windows\system32\DRIVERS\btwampfl.sys [?]

S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\system32\DRIVERS\btwl2cap.sys --> C:\windows\system32\DRIVERS\btwl2cap.sys [?]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\windows\system32\DRIVERS\k57nd60a.sys --> C:\windows\system32\DRIVERS\k57nd60a.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\windows\system32\DRIVERS\netw5v64.sys --> C:\windows\system32\DRIVERS\netw5v64.sys [?]

S3 npggsvc;nProtect GameGuard Service;C:\windows\system32\GameMon.des -service --> C:\windows\system32\GameMon.des -service [?]

S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUVStor.sys --> C:\windows\system32\Drivers\RtsUVStor.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]

S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-04-06 02:12:46 8669240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BA7C6298-F346-4601-8007-15EB99B103AD}\mpengine.dll

2012-04-05 22:28:51 -------- d-----w- C:\OrCAD

2012-04-05 22:26:46 -------- d-----w- C:\SPB_Data

2012-04-05 18:48:31 -------- d-----w- C:\Users\Isaac\AppData\Local\Adobe

2012-04-02 19:05:00 -------- d-----w- C:\Users\Isaac\DoctorWeb

2012-04-02 08:04:37 -------- d-----w- C:\Program Files (x86)\PC Tools Security

2012-03-30 19:32:31 -------- d-----w- C:\Users\Isaac\AppData\Local\ElevatedDiagnostics

2012-03-29 07:58:28 418464 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2012-03-29 07:49:03 -------- d-----w- C:\Users\Isaac\AppData\Roaming\Malwarebytes

2012-03-29 07:48:53 -------- d-----w- C:\ProgramData\Malwarebytes

2012-03-29 07:48:52 23152 ----a-w- C:\windows\System32\drivers\mbam.sys

2012-03-29 07:48:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-03-25 05:09:48 -------- d-----w- C:\Program Files (x86)\Pure Networks

2012-03-25 05:06:57 -------- d-----w- C:\Program Files (x86)\Common Files\Pure Networks Shared

2012-03-24 23:05:20 -------- d-----w- C:\Program Files\Linksys

2012-03-24 22:57:01 33328 ----a-w- C:\windows\System32\drivers\pnarp.sys

2012-03-24 22:56:56 35376 ----a-w- C:\windows\System32\drivers\purendis.sys

2012-03-24 22:56:01 -------- d-----w- C:\ProgramData\Pure Networks

2012-03-23 06:24:55 -------- d-----w- C:\Users\Isaac\AppData\Local\TERA

2012-03-19 04:18:27 -------- d-----w- C:\Program Files (x86)\Ventrilo

2012-03-19 04:17:20 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard

2012-03-15 10:03:54 5559152 ----a-w- C:\windows\System32\ntoskrnl.exe

2012-03-15 10:03:53 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe

2012-03-15 10:03:53 3913584 ----a-w- C:\windows\SysWow64\ntoskrnl.exe

2012-03-14 15:43:13 3145728 ----a-w- C:\windows\System32\win32k.sys

2012-03-14 15:43:12 1544192 ----a-w- C:\windows\System32\DWrite.dll

2012-03-14 15:43:12 1077248 ----a-w- C:\windows\SysWow64\DWrite.dll

2012-03-14 15:38:04 826880 ----a-w- C:\windows\SysWow64\rdpcore.dll

2012-03-14 15:38:04 1031680 ----a-w- C:\windows\System32\rdpcore.dll

2012-03-14 15:38:03 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys

2012-03-14 15:38:03 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys

2012-03-14 15:37:52 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe

2012-03-14 15:37:52 77312 ----a-w- C:\windows\System32\rdpwsx.dll

2012-03-14 15:37:52 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll

2012-03-10 00:44:36 -------- d-----w- C:\Program Files\iPod

2012-03-10 00:44:35 -------- d-----w- C:\Program Files\iTunes

2012-03-10 00:44:35 -------- d-----w- C:\Program Files (x86)\iTunes

2012-03-10 00:29:06 -------- d-----w- C:\Program Files\Microsoft IntelliType Pro

2012-03-09 05:46:50 -------- d-----w- C:\Users\Isaac\AppData\Roaming\Boomzap

2012-03-09 05:44:59 -------- d-----w- C:\Program Files (x86)\Awakening - The Dreamless Castle

2012-03-09 05:42:53 -------- d-----w- C:\ProgramData\Big Fish Games

2012-03-09 05:42:51 -------- d-----w- C:\Program Files (x86)\bfgclient

2012-03-09 05:42:18 -------- d-----w- C:\BigFishGamesCache

.

==================== Find3M ====================

.

2012-04-02 08:16:08 472808 ----a-w- C:\windows\SysWow64\deployJava1.dll

2012-03-29 07:58:28 70304 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-01-31 12:44:20 279656 ------w- C:\windows\System32\MpSigStub.exe

.

============= FINISH: 9:53:11.80 ===============

[ijack1286]

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 5/27/2011 12:57:46 AM

System Uptime: 4/5/2012 2:02:48 AM (31 hours ago)

.

Motherboard: LENOVO | | Base Board Product Name

Processor: Intel® Core i5-2410M CPU @ 2.30GHz | CPU1 | 2301/1333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 422 GiB total, 85.198 GiB free.

D: is FIXED (NTFS) - 29 GiB total, 26.886 GiB free.

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Description: Broadcom Bluetooth 2.1 USB

Device ID: USB\VID_0489&PID_E00D\EC55F9EA3C23

Manufacturer: Broadcom

Name: Broadcom Bluetooth 2.1 USB

PNP Device ID: USB\VID_0489&PID_E00D\EC55F9EA3C23

Service: BTHUSB

.

==== System Restore Points ===================

.

RP157: 3/30/2012 9:44:49 AM - Windows Update

RP158: 4/2/2012 1:14:25 AM - Installed Java 6 Update 31

RP159: 4/3/2012 9:44:56 AM - Windows Update

RP160: 4/5/2012 3:28:19 PM - Installed OrCAD 16.5 Lite

.

==== Installed Programs ======================

.

Adobe Reader X (10.1.2)

Apple Application Support

Apple Software Update

Atheros Client Installation Program

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

Audiosurf

Awakening: The Dreamless Castle

Bandisoft MPEG-1 Decoder

Beat Hazard

Big Fish Games: Game Manager

Borderlands

Cheat Engine 6.1

Cisco Network Magic

Combined Community Codec Pack 2010-10-10

D3DX10

DC Universe Online

Defense Grid: The Awakening

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Digilent Software

DragonNest

Dropbox

Dungeon Defenders

e-Sword

Energy Management

Flyff

Foxit Phantom

GOM Player

GOMTV Streamer

Google Chrome

Guitar Pro 6

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

IrfanView (remove only)

Java Auto Updater

Java 6 Update 31

Junk Mail filter update

League of Legends

Lenovo DirectShare

Lenovo EasyCamera

Lenovo Games Console

Lenovo OneKey Recovery

Lenovo YouCam

LG USB Modem driver

LTspice IV

Magic: The Gathering — Duels of the Planeswalkers 2012

Magicka

Malwarebytes Anti-Malware version 1.60.1.1000

Mesh Runtime

Microsoft Office 2010

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox 11.0 (x86 en-US)

MSVCRT

MSVCRT_amd64

Network Magic

Nexon Game Manager

Novarm DipTrace

ooVoo

OrCAD 16.5 Lite

Pando Media Booster

Pangya (Ntreev SG Interactive)

PDFZilla V1.2.9

Peggle Deluxe

Peggle Nights

Plants vs. Zombies: Game of the Year

Portal

Power2Go

Pure Networks Platform

QuickTime

Realtek USB 2.0 Reader Driver

Recettear: An Item Shop's Tale

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition

Skype™ 5.5

StarCraft II

Steam

Super Meat Boy

Team Fortress 2

TERA

Terraria

TextPad 5

Torchlight

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition

Update for Microsoft Outlook Social Connector (KB2583935)

UserGuide

Veetle TV

Ventrilo Client

VeriFace

VLC media player 1.1.11

VVVVVV

Winamp

Winamp Detector Plug-in

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinPcap 4.1.1

WinRAR 4.00 (32-bit)

Worms Reloaded

.

==== Event Viewer Messages From Past Week ========

.

4/5/2012 9:49:24 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

4/5/2012 9:49:24 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/2/2012 7:07:01 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

4/2/2012 7:06:32 PM, Error: Service Control Manager [7000] - The McAfee SiteAdvisor Service service failed to start due to the following error: The system cannot find the file specified.

4/2/2012 5:53:48 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2012 5:53:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

4/2/2012 5:53:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

4/2/2012 5:53:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

4/2/2012 5:53:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

4/2/2012 5:53:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

4/2/2012 5:53:38 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

4/2/2012 5:53:22 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BPntDrv DfsC discache MpFilter NetBIOS NetBT nsiproxy PCTSD Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf

4/2/2012 5:53:22 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2012 5:53:22 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

4/2/2012 5:53:22 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

4/2/2012 5:53:22 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2012 5:53:22 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2012 5:53:22 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

4/2/2012 5:53:22 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2012 5:53:22 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

4/2/2012 5:53:22 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

3/30/2012 3:23:15 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

3/30/2012 3:19:59 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

3/30/2012 3:08:58 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

3/30/2012 3:06:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}

3/30/2012 12:00:12 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BPntDrv discache MpFilter spldr Wanarpv6

.

==== End Of File ===========================

[Maniac]

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

[ijack1286]

ComboFix 12-04-06.03 - Isaac 04/06/2012 14:06:44.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4040.2325 [GMT -7:00]

Running from: c:\users\Isaac\Downloads\ComboFix.exe

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Install.exe

c:\windows\s.bat

.

.

((((((((((((((((((((((((( Files Created from 2012-03-06 to 2012-04-06 )))))))))))))))))))))))))))))))

.

.

2012-04-06 21:14 . 2012-04-06 21:14 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-04-06 19:46 . 2012-04-06 19:46 -------- d-----w- C:\RatSim

2012-04-06 16:55 . 2012-04-06 16:55 -------- d-s---w- c:\windows\SysWow64\Microsoft

2012-04-06 02:12 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BA7C6298-F346-4601-8007-15EB99B103AD}\mpengine.dll

2012-04-05 22:28 . 2012-04-05 22:28 -------- d-----w- C:\OrCAD

2012-04-05 22:26 . 2012-04-05 22:26 -------- d-----w- C:\SPB_Data

2012-04-05 18:48 . 2012-04-05 18:48 -------- d-----w- c:\users\Isaac\AppData\Local\Adobe

2012-04-03 23:10 . 2012-04-03 23:10 -------- d-----w- c:\program files (x86)\Common Files\Adobe

2012-04-02 19:05 . 2012-04-02 19:05 -------- d-----w- c:\users\Isaac\DoctorWeb

2012-04-02 08:16 . 2012-04-02 08:16 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-04-02 08:04 . 2012-04-03 02:06 -------- d-----w- c:\program files (x86)\PC Tools Security

2012-03-30 19:32 . 2012-03-30 19:32 -------- d-----w- c:\users\Isaac\AppData\Local\ElevatedDiagnostics

2012-03-29 07:58 . 2012-03-29 07:58 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-03-29 07:49 . 2012-03-29 07:49 -------- d-----w- c:\users\Isaac\AppData\Roaming\Malwarebytes

2012-03-29 07:48 . 2012-03-29 07:48 -------- d-----w- c:\programdata\Malwarebytes

2012-03-29 07:48 . 2012-03-29 07:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-03-29 07:48 . 2011-12-10 22:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-24 23:05 . 2012-03-24 23:05 -------- d-----w- c:\program files\Linksys

2012-03-24 22:56 . 2012-04-06 16:56 -------- d-----w- c:\programdata\Pure Networks

2012-03-23 06:25 . 2012-03-23 06:25 -------- d-----w- c:\users\Public\Games

2012-03-23 06:24 . 2012-03-23 06:26 -------- d-----w- c:\users\Isaac\AppData\Local\TERA

2012-03-19 04:18 . 2012-03-19 04:19 -------- d-----w- c:\users\Isaac\AppData\Roaming\Ventrilo

2012-03-19 04:18 . 2012-03-19 04:18 -------- d-----w- c:\program files (x86)\Ventrilo

2012-03-19 04:17 . 2012-03-19 04:17 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard

2012-03-15 10:03 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-03-15 10:03 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-03-15 10:03 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-03-14 15:43 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys

2012-03-14 15:43 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll

2012-03-14 15:43 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-03-14 15:38 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll

2012-03-14 15:38 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll

2012-03-14 15:38 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-03-14 15:38 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-03-14 15:37 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll

2012-03-14 15:37 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-03-14 15:37 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-03-10 00:44 . 2012-03-10 00:44 -------- d-----w- c:\program files\iPod

2012-03-10 00:44 . 2012-03-10 00:45 -------- d-----w- c:\program files\iTunes

2012-03-10 00:44 . 2012-03-10 00:45 -------- d-----w- c:\program files (x86)\iTunes

2012-03-10 00:29 . 2012-03-10 00:29 -------- d-----w- c:\program files\Microsoft IntelliType Pro

2012-03-09 05:46 . 2012-03-09 05:46 -------- d-----w- c:\users\Isaac\AppData\Roaming\Boomzap

2012-03-09 05:44 . 2012-03-09 05:45 -------- d-----w- c:\program files (x86)\Awakening - The Dreamless Castle

2012-03-09 05:42 . 2012-03-09 05:42 -------- d-----w- c:\programdata\Big Fish Games

2012-03-09 05:42 . 2012-03-09 05:42 -------- d-----w- c:\program files (x86)\bfgclient

2012-03-09 05:42 . 2012-03-09 14:43 -------- d-----w- C:\BigFishGamesCache

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-02 08:16 . 2011-09-29 23:37 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-03-29 07:58 . 2011-12-25 03:04 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-03-14 03:27 . 2011-05-27 18:31 8669240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-02-11 01:45 . 2012-02-11 01:45 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F52BB44D-065B-49FA-A18D-4009FC328F5A}\gapaengine.dll

2012-01-31 12:44 . 2011-05-27 17:36 279656 ------w- c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\users\Isaac\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\users\Isaac\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\users\Isaac\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-12 283160]

"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]

"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]

"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-07-11 74752]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-07 421736]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

.

c:\users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Isaac\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]

OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer2"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 253600]

R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [x]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]

R3 dump_wmimmc;dump_wmimmc;c:\program files\Gpotato\Flyff\GameGuard\dump_wmimmc.sys [x]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-28 288272]

R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [x]

S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [x]

S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-12 13336]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]

S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]

S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]

S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]

S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]

S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\usbvideo.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 00476473

*Deregistered* - 00476473

*Deregistered* - pnarp

*Deregistered* - purendis

.

Contents of the 'Scheduled Tasks' folder

.

2012-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 07:58]

.

2012-04-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1978627538-4216834353-2571826296-1000Core.job

- c:\users\Isaac\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-27 08:04]

.

2012-04-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1978627538-4216834353-2571826296-1000UA.job

- c:\users\Isaac\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-27 08:04]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:\users\Isaac\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:\users\Isaac\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:\users\Isaac\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:\users\Isaac\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]

@="{771C7324-DA80-49D3-8017-753B0AF60951}"

[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]

2011-03-23 07:23 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-01 167704]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-01 392472]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-01 416024]

"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-11 1873256]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uStart Page = hxxp://lenovo.msn.com

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://lenovo.msn.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: DhcpNameServer = 129.65.16.254 129.65.21.254

FF - ProfilePath - c:\users\Isaac\AppData\Roaming\Mozilla\Firefox\Profiles\rni0klpa.default\

FF - prefs.js: network.proxy.type - 0

FF - user.js: general.useragent.extra.brc -

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

HKLM_Wow6432Node-ActiveSetup-OrCAD_16.5 - c:\orcad\OrCAD_16.5_Lite\tools\ConfigUtility\CheckOrCAD165.vbs

Toolbar-Locked - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-1978627538-4216834353-2571826296-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CF025F21-4089-4FD3-C2CB-8F14F2CC0F31}*]

"hagboebbcabmbjjb"=hex:61,61,00,00

"iackmoefjidiigjdhl"=hex:6b,61,67,6e,6c,62,6f,6d,6c,6b,67,6f,70,6b,62,64,6a,67,

6c,64,68,6e,00,05

"haijcmhlmflnieap"=hex:6b,61,67,6e,6c,62,6f,6d,6c,6b,67,6f,70,6b,62,64,6a,67,

6c,64,68,6e,00,05

"hagboebbmapfaodo"=hex:61,61,00,00

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-04-06 14:16:59

ComboFix-quarantined-files.txt 2012-04-06 21:16

.

Pre-Run: 91,117,817,856 bytes free

Post-Run: 91,137,916,928 bytes free

.

- - End Of File - - 9111BC0049C47D511B1EF45A72BB5DA3

[Maniac]

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

• Flush DNS
  
• Report IE Proxy Settings
  
• Reset IE Proxy Settings
  
• Report FF Proxy Settings
  
• Reset FF Proxy Settings
  
• List content of Hosts
  
• List IP configuration
  
• List Winsock Entries
  
• List last 10 Event Viewer log
  
• List Installed Programs
  
• List Devices
  
• List Users, Partitions and Memory size.
  
• List Minidump Files
  

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

[ijack1286]

MiniToolBox by Farbar Version: 18-01-2012

Ran by Isaac (administrator) on 07-04-2012 at 13:54:31

Microsoft Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.

No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", ""

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)

Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

reset

set global

set subinterface interface=?3 subinterface=ethernet_6 mtu=1477

popd

# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : Isaac-PC

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter

Physical Address. . . . . . . . . : 68-A3-C4-57-CF-EB

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::f0bc:cf23:7f34:ceeb%14(Preferred)

IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Lease Obtained. . . . . . . . . . : Friday, April 06, 2012 5:19:35 PM

Lease Expires . . . . . . . . . . : Sunday, April 08, 2012 1:08:08 PM

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DHCPv6 IAID . . . . . . . . . . . : 375956420

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-1B-54-24-B8-70-F4-07-A1-DE

DNS Servers . . . . . . . . . . . : 24.205.224.36

24.205.192.61

68.116.46.115

NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . : Isaac

Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)

Physical Address. . . . . . . . . : B8-70-F4-07-A1-DE

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BCEA6C5C-A4EE-41C0-858B-79FB21955A32}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Isaac:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:28a2:3678:b47f:ecea(Preferred)

Link-local IPv6 Address . . . . . : fe80::28a2:3678:b47f:ecea%15(Preferred)

Default Gateway . . . . . . . . . : ::

NetBIOS over Tcpip. . . . . . . . : Disabled

Server: vip01snloca.snlo.ca.charter.com

Address: 24.205.224.36

Name: google.com

Addresses: 74.125.224.134

74.125.224.130

74.125.224.128

74.125.224.142

74.125.224.133

74.125.224.129

74.125.224.137

74.125.224.132

74.125.224.131

74.125.224.135

74.125.224.136

Pinging google.com [74.125.224.32] with 32 bytes of data:

Reply from 74.125.224.32: bytes=32 time=13ms TTL=55

Reply from 74.125.224.32: bytes=32 time=23ms TTL=55

Ping statistics for 74.125.224.32:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 13ms, Maximum = 23ms, Average = 18ms

Server: vip01snloca.snlo.ca.charter.com

Address: 24.205.224.36

Name: yahoo.com

Addresses: 98.139.183.24

209.191.122.70

72.30.38.140

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=60ms TTL=51

Reply from 209.191.122.70: bytes=32 time=65ms TTL=51

Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 60ms, Maximum = 65ms, Average = 62ms

Server: vip01snloca.snlo.ca.charter.com

Address: 24.205.224.36

Name: bleepingcomputer.com

Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 1ms, Maximum = 3ms, Average = 2ms

===========================================================================

Interface List

14...68 a3 c4 57 cf eb ......Atheros AR9285 Wireless Network Adapter

12...b8 70 f4 07 a1 de ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)

1...........................Software Loopback Interface 1

17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2

15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

===========================================================================

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 25

127.0.0.0 255.0.0.0 On-link 127.0.0.1 306

127.0.0.1 255.255.255.255 On-link 127.0.0.1 306

127.255.255.255 255.255.255.255 On-link 127.0.0.1 306

192.168.1.0 255.255.255.0 On-link 192.168.1.100 281

192.168.1.100 255.255.255.255 On-link 192.168.1.100 281

192.168.1.255 255.255.255.255 On-link 192.168.1.100 281

224.0.0.0 240.0.0.0 On-link 127.0.0.1 306

224.0.0.0 240.0.0.0 On-link 192.168.1.100 281

255.255.255.255 255.255.255.255 On-link 127.0.0.1 306

255.255.255.255 255.255.255.255 On-link 192.168.1.100 281

===========================================================================

Persistent Routes:

None

IPv6 Route Table

===========================================================================

Active Routes:

If Metric Network Destination Gateway

15 58 ::/0 On-link

1 306 ::1/128 On-link

15 58 2001::/32 On-link

15 306 2001:0:4137:9e76:28a2:3678:b47f:ecea/128

On-link

14 281 fe80::/64 On-link

15 306 fe80::/64 On-link

15 306 fe80::28a2:3678:b47f:ecea/128

On-link

14 281 fe80::f0bc:cf23:7f34:ceeb/128

On-link

1 306 ff00::/8 On-link

15 306 ff00::/8 On-link

14 281 ff00::/8 On-link

===========================================================================

Persistent Routes:

None

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)

Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)

Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)

x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)

x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)

x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)

x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:

==================

Error: (04/06/2012 10:18:48 PM) (Source: Application Hang) (User: )

Description: The program chrome.exe version 18.0.1025.151 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 127c

Start Time: 01cd14542a505cbe

Termination Time: 5

Application Path: C:\Users\Isaac\AppData\Local\Google\Chrome\Application\chrome.exe

Report Id: 1d7bbb7f-8071-11e1-b40f-b870f407a1de

Error: (04/06/2012 01:57:59 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1108

Error: (04/06/2012 01:57:59 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1108

Error: (04/06/2012 01:57:59 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/06/2012 00:58:16 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 3432

Error: (04/06/2012 00:58:16 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 3432

Error: (04/06/2012 00:58:16 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/06/2012 00:58:15 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2434

Error: (04/06/2012 00:58:15 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2434

Error: (04/06/2012 00:58:15 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

System errors:

=============

Error: (04/06/2012 03:15:27 PM) (Source: Microsoft Antimalware) (User: )

Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (04/06/2012 03:14:47 PM) (Source: Service Control Manager) (User: )

Description: The McAfee SiteAdvisor Service service failed to start due to the following error:

%%2

Error: (04/06/2012 02:14:58 PM) (Source: Service Control Manager) (User: )

Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (04/06/2012 02:14:25 PM) (Source: Application Popup) (User: )

Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (04/06/2012 02:11:44 PM) (Source: Service Control Manager) (User: )

Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (04/05/2012 09:49:24 PM) (Source: Service Control Manager) (User: )

Description: The Steam Client Service service failed to start due to the following error:

%%1053

Error: (04/05/2012 09:49:24 PM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (04/02/2012 07:07:01 PM) (Source: Microsoft Antimalware) (User: )

Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (04/02/2012 07:06:32 PM) (Source: Service Control Manager) (User: )

Description: The McAfee SiteAdvisor Service service failed to start due to the following error:

%%2

Error: (04/02/2012 06:22:38 PM) (Source: Service Control Manager) (User: )

Description: The McAfee SiteAdvisor Service service failed to start due to the following error:

%%2

Microsoft Office Sessions:

=========================

Error: (04/06/2012 10:18:48 PM) (Source: Application Hang)(User: )

Description: chrome.exe18.0.1025.151127c01cd14542a505cbe5C:\Users\Isaac\AppData\Local\Google\Chrome\Application\chrome.exe1d7bbb7f-8071-11e1-b40f-b870f407a1de

Error: (04/06/2012 01:57:59 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1108

Error: (04/06/2012 01:57:59 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1108

Error: (04/06/2012 01:57:59 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/06/2012 00:58:16 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 3432

Error: (04/06/2012 00:58:16 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 3432

Error: (04/06/2012 00:58:16 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/06/2012 00:58:15 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2434

Error: (04/06/2012 00:58:15 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2434

Error: (04/06/2012 00:58:15 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)

Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.228)

Adobe Reader X (10.1.2) (Version: 10.1.2)

Apple Application Support (Version: 2.1.7)

Apple Mobile Device Support (Version: 5.1.1.4)

Apple Software Update (Version: 2.1.3.127)

Atheros Client Installation Program (Version: 7.0)

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.36)

Audiosurf

Awakening: The Dreamless Castle

Bandisoft MPEG-1 Decoder

Beat Hazard

Big Fish Games: Game Manager (Version: 3.0.1.60)

Bonjour (Version: 3.0.0.10)

Borderlands

Combined Community Codec Pack 2010-10-10 (Version: 2010.10.10.0)

Conexant HD Audio (Version: 8.54.1.0)

D3DX10 (Version: 15.4.2368.0902)

DC Universe Online

Defense Grid: The Awakening

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Digilent Software (Version: 1.0.189)

DragonNest

Dropbox (Version: 1.2.52)

Dungeon Defenders

e-Sword (Version: 10.00.0007)

Energy Management (Version: 6.0.1.5)

Flyff (Version: Flyff)

Foxit Phantom (Version: 2.2.0225)

GOM Player (Version: 2.1.28.5039)

GOMTV Streamer (Version: 1.0.0.26)

Google Chrome (Version: 18.0.1025.151)

Guitar Pro 6

Intel® Control Center (Version: 1.2.1.1007)

Intel® Management Engine Components (Version: 7.0.0.1144)

Intel® Processor Graphics (Version: 8.15.10.2279)

Intel® Rapid Storage Technology (Version: 10.1.2.1004)

IrfanView (remove only) (Version: 4.32)

iTunes (Version: 10.6.0.40)

Java Auto Updater (Version: 2.0.7.1)

Java 6 Update 31 (Version: 6.0.310)

Junk Mail filter update (Version: 15.4.3502.0922)

League of Legends (Version: 1.3)

Lenovo Bluetooth with Enhanced Data Rate Software (Version: 6.3.0.7400)

Lenovo DirectShare (Version: 1.0.1.38)

Lenovo EasyCamera (Version: 1.10.1209.1)

Lenovo EE Boot Optimizer (Version: 0.0.1.5)

Lenovo Games Console (Version: 0.38.389.2)

Lenovo OneKey Recovery (Version: 7.0.1628)

Lenovo YouCam (Version: 3.1.3728)

LG USB Modem driver

LTspice IV

Magic: The Gathering — Duels of the Planeswalkers 2012

Magicka

Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)

Mesh Runtime (Version: 15.4.5722.2)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft Antimalware (Version: 3.0.8402.2)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)

Microsoft Office 2010 (Version: 14.0.4763.1000)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)

Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)

Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Security Client (Version: 2.1.1116.0)

Microsoft Security Essentials (Version: 2.1.1116.0)

Microsoft Silverlight (Version: 4.1.10111.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

MobileMe Control Panel (Version: 3.1.6.0)

Mozilla Firefox 11.0 (x86 en-US) (Version: 11.0)

MSVCRT (Version: 15.4.2862.0708)

MSVCRT_amd64 (Version: 15.4.2862.0708)

Nexon Game Manager

Novarm DipTrace (Version: 2.2)

ooVoo (Version: 2.2.4.25)

OrCAD 16.5 Lite (Version: 16.50.001)

Pando Media Booster (Version: 2.6.0.1)

Pangya (Ntreev SG Interactive)

PDFZilla V1.2.9

Peggle Deluxe

Peggle Nights

Plants vs. Zombies: Game of the Year

Portal

Power2Go (Version: 5.6.0.7108)

QuickTime (Version: 7.71.80.42)

Realtek USB 2.0 Reader Driver (Version: 6.1.7600.10001)

Recettear: An Item Shop's Tale

Skype™ 5.5 (Version: 5.5.124)

StarCraft II (Version: 1.4.2.20141)

Steam (Version: 1.0.0.0)

Super Meat Boy

Synaptics Pointing Device Driver (Version: 15.2.6.0)

Team Fortress 2

TERA (Version: 1.30)

Terraria

TextPad 5 (Version: 5.4.2)

Torchlight

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition

Update for Microsoft Outlook Social Connector (KB2583935)

UserGuide (Version: 1.0.0.6)

Veetle TV (Version: 0.9.19)

Ventrilo Client (Version: 3.0.8)

VeriFace (Version: 4.0.0.1224)

VLC media player 1.1.11 (Version: 1.1.11)

VVVVVV

Winamp (Version: 5.621 )

Winamp Detector Plug-in (Version: 1.0.0.1)

Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (Version: 12/02/2010 6.1.0.1)

Windows Live Communications Platform (Version: 15.4.3502.0922)

Windows Live Essentials (Version: 15.4.3502.0922)

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)

Windows Live Installer (Version: 15.4.3502.0922)

Windows Live Language Selector (Version: 15.4.3502.0922)

Windows Live Mail (Version: 15.4.3502.0922)

Windows Live Mesh (Version: 15.4.3502.0922)

Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)

Windows Live Messenger (Version: 15.4.3502.0922)

Windows Live MIME IFilter (Version: 15.4.3502.0922)

Windows Live Movie Maker (Version: 15.4.3502.0922)

Windows Live Photo Common (Version: 15.4.3502.0922)

Windows Live Photo Gallery (Version: 15.4.3502.0922)

Windows Live PIMT Platform (Version: 15.4.3502.0922)

Windows Live Remote Client (Version: 15.4.5722.2)

Windows Live Remote Client Resources (Version: 15.4.5722.2)

Windows Live Remote Service (Version: 15.4.5722.2)

Windows Live Remote Service Resources (Version: 15.4.5722.2)

Windows Live SOXE (Version: 15.4.3502.0922)

Windows Live SOXE Definitions (Version: 15.4.3502.0922)

Windows Live UX Platform (Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)

Windows Live Writer (Version: 15.4.3502.0922)

Windows Live Writer Resources (Version: 15.4.3502.0922)

WinPcap 4.1.1 (Version: 4.1.0.1753)

WinRAR 4.00 (32-bit) (Version: 4.00.0)

Worms Reloaded

Xilinx ISE Design Suite 13.4 (C:\Xilinx\13.4\ISE_DS)

========================= Devices: ================================

Name: Broadcom Bluetooth 2.1 USB

Description: Broadcom Bluetooth 2.1 USB

Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Manufacturer: Broadcom

Service: BTHUSB

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

========================= Memory info: ===================================

Percentage of memory in use: 49%

Total physical RAM: 4039.86 MB

Available physical RAM: 2023.88 MB

Total Pagefile: 8077.91 MB

Available Pagefile: 5757.53 MB

Total Virtual: 4095.88 MB

Available Virtual: 3959.89 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:421.81 GB) (Free:84.33 GB) NTFS

2 Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.89 GB) NTFS

========================= Users: ========================================

User accounts for \\ISAAC-PC

Administrator Guest Isaac

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

[Maniac]

How are things now?

[ijack1286]

I believe that may have done it. Malwarebyte is not constantly detecting something anymore and no longer have the redirects! Thank you so much .

[Maniac]

Glad I could help!

Please uninstall ComboFix:

www.bleepingcomputer.com/combofix/how-to-use-combofix#uninstall

Please manually delete DDS, MiniToolBox and TDSSKiller.

Some malware preventions:

http://forums.malwarebytes.org/index.php?showtopic=104379&pid=515983&st=0entry515983

Safe surfing!

[Maurice Naggar]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!