Esskay Posted June 1, 2012 ID:556637 Share Posted June 1, 2012 This virus deleted a vital part of microsoft security essentials before I even knew I had it. i noticed MSE was deactivated and trying to start it yielded the dialogue box"Couldn't start Security Essentials serviceThe specified service does not exist as an installed service"I downloaded Malwarebytes and accepted the full version trial. Malwarebytes was able to locate the virus but couldn't totally remove it. It's under windows\installer\[random-letters here]\UI ended some processes at this point causing a reset of my computerUpon restarting my computer I get two error messages"Run DLLThere was a problem starting c\users\[my user]\appdata\local\temp\ orosc.dll [and] oseals.dll "Having looked at other PING.exe topics i tried running TDSSkiller but it does not find the virus.Includeded are my DDS logs.DDS.txtAttach.txtThanks in advance Link to post Share on other sites More sharing options...
Maniac Posted June 1, 2012 ID:556678 Share Posted June 1, 2012 Hello Esskay and ! My name is Maniac and I will be glad to help you solve your malware problem.Please note:If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.Make sure you read all of the instructions and fixes thoroughly before continuing with them.Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.Step 1Please uninstall µTorrent, because of our policy:http://forums.malwarebytes.org/index.php?showtopic=97700Step 2Please manually delete your TDSSKiller copy and then download the latest version of TDSSKiller from here and save it to your Desktop.Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.Click the Start Scan button.If a suspicious object is detected, the default action will be Skip, click on Continue.If malicious objects are found, they will show in the Scan results and offer three (3) options.Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.Step 3Launch Malwarebytes' Anti-MalwareGo to Update tab and select Check for Updates. If an update is found, it will download and install the latest version. Go to Scanner tab and select Perform Quick Scan, then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.In your next reply, post the following log files:TDSSKiller logMalwarebytes' Anti-Malware loga new fresh DDS log file Link to post Share on other sites More sharing options...
Esskay Posted June 3, 2012 Author ID:557213 Share Posted June 3, 2012 TDSSKiller still doesn't detect anything other than a printer driver and game auto-updater (false positives, I'm sure). Mbam says it's updated and still can't remove the threat on it's own.Here are my new logs:TDSSKiller.2.7.36.0_03.06.2012_22.28.26_log.txtmbam-log-2012-06-03 (22-30-45).txtDDS_New.txt Link to post Share on other sites More sharing options...
Maniac Posted June 4, 2012 ID:557312 Share Posted June 4, 2012 Please follow my instructions strictly:Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.In your next reply, post the following log files: Link to post Share on other sites More sharing options...
Esskay Posted June 4, 2012 Author ID:557332 Share Posted June 4, 2012 TDSSKiller:22:28:26.0424 3796 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:1622:28:26.0595 3796 ============================================================22:28:26.0595 3796 Current date / time: 2012/06/03 22:28:26.059522:28:26.0595 3796 SystemInfo:22:28:26.0595 379622:28:26.0595 3796 OS Version: 6.1.7601 ServicePack: 1.022:28:26.0595 3796 Product type: Workstation22:28:26.0595 3796 ComputerName: KIM-JONG-IL22:28:26.0595 3796 UserName: Kelvin22:28:26.0595 3796 Windows directory: C:\Windows22:28:26.0595 3796 System windows directory: C:\Windows22:28:26.0595 3796 Running under WOW6422:28:26.0595 3796 Processor architecture: Intel x6422:28:26.0595 3796 Number of processors: 422:28:26.0595 3796 Page size: 0x100022:28:26.0595 3796 Boot type: Normal boot22:28:26.0595 3796 ============================================================22:28:27.0422 3796 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004022:28:27.0438 3796 ============================================================22:28:27.0438 3796 \Device\Harddisk0\DR0:22:28:27.0438 3796 MBR partitions:22:28:27.0438 3796 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3200022:28:27.0438 3796 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A35300022:28:27.0438 3796 ============================================================22:28:27.0469 3796 C: <-> \Device\Harddisk0\DR0\Partition122:28:27.0469 3796 ============================================================22:28:27.0469 3796 Initialize success22:28:27.0469 3796 ============================================================22:28:37.0063 2824 ============================================================22:28:37.0063 2824 Scan started22:28:37.0063 2824 Mode: Manual; SigCheck; TDLFS;22:28:37.0063 2824 ============================================================22:28:37.0983 2824 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys22:28:38.0061 2824 1394ohci - ok22:28:38.0093 2824 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys22:28:38.0108 2824 ACPI - ok22:28:38.0124 2824 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys22:28:38.0124 2824 AcpiPmi - ok22:28:38.0249 2824 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe22:28:38.0264 2824 AdobeARMservice - ok22:28:38.0311 2824 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys22:28:38.0342 2824 adp94xx - ok22:28:38.0358 2824 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys22:28:38.0373 2824 adpahci - ok22:28:38.0389 2824 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys22:28:38.0405 2824 adpu320 - ok22:28:38.0436 2824 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll22:28:38.0467 2824 AeLookupSvc - ok22:28:38.0514 2824 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys22:28:38.0529 2824 AFD - ok22:28:38.0545 2824 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys22:28:38.0545 2824 agp440 - ok22:28:38.0576 2824 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe22:28:38.0576 2824 ALG - ok22:28:38.0592 2824 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys22:28:38.0607 2824 aliide - ok22:28:38.0670 2824 AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe22:28:38.0685 2824 AMD External Events Utility - ok22:28:38.0732 2824 AMD FUEL Service - ok22:28:38.0748 2824 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys22:28:38.0763 2824 amdide - ok22:28:38.0779 2824 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys22:28:38.0810 2824 amdiox64 - ok22:28:38.0826 2824 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys22:28:38.0841 2824 AmdK8 - ok22:28:39.0450 2824 amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys22:28:39.0559 2824 amdkmdag - ok22:28:39.0699 2824 amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys22:28:39.0731 2824 amdkmdap - ok22:28:39.0762 2824 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys22:28:39.0777 2824 AmdPPM - ok22:28:39.0793 2824 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys22:28:39.0809 2824 amdsata - ok22:28:39.0840 2824 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys22:28:39.0855 2824 amdsbs - ok22:28:39.0887 2824 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys22:28:39.0887 2824 amdxata - ok22:28:39.0933 2824 AODDriver4.01 (5b25d1a753cc3a3edb909bb759ac1098) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys22:28:39.0949 2824 AODDriver4.01 - ok22:28:39.0996 2824 AODDriver4.1 (5b25d1a753cc3a3edb909bb759ac1098) c:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys22:28:40.0011 2824 AODDriver4.1 - ok22:28:40.0043 2824 AODService (419dfc4fcf642a3d8d9794c15fca92fd) C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe22:28:40.0058 2824 AODService - ok22:28:40.0089 2824 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys22:28:40.0136 2824 AppID - ok22:28:40.0152 2824 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll22:28:40.0183 2824 AppIDSvc - ok22:28:40.0199 2824 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll22:28:40.0214 2824 Appinfo - ok22:28:40.0245 2824 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys22:28:40.0261 2824 arc - ok22:28:40.0261 2824 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys22:28:40.0277 2824 arcsas - ok22:28:40.0370 2824 AsIO (68726474c69b738eac3a62e06b33addc) C:\Windows\syswow64\drivers\AsIO.sys22:28:40.0386 2824 AsIO - ok22:28:40.0417 2824 asmthub3 (0aa7a996792fb0287b33a57a8093ae44) C:\Windows\system32\DRIVERS\asmthub3.sys22:28:40.0448 2824 asmthub3 - ok22:28:40.0479 2824 asmtxhci (125dc3abf5bfccfe82ad17d078e0b9ec) C:\Windows\system32\DRIVERS\asmtxhci.sys22:28:40.0526 2824 asmtxhci - ok22:28:40.0542 2824 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys22:28:40.0573 2824 AsyncMac - ok22:28:40.0573 2824 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys22:28:40.0589 2824 atapi - ok22:28:40.0635 2824 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys22:28:40.0651 2824 AtiHDAudioService - ok22:28:40.0729 2824 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll22:28:40.0776 2824 AudioEndpointBuilder - ok22:28:40.0776 2824 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll22:28:40.0807 2824 AudioSrv - ok22:28:40.0838 2824 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll22:28:40.0854 2824 AxInstSV - ok22:28:40.0885 2824 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys22:28:40.0901 2824 b06bdrv - ok22:28:40.0932 2824 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys22:28:40.0932 2824 b57nd60a - ok22:28:40.0947 2824 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll22:28:40.0947 2824 BDESVC - ok22:28:40.0979 2824 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys22:28:40.0994 2824 Beep - ok22:28:41.0072 2824 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll22:28:41.0119 2824 BITS - ok22:28:41.0135 2824 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys22:28:41.0135 2824 blbdrive - ok22:28:41.0150 2824 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys22:28:41.0166 2824 bowser - ok22:28:41.0166 2824 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys22:28:41.0181 2824 BrFiltLo - ok22:28:41.0197 2824 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys22:28:41.0213 2824 BrFiltUp - ok22:28:41.0228 2824 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll22:28:41.0244 2824 Browser - ok22:28:41.0275 2824 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys22:28:41.0291 2824 Brserid - ok22:28:41.0306 2824 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys22:28:41.0306 2824 BrSerWdm - ok22:28:41.0322 2824 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys22:28:41.0337 2824 BrUsbMdm - ok22:28:41.0337 2824 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys22:28:41.0353 2824 BrUsbSer - ok22:28:41.0369 2824 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys22:28:41.0369 2824 BTHMODEM - ok22:28:41.0384 2824 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll22:28:41.0415 2824 bthserv - ok22:28:41.0431 2824 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys22:28:41.0462 2824 cdfs - ok22:28:41.0478 2824 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys22:28:41.0493 2824 cdrom - ok22:28:41.0493 2824 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll22:28:41.0525 2824 CertPropSvc - ok22:28:41.0634 2824 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys22:28:41.0649 2824 circlass - ok22:28:41.0696 2824 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys22:28:41.0712 2824 CLFS - ok22:28:41.0759 2824 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe22:28:41.0774 2824 clr_optimization_v2.0.50727_32 - ok22:28:41.0805 2824 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe22:28:41.0805 2824 clr_optimization_v2.0.50727_64 - ok22:28:41.0883 2824 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe22:28:41.0899 2824 clr_optimization_v4.0.30319_32 - ok22:28:41.0899 2824 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe22:28:41.0915 2824 clr_optimization_v4.0.30319_64 - ok22:28:41.0915 2824 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys22:28:41.0930 2824 CmBatt - ok22:28:41.0946 2824 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys22:28:41.0946 2824 cmdide - ok22:28:42.0008 2824 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys22:28:42.0039 2824 CNG - ok22:28:42.0055 2824 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys22:28:42.0055 2824 Compbatt - ok22:28:42.0071 2824 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys22:28:42.0086 2824 CompositeBus - ok22:28:42.0102 2824 COMSysApp - ok22:28:42.0102 2824 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys22:28:42.0102 2824 crcdisk - ok22:28:42.0149 2824 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll22:28:42.0180 2824 CryptSvc - ok22:28:42.0227 2824 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll22:28:42.0273 2824 DcomLaunch - ok22:28:42.0305 2824 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll22:28:42.0336 2824 defragsvc - ok22:28:42.0351 2824 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys22:28:42.0367 2824 DfsC - ok22:28:42.0414 2824 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll22:28:42.0445 2824 Dhcp - ok22:28:42.0461 2824 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys22:28:42.0476 2824 discache - ok22:28:42.0492 2824 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys22:28:42.0507 2824 Disk - ok22:28:42.0523 2824 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll22:28:42.0539 2824 Dnscache - ok22:28:42.0554 2824 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll22:28:42.0585 2824 dot3svc - ok22:28:42.0601 2824 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll22:28:42.0632 2824 DPS - ok22:28:42.0663 2824 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys22:28:42.0663 2824 drmkaud - ok22:28:42.0726 2824 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys22:28:42.0757 2824 dtsoftbus01 - ok22:28:42.0804 2824 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys22:28:42.0819 2824 DXGKrnl - ok22:28:42.0835 2824 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll22:28:42.0866 2824 EapHost - ok22:28:43.0038 2824 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys22:28:43.0085 2824 ebdrv - ok22:28:43.0194 2824 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe22:28:43.0225 2824 EFS - ok22:28:43.0287 2824 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe22:28:43.0319 2824 ehRecvr - ok22:28:43.0350 2824 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe22:28:43.0350 2824 ehSched - ok22:28:43.0412 2824 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys22:28:43.0443 2824 elxstor - ok22:28:43.0584 2824 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe22:28:43.0584 2824 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning22:28:43.0584 2824 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)22:28:43.0599 2824 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys22:28:43.0615 2824 ErrDev - ok22:28:43.0662 2824 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll22:28:43.0709 2824 EventSystem - ok22:28:43.0724 2824 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys22:28:43.0755 2824 exfat - ok22:28:43.0771 2824 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys22:28:43.0787 2824 fastfat - ok22:28:43.0833 2824 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe22:28:43.0849 2824 Fax - ok22:28:43.0865 2824 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys22:28:43.0865 2824 fdc - ok22:28:43.0880 2824 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll22:28:43.0911 2824 fdPHost - ok22:28:43.0927 2824 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll22:28:43.0943 2824 FDResPub - ok22:28:43.0958 2824 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys22:28:43.0958 2824 FileInfo - ok22:28:43.0974 2824 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys22:28:44.0005 2824 Filetrace - ok22:28:44.0005 2824 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys22:28:44.0021 2824 flpydisk - ok22:28:44.0052 2824 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys22:28:44.0052 2824 FltMgr - ok22:28:44.0130 2824 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll22:28:44.0145 2824 FontCache - ok22:28:44.0223 2824 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe22:28:44.0239 2824 FontCache3.0.0.0 - ok22:28:44.0255 2824 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys22:28:44.0270 2824 FsDepends - ok22:28:44.0317 2824 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys22:28:44.0333 2824 Fs_Rec - ok22:28:44.0364 2824 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys22:28:44.0379 2824 fvevol - ok22:28:44.0379 2824 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys22:28:44.0395 2824 gagp30kx - ok22:28:44.0442 2824 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll22:28:44.0473 2824 gpsvc - ok22:28:44.0520 2824 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys22:28:44.0520 2824 hamachi - ok22:28:44.0723 2824 Hamachi2Svc (d483dbaef409e8ab7477c28615fcd853) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe22:28:44.0769 2824 Hamachi2Svc - ok22:28:44.0863 2824 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys22:28:44.0879 2824 hcw85cir - ok22:28:44.0910 2824 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys22:28:44.0925 2824 HdAudAddService - ok22:28:44.0941 2824 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys22:28:44.0957 2824 HDAudBus - ok22:28:44.0957 2824 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys22:28:44.0972 2824 HidBatt - ok22:28:44.0988 2824 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys22:28:45.0003 2824 HidBth - ok22:28:45.0035 2824 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys22:28:45.0050 2824 HidIr - ok22:28:45.0066 2824 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll22:28:45.0081 2824 hidserv - ok22:28:45.0128 2824 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys22:28:45.0144 2824 HidUsb - ok22:28:45.0237 2824 HiPatchService (7ea28605e37617f9f7ea918e3b811319) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe22:28:45.0237 2824 HiPatchService ( UnsignedFile.Multi.Generic ) - warning22:28:45.0237 2824 HiPatchService - detected UnsignedFile.Multi.Generic (1)22:28:45.0269 2824 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll22:28:45.0315 2824 hkmsvc - ok22:28:45.0331 2824 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll22:28:45.0347 2824 HomeGroupListener - ok22:28:45.0362 2824 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll22:28:45.0362 2824 HomeGroupProvider - ok22:28:45.0393 2824 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys22:28:45.0393 2824 HpSAMD - ok22:28:45.0456 2824 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys22:28:45.0487 2824 HTTP - ok22:28:45.0487 2824 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys22:28:45.0503 2824 hwpolicy - ok22:28:45.0534 2824 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys22:28:45.0534 2824 i8042prt - ok22:28:45.0581 2824 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys22:28:45.0612 2824 iaStorV - ok22:28:45.0721 2824 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe22:28:45.0752 2824 idsvc - ok22:28:45.0752 2824 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys22:28:45.0768 2824 iirsp - ok22:28:45.0830 2824 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll22:28:45.0861 2824 IKEEXT - ok22:28:46.0017 2824 IntcAzAudAddService (eb5fa493a4b6ea290200ae39eba2fbc6) C:\Windows\system32\drivers\RTKVHD64.sys22:28:46.0064 2824 IntcAzAudAddService - ok22:28:46.0173 2824 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys22:28:46.0189 2824 intelide - ok22:28:46.0220 2824 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys22:28:46.0220 2824 intelppm - ok22:28:46.0236 2824 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll22:28:46.0267 2824 IPBusEnum - ok22:28:46.0283 2824 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys22:28:46.0314 2824 IpFilterDriver - ok22:28:46.0314 2824 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys22:28:46.0314 2824 IPMIDRV - ok22:28:46.0345 2824 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys22:28:46.0376 2824 IPNAT - ok22:28:46.0392 2824 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys22:28:46.0407 2824 IRENUM - ok22:28:46.0407 2824 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys22:28:46.0407 2824 isapnp - ok22:28:46.0439 2824 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys22:28:46.0454 2824 iScsiPrt - ok22:28:46.0485 2824 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys22:28:46.0501 2824 kbdclass - ok22:28:46.0501 2824 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys22:28:46.0517 2824 kbdhid - ok22:28:46.0563 2824 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe22:28:46.0579 2824 KeyIso - ok22:28:46.0610 2824 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys22:28:46.0626 2824 KSecDD - ok22:28:46.0657 2824 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys22:28:46.0657 2824 KSecPkg - ok22:28:46.0673 2824 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys22:28:46.0704 2824 ksthunk - ok22:28:46.0751 2824 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll22:28:46.0797 2824 KtmRm - ok22:28:46.0829 2824 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll22:28:46.0844 2824 LanmanServer - ok22:28:46.0875 2824 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll22:28:46.0907 2824 LanmanWorkstation - ok22:28:46.0922 2824 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys22:28:46.0953 2824 lltdio - ok22:28:46.0985 2824 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll22:28:47.0016 2824 lltdsvc - ok22:28:47.0031 2824 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll22:28:47.0063 2824 lmhosts - ok22:28:47.0094 2824 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys22:28:47.0109 2824 LSI_FC - ok22:28:47.0109 2824 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys22:28:47.0125 2824 LSI_SAS - ok22:28:47.0141 2824 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys22:28:47.0141 2824 LSI_SAS2 - ok22:28:47.0156 2824 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys22:28:47.0156 2824 LSI_SCSI - ok22:28:47.0172 2824 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys22:28:47.0203 2824 luafv - ok22:28:47.0234 2824 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys22:28:47.0250 2824 MBAMProtector - ok22:28:47.0343 2824 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe22:28:47.0375 2824 MBAMService - ok22:28:47.0406 2824 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll22:28:47.0406 2824 Mcx2Svc - ok22:28:47.0421 2824 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys22:28:47.0437 2824 megasas - ok22:28:47.0437 2824 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys22:28:47.0453 2824 MegaSR - ok22:28:47.0468 2824 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll22:28:47.0499 2824 MMCSS - ok22:28:47.0515 2824 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys22:28:47.0546 2824 Modem - ok22:28:47.0562 2824 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys22:28:47.0577 2824 monitor - ok22:28:47.0577 2824 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys22:28:47.0577 2824 mouclass - ok22:28:47.0593 2824 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys22:28:47.0609 2824 mouhid - ok22:28:47.0624 2824 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys22:28:47.0624 2824 mountmgr - ok22:28:47.0655 2824 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys22:28:47.0671 2824 MpFilter - ok22:28:47.0687 2824 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys22:28:47.0702 2824 mpio - ok22:28:47.0718 2824 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys22:28:47.0749 2824 mpsdrv - ok22:28:47.0765 2824 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys22:28:47.0780 2824 MRxDAV - ok22:28:47.0811 2824 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys22:28:47.0811 2824 mrxsmb - ok22:28:47.0843 2824 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys22:28:47.0843 2824 mrxsmb10 - ok22:28:47.0858 2824 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys22:28:47.0874 2824 mrxsmb20 - ok22:28:47.0889 2824 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys22:28:47.0905 2824 msahci - ok22:28:47.0921 2824 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys22:28:47.0936 2824 msdsm - ok22:28:47.0967 2824 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe22:28:47.0967 2824 MSDTC - ok22:28:47.0999 2824 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys22:28:48.0030 2824 Msfs - ok22:28:48.0045 2824 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys22:28:48.0092 2824 mshidkmdf - ok22:28:48.0123 2824 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys22:28:48.0139 2824 msisadrv - ok22:28:48.0170 2824 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll22:28:48.0186 2824 MSiSCSI - ok22:28:48.0201 2824 msiserver - ok22:28:48.0217 2824 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys22:28:48.0248 2824 MSKSSRV - ok22:28:48.0248 2824 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys22:28:48.0279 2824 MSPCLOCK - ok22:28:48.0279 2824 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys22:28:48.0311 2824 MSPQM - ok22:28:48.0342 2824 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys22:28:48.0342 2824 MsRPC - ok22:28:48.0357 2824 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys22:28:48.0373 2824 mssmbios - ok22:28:48.0389 2824 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys22:28:48.0404 2824 MSTEE - ok22:28:48.0420 2824 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys22:28:48.0435 2824 MTConfig - ok22:28:48.0467 2824 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys22:28:48.0467 2824 MTsensor - ok22:28:48.0482 2824 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys22:28:48.0482 2824 Mup - ok22:28:48.0529 2824 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll22:28:48.0545 2824 napagent - ok22:28:48.0576 2824 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys22:28:48.0591 2824 NativeWifiP - ok22:28:48.0669 2824 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys22:28:48.0701 2824 NDIS - ok22:28:48.0716 2824 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys22:28:48.0747 2824 NdisCap - ok22:28:48.0763 2824 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys22:28:48.0794 2824 NdisTapi - ok22:28:48.0810 2824 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys22:28:48.0825 2824 Ndisuio - ok22:28:48.0857 2824 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys22:28:48.0872 2824 NdisWan - ok22:28:48.0888 2824 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys22:28:48.0919 2824 NDProxy - ok22:28:48.0919 2824 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys22:28:48.0950 2824 NetBIOS - ok22:28:48.0966 2824 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys22:28:48.0997 2824 NetBT - ok22:28:49.0028 2824 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe22:28:49.0044 2824 Netlogon - ok22:28:49.0075 2824 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll22:28:49.0137 2824 Netman - ok22:28:49.0169 2824 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll22:28:49.0200 2824 netprofm - ok22:28:49.0278 2824 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe22:28:49.0293 2824 NetTcpPortSharing - ok22:28:49.0340 2824 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys22:28:49.0340 2824 nfrd960 - ok22:28:49.0387 2824 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys22:28:49.0403 2824 NisDrv - ok22:28:49.0481 2824 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe22:28:49.0512 2824 NisSrv - ok22:28:49.0527 2824 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll22:28:49.0574 2824 NlaSvc - ok22:28:49.0574 2824 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys22:28:49.0605 2824 Npfs - ok22:28:49.0605 2824 npggsvc - ok22:28:49.0621 2824 NPPTNT2 - ok22:28:49.0621 2824 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll22:28:49.0652 2824 nsi - ok22:28:49.0652 2824 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys22:28:49.0683 2824 nsiproxy - ok22:28:49.0793 2824 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys22:28:49.0824 2824 Ntfs - ok22:28:49.0886 2824 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys22:28:49.0917 2824 Null - ok22:28:49.0949 2824 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys22:28:49.0964 2824 nvraid - ok22:28:49.0980 2824 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys22:28:49.0995 2824 nvstor - ok22:28:50.0027 2824 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys22:28:50.0027 2824 nv_agp - ok22:28:50.0042 2824 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys22:28:50.0042 2824 ohci1394 - ok22:28:50.0073 2824 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll22:28:50.0089 2824 p2pimsvc - ok22:28:50.0105 2824 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll22:28:50.0120 2824 p2psvc - ok22:28:50.0151 2824 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys22:28:50.0151 2824 Parport - ok22:28:50.0198 2824 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys22:28:50.0214 2824 partmgr - ok22:28:50.0229 2824 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll22:28:50.0245 2824 PcaSvc - ok22:28:50.0276 2824 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys22:28:50.0276 2824 pci - ok22:28:50.0292 2824 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys22:28:50.0292 2824 pciide - ok22:28:50.0323 2824 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys22:28:50.0323 2824 pcmcia - ok22:28:50.0339 2824 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys22:28:50.0354 2824 pcw - ok22:28:50.0385 2824 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys22:28:50.0417 2824 PEAUTH - ok22:28:50.0479 2824 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe22:28:50.0510 2824 PerfHost - ok22:28:50.0573 2824 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll22:28:50.0619 2824 pla - ok22:28:50.0666 2824 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll22:28:50.0682 2824 PlugPlay - ok22:28:50.0697 2824 PnkBstrA - ok22:28:50.0713 2824 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll22:28:50.0713 2824 PNRPAutoReg - ok22:28:50.0744 2824 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll22:28:50.0760 2824 PNRPsvc - ok22:28:50.0791 2824 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll22:28:50.0822 2824 PolicyAgent - ok22:28:50.0853 2824 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll22:28:50.0885 2824 Power - ok22:28:50.0931 2824 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys22:28:50.0947 2824 PptpMiniport - ok22:28:50.0978 2824 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys22:28:50.0978 2824 Processor - ok22:28:50.0994 2824 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll22:28:51.0025 2824 ProfSvc - ok22:28:51.0072 2824 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe22:28:51.0087 2824 ProtectedStorage - ok22:28:51.0134 2824 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys22:28:51.0165 2824 Psched - ok22:28:51.0493 2824 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys22:28:51.0540 2824 ql2300 - ok22:28:51.0633 2824 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys22:28:51.0665 2824 ql40xx - ok22:28:51.0696 2824 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll22:28:51.0711 2824 QWAVE - ok22:28:51.0727 2824 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys22:28:51.0743 2824 QWAVEdrv - ok22:28:51.0758 2824 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys22:28:51.0789 2824 RasAcd - ok22:28:51.0821 2824 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys22:28:51.0852 2824 RasAgileVpn - ok22:28:51.0867 2824 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll22:28:51.0899 2824 RasAuto - ok22:28:51.0914 2824 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys22:28:51.0945 2824 Rasl2tp - ok22:28:51.0961 2824 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll22:28:51.0992 2824 RasMan - ok22:28:52.0008 2824 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys22:28:52.0039 2824 RasPppoe - ok22:28:52.0055 2824 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys22:28:52.0086 2824 RasSstp - ok22:28:52.0101 2824 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys22:28:52.0133 2824 rdbss - ok22:28:52.0148 2824 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys22:28:52.0148 2824 rdpbus - ok22:28:52.0179 2824 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys22:28:52.0211 2824 RDPCDD - ok22:28:52.0211 2824 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys22:28:52.0242 2824 RDPENCDD - ok22:28:52.0257 2824 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys22:28:52.0289 2824 RDPREFMP - ok22:28:52.0367 2824 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys22:28:52.0382 2824 RDPWD - ok22:28:52.0398 2824 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys22:28:52.0413 2824 rdyboost - ok22:28:52.0445 2824 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll22:28:52.0476 2824 RemoteAccess - ok22:28:52.0491 2824 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll22:28:52.0523 2824 RemoteRegistry - ok22:28:52.0523 2824 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll22:28:52.0554 2824 RpcEptMapper - ok22:28:52.0569 2824 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe22:28:52.0585 2824 RpcLocator - ok22:28:52.0616 2824 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll22:28:52.0647 2824 RpcSs - ok22:28:52.0663 2824 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys22:28:52.0679 2824 rspndr - ok22:28:52.0741 2824 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys22:28:52.0772 2824 RTL8167 - ok22:28:52.0803 2824 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe22:28:52.0835 2824 SamSs - ok22:28:52.0850 2824 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys22:28:52.0866 2824 sbp2port - ok22:28:52.0975 2824 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe22:28:52.0991 2824 SBSDWSCService - ok22:28:53.0006 2824 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll22:28:53.0053 2824 SCardSvr - ok22:28:53.0084 2824 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys22:28:53.0115 2824 scfilter - ok22:28:53.0178 2824 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll22:28:53.0209 2824 Schedule - ok22:28:53.0240 2824 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll22:28:53.0256 2824 SCPolicySvc - ok22:28:53.0271 2824 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll22:28:53.0287 2824 SDRSVC - ok22:28:53.0303 2824 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys22:28:53.0334 2824 secdrv - ok22:28:53.0349 2824 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll22:28:53.0381 2824 seclogon - ok22:28:53.0396 2824 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll22:28:53.0412 2824 SENS - ok22:28:53.0427 2824 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll22:28:53.0443 2824 SensrSvc - ok22:28:53.0459 2824 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys22:28:53.0459 2824 Serenum - ok22:28:53.0474 2824 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys22:28:53.0490 2824 Serial - ok22:28:53.0505 2824 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys22:28:53.0521 2824 sermouse - ok22:28:53.0521 2824 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll22:28:53.0552 2824 SessionEnv - ok22:28:53.0568 2824 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys22:28:53.0583 2824 sffdisk - ok22:28:53.0583 2824 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys22:28:53.0599 2824 sffp_mmc - ok22:28:53.0615 2824 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys22:28:53.0630 2824 sffp_sd - ok22:28:53.0646 2824 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys22:28:53.0646 2824 sfloppy - ok22:28:53.0708 2824 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll22:28:53.0755 2824 ShellHWDetection - ok22:28:53.0771 2824 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys22:28:53.0771 2824 SiSRaid2 - ok22:28:53.0786 2824 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys22:28:53.0802 2824 SiSRaid4 - ok22:28:53.0880 2824 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe22:28:53.0895 2824 SkypeUpdate - ok22:28:53.0911 2824 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys22:28:53.0942 2824 Smb - ok22:28:53.0973 2824 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe22:28:53.0973 2824 SNMPTRAP - ok22:28:53.0989 2824 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys22:28:53.0989 2824 spldr - ok22:28:54.0036 2824 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe22:28:54.0067 2824 Spooler - ok22:28:54.0223 2824 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe22:28:54.0285 2824 sppsvc - ok22:28:54.0363 2824 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll22:28:54.0410 2824 sppuinotify - ok22:28:54.0473 2824 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys22:28:54.0488 2824 srv - ok22:28:54.0519 2824 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys22:28:54.0551 2824 srv2 - ok22:28:54.0566 2824 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys22:28:54.0566 2824 srvnet - ok22:28:54.0613 2824 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll22:28:54.0629 2824 SSDPSRV - ok22:28:54.0644 2824 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll22:28:54.0675 2824 SstpSvc - ok22:28:54.0722 2824 Steam Client Service - ok22:28:54.0753 2824 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys22:28:54.0769 2824 stexstor - ok22:28:54.0831 2824 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll22:28:54.0863 2824 stisvc - ok22:28:54.0863 2824 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys22:28:54.0878 2824 swenum - ok22:28:54.0909 2824 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll22:28:54.0941 2824 swprv - ok22:28:55.0019 2824 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll22:28:55.0034 2824 SysMain - ok22:28:55.0143 2824 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll22:28:55.0175 2824 TabletInputService - ok22:28:55.0221 2824 tap0901t (b08740047145b9bce15bf75ca0f9718a) C:\Windows\system32\DRIVERS\tap0901t.sys22:28:55.0237 2824 tap0901t - ok22:28:55.0253 2824 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll22:28:55.0299 2824 TapiSrv - ok22:28:55.0315 2824 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll22:28:55.0331 2824 TBS - ok22:28:55.0487 2824 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys22:28:55.0518 2824 Tcpip - ok22:28:55.0674 2824 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys22:28:55.0721 2824 TCPIP6 - ok22:28:55.0767 2824 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys22:28:55.0799 2824 tcpipreg - ok22:28:55.0814 2824 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys22:28:55.0814 2824 TDPIPE - ok22:28:55.0845 2824 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys22:28:55.0845 2824 TDTCP - ok22:28:55.0861 2824 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys22:28:55.0892 2824 tdx - ok22:28:55.0908 2824 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys22:28:55.0923 2824 TermDD - ok22:28:55.0955 2824 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll22:28:55.0986 2824 TermService - ok22:28:56.0017 2824 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll22:28:56.0017 2824 Themes - ok22:28:56.0033 2824 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll22:28:56.0064 2824 THREADORDER - ok22:28:56.0079 2824 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll22:28:56.0111 2824 TrkWks - ok22:28:56.0142 2824 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe22:28:56.0173 2824 TrustedInstaller - ok22:28:56.0204 2824 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys22:28:56.0235 2824 tssecsrv - ok22:28:56.0235 2824 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys22:28:56.0251 2824 TsUsbFlt - ok22:28:56.0251 2824 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys22:28:56.0267 2824 TsUsbGD - ok22:28:56.0282 2824 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys22:28:56.0313 2824 tunnel - ok22:28:56.0407 2824 TunngleService (7a34128510eeb13cf8583531c8fb081c) C:\Program Files (x86)\Tunngle\TnglCtrl.exe22:28:56.0438 2824 TunngleService - ok22:28:56.0454 2824 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys22:28:56.0469 2824 uagp35 - ok22:28:56.0501 2824 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys22:28:56.0532 2824 udfs - ok22:28:56.0547 2824 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe22:28:56.0563 2824 UI0Detect - ok22:28:56.0579 2824 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys22:28:56.0579 2824 uliagpkx - ok22:28:56.0594 2824 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys22:28:56.0610 2824 umbus - ok22:28:56.0625 2824 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys22:28:56.0641 2824 UmPass - ok22:28:56.0672 2824 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll22:28:56.0688 2824 upnphost - ok22:28:56.0735 2824 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys22:28:56.0735 2824 usbaudio - ok22:28:56.0766 2824 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys22:28:56.0781 2824 usbccgp - ok22:28:56.0797 2824 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys22:28:56.0813 2824 usbcir - ok22:28:56.0828 2824 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys22:28:56.0844 2824 usbehci - ok22:28:56.0875 2824 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys22:28:56.0891 2824 usbhub - ok22:28:56.0891 2824 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys22:28:56.0906 2824 usbohci - ok22:28:56.0906 2824 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys22:28:56.0922 2824 usbprint - ok22:28:56.0937 2824 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS22:28:56.0937 2824 USBSTOR - ok22:28:56.0953 2824 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys22:28:56.0953 2824 usbuhci - ok22:28:56.0969 2824 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll22:28:57.0000 2824 UxSms - ok22:28:57.0047 2824 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe22:28:57.0062 2824 VaultSvc - ok22:28:57.0078 2824 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys22:28:57.0093 2824 vdrvroot - ok22:28:57.0140 2824 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe22:28:57.0171 2824 vds - ok22:28:57.0187 2824 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys22:28:57.0187 2824 vga - ok22:28:57.0203 2824 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys22:28:57.0234 2824 VgaSave - ok22:28:57.0249 2824 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys22:28:57.0265 2824 vhdmp - ok22:28:57.0265 2824 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys22:28:57.0281 2824 viaide - ok22:28:57.0296 2824 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys22:28:57.0312 2824 volmgr - ok22:28:57.0327 2824 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys22:28:57.0343 2824 volmgrx - ok22:28:57.0359 2824 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys22:28:57.0374 2824 volsnap - ok22:28:57.0530 2824 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys22:28:57.0561 2824 vsmraid - ok22:28:57.0655 2824 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe22:28:57.0702 2824 VSS - ok22:28:57.0795 2824 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys22:28:57.0811 2824 vwifibus - ok22:28:57.0967 2824 VX1000 (7959ea6eadc1aaf7fb40678f0bab4c0e) C:\Windows\system32\DRIVERS\VX1000.sys22:28:58.0014 2824 VX1000 - ok22:28:58.0107 2824 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll22:28:58.0139 2824 W32Time - ok22:28:58.0154 2824 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys22:28:58.0154 2824 WacomPen - ok22:28:58.0185 2824 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys22:28:58.0217 2824 WANARP - ok22:28:58.0217 2824 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys22:28:58.0232 2824 Wanarpv6 - ok22:28:58.0326 2824 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe22:28:58.0341 2824 WatAdminSvc - ok22:28:58.0451 2824 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe22:28:58.0482 2824 wbengine - ok22:28:58.0529 2824 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll22:28:58.0544 2824 WbioSrvc - ok22:28:58.0560 2824 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll22:28:58.0575 2824 wcncsvc - ok22:28:58.0591 2824 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll22:28:58.0607 2824 WcsPlugInService - ok22:28:58.0607 2824 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys22:28:58.0622 2824 Wd - ok22:28:58.0653 2824 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys22:28:58.0669 2824 Wdf01000 - ok22:28:58.0685 2824 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll22:28:58.0700 2824 WdiServiceHost - ok22:28:58.0700 2824 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll22:28:58.0716 2824 WdiSystemHost - ok22:28:58.0731 2824 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll22:28:58.0747 2824 WebClient - ok22:28:58.0763 2824 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll22:28:58.0794 2824 Wecsvc - ok22:28:58.0809 2824 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll22:28:58.0841 2824 wercplsupport - ok22:28:58.0856 2824 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll22:28:58.0887 2824 WerSvc - ok22:28:58.0919 2824 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys22:28:58.0934 2824 WfpLwf - ok22:28:58.0950 2824 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys22:28:58.0965 2824 WIMMount - ok22:28:58.0965 2824 WinHttpAutoProxySvc - ok22:28:58.0997 2824 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll22:28:59.0028 2824 Winmgmt - ok22:28:59.0121 2824 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll22:28:59.0168 2824 WinRM - ok22:28:59.0293 2824 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll22:28:59.0324 2824 Wlansvc - ok22:28:59.0511 2824 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE22:28:59.0543 2824 wlidsvc - ok22:28:59.0605 2824 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys22:28:59.0621 2824 WmiAcpi - ok22:28:59.0652 2824 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe22:28:59.0667 2824 wmiApSrv - ok22:28:59.0667 2824 WMPNetworkSvc - ok22:28:59.0683 2824 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll22:28:59.0699 2824 WPCSvc - ok22:28:59.0714 2824 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll22:28:59.0714 2824 WPDBusEnum - ok22:28:59.0730 2824 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys22:28:59.0761 2824 ws2ifsl - ok22:28:59.0761 2824 WSearch - ok22:28:59.0901 2824 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll22:28:59.0948 2824 wuauserv - ok22:29:00.0057 2824 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys22:29:00.0104 2824 WudfPf - ok22:29:00.0120 2824 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll22:29:00.0151 2824 wudfsvc - ok22:29:00.0182 2824 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll22:29:00.0198 2824 WwanSvc - ok22:29:00.0213 2824 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR022:29:00.0525 2824 \Device\Harddisk0\DR0 - ok22:29:00.0525 2824 Boot (0x1200) (dd4ef2824251f4020f7656726dfc6c04) \Device\Harddisk0\DR0\Partition022:29:00.0525 2824 \Device\Harddisk0\DR0\Partition0 - ok22:29:00.0557 2824 Boot (0x1200) (acf234909bf990fb40592f0f64c07e67) \Device\Harddisk0\DR0\Partition122:29:00.0557 2824 \Device\Harddisk0\DR0\Partition1 - ok22:29:00.0557 2824 ============================================================22:29:00.0557 2824 Scan finished22:29:00.0557 2824 ============================================================22:29:00.0572 2220 Detected object count: 222:29:00.0572 2220 Actual detected object count: 222:29:14.0316 2220 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user22:29:14.0316 2220 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip22:29:14.0316 2220 HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user22:29:14.0316 2220 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip22:29:19.0043 3564 Deinitialize successMBAM:Malwarebytes Anti-Malware (Trial) 1.61.0.1400www.malwarebytes.orgDatabase version: v2012.06.03.06Windows 7 Service Pack 1 x64 NTFSInternet Explorer 8.0.7601.17514Kelvin :: KIM-JONG-IL [administrator]Protection: Enabled03/06/2012 22:30:45mbam-log-2012-06-03 (22-30-45).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 221045Time elapsed: 1 minute(s), 31 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 1C:\Windows\Installer\{b11744b3-706b-35b6-e7dc-ff6ae50d6f6f}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.(end) Link to post Share on other sites More sharing options...
Esskay Posted June 4, 2012 Author ID:557333 Share Posted June 4, 2012 DDS:.DDS (Ver_2011-08-26.01) - NTFSAMD64Internet Explorer: 8.0.7601.17514Run by Kelvin at 22:36:06 on 2012-06-03Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8174.6939 [GMT 1:00].AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\atieclxx.exeC:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exec:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Windows\System32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exeC:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exeC:\Windows\SysWOW64\PnkBstrA.exeC:\Program Files (x86)\Skype\Updater\Updater.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Windows\vVX1000.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exec:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\cscript.exeC:\Windows\system32\wbem\wmiprvse.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit=userinit.exe,BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dllBHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dlluRun: [Google Update] "C:\Users\Kelvin\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [Epson Stylus Photo PX720WD(Network)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGYE.EXE /FU "C:\Windows\TEMP\E_SE724.tmp" /EF "HKCU"uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorunuRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /backgrounduRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrunmRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-startmRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" amlmRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttrayStartupFolder: C:\Users\Kelvin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\IMPULS~1.LNK - C:\ERROR\ImpulseNow.exeStartupFolder: C:\Users\Kelvin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Xfire.lnk - C:\Program Files (x86)\Xfire\Xfire.exemPolicies-explorer: NoActiveDesktop = 1 (0x1)mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)mPolicies-system: EnableLUA = 0 (0x0)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)mPolicies-system: PromptOnSecureDesktop = 0 (0x0)IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dllLSP: mswsock.dllDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabTCP: Interfaces\{14222484-5BC8-4226-9E2B-07D58D78D64F} : DhcpNameServer = 192.168.1.254TCP: Interfaces\{45CCCE97-DF47-45D4-BA1F-871C2CD1168E} : DhcpNameServer = 7.254.254.254Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLBHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO-X64: AcroIEHelperStub - No FileBHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dllBHO-X64: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dllBHO-X64: AMD SteadyVideo BHO - No FileBHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllmRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-startmRun-x64: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" amlmRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttrayHosts: 127.0.0.1 www.spywareinfo.com.============= SERVICES / DRIVERS ===============.P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-4-13 8704]R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-4-5 361984]R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-2-28 2343816]R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\system32\DRIVERS\tap0901t.sys --> C:\Windows\system32\DRIVERS\tap0901t.sys [?]S2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]S2 AODService;AODService;C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2011-10-14 136616]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-31 654408]S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-2-19 1153368]S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2011-12-29 736104]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?].=============== Created Last 30 ================.2012-06-03 21:18:12 -------- d-----w- C:\Users\Kelvin\AppData\Local\{355EB578-BA71-4C19-9E31-5178507E372E}2012-06-01 09:31:22 -------- d-----w- C:\Users\Kelvin\AppData\Local\{397C6C5C-BD0D-44D3-B71A-BFF832B5D95D}2012-05-31 21:41:15 -------- d-----w- C:\Users\Kelvin\AppData\Local\{A21F41C3-F74F-4546-946B-C189915BE8DB}2012-05-31 20:57:17 -------- d-----w- C:\Users\Kelvin\AppData\Roaming\Malwarebytes2012-05-31 20:57:09 -------- d-----w- C:\ProgramData\Malwarebytes2012-05-31 20:57:08 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys2012-05-31 20:57:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2012-05-31 09:40:47 -------- d-----w- C:\Users\Kelvin\AppData\Local\{5C3264ED-45B5-4E40-B7DE-84F7B40AC449}2012-05-31 09:40:36 -------- d-----w- C:\Users\Kelvin\AppData\Local\{CAA1442C-E5C6-4F3C-8C79-1F2FF496D5D0}2012-05-31 01:22:56 -------- d-sh--w- C:\Windows\System32\%APPDATA%2012-05-31 01:12:59 -------- d-----w- C:\Users\Kelvin\AppData\Local\{C108D650-AABD-11E1-8270-B8AC6F996F26}2012-05-30 11:37:46 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9E62959B-44DB-4F32-8153-801D9FFE761A}\mpengine.dll2012-05-30 11:26:23 -------- d-----w- C:\Users\Kelvin\AppData\Local\{BA3F6A81-028C-46DD-84FD-C3D66D37FD6A}2012-05-30 11:26:13 -------- d-----w- C:\Users\Kelvin\AppData\Local\{D2EF11CF-3D2E-4DE4-B3F4-664551E5F18B}2012-05-29 09:15:18 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2012-05-29 09:05:14 -------- d-----w- C:\Users\Kelvin\AppData\Local\{6C379F3F-9A2A-40D9-B3CC-2AE6BA4BFAC5}2012-05-29 09:05:03 -------- d-----w- C:\Users\Kelvin\AppData\Local\{81A021E1-7C09-45D5-8D7B-D99EC6B959A3}2012-05-28 11:14:51 -------- d-----w- C:\Users\Kelvin\AppData\Local\{0ECAC8F5-01C5-4C3A-BB86-A23FCF072CB5}2012-05-28 11:14:30 -------- d-----w- C:\Users\Kelvin\AppData\Local\{2E1C66C7-427D-409E-9305-4D3F255FE522}2012-05-27 23:14:05 -------- d-----w- C:\Users\Kelvin\AppData\Local\{260250CD-4B3C-4942-91C7-5676B5B787D0}2012-05-27 23:13:43 -------- d-----w- C:\Users\Kelvin\AppData\Local\{4E590710-F8AD-4694-8C4E-6C1E85183D55}2012-05-27 11:12:56 -------- d-----w- C:\Users\Kelvin\AppData\Local\{8B7E28D3-3FD9-4AD6-B089-1F573A758E39}2012-05-27 11:12:39 -------- d-----w- C:\Users\Kelvin\AppData\Local\{F26CC650-7ECC-4A92-80D2-83379678463F}2012-05-26 22:52:04 -------- d-----w- C:\Users\Kelvin\AppData\Local\{FFE8993D-9027-4334-B01B-6A893BCCEF35}2012-05-26 22:51:42 -------- d-----w- C:\Users\Kelvin\AppData\Local\{6A678D74-F62C-4CA4-9222-1BCEA6E3168B}2012-05-26 10:51:16 -------- d-----w- C:\Users\Kelvin\AppData\Local\{B3572A03-A69A-4F5D-9C46-93990BA19F3A}2012-05-26 10:50:51 -------- d-----w- C:\Users\Kelvin\AppData\Local\{9AB3946F-2616-4001-AC01-EB44EB0745AB}2012-05-25 10:51:40 -------- d-----w- C:\Users\Kelvin\AppData\Local\{E475792C-774C-462E-AB5D-8D7F1553CFA7}2012-05-25 10:51:25 -------- d-----w- C:\Users\Kelvin\AppData\Local\{AFA7D40E-CA43-412F-B5ED-61604AA3D804}2012-05-24 21:04:35 -------- d-----w- C:\Users\Kelvin\AppData\Local\{4F02D55E-6C52-4951-AE6B-884AD10C6E9F}2012-05-24 21:04:14 -------- d-----w- C:\Users\Kelvin\AppData\Local\{58488005-13E4-49D1-973A-E70B77702D23}2012-05-24 09:03:44 -------- d-----w- C:\Users\Kelvin\AppData\Local\{BB35867F-E417-46AF-95B9-02A83EFB6AD5}2012-05-24 09:03:23 -------- d-----w- C:\Users\Kelvin\AppData\Local\{BE062FD4-B4C9-495B-B526-4203A963D023}2012-05-23 06:37:24 -------- d-----w- C:\Users\Kelvin\AppData\Local\{33626DF0-9EEB-4B72-A722-5B0CFF585F97}2012-05-23 06:37:13 -------- d-----w- C:\Users\Kelvin\AppData\Local\{5A33C6FC-1431-402E-833F-330477072F81}2012-05-22 12:53:28 -------- d-----w- C:\Users\Kelvin\AppData\Local\{F2A01867-3AF7-4344-BDEA-A11FD16787B8}2012-05-22 12:53:17 -------- d-----w- C:\Users\Kelvin\AppData\Local\{E6CFB819-9438-4951-96A4-572B83A03B84}2012-05-21 23:35:14 -------- d-----w- C:\Users\Kelvin\AppData\Local\{E2454472-9A5B-48D8-A640-F2CBD972E147}2012-05-21 23:34:52 -------- d-----w- C:\Users\Kelvin\AppData\Local\{F4BB236A-AA24-4151-8656-004FF7AF841F}2012-05-21 11:34:41 -------- d-----w- C:\Users\Kelvin\AppData\Local\{07C8AEB9-AC44-456D-989D-074B77120C5F}2012-05-21 11:34:20 -------- d-----w- C:\Users\Kelvin\AppData\Local\{44ADE3A3-DB89-4F9C-9570-BD2E11C20992}2012-05-20 23:33:55 -------- d-----w- C:\Users\Kelvin\AppData\Local\{8ED81D57-84E8-4D3E-89B0-43711341CB34}2012-05-20 23:33:34 -------- d-----w- C:\Users\Kelvin\AppData\Local\{8EB12C46-86EC-496A-84D0-DC8E99C6D5E2}2012-05-20 11:33:09 -------- d-----w- C:\Users\Kelvin\AppData\Local\{5B7054E1-9454-48C2-89F7-0A6692278267}2012-05-20 11:32:56 -------- d-----w- C:\Users\Kelvin\AppData\Local\{51ACAA12-805C-4167-A307-BCAD31143230}2012-05-19 20:54:49 -------- d-----w- C:\Users\Kelvin\AppData\Local\{445CA2DA-1FD5-44BF-9A5C-E0A6604977A7}2012-05-19 20:54:28 -------- d-----w- C:\Users\Kelvin\AppData\Local\{E93C5463-D084-4840-A982-422C43B7721D}2012-05-19 08:54:02 -------- d-----w- C:\Users\Kelvin\AppData\Local\{85CFEA22-1C5A-4BFF-83A5-2C29860D600A}2012-05-19 08:53:49 -------- d-----w- C:\Users\Kelvin\AppData\Local\{FCA0C89D-338B-471F-B94E-801ADD1974BB}2012-05-18 12:44:36 -------- d-----w- C:\Users\Kelvin\AppData\Local\{68708074-880D-45D8-8646-640A2D4DD0B9}2012-05-18 12:44:14 -------- d-----w- C:\Users\Kelvin\AppData\Local\{116467C5-9C9F-4633-B67C-590EAC3CA57A}2012-05-18 00:43:50 -------- d-----w- C:\Users\Kelvin\AppData\Local\{AA9546E0-E65A-4358-8505-6662B6EC566F}2012-05-18 00:43:29 -------- d-----w- C:\Users\Kelvin\AppData\Local\{EE426EB3-7C91-410C-BA91-0F1A5FB59A52}2012-05-17 12:43:04 -------- d-----w- C:\Users\Kelvin\AppData\Local\{78A47731-1DCD-4FA8-9A87-7C680376E79A}2012-05-17 12:42:54 -------- d-----w- C:\Users\Kelvin\AppData\Local\{0027EEF3-9EC6-4DE4-8FCB-5FE553232619}2012-05-16 11:52:36 -------- d-----w- C:\Users\Kelvin\AppData\Local\{A69D59DE-6617-4E60-B053-FD87D669543A}2012-05-16 11:52:14 -------- d-----w- C:\Users\Kelvin\AppData\Local\{8B259E81-EF38-4B64-AF87-E4A663CAE277}2012-05-15 23:51:50 -------- d-----w- C:\Users\Kelvin\AppData\Local\{71A1876D-BE2D-4A7D-BB9F-49CA39D8AE58}2012-05-15 23:51:28 -------- d-----w- C:\Users\Kelvin\AppData\Local\{A2ADCE19-EEEB-448C-9ABA-65315A4D62F9}2012-05-15 11:50:52 -------- d-----w- C:\Users\Kelvin\AppData\Local\{A90F1A62-CABB-4752-B540-AEFA203ACCB8}2012-05-15 11:50:28 -------- d-----w- C:\Users\Kelvin\AppData\Local\{03B7B286-9AF6-4682-BDD6-C5BC2909997A}2012-05-14 23:38:22 -------- d-----w- C:\Users\Kelvin\AppData\Local\{F453946E-5FB4-40C2-B044-F23539C75314}2012-05-14 23:38:01 -------- d-----w- C:\Users\Kelvin\AppData\Local\{31F222C0-1F2B-4BA5-8D6D-AB4FC73A8900}2012-05-14 11:37:36 -------- d-----w- C:\Users\Kelvin\AppData\Local\{0475F780-C8C9-431C-B716-FB3EFF278178}2012-05-14 11:37:23 -------- d-----w- C:\Users\Kelvin\AppData\Local\{21522DB1-983B-4786-AB5C-8C41DE049F34}2012-05-13 14:59:48 -------- d-----w- C:\Users\Kelvin\AppData\Local\{11B0DCD8-6A93-4347-919D-EDAF5CB02044}2012-05-13 14:59:34 -------- d-----w- C:\Users\Kelvin\AppData\Local\{4368FD49-2B6F-4A46-9D7D-ED06BF6FA842}2012-05-11 11:42:44 -------- d-----w- C:\Users\Kelvin\AppData\Local\{5F79C881-634D-4D57-BB6C-1869C03A52EC}2012-05-11 11:42:32 -------- d-----w- C:\Users\Kelvin\AppData\Local\{B75BEC9C-B31C-4AD6-8FE4-BE16B5DC24E7}2012-05-11 00:55:28 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%2012-05-10 23:25:30 1544704 ----a-w- C:\Windows\System32\DWrite.dll2012-05-10 23:25:30 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll2012-05-10 23:25:29 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe2012-05-10 23:25:29 3146240 ----a-w- C:\Windows\System32\win32k.sys2012-05-10 23:25:28 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2012-05-10 23:25:28 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2012-05-10 23:24:54 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys2012-05-10 23:24:45 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys2012-05-10 23:24:44 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL2012-05-10 23:24:44 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll2012-05-10 23:24:43 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll2012-05-10 23:24:43 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll2012-05-10 23:24:43 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll2012-05-10 18:38:35 -------- d-----w- C:\Users\Kelvin\AppData\Local\{4D71D39C-D7BB-41CC-85AB-145982AABD63}2012-05-10 18:38:14 -------- d-----w- C:\Users\Kelvin\AppData\Local\{55B2C8B8-D0A1-460D-8169-7C485F6CB746}2012-05-10 06:38:01 -------- d-----w- C:\Users\Kelvin\AppData\Local\{EA5E0728-3BC9-4B5E-982B-FD90B72D4086}2012-05-10 06:37:35 -------- d-----w- C:\Users\Kelvin\AppData\Local\{AD7B2C2D-BCF2-4B70-977A-F4CFB83F05D3}2012-05-09 11:54:37 -------- d-----w- C:\Users\Kelvin\AppData\Local\{47625E10-ED3E-4B1C-B2E7-BAFBC0C70242}2012-05-09 11:54:23 -------- d-----w- C:\Users\Kelvin\AppData\Local\{ACA9BD5D-A5A3-4A28-8E78-0E8929D64C09}2012-05-08 23:21:54 -------- d-----w- C:\Users\Kelvin\AppData\Local\{36B9E144-62A0-404A-B486-308925E6BC21}2012-05-08 23:21:32 -------- d-----w- C:\Users\Kelvin\AppData\Local\{3271D7C3-5854-4FFF-8964-94F69179F3BE}2012-05-08 14:48:30 -------- d-----w- C:\Users\Kelvin\AppData\Local\ArmA 22012-05-08 14:14:36 -------- d-----w- C:\Users\Kelvin\AppData\Local\ArmA 2 OA2012-05-08 12:17:00 -------- d-----w- C:\Program Files (x86)\Bohemia Interactive2012-05-08 11:21:20 -------- d-----w- C:\Users\Kelvin\AppData\Local\{96AFF6DB-9F90-42B0-8B55-C9B60825AEE4}2012-05-08 11:20:58 -------- d-----w- C:\Users\Kelvin\AppData\Local\{303D7613-182C-4636-ACF4-BCF9CECDCE6A}2012-05-07 23:20:33 -------- d-----w- C:\Users\Kelvin\AppData\Local\{57115E85-480A-4375-9153-0C7825057A47}2012-05-07 23:20:12 -------- d-----w- C:\Users\Kelvin\AppData\Local\{00656A5E-B8EC-4F6E-BE08-1AD42FE00DB1}2012-05-07 11:19:45 -------- d-----w- C:\Users\Kelvin\AppData\Local\{D838C428-1B80-485F-8AD9-DEA45918DCFE}2012-05-07 11:19:34 -------- d-----w- C:\Users\Kelvin\AppData\Local\{66DFF000-2C03-4B9C-AA17-66122A144F99}2012-05-06 20:27:14 -------- d-----w- C:\Users\Kelvin\AppData\Local\{E6B54213-7E46-4854-A9B1-BFF36367D7A3}2012-05-06 20:27:03 -------- d-----w- C:\Users\Kelvin\AppData\Local\{AF16FC7F-7C7A-4142-89B0-5FE0EE028B16}2012-05-05 17:55:25 -------- d-----w- C:\Users\Kelvin\AppData\Local\{7840577E-77B2-42AC-BD42-371CA4974845}2012-05-05 17:55:13 -------- d-----w- C:\Users\Kelvin\AppData\Local\{439E3F21-A4A9-48EE-8CCD-9BE537DD01F9}2012-05-05 02:28:03 -------- d-----w- C:\Users\Kelvin\AppData\Local\{6B4EB509-BFAF-441B-9893-7BDCCB5177D3}2012-05-05 02:27:42 -------- d-----w- C:\Users\Kelvin\AppData\Local\{896DAA12-6BA9-449E-BAD4-04BE31D9D6EA}.==================== Find3M ====================.2012-05-31 01:22:57 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2012-05-31 01:22:57 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2012-05-03 02:54:46 42392 ----a-w- C:\Windows\SysWow64\xfcodec.dll2012-05-03 02:54:46 28056 ----a-w- C:\Windows\System32\xfcodec64.dll2012-04-30 14:55:20 19753984 ----a-w- C:\Windows\SysWow64\atioglxx.dll2012-04-30 14:55:01 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll2012-04-30 14:55:01 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll2012-04-30 14:54:57 7431680 ----a-w- C:\Windows\System32\atiumd64.dll2012-04-30 14:54:52 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll2012-04-30 14:54:36 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll2012-04-30 14:54:20 26181632 ----a-w- C:\Windows\System32\atio6axx.dll2012-04-30 14:54:20 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll2012-04-30 14:54:20 14848 ----a-w- C:\Windows\System32\atiglpxx.dll2012-04-30 14:54:18 21504 ----a-w- C:\Windows\System32\atimuixx.dll2012-04-30 14:54:15 32256 ----a-w- C:\Windows\SysWow64\atiu9pag.dll2012-04-30 14:54:07 1831424 ----a-w- C:\Windows\SysWow64\atiumdmv.dll2012-04-30 14:52:50 236544 ----a-w- C:\Windows\System32\atiesrxx.exe2012-04-30 14:52:46 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll2012-04-30 14:52:43 17408 ----a-w- C:\Windows\System32\atig6pxx.dll2012-04-30 14:52:41 16090624 ----a-w- C:\Windows\System32\aticaldd64.dll2012-04-30 14:52:35 1120768 ----a-w- C:\Windows\System32\atiumd6v.dll2012-04-30 14:52:34 59392 ----a-w- C:\Windows\System32\atiedu64.dll2012-04-30 14:52:33 41984 ----a-w- C:\Windows\System32\atig6txx.dll2012-04-30 14:52:31 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll2012-04-30 14:52:30 44544 ----a-w- C:\Windows\System32\aticalcl64.dll2012-04-30 14:52:23 503808 ----a-w- C:\Windows\System32\atieclxx.exe2012-04-30 14:52:08 120320 ----a-w- C:\Windows\System32\atitmm64.dll2012-04-30 14:52:05 6203392 ----a-w- C:\Windows\SysWow64\atiumdag.dll2012-04-30 14:51:48 41984 ----a-w- C:\Windows\SysWow64\atiuxpag.dll2012-04-30 14:51:31 7479296 ----a-w- C:\Windows\System32\atidxx64.dll2012-04-30 14:51:24 360448 ----a-w- C:\Windows\SysWow64\atiadlxy.dll2012-04-30 14:51:19 159744 ----a-w- C:\Windows\System32\atiapfxx.exe2012-04-30 14:51:16 1067520 ----a-w- C:\Windows\System32\aticfx64.dll2012-04-30 14:51:14 4731904 ----a-w- C:\Windows\System32\atiumd6a.dll2012-04-30 14:51:13 4795904 ----a-w- C:\Windows\SysWow64\atiumdva.dll2012-04-30 14:51:12 95760 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys2012-04-30 14:51:04 44544 ----a-w- C:\Windows\System32\atiu9p64.dll2012-04-28 21:30:43 419840 ----a-w- C:\Windows\System32\wrap_oal.dll2012-04-28 21:30:43 413696 ----a-w- C:\Windows\SysWow64\wrap_oal.dll2012-04-28 21:30:43 133632 ----a-w- C:\Windows\System32\OpenAL32.dll2012-04-28 21:30:43 110592 ----a-w- C:\Windows\SysWow64\OpenAL32.dll2012-04-25 22:53:40 280736 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr2012-04-25 22:53:40 280736 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe2012-04-25 22:53:12 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex02012-04-05 21:34:26 187392 ----a-w- C:\Windows\System32\clinfo.exe2012-04-05 21:34:10 74752 ----a-w- C:\Windows\System32\OpenVideo64.dll2012-04-05 21:34:04 64512 ----a-w- C:\Windows\SysWow64\OpenVideo.dll2012-04-05 21:33:56 63488 ----a-w- C:\Windows\System32\OVDecode64.dll2012-04-05 21:33:52 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll2012-04-05 21:33:44 16457216 ----a-w- C:\Windows\System32\amdocl64.dll2012-04-05 21:32:56 13007872 ----a-w- C:\Windows\SysWow64\amdocl.dll2012-03-20 19:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys2012-03-20 19:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys2012-03-11 14:36:34 96256 ----a-w- C:\Windows\System32\EAW + FOC Patch.exe2012-03-11 13:59:46 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll2012-03-09 13:07:04 29184 ----a-w- C:\Windows\System32\kdbsdk64.dll2012-03-09 13:06:14 24576 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll2012-03-08 17:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll.============= FINISH: 22:37:12.54 =============== Link to post Share on other sites More sharing options...
Maniac Posted June 4, 2012 ID:557348 Share Posted June 4, 2012 Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofix* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Please include the C:\ComboFix.txt in your next reply for further review. Link to post Share on other sites More sharing options...
Esskay Posted June 7, 2012 Author ID:558246 Share Posted June 7, 2012 Combofix installed OK but does not run after install ends. Link to post Share on other sites More sharing options...
Maniac Posted June 7, 2012 ID:558249 Share Posted June 7, 2012 What exactly happens? Link to post Share on other sites More sharing options...
Staff screen317 Posted June 12, 2012 Staff ID:559730 Share Posted June 12, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts