darkfire1713 Posted July 23, 2012 ID:574778 Share Posted July 23, 2012 Hi so it seems this is going around alot lately and i seem to have been infected myself It found mbr:sst (RTK) i tried to repair it And i got a blue screen i quick scanned for it and got nothing of the sort back again so i was suspicous and downloaded Mbam and it found 3 files trojan.fakealert and two trojan.agents I have the log from when i removed it Right hereMalwarebytes Anti-Malware (Trial) 1.62.0.1300www.malwarebytes.orgDatabase version: v2012.07.22.11Windows Vista Service Pack 2 x86 NTFSInternet Explorer 9.0.8112.16421Noah :: NOAH-PC [administrator]Protection: Enabled7/22/2012 5:09:54 PMmbam-log-2012-07-22 (17-09-54).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 217274Time elapsed: 6 minute(s), 26 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 3C:\Users\Noah\AppData\Local\Temp\9CBB.tmp (Trojan.Agent) -> Quarantined and deleted successfully.C:\Users\Seth Da Jabroni\AppData\Local\Temp\1747.tmp (Trojan.Agent) -> Quarantined and deleted successfully.C:\Users\Seth Da Jabroni\AppData\Local\Temp\ducDrRaZBJRwyY.exe.tmp (Trojan.FakeAlert.3CH) -> Quarantined and deleted successfully.(end)Please reply as soon as possible Link to post Share on other sites More sharing options...
MrCharlie Posted July 23, 2012 ID:574788 Share Posted July 23, 2012 Welcome to the forum, please start at the link below:http://forums.malwar...?showtopic=9573Post back the 2 logs.....DDS.txt and Attach.txt<====><====><====><====><====><====><====><====>Next.......Please remove any usb or external drives from the computer before you run this scan!Please download and run RogueKiller to your desktop.For Windows XP, double-click to start.For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.Click Scan to scan the system. When the scan completes > Close out the program > Don't Fix anything!Don't run any other options, they're not all bad!!!!!!!Post back the report which should be located on your desktop.MrC Link to post Share on other sites More sharing options...
darkfire1713 Posted July 23, 2012 Author ID:574792 Share Posted July 23, 2012 Here you go.DDS (Ver_2011-08-26.01) - NTFSx86Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.0Run by Noah at 20:17:38 on 2012-07-22Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3070.1756 [GMT -5:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exeC:\Program Files\LogMeIn Hamachi\hamachi-2.exec:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Windows\System32\svchost.exe -k HPZ12C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\PROGRA~1\HEWLET~1\HPREMO~1\HPREMO~1.EXEC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exeC:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exeC:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exeC:\Program Files\HP\HP Software Update\hpwuSchd2.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\system32\WUDFHost.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\PictureMover\Bin\PictureMover.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exec:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exeC:\Windows\system32\svchost.exe -k HPServiceC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\system32\wbem\wmiprvse.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cndtuDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cndtmStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cndtmDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cndtBHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dllBHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dllBHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0552.0\msneshellx.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dllTB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.0552.0\msneshellx.dllTB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dllTB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No FileuRun: [Google Update] "c:\users\noah\appdata\local\google\update\GoogleUpdate.exe" /cuRun: [steam] "c:\program files\steam\steam.exe" -silentuRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrunmRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hidemRun: [hpsysdrv] c:\program files\hewlett-packard\hp odometer\hpsysdrv.exemRun: [HP Remote Software] c:\program files\hewlett-packard\hp remote\HP REMOTE V1.0.5.exemRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exemRun: [updateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"mRun: [updateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"mRun: [updatePDIRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"mRun: [updatePSTShortCut] "c:\program files\cyberlink\cyberlink dvd suite deluxe\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\cyberlink dvd suite deluxe" updatewithcreateonce "software\cyberlink\PowerStarter"mRun: [TSMAgent] "c:\program files\hewlett-packard\touchsmart\media\TSMAgent.exe"mRun: [CLMLServer for HP TouchSmart] "c:\program files\hewlett-packard\touchsmart\media\kernel\clml\CLMLSvc.exe"mRun: [DVDAgent] "c:\program files\hewlett-packard\media\dvd\DVDAgent.exe"mRun: [smartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exemRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exemRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resumemRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /noguimRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-startmRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttrayStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\pictur~1.lnk - c:\program files\picturemover\bin\PictureMover.exemPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)TCP: DhcpNameServer = 192.168.2.1TCP: Interfaces\{1CD6F433-5066-49B6-A0CB-9707DA753E08} : DhcpNameServer = 192.168.2.1Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL.================= FIREFOX ===================.FF - ProfilePath - c:\users\noah\appdata\roaming\mozilla\firefox\profiles\sevabk2e.default\FF - prefs.js: browser.startup.homepage - hxxp://www.youtube.com/FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\program files\microsoft silverlight\2.0.31005.0\npctrlui.dllFF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dllFF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dllFF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dllFF - plugin: c:\users\noah\appdata\local\google\update\1.3.21.115\npGoogleUpdate3.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_265.dllFF - plugin: c:\windows\system32\npDeployJava1.dllFF - plugin: c:\windows\system32\npmproxy.dll.============= SERVICES / DRIVERS ===============.R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-5-6 721000]R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-5-6 353688]R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-5-6 21256]R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-5-6 57656]R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-5-6 44808]R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2012-6-27 1385896]R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-7-22 655944]R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-5-6 1262400]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-5-15 382272]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-7-22 22344]R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\drivers\netr73.sys [2009-8-25 493568]R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2012-7-13 148800]R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-1-20 16896]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 Norton Internet Security;Norton Internet Security;"c:\program files\norton internet security\engine\16.0.0.125\ccsvchst.exe" /s "norton internet security" /m "c:\program files\norton internet security\engine\16.0.0.125\dimaster.dll" /prefetch:1 --> c:\program files\norton internet security\engine\16.0.0.125\ccSvcHst.exe [?]S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-3 160944]S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-7 113120]S3 PCDSRVC{4F253FFC-7957E8FC-06000000}_0;PCDSRVC{4F253FFC-7957E8FC-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc.pkms [2009-2-2 20848]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504].=============== Created Last 30 ================.2012-07-23 00:39:29 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{aa7d4f3f-c465-48a1-a845-588a5b668eba}\offreg.dll2012-07-22 22:08:25 -------- d-----w- c:\users\noah\appdata\roaming\Malwarebytes2012-07-22 22:08:07 -------- d-----w- c:\programdata\Malwarebytes2012-07-22 22:08:06 22344 ----a-w- c:\windows\system32\drivers\mbam.sys2012-07-22 22:08:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-07-22 20:20:04 6891424 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{aa7d4f3f-c465-48a1-a845-588a5b668eba}\mpengine.dll2012-07-21 03:46:17 -------- d-----w- c:\users\noah\appdata\roaming\Awesomium2012-07-15 16:28:21 -------- d-----w- c:\program files\common files\BioWare2012-07-15 04:57:10 -------- d-----w- c:\program files\SystemRequirementsLab2012-07-14 04:02:37 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll2012-07-14 04:02:37 528216 ----a-w- c:\windows\system32\XAudio2_6.dll2012-07-14 04:02:36 238936 ----a-w- c:\windows\system32\xactengine3_6.dll2012-07-14 04:02:36 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll2012-07-14 04:02:23 -------- d-----w- c:\program files\Microsoft XNA2012-07-14 01:11:14 27968 ----a-w- c:\windows\system32\nvhdap32.dll2012-07-14 01:11:14 148800 ----a-w- c:\windows\system32\drivers\nvhda32v.sys2012-07-14 01:11:13 8105280 ----a-w- c:\windows\system32\nvwgf2um.dll2012-07-14 01:11:13 19607872 ----a-w- c:\windows\system32\nvoglv32.dll2012-07-14 01:11:13 11354944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys2012-07-14 01:11:12 5982528 ----a-w- c:\windows\system32\nvcuda.dll2012-07-14 01:11:12 2524992 ----a-w- c:\windows\system32\nvcuvid.dll2012-07-14 01:11:12 2445120 ----a-w- c:\windows\system32\nvcuvenc.dll2012-07-14 01:11:12 17551680 ----a-w- c:\windows\system32\nvcompiler.dll2012-07-11 17:47:17 -------- d-----w- c:\users\noah\appdata\local\Macromedia2012-07-11 08:03:24 2047488 ----a-w- c:\windows\system32\win32k.sys2012-07-11 08:01:00 2382848 ----a-w- c:\windows\system32\mshtml.tlb2012-07-11 07:44:34 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll2012-07-11 07:44:31 1401856 ----a-w- c:\windows\system32\msxml6.dll2012-07-11 07:44:31 1248768 ----a-w- c:\windows\system32\msxml3.dll2012-07-11 07:44:29 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys2012-07-11 07:44:29 278528 ----a-w- c:\windows\system32\schannel.dll2012-07-11 07:44:29 204288 ----a-w- c:\windows\system32\ncrypt.dll2012-07-11 02:20:32 -------- d-----w- c:\program files\common files\Blizzard Entertainment2012-07-11 02:19:20 -------- d-----w- c:\programdata\Blizzard Entertainment2012-07-10 20:22:12 -------- d-----w- c:\users\noah\appdata\roaming\.techniclauncher2012-07-06 00:57:31 -------- d-----w- c:\users\noah\appdata\roaming\Xfire2012-07-03 15:29:26 -------- d-----w- c:\users\noah\appdata\local\Adobe2012-07-03 14:00:45 316928 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpfpp092.dll2012-07-03 13:58:14 -------- d-----w- c:\program files\common files\HP2012-07-03 13:58:11 -------- d-----w- c:\program files\common files\Hewlett-Packard2012-07-03 13:57:56 -------- d-----w- c:\windows\hpoj4500g510n-z2012-07-03 13:56:30 122880 ----a-w- c:\windows\system32\hpf3l092.dll2012-07-03 13:55:24 452408 ----a-w- c:\windows\system32\hpzids01.dll2012-07-03 13:55:23 716288 ----a-w- c:\windows\system32\hpwwiax9.dll2012-07-03 13:55:23 593920 ----a-w- c:\windows\system32\hpwtscl5.dll2012-07-03 13:55:23 315392 ----a-w- c:\windows\system32\hpwvst01.dll2012-07-03 13:55:22 372736 ----a-w- c:\windows\system32\hppldcoi.dll2012-07-03 13:55:20 309760 ----a-w- c:\windows\system32\difxapi.dll2012-07-03 13:50:22 89600 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\HPZPPLHN.DLL2012-07-03 13:23:45 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll2012-07-03 13:23:45 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll2012-07-03 11:08:48 -------- d-----w- c:\programdata\Xfire2012-07-03 11:08:47 -------- d-----w- c:\program files\Xfire2012-07-01 15:19:59 479752 ----a-w- c:\windows\system32\XAudio2_0.dll2012-07-01 15:18:56 443752 ----a-w- c:\windows\system32\d3dx10_33.dll2012-07-01 01:41:57 26176 ---ha-w- c:\windows\system32\hamachi.sys2012-07-01 01:41:42 -------- d-----w- c:\program files\LogMeIn Hamachi2012-06-29 17:13:49 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll2012-06-29 17:13:49 509448 ----a-w- c:\windows\system32\XAudio2_2.dll2012-06-29 17:13:49 467984 ----a-w- c:\windows\system32\d3dx10_39.dll2012-06-29 17:13:49 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll2012-06-29 17:13:48 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll2012-06-29 17:06:28 -------- d-----w- C:\Riot Games2012-06-29 16:16:30 -------- d-----w- c:\programdata\PMB Files2012-06-29 16:16:19 -------- d-----w- c:\program files\Pando Networks.==================== Find3M ====================.2012-07-11 17:45:49 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-07-11 17:45:49 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-07-03 16:21:53 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys2012-07-03 16:21:53 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2012-07-03 16:21:32 41224 ----a-w- c:\windows\avastSS.scr2012-06-16 00:17:24 42432 ----a-w- c:\windows\system32\xfcodec.dll2012-06-02 22:12:32 2422272 ----a-w- c:\windows\system32\wucltux.dll2012-06-02 22:12:13 88576 ----a-w- c:\windows\system32\wudriver.dll2012-06-02 20:19:42 171904 ----a-w- c:\windows\system32\wuwebv.dll2012-06-02 20:12:20 33792 ----a-w- c:\windows\system32\wuapp.exe2012-06-02 08:33:25 1800192 ----a-w- c:\windows\system32\jscript9.dll2012-06-02 08:25:08 1129472 ----a-w- c:\windows\system32\wininet.dll2012-06-02 08:25:03 1427968 ----a-w- c:\windows\system32\inetcpl.cpl2012-06-02 08:20:33 142848 ----a-w- c:\windows\system32\ieUnatt.exe2012-05-31 17:25:14 237072 ------w- c:\windows\system32\MpSigStub.exe2012-05-21 08:17:36 98816 ----a-w- c:\windows\system32\mfps.dll2012-05-21 08:16:55 519680 ----a-w- c:\windows\system32\d3d11.dll2012-05-21 08:16:55 4096 ----a-w- c:\windows\system32\drivers\en-us\dxgkrnl.sys.mui2012-05-21 08:16:55 369664 ----a-w- c:\windows\system32\WMPhoto.dll2012-05-21 08:16:55 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll2012-05-21 08:16:55 252928 ----a-w- c:\windows\system32\dxdiag.exe2012-05-21 08:16:55 195584 ----a-w- c:\windows\system32\dxdiagn.dll2012-05-21 08:16:55 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll2012-05-21 08:16:54 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll2012-05-15 10:26:00 883008 ----a-w- c:\windows\system32\nvgenco32.dll2012-05-15 10:26:00 61248 ----a-w- c:\windows\system32\OpenCL.dll2012-05-15 10:26:00 2368832 ----a-w- c:\windows\system32\nvapi.dll2012-05-15 10:26:00 15322432 ----a-w- c:\windows\system32\nvd3dum.dll2012-05-15 10:26:00 1000768 ----a-w- c:\windows\system32\nvdispco32.dll2012-05-15 09:28:49 645440 ----a-w- c:\windows\system32\nvvsvc.exe2012-05-15 09:28:49 62272 ----a-w- c:\windows\system32\nvshext.dll2012-05-15 09:28:49 108352 ----a-w- c:\windows\system32\nvmctray.dll2012-05-15 09:28:48 3931456 ----a-w- c:\windows\system32\nvcpl.dll2012-05-15 09:27:28 2759488 ----a-w- c:\windows\system32\nvsvc.dll2012-05-15 07:21:50 423744 ----a-w- c:\windows\system32\nvStreaming.exe2012-05-07 23:08:38 772552 ----a-w- c:\windows\system32\npDeployJava1.dll2012-05-07 23:08:38 687560 ----a-w- c:\windows\system32\deployJava1.dll2012-05-01 14:03:49 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys.============= FINISH: 20:18:56.61 ===============Attach.rar Link to post Share on other sites More sharing options...
darkfire1713 Posted July 23, 2012 Author ID:574796 Share Posted July 23, 2012 By the way Can i leave a usb mouse and keyboard plugged in They are my only ones i have Link to post Share on other sites More sharing options...
MrCharlie Posted July 23, 2012 ID:574801 Share Posted July 23, 2012 YES, MrC Link to post Share on other sites More sharing options...
darkfire1713 Posted July 23, 2012 Author ID:574806 Share Posted July 23, 2012 RogueKiller V7.6.4 [07/17/2012] by Tigzymail: tigzyRK<at>gmail<dot>comFeedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/Blog: http://tigzyrk.blogspot.comOperating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits versionStarted in : Normal modeUser: Noah [Admin rights]Mode: Scan -- Date: 07/22/2012 20:35:38¤¤¤ Bad processes: 0 ¤¤¤¤¤¤ Registry Entries: 2 ¤¤¤[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver: [LOADED] ¤¤¤¤¤¤ Infection : ¤¤¤¤¤¤ HOSTS File: ¤¤¤127.0.0.1 localhost::1 localhost¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: WDC WD32 00AAJS-65M0A SCSI Disk Device +++++--- User ---[MBR] 46162bf0d272a2e3e2e48f9ab6b9af52[bSP] 309fdfd200901d3359dd1e035123a213 : HP tatooed MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 292746 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 599545800 | Size: 12495 MoUser = LL1 ... OK!Error reading LL2 MBR!Finished : << RKreport[1].txt >>RKreport[1].txt Link to post Share on other sites More sharing options...
MrCharlie Posted July 23, 2012 ID:574810 Share Posted July 23, 2012 Not much showing.....please run this scan:Please make sure system restore is running and create a new restore point before continuing.XP <===> Vista & W7XP users > please back up the registry using ERUNT.-----------------------------------------Please download and run TDSSKiller to your desktop as outlined below:Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.For Windows XP, double-click to start.For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.-------------------------Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.------------------------Click the Start Scan button.-----------------------If a suspicious object is detected, the default action will be Skip, click on ContinueIf you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please chooseSkip and click on Continue----------------------If malicious objects are found, they will show in the Scan results and offer three (3) options.Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.--------------------A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.-------------------Here's a summary of what to do if you would like to print it out:If a suspicious object is detected, the default action will be Skip, click on ContinueIf you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please chooseSkip and click on ContinueIf malicious objects are found, they will show in the Scan results and offer three (3) options.Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.MrC Link to post Share on other sites More sharing options...
darkfire1713 Posted July 23, 2012 Author ID:574815 Share Posted July 23, 2012 20:45:52.0471 2384 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:1120:45:53.0141 2384 ============================================================20:45:53.0142 2384 Current date / time: 2012/07/22 20:45:53.014120:45:53.0142 2384 SystemInfo:20:45:53.0142 2384 20:45:53.0142 2384 OS Version: 6.0.6002 ServicePack: 2.020:45:53.0142 2384 Product type: Workstation20:45:53.0142 2384 ComputerName: NOAH-PC20:45:53.0142 2384 UserName: Noah20:45:53.0142 2384 Windows directory: C:\Windows20:45:53.0142 2384 System windows directory: C:\Windows20:45:53.0142 2384 Processor architecture: Intel x8620:45:53.0142 2384 Number of processors: 220:45:53.0142 2384 Page size: 0x100020:45:53.0142 2384 Boot type: Normal boot20:45:53.0142 2384 ============================================================20:45:53.0761 2384 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005020:45:53.0782 2384 ============================================================20:45:53.0782 2384 \Device\Harddisk0\DR0:20:45:53.0782 2384 MBR partitions:20:45:53.0782 2384 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23BC578920:45:53.0782 2384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23BC57C8, BlocksNum 0x1867EF920:45:53.0782 2384 ============================================================20:45:53.0794 2384 C: <-> \Device\Harddisk0\DR0\Partition020:45:53.0844 2384 D: <-> \Device\Harddisk0\DR0\Partition120:45:53.0845 2384 ============================================================20:45:53.0845 2384 Initialize success20:45:53.0845 2384 ============================================================20:46:29.0760 5772 ============================================================20:46:29.0760 5772 Scan started20:46:29.0760 5772 Mode: Manual; SigCheck; TDLFS;20:46:29.0760 5772 ============================================================20:46:30.0236 5772 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys20:46:30.0364 5772 ACPI - ok20:46:30.0476 5772 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys20:46:30.0500 5772 adp94xx - ok20:46:30.0562 5772 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys20:46:30.0581 5772 adpahci - ok20:46:30.0625 5772 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys20:46:30.0641 5772 adpu160m - ok20:46:30.0693 5772 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys20:46:30.0709 5772 adpu320 - ok20:46:30.0754 5772 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll20:46:30.0855 5772 AeLookupSvc - ok20:46:30.0906 5772 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys20:46:30.0964 5772 AFD - ok20:46:30.0992 5772 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys20:46:31.0007 5772 agp440 - ok20:46:31.0060 5772 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys20:46:31.0074 5772 aic78xx - ok20:46:31.0089 5772 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe20:46:31.0206 5772 ALG - ok20:46:31.0233 5772 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys20:46:31.0247 5772 aliide - ok20:46:31.0302 5772 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys20:46:31.0316 5772 amdagp - ok20:46:31.0322 5772 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys20:46:31.0337 5772 amdide - ok20:46:31.0357 5772 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys20:46:31.0407 5772 AmdK7 - ok20:46:31.0438 5772 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys20:46:31.0490 5772 AmdK8 - ok20:46:31.0532 5772 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll20:46:31.0568 5772 Appinfo - ok20:46:31.0604 5772 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys20:46:31.0619 5772 arc - ok20:46:31.0647 5772 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys20:46:31.0662 5772 arcsas - ok20:46:31.0779 5772 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe20:46:31.0793 5772 aspnet_state - ok20:46:31.0861 5772 aswFsBlk (1c1f3d6dddc046c920c493a779649f66) C:\Windows\system32\drivers\aswFsBlk.sys20:46:31.0916 5772 aswFsBlk - ok20:46:31.0948 5772 aswMonFlt (a48d8015af2a0d8b4937613ffbfd28de) C:\Windows\system32\drivers\aswMonFlt.sys20:46:31.0964 5772 aswMonFlt - ok20:46:31.0982 5772 AswRdr (982e275d1c5801042fe94209fb0160fb) C:\Windows\system32\drivers\AswRdr.sys20:46:31.0996 5772 AswRdr - ok20:46:32.0069 5772 aswSnx (73dbcf808e00580f2a47f93dd9b03876) C:\Windows\system32\drivers\aswSnx.sys20:46:32.0113 5772 aswSnx - ok20:46:32.0171 5772 aswSP (6cbd7d3a33f498d09c831cdd732da2e0) C:\Windows\system32\drivers\aswSP.sys20:46:32.0195 5772 aswSP - ok20:46:32.0247 5772 aswTdi (7109a9aa551f37cd168c02368465957e) C:\Windows\system32\drivers\aswTdi.sys20:46:32.0263 5772 aswTdi - ok20:46:32.0326 5772 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys20:46:32.0382 5772 AsyncMac - ok20:46:32.0430 5772 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys20:46:32.0445 5772 atapi - ok20:46:32.0565 5772 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll20:46:32.0606 5772 AudioEndpointBuilder - ok20:46:32.0611 5772 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll20:46:32.0637 5772 Audiosrv - ok20:46:32.0782 5772 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe20:46:32.0796 5772 avast! Antivirus - ok20:46:32.0885 5772 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys20:46:32.0947 5772 Beep - ok20:46:33.0058 5772 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll20:46:33.0129 5772 BFE - ok20:46:33.0259 5772 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll20:46:33.0354 5772 BITS - ok20:46:33.0390 5772 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys20:46:33.0441 5772 blbdrive - ok20:46:33.0490 5772 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys20:46:33.0549 5772 bowser - ok20:46:33.0578 5772 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys20:46:33.0599 5772 BrFiltLo - ok20:46:33.0608 5772 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys20:46:33.0656 5772 BrFiltUp - ok20:46:33.0695 5772 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll20:46:33.0785 5772 Browser - ok20:46:33.0828 5772 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys20:46:33.0996 5772 Brserid - ok20:46:34.0031 5772 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys20:46:34.0114 5772 BrSerWdm - ok20:46:34.0127 5772 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys20:46:34.0200 5772 BrUsbMdm - ok20:46:34.0204 5772 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys20:46:34.0253 5772 BrUsbSer - ok20:46:34.0291 5772 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys20:46:34.0375 5772 BTHMODEM - ok20:46:34.0408 5772 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys20:46:34.0459 5772 cdfs - ok20:46:34.0532 5772 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys20:46:34.0584 5772 cdrom - ok20:46:34.0656 5772 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll20:46:34.0702 5772 CertPropSvc - ok20:46:34.0737 5772 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys20:46:34.0789 5772 circlass - ok20:46:34.0857 5772 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys20:46:34.0877 5772 CLFS - ok20:46:34.0969 5772 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe20:46:34.0984 5772 clr_optimization_v2.0.50727_32 - ok20:46:35.0144 5772 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe20:46:35.0193 5772 clr_optimization_v4.0.30319_32 - ok20:46:35.0235 5772 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys20:46:35.0249 5772 cmdide - ok20:46:35.0263 5772 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys20:46:35.0277 5772 Compbatt - ok20:46:35.0280 5772 COMSysApp - ok20:46:35.0295 5772 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys20:46:35.0310 5772 crcdisk - ok20:46:35.0391 5772 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys20:46:35.0452 5772 Crusoe - ok20:46:35.0506 5772 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll20:46:35.0568 5772 CryptSvc - ok20:46:35.0705 5772 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll20:46:35.0798 5772 DcomLaunch - ok20:46:35.0850 5772 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys20:46:35.0917 5772 DfsC - ok20:46:36.0175 5772 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe20:46:36.0339 5772 DFSR - ok20:46:36.0497 5772 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll20:46:36.0550 5772 Dhcp - ok20:46:36.0651 5772 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys20:46:36.0667 5772 disk - ok20:46:36.0728 5772 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll20:46:36.0789 5772 Dnscache - ok20:46:36.0870 5772 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll20:46:36.0905 5772 dot3svc - ok20:46:36.0966 5772 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll20:46:37.0019 5772 DPS - ok20:46:37.0061 5772 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys20:46:37.0108 5772 drmkaud - ok20:46:37.0302 5772 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys20:46:37.0331 5772 DXGKrnl - ok20:46:37.0357 5772 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys20:46:37.0433 5772 E1G60 - ok20:46:37.0479 5772 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll20:46:37.0522 5772 EapHost - ok20:46:37.0642 5772 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys20:46:37.0662 5772 Ecache - ok20:46:37.0753 5772 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe20:46:37.0776 5772 ehRecvr - ok20:46:37.0786 5772 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe20:46:37.0815 5772 ehSched - ok20:46:37.0842 5772 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll20:46:37.0875 5772 ehstart - ok20:46:38.0076 5772 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys20:46:38.0098 5772 elxstor - ok20:46:38.0256 5772 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll20:46:38.0355 5772 EMDMgmt - ok20:46:38.0419 5772 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys20:46:38.0439 5772 ErrDev - ok20:46:38.0525 5772 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll20:46:38.0566 5772 EventSystem - ok20:46:38.0657 5772 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys20:46:38.0715 5772 exfat - ok20:46:38.0775 5772 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys20:46:38.0818 5772 fastfat - ok20:46:38.0860 5772 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys20:46:38.0889 5772 fdc - ok20:46:38.0910 5772 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll20:46:38.0939 5772 fdPHost - ok20:46:38.0947 5772 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll20:46:39.0017 5772 FDResPub - ok20:46:39.0039 5772 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys20:46:39.0055 5772 FileInfo - ok20:46:39.0071 5772 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys20:46:39.0122 5772 Filetrace - ok20:46:39.0146 5772 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys20:46:39.0195 5772 flpydisk - ok20:46:39.0271 5772 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys20:46:39.0289 5772 FltMgr - ok20:46:39.0511 5772 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll20:46:39.0635 5772 FontCache - ok20:46:39.0763 5772 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe20:46:39.0778 5772 FontCache3.0.0.0 - ok20:46:39.0839 5772 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys20:46:39.0900 5772 Fs_Rec - ok20:46:39.0974 5772 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys20:46:39.0990 5772 gagp30kx - ok20:46:40.0167 5772 GameConsoleService (db3d8979064ce299927cc1da57e9a659) C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe20:46:40.0215 5772 GameConsoleService - ok20:46:40.0330 5772 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll20:46:40.0419 5772 gpsvc - ok20:46:40.0458 5772 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys20:46:40.0470 5772 hamachi - ok20:46:40.0757 5772 Hamachi2Svc (f31d7f8a7699575dbb3b3a3ab4aa6216) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe20:46:40.0867 5772 Hamachi2Svc - ok20:46:41.0142 5772 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys20:46:41.0211 5772 HdAudAddService - ok20:46:41.0390 5772 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys20:46:41.0467 5772 HDAudBus - ok20:46:41.0526 5772 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys20:46:41.0598 5772 HidBth - ok20:46:41.0631 5772 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys20:46:41.0696 5772 HidIr - ok20:46:41.0730 5772 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll20:46:41.0774 5772 hidserv - ok20:46:41.0814 5772 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys20:46:41.0861 5772 HidUsb - ok20:46:41.0909 5772 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll20:46:41.0958 5772 hkmsvc - ok20:46:42.0058 5772 HP Health Check Service (aa9ef0b395097f24d289f64445b2fd2e) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe20:46:42.0067 5772 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning20:46:42.0067 5772 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)20:46:42.0129 5772 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys20:46:42.0143 5772 HpCISSs - ok20:46:42.0385 5772 HPSLPSVC (7f437a78c5b0105b67b830d00ad719f8) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL20:46:42.0434 5772 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning20:46:42.0434 5772 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)20:46:42.0514 5772 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys20:46:42.0610 5772 HTTP - ok20:46:42.0663 5772 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys20:46:42.0678 5772 i2omp - ok20:46:42.0731 5772 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys20:46:42.0772 5772 i8042prt - ok20:46:42.0822 5772 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys20:46:42.0840 5772 iaStorV - ok20:46:43.0060 5772 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe20:46:43.0133 5772 idsvc - ok20:46:43.0186 5772 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys20:46:43.0200 5772 iirsp - ok20:46:43.0320 5772 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll20:46:43.0352 5772 IKEEXT - ok20:46:43.0769 5772 IntcAzAudAddService (84ed2154239f9d013bbd3220755ada8b) C:\Windows\system32\drivers\RTKVHDA.sys20:46:43.0943 5772 IntcAzAudAddService - ok20:46:44.0165 5772 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys20:46:44.0179 5772 intelide - ok20:46:44.0227 5772 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys20:46:44.0289 5772 intelppm - ok20:46:44.0333 5772 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll20:46:44.0387 5772 IPBusEnum - ok20:46:44.0423 5772 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys20:46:44.0482 5772 IpFilterDriver - ok20:46:44.0535 5772 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll20:46:44.0582 5772 iphlpsvc - ok20:46:44.0587 5772 IpInIp - ok20:46:44.0638 5772 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys20:46:44.0694 5772 IPMIDRV - ok20:46:44.0734 5772 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys20:46:44.0762 5772 IPNAT - ok20:46:44.0789 5772 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys20:46:44.0836 5772 IRENUM - ok20:46:44.0881 5772 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys20:46:44.0895 5772 isapnp - ok20:46:44.0997 5772 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys20:46:45.0015 5772 iScsiPrt - ok20:46:45.0031 5772 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys20:46:45.0045 5772 iteatapi - ok20:46:45.0083 5772 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys20:46:45.0096 5772 iteraid - ok20:46:45.0144 5772 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys20:46:45.0159 5772 kbdclass - ok20:46:45.0201 5772 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys20:46:45.0253 5772 kbdhid - ok20:46:45.0318 5772 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe20:46:45.0336 5772 KeyIso - ok20:46:45.0473 5772 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys20:46:45.0496 5772 KSecDD - ok20:46:45.0556 5772 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll20:46:45.0633 5772 KtmRm - ok20:46:45.0691 5772 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll20:46:45.0726 5772 LanmanServer - ok20:46:45.0789 5772 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll20:46:45.0821 5772 LanmanWorkstation - ok20:46:45.0917 5772 LightScribeService (dfeff67508d3a9aeb1a85d7b0f513b24) c:\Program Files\Common Files\LightScribe\LSSrvc.exe20:46:45.0963 5772 LightScribeService ( UnsignedFile.Multi.Generic ) - warning20:46:45.0963 5772 LightScribeService - detected UnsignedFile.Multi.Generic (1)20:46:46.0000 5772 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys20:46:46.0047 5772 lltdio - ok20:46:46.0100 5772 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll20:46:46.0143 5772 lltdsvc - ok20:46:46.0169 5772 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll20:46:46.0237 5772 lmhosts - ok20:46:46.0274 5772 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys20:46:46.0290 5772 LSI_FC - ok20:46:46.0329 5772 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys20:46:46.0344 5772 LSI_SAS - ok20:46:46.0359 5772 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys20:46:46.0375 5772 LSI_SCSI - ok20:46:46.0421 5772 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys20:46:46.0450 5772 luafv - ok20:46:46.0497 5772 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\Windows\system32\drivers\mbam.sys20:46:46.0512 5772 MBAMProtector - ok20:46:46.0645 5772 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe20:46:46.0708 5772 MBAMService - ok20:46:46.0743 5772 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll20:46:46.0760 5772 Mcx2Svc - ok20:46:46.0781 5772 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys20:46:46.0795 5772 megasas - ok20:46:46.0840 5772 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys20:46:46.0874 5772 MegaSR - ok20:46:46.0924 5772 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll20:46:46.0994 5772 MMCSS - ok20:46:47.0064 5772 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys20:46:47.0104 5772 Modem - ok20:46:47.0187 5772 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys20:46:47.0227 5772 monitor - ok20:46:47.0266 5772 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys20:46:47.0280 5772 mouclass - ok20:46:47.0288 5772 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys20:46:47.0337 5772 mouhid - ok20:46:47.0423 5772 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys20:46:47.0438 5772 MountMgr - ok20:46:47.0541 5772 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe20:46:47.0557 5772 MozillaMaintenance - ok20:46:47.0604 5772 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys20:46:47.0620 5772 mpio - ok20:46:47.0664 5772 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys20:46:47.0690 5772 mpsdrv - ok20:46:47.0830 5772 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll20:46:47.0888 5772 MpsSvc - ok20:46:47.0935 5772 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys20:46:47.0949 5772 Mraid35x - ok20:46:48.0008 5772 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys20:46:48.0051 5772 MRxDAV - ok20:46:48.0093 5772 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys20:46:48.0151 5772 mrxsmb - ok20:46:48.0188 5772 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys20:46:48.0235 5772 mrxsmb10 - ok20:46:48.0268 5772 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys20:46:48.0311 5772 mrxsmb20 - ok20:46:48.0348 5772 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys20:46:48.0363 5772 msahci - ok20:46:48.0383 5772 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys20:46:48.0398 5772 msdsm - ok20:46:48.0447 5772 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe20:46:48.0479 5772 MSDTC - ok20:46:48.0520 5772 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys20:46:48.0568 5772 Msfs - ok20:46:48.0575 5772 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys20:46:48.0590 5772 msisadrv - ok20:46:48.0637 5772 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll20:46:48.0698 5772 MSiSCSI - ok20:46:48.0703 5772 msiserver - ok20:46:48.0752 5772 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys20:46:48.0800 5772 MSKSSRV - ok20:46:48.0805 5772 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys20:46:48.0833 5772 MSPCLOCK - ok20:46:48.0873 5772 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys20:46:48.0901 5772 MSPQM - ok20:46:48.0960 5772 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys20:46:48.0977 5772 MsRPC - ok20:46:49.0011 5772 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys20:46:49.0025 5772 mssmbios - ok20:46:49.0030 5772 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys20:46:49.0079 5772 MSTEE - ok20:46:49.0105 5772 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys20:46:49.0120 5772 Mup - ok20:46:49.0201 5772 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll20:46:49.0242 5772 napagent - ok20:46:49.0334 5772 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys20:46:49.0374 5772 NativeWifiP - ok20:46:49.0430 5772 NAVENG - ok20:46:49.0438 5772 NAVEX15 - ok20:46:49.0618 5772 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys20:46:49.0667 5772 NDIS - ok20:46:49.0779 5772 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys20:46:49.0824 5772 NdisTapi - ok20:46:49.0858 5772 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys20:46:49.0888 5772 Ndisuio - ok20:46:49.0954 5772 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys20:46:49.0989 5772 NdisWan - ok20:46:50.0012 5772 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys20:46:50.0061 5772 NDProxy - ok20:46:50.0165 5772 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\Windows\system32\HPZinw12.dll20:46:50.0174 5772 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning20:46:50.0174 5772 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)20:46:50.0203 5772 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys20:46:50.0257 5772 NetBIOS - ok20:46:50.0376 5772 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys20:46:50.0416 5772 netbt - ok20:46:50.0479 5772 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe20:46:50.0498 5772 Netlogon - ok20:46:50.0560 5772 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll20:46:50.0637 5772 Netman - ok20:46:50.0854 5772 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe20:46:50.0870 5772 NetMsmqActivator - ok20:46:50.0875 5772 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe20:46:50.0890 5772 NetPipeActivator - ok20:46:50.0993 5772 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll20:46:51.0064 5772 netprofm - ok20:46:51.0190 5772 netr73 (271ac1312ef1dde187793183abbfa8d0) C:\Windows\system32\DRIVERS\netr73.sys20:46:51.0315 5772 netr73 - ok20:46:51.0320 5772 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe20:46:51.0337 5772 NetTcpActivator - ok20:46:51.0343 5772 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe20:46:51.0360 5772 NetTcpPortSharing - ok20:46:51.0435 5772 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys20:46:51.0449 5772 nfrd960 - ok20:46:51.0549 5772 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll20:46:51.0626 5772 NlaSvc - ok20:46:51.0669 5772 Norton Internet Security - ok20:46:51.0724 5772 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys20:46:51.0765 5772 Npfs - ok20:46:51.0822 5772 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll20:46:51.0886 5772 nsi - ok20:46:51.0950 5772 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys20:46:52.0018 5772 nsiproxy - ok20:46:52.0162 5772 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys20:46:52.0232 5772 Ntfs - ok20:46:52.0270 5772 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys20:46:52.0341 5772 ntrigdigi - ok20:46:52.0371 5772 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys20:46:52.0423 5772 Null - ok20:46:52.0629 5772 NVENETFD (7ff98e1c7dadf17d1f043352de743794) C:\Windows\system32\DRIVERS\nvmfdx32.sys20:46:52.0755 5772 NVENETFD - ok20:46:52.0814 5772 NVHDA (a0a9e53b4aac3c6534a063aba69bc19f) C:\Windows\system32\drivers\nvhda32v.sys20:46:52.0831 5772 NVHDA - ok20:46:54.0023 5772 nvlddmkm (afb33a823aabc112fc7bd62afbcdb0cd) C:\Windows\system32\DRIVERS\nvlddmkm.sys20:46:54.0625 5772 nvlddmkm - ok20:46:54.0756 5772 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys20:46:54.0772 5772 nvraid - ok20:46:54.0815 5772 nvrd32 (5dd1242cabc1ef8dce4438d72d72a436) C:\Windows\system32\drivers\nvrd32.sys20:46:54.0829 5772 nvrd32 - ok20:46:54.0876 5772 nvsmu (62754e376185eacbb73d06fea0ffc54a) C:\Windows\system32\DRIVERS\nvsmu.sys20:46:54.0946 5772 nvsmu - ok20:46:54.0989 5772 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys20:46:55.0004 5772 nvstor - ok20:46:55.0113 5772 nvstor32 (bb4dd678706510d9249eed1da0219900) C:\Windows\system32\DRIVERS\nvstor32.sys20:46:55.0127 5772 nvstor32 - ok20:46:55.0326 5772 nvsvc (782945716ad010ac3d41758e8e52c735) C:\Windows\system32\nvvsvc.exe20:46:55.0379 5772 nvsvc - ok20:46:56.0224 5772 nvUpdatusService (a974e5c310b9b00894070ceb055d467f) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe20:46:56.0304 5772 nvUpdatusService - ok20:46:56.0425 5772 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys20:46:56.0441 5772 nv_agp - ok20:46:56.0445 5772 NwlnkFlt - ok20:46:56.0454 5772 NwlnkFwd - ok20:46:56.0503 5772 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys20:46:56.0567 5772 ohci1394 - ok20:46:56.0667 5772 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll20:46:56.0796 5772 p2pimsvc - ok20:46:56.0807 5772 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll20:46:56.0880 5772 p2psvc - ok20:46:56.0943 5772 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys20:46:57.0057 5772 Parport - ok20:46:57.0122 5772 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys20:46:57.0140 5772 partmgr - ok20:46:57.0171 5772 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys20:46:57.0243 5772 Parvdm - ok20:46:57.0267 5772 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll20:46:57.0339 5772 PcaSvc - ok20:46:57.0460 5772 PCDSRVC{4F253FFC-7957E8FC-06000000}_0 (a88f42ad20418620d08a13ad1a70c083) c:\program files\pc-doctor for windows\pcdsrvc.pkms20:46:57.0638 5772 PCDSRVC{4F253FFC-7957E8FC-06000000}_0 - ok20:46:57.0701 5772 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys20:46:57.0719 5772 pci - ok20:46:57.0756 5772 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys20:46:57.0772 5772 pciide - ok20:46:57.0824 5772 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys20:46:57.0841 5772 pcmcia - ok20:46:57.0927 5772 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys20:46:58.0060 5772 PEAUTH - ok20:46:58.0232 5772 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll20:46:58.0400 5772 pla - ok20:46:58.0575 5772 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll20:46:58.0623 5772 PlugPlay - ok20:46:58.0659 5772 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\Windows\system32\HPZipm12.dll20:46:58.0668 5772 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning20:46:58.0668 5772 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)20:46:58.0759 5772 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll20:46:58.0874 5772 PNRPAutoReg - ok20:46:58.0884 5772 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll20:46:58.0936 5772 PNRPsvc - ok20:46:59.0003 5772 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll20:46:59.0087 5772 PolicyAgent - ok20:46:59.0150 5772 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys20:46:59.0216 5772 PptpMiniport - ok20:46:59.0244 5772 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys20:46:59.0296 5772 Processor - ok20:46:59.0346 5772 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll20:46:59.0410 5772 ProfSvc - ok20:46:59.0449 5772 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe20:46:59.0473 5772 ProtectedStorage - ok20:46:59.0531 5772 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys20:46:59.0590 5772 PSched - ok20:46:59.0683 5772 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys20:46:59.0749 5772 ql2300 - ok20:46:59.0796 5772 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys20:46:59.0811 5772 ql40xx - ok20:46:59.0869 5772 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll20:46:59.0912 5772 QWAVE - ok20:46:59.0956 5772 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys20:46:59.0995 5772 QWAVEdrv - ok20:47:00.0030 5772 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys20:47:00.0083 5772 RasAcd - ok20:47:00.0111 5772 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll20:47:00.0172 5772 RasAuto - ok20:47:00.0204 5772 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys20:47:00.0251 5772 Rasl2tp - ok20:47:00.0299 5772 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll20:47:00.0343 5772 RasMan - ok20:47:00.0391 5772 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys20:47:00.0438 5772 RasPppoe - ok20:47:00.0485 5772 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys20:47:00.0548 5772 RasSstp - ok20:47:00.0616 5772 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys20:47:00.0641 5772 rdbss - ok20:47:00.0692 5772 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys20:47:00.0743 5772 RDPCDD - ok20:47:00.0791 5772 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys20:47:00.0822 5772 rdpdr - ok20:47:00.0828 5772 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys20:47:00.0857 5772 RDPENCDD - ok20:47:00.0899 5772 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys20:47:00.0951 5772 RDPWD - ok20:47:00.0995 5772 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll20:47:01.0027 5772 RemoteAccess - ok20:47:01.0081 5772 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll20:47:01.0132 5772 RemoteRegistry - ok20:47:01.0174 5772 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe20:47:01.0191 5772 RpcLocator - ok20:47:01.0315 5772 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll20:47:01.0367 5772 RpcSs - ok20:47:01.0408 5772 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys20:47:01.0457 5772 rspndr - ok20:47:01.0474 5772 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe20:47:01.0492 5772 SamSs - ok20:47:01.0521 5772 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys20:47:01.0536 5772 sbp2port - ok20:47:01.0622 5772 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll20:47:01.0670 5772 SCardSvr - ok20:47:01.0762 5772 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll20:47:01.0805 5772 Schedule - ok20:47:01.0847 5772 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll20:47:01.0869 5772 SCPolicySvc - ok20:47:01.0921 5772 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll20:47:01.0968 5772 SDRSVC - ok20:47:01.0996 5772 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys20:47:02.0052 5772 secdrv - ok20:47:02.0077 5772 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll20:47:02.0154 5772 seclogon - ok20:47:02.0182 5772 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll20:47:02.0234 5772 SENS - ok20:47:02.0269 5772 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys20:47:02.0339 5772 Serenum - ok20:47:02.0372 5772 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys20:47:02.0421 5772 Serial - ok20:47:02.0451 5772 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys20:47:02.0480 5772 sermouse - ok20:47:02.0530 5772 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll20:47:02.0590 5772 SessionEnv - ok20:47:02.0622 5772 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys20:47:02.0644 5772 sffdisk - ok20:47:02.0685 5772 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys20:47:02.0713 5772 sffp_mmc - ok20:47:02.0718 5772 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys20:47:02.0746 5772 sffp_sd - ok20:47:02.0772 5772 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys20:47:02.0841 5772 sfloppy - ok20:47:02.0930 5772 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll20:47:02.0964 5772 SharedAccess - ok20:47:03.0016 5772 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll20:47:03.0051 5772 ShellHWDetection - ok20:47:03.0092 5772 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys20:47:03.0108 5772 sisagp - ok20:47:03.0125 5772 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys20:47:03.0140 5772 SiSRaid2 - ok20:47:03.0219 5772 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys20:47:03.0236 5772 SiSRaid4 - ok20:47:03.0370 5772 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files\Skype\Updater\Updater.exe20:47:03.0407 5772 SkypeUpdate - ok20:47:03.0827 5772 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe20:47:03.0941 5772 slsvc - ok20:47:04.0081 5772 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll20:47:04.0140 5772 SLUINotify - ok20:47:04.0212 5772 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys20:47:04.0274 5772 Smb - ok20:47:04.0316 5772 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe20:47:04.0359 5772 SNMPTRAP - ok20:47:04.0420 5772 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys20:47:04.0435 5772 spldr - ok20:47:04.0494 5772 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe20:47:04.0515 5772 Spooler - ok20:47:04.0520 5772 SRTSP - ok20:47:04.0528 5772 SRTSPX - ok20:47:04.0597 5772 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys20:47:04.0640 5772 srv - ok20:47:04.0700 5772 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys20:47:04.0763 5772 srv2 - ok20:47:04.0795 5772 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys20:47:04.0812 5772 srvnet - ok20:47:04.0848 5772 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll20:47:04.0899 5772 SSDPSRV - ok20:47:04.0946 5772 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll20:47:04.0966 5772 SstpSvc - ok20:47:05.0003 5772 Steam Client Service - ok20:47:05.0087 5772 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe20:47:05.0108 5772 Stereo Service - ok20:47:05.0156 5772 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys20:47:05.0179 5772 StillCam - ok20:47:05.0294 5772 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll20:47:05.0393 5772 stisvc - ok20:47:05.0448 5772 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys20:47:05.0463 5772 swenum - ok20:47:05.0549 5772 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll20:47:05.0578 5772 swprv - ok20:47:05.0593 5772 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys20:47:05.0607 5772 Symc8xx - ok20:47:05.0623 5772 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys20:47:05.0637 5772 Sym_hi - ok20:47:05.0653 5772 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys20:47:05.0667 5772 Sym_u3 - ok20:47:05.0794 5772 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll20:47:05.0871 5772 SysMain - ok20:47:05.0909 5772 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll20:47:05.0953 5772 TabletInputService - ok20:47:06.0008 5772 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll20:47:06.0053 5772 TapiSrv - ok20:47:06.0079 5772 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll20:47:06.0112 5772 TBS - ok20:47:06.0393 5772 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys20:47:06.0472 5772 Tcpip - ok20:47:06.0548 5772 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys20:47:06.0634 5772 Tcpip6 - ok20:47:06.0700 5772 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys20:47:06.0716 5772 tcpipreg - ok20:47:06.0742 5772 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys20:47:06.0788 5772 TDPIPE - ok20:47:06.0835 5772 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys20:47:06.0865 5772 TDTCP - ok20:47:06.0935 5772 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys20:47:06.0995 5772 tdx - ok20:47:07.0037 5772 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys20:47:07.0052 5772 TermDD - ok20:47:07.0140 5772 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll20:47:07.0225 5772 TermService - ok20:47:07.0293 5772 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll20:47:07.0315 5772 Themes - ok20:47:07.0361 5772 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll20:47:07.0392 5772 THREADORDER - ok20:47:07.0429 5772 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll20:47:07.0494 5772 TrkWks - ok20:47:07.0575 5772 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe20:47:07.0597 5772 TrustedInstaller - ok20:47:07.0642 5772 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys20:47:07.0691 5772 tssecsrv - ok20:47:07.0731 5772 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys20:47:07.0787 5772 tunmp - ok20:47:07.0837 5772 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys20:47:07.0875 5772 tunnel - ok20:47:07.0913 5772 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys20:47:07.0928 5772 uagp35 - ok20:47:08.0002 5772 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys20:47:08.0027 5772 udfs - ok20:47:08.0081 5772 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe20:47:08.0132 5772 UI0Detect - ok20:47:08.0161 5772 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys20:47:08.0176 5772 uliagpkx - ok20:47:08.0245 5772 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys20:47:08.0264 5772 uliahci - ok20:47:08.0317 5772 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys20:47:08.0332 5772 UlSata - ok20:47:08.0372 5772 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys20:47:08.0387 5772 ulsata2 - ok20:47:08.0435 5772 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys20:47:08.0484 5772 umbus - ok20:47:08.0545 5772 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll20:47:08.0580 5772 upnphost - ok20:47:08.0658 5772 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys20:47:08.0714 5772 usbccgp - ok20:47:08.0760 5772 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys20:47:08.0837 5772 usbcir - ok20:47:08.0879 5772 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys20:47:08.0925 5772 usbehci - ok20:47:08.0987 5772 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys20:47:09.0025 5772 usbhub - ok20:47:09.0080 5772 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys20:47:09.0102 5772 usbohci - ok20:47:09.0151 5772 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys20:47:09.0228 5772 usbprint - ok20:47:09.0296 5772 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS20:47:09.0332 5772 USBSTOR - ok20:47:09.0371 5772 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys20:47:09.0423 5772 usbuhci - ok20:47:09.0460 5772 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll20:47:09.0509 5772 UxSms - ok20:47:09.0582 5772 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe20:47:09.0644 5772 vds - ok20:47:09.0671 5772 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys20:47:09.0721 5772 vga - ok20:47:09.0747 5772 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys20:47:09.0777 5772 VgaSave - ok20:47:09.0822 5772 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys20:47:09.0837 5772 viaagp - ok20:47:09.0876 5772 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys20:47:09.0943 5772 ViaC7 - ok20:47:09.0974 5772 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys20:47:09.0988 5772 viaide - ok20:47:10.0007 5772 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys20:47:10.0022 5772 volmgr - ok20:47:10.0110 5772 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys20:47:10.0130 5772 volmgrx - ok20:47:10.0167 5772 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys20:47:10.0187 5772 volsnap - ok20:47:10.0234 5772 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys20:47:10.0251 5772 vsmraid - ok20:47:10.0364 5772 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe20:47:10.0441 5772 VSS - ok20:47:10.0496 5772 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll20:47:10.0528 5772 W32Time - ok20:47:10.0603 5772 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys20:47:10.0674 5772 WacomPen - ok20:47:10.0703 5772 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys20:47:10.0745 5772 Wanarp - ok20:47:10.0750 5772 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys20:47:10.0774 5772 Wanarpv6 - ok20:47:10.0816 5772 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll20:47:10.0844 5772 wcncsvc - ok20:47:10.0954 5772 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll20:47:11.0014 5772 WcsPlugInService - ok20:47:11.0144 5772 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys20:47:11.0160 5772 Wd - ok20:47:11.0256 5772 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys20:47:11.0281 5772 Wdf01000 - ok20:47:11.0304 5772 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll20:47:11.0337 5772 WdiServiceHost - ok20:47:11.0341 5772 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll20:47:11.0376 5772 WdiSystemHost - ok20:47:11.0449 5772 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll20:47:11.0474 5772 WebClient - ok20:47:11.0547 5772 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll20:47:11.0569 5772 Wecsvc - ok20:47:11.0605 5772 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll20:47:11.0654 5772 wercplsupport - ok20:47:11.0695 5772 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll20:47:11.0742 5772 WerSvc - ok20:47:11.0862 5772 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll20:47:11.0883 5772 WinDefend - ok20:47:11.0895 5772 WinHttpAutoProxySvc - ok20:47:12.0002 5772 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll20:47:12.0027 5772 Winmgmt - ok20:47:12.0232 5772 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll20:47:12.0324 5772 WinRM - ok20:47:12.0466 5772 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll20:47:12.0496 5772 Wlansvc - ok20:47:12.0571 5772 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys20:47:12.0631 5772 WmiAcpi - ok20:47:12.0780 5772 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe20:47:12.0804 5772 wmiApSrv - ok20:47:13.0090 5772 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe20:47:13.0158 5772 WMPNetworkSvc - ok20:47:13.0227 5772 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll20:47:13.0250 5772 WPCSvc - ok20:47:13.0305 5772 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll20:47:13.0355 5772 WPDBusEnum - ok20:47:13.0607 5772 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe20:47:13.0647 5772 WPFFontCache_v0400 - ok20:47:13.0746 5772 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys20:47:13.0799 5772 ws2ifsl - ok20:47:13.0863 5772 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll20:47:13.0884 5772 wscsvc - ok20:47:13.0932 5772 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys20:47:13.0954 5772 WSDPrintDevice - ok20:47:13.0960 5772 WSearch - ok20:47:14.0350 5772 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll20:47:14.0469 5772 wuauserv - ok20:47:14.0776 5772 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys20:47:14.0806 5772 WUDFRd - ok20:47:14.0840 5772 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll20:47:14.0905 5772 wudfsvc - ok20:47:14.0943 5772 MBR (0x1B8) (03ba8f890b47c0be359a4d5a636d214d) \Device\Harddisk0\DR020:47:15.0895 5772 \Device\Harddisk0\DR0 - ok20:47:15.0916 5772 Boot (0x1200) (4121ef82662f9c6374ff1f3d8c4520e5) \Device\Harddisk0\DR0\Partition020:47:15.0918 5772 \Device\Harddisk0\DR0\Partition0 - ok20:47:15.0937 5772 Boot (0x1200) (971b272ce8799a2ec500f4c7d978c41b) \Device\Harddisk0\DR0\Partition120:47:15.0939 5772 \Device\Harddisk0\DR0\Partition1 - ok20:47:15.0939 5772 ============================================================20:47:15.0939 5772 Scan finished20:47:15.0939 5772 ============================================================20:47:15.0957 6096 Detected object count: 520:47:15.0957 6096 Actual detected object count: 520:47:38.0330 6096 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user20:47:38.0330 6096 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip20:47:38.0332 6096 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user20:47:38.0332 6096 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip20:47:38.0336 6096 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user20:47:38.0336 6096 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip20:47:38.0339 6096 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user20:47:38.0339 6096 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip20:47:38.0347 6096 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user20:47:38.0347 6096 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip20:47:42.0737 5928 Deinitialize success Link to post Share on other sites More sharing options...
MrCharlie Posted July 23, 2012 ID:574817 Share Posted July 23, 2012 That scan was clean.............Please download and run ComboFix.The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.Please visit this webpage for download links, and instructions for running ComboFixhttp://www.bleepingc...to-use-combofixEnsure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Information on disabling your malware programs can be found Here.Make sure you run ComboFix from your desktop. Give it at least 30-45 minutes to finish if needed.Please include the C:\ComboFix.txt in your next reply for further review.---------->NOTE<----------If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed. Link to post Share on other sites More sharing options...
darkfire1713 Posted July 23, 2012 Author ID:574819 Share Posted July 23, 2012 Did i mention that i had avast use repair And it didnt come back up? i also deleted it a few files with Mbam So... Tell me if i should keep going or it im ok Link to post Share on other sites More sharing options...
MrCharlie Posted July 23, 2012 ID:574821 Share Posted July 23, 2012 You're here and I think it's important to run ComboFix , MrC Link to post Share on other sites More sharing options...
darkfire1713 Posted July 23, 2012 Author ID:574834 Share Posted July 23, 2012 ComboFix 12-07-21.01 - Noah 07/22/2012 21:11:34.1.2 - x86Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3070.1342 [GMT -5:00]Running from: c:\users\Noah\Desktop\ComboFix.exeAV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((( Files Created from 2012-06-23 to 2012-07-23 )))))))))))))))))))))))))))))))..2012-07-23 02:20 . 2012-07-23 02:20 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp2012-07-23 02:20 . 2012-07-23 02:20 -------- d-----w- c:\users\Default\AppData\Local\temp2012-07-23 00:39 . 2012-07-23 00:39 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AA7D4F3F-C465-48A1-A845-588A5B668EBA}\offreg.dll2012-07-22 22:08 . 2012-07-22 22:08 -------- d-----w- c:\users\Noah\AppData\Roaming\Malwarebytes2012-07-22 22:08 . 2012-07-22 22:08 -------- d-----w- c:\programdata\Malwarebytes2012-07-22 22:08 . 2012-07-03 18:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys2012-07-22 22:08 . 2012-07-22 22:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-07-22 20:20 . 2012-07-16 07:41 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AA7D4F3F-C465-48A1-A845-588A5B668EBA}\mpengine.dll2012-07-21 03:46 . 2012-07-21 04:35 -------- d-----w- c:\users\Noah\AppData\Roaming\Awesomium2012-07-15 16:28 . 2012-07-16 17:11 -------- d-----w- c:\program files\Common Files\BioWare2012-07-15 16:28 . 2012-07-15 16:28 -------- d-----w- c:\program files\Electronic Arts2012-07-15 04:57 . 2012-07-15 04:57 -------- d-----w- c:\program files\SystemRequirementsLab2012-07-15 04:57 . 2012-07-15 04:57 -------- d-----w- c:\users\Noah\AppData\Roaming\SystemRequirementsLab2012-07-14 04:02 . 2010-02-04 15:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll2012-07-14 04:02 . 2010-02-04 15:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll2012-07-14 04:02 . 2010-02-04 15:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll2012-07-14 04:02 . 2010-02-04 15:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll2012-07-14 04:02 . 2012-07-14 04:02 -------- d-----w- c:\program files\Microsoft XNA2012-07-14 01:11 . 2012-04-18 17:08 27968 ----a-w- c:\windows\system32\nvhdap32.dll2012-07-14 01:11 . 2012-04-18 17:08 148800 ----a-w- c:\windows\system32\drivers\nvhda32v.sys2012-07-14 01:11 . 2012-05-15 10:26 8105280 ----a-w- c:\windows\system32\nvwgf2um.dll2012-07-14 01:11 . 2012-05-15 10:26 19607872 ----a-w- c:\windows\system32\nvoglv32.dll2012-07-14 01:11 . 2012-05-15 10:26 11354944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys2012-07-14 01:11 . 2012-05-15 10:26 5982528 ----a-w- c:\windows\system32\nvcuda.dll2012-07-14 01:11 . 2012-05-15 10:26 2524992 ----a-w- c:\windows\system32\nvcuvid.dll2012-07-14 01:11 . 2012-05-15 10:26 2445120 ----a-w- c:\windows\system32\nvcuvenc.dll2012-07-14 01:11 . 2012-05-15 10:26 17551680 ----a-w- c:\windows\system32\nvcompiler.dll2012-07-11 17:47 . 2012-07-11 17:47 -------- d-----w- c:\users\Noah\AppData\Local\Macromedia2012-07-11 08:03 . 2012-06-13 13:40 2047488 ----a-w- c:\windows\system32\win32k.sys2012-07-11 08:01 . 2012-06-02 08:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb2012-07-11 07:44 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll2012-07-11 07:44 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll2012-07-11 07:44 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll2012-07-11 07:44 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys2012-07-11 07:44 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll2012-07-11 07:44 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll2012-07-11 02:20 . 2012-07-12 15:42 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment2012-07-11 02:19 . 2012-07-11 13:02 -------- d-----w- c:\programdata\Blizzard Entertainment2012-07-10 20:22 . 2012-07-22 23:11 -------- d-----w- c:\users\Noah\AppData\Roaming\.techniclauncher2012-07-06 00:57 . 2012-07-07 16:19 -------- d-----w- c:\users\Noah\AppData\Roaming\Xfire2012-07-03 15:29 . 2012-07-03 15:29 -------- d-----w- c:\users\Noah\AppData\Local\Adobe2012-07-03 14:00 . 2009-06-09 06:43 316928 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpfpp092.dll2012-07-03 13:58 . 2012-07-03 13:58 -------- d-----w- c:\program files\Common Files\HP2012-07-03 13:58 . 2012-07-03 13:58 -------- d-----w- c:\program files\Common Files\Hewlett-Packard2012-07-03 13:57 . 2012-07-03 13:57 -------- d-----w- c:\windows\hpoj4500g510n-z2012-07-03 13:56 . 2009-06-09 06:43 122880 ----a-w- c:\windows\system32\hpf3l092.dll2012-07-03 13:55 . 2012-07-03 13:55 -------- d-----w- c:\programdata\HP2012-07-03 13:55 . 2009-08-17 18:26 452408 ----a-w- c:\windows\system32\hpzids01.dll2012-07-03 13:55 . 2009-08-17 18:26 716288 ----a-w- c:\windows\system32\hpwwiax9.dll2012-07-03 13:55 . 2009-08-17 18:26 593920 ----a-w- c:\windows\system32\hpwtscl5.dll2012-07-03 13:55 . 2009-08-17 18:26 315392 ----a-w- c:\windows\system32\hpwvst01.dll2012-07-03 13:55 . 2009-08-17 18:34 372736 ----a-w- c:\windows\system32\hppldcoi.dll2012-07-03 13:55 . 2009-08-17 18:34 309760 ----a-w- c:\windows\system32\difxapi.dll2012-07-03 13:50 . 2008-01-21 02:23 89600 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL2012-07-03 13:23 . 2012-07-22 20:52 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll2012-07-03 13:23 . 2012-07-22 20:52 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll2012-07-03 11:08 . 2012-07-22 23:11 -------- d-----w- c:\programdata\Xfire2012-07-03 11:08 . 2012-07-03 11:08 -------- d-----w- c:\program files\Xfire2012-07-02 16:44 . 2012-07-02 18:22 -------- d-----w- c:\programdata\Apple2012-07-01 15:19 . 2008-05-30 19:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll2012-07-01 15:18 . 2007-03-15 21:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll2012-07-01 01:41 . 2009-03-18 22:35 26176 ---ha-w- c:\windows\system32\hamachi.sys2012-07-01 01:41 . 2012-07-01 01:41 -------- d-----w- c:\program files\LogMeIn Hamachi2012-06-29 17:13 . 2008-07-31 15:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll2012-06-29 17:13 . 2008-07-31 15:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll2012-06-29 17:13 . 2008-07-12 13:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll2012-06-29 17:13 . 2008-07-12 13:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll2012-06-29 17:13 . 2008-07-12 13:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll2012-06-29 17:06 . 2012-06-29 17:06 -------- d-----w- C:\Riot Games2012-06-29 16:16 . 2012-07-22 23:11 -------- d-----w- c:\programdata\PMB Files2012-06-29 16:16 . 2012-06-29 16:16 -------- d-----w- c:\program files\Pando Networks2012-06-29 15:36 . 2012-07-22 23:12 -------- d-----w- c:\users\Seth Da Jabroni...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-07-11 17:45 . 2012-05-08 04:14 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-07-11 17:45 . 2012-05-08 04:14 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-07-03 16:21 . 2012-05-06 23:12 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys2012-07-03 16:21 . 2012-05-06 23:12 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys2012-07-03 16:21 . 2012-05-06 23:12 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys2012-07-03 16:21 . 2012-05-06 23:12 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys2012-07-03 16:21 . 2012-05-06 23:12 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2012-07-03 16:21 . 2012-05-06 23:12 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys2012-07-03 16:21 . 2012-05-06 23:11 41224 ----a-w- c:\windows\avastSS.scr2012-07-03 16:21 . 2012-05-06 23:11 227648 ----a-w- c:\windows\system32\aswBoot.exe2012-06-16 00:17 . 2012-06-16 00:17 42432 ----a-w- c:\windows\system32\xfcodec.dll2012-06-02 22:19 . 2012-06-22 01:12 53784 ----a-w- c:\windows\system32\wuauclt.exe2012-06-02 22:19 . 2012-06-22 01:12 45080 ----a-w- c:\windows\system32\wups2.dll2012-06-02 22:19 . 2012-06-22 01:12 35864 ----a-w- c:\windows\system32\wups.dll2012-06-02 22:19 . 2012-06-22 01:12 577048 ----a-w- c:\windows\system32\wuapi.dll2012-06-02 22:19 . 2012-06-22 01:12 1933848 ----a-w- c:\windows\system32\wuaueng.dll2012-06-02 22:12 . 2012-06-22 01:12 2422272 ----a-w- c:\windows\system32\wucltux.dll2012-06-02 22:12 . 2012-06-22 01:12 88576 ----a-w- c:\windows\system32\wudriver.dll2012-06-02 20:19 . 2012-06-22 01:12 171904 ----a-w- c:\windows\system32\wuwebv.dll2012-06-02 20:12 . 2012-06-22 01:12 33792 ----a-w- c:\windows\system32\wuapp.exe2012-05-31 17:25 . 2012-05-07 06:42 237072 ------w- c:\windows\system32\MpSigStub.exe2012-05-21 08:18 . 2012-05-21 08:18 161792 ----a-w- c:\windows\system32\msls31.dll2012-05-21 08:18 . 2012-05-21 08:18 86528 ----a-w- c:\windows\system32\iesysprep.dll2012-05-21 08:18 . 2012-05-21 08:18 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe2012-05-21 08:18 . 2012-05-21 08:18 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe2012-05-21 08:18 . 2012-05-21 08:18 74752 ----a-w- c:\windows\system32\iesetup.dll2012-05-21 08:18 . 2012-05-21 08:18 63488 ----a-w- c:\windows\system32\tdc.ocx2012-05-21 08:18 . 2012-05-21 08:18 48640 ----a-w- c:\windows\system32\mshtmler.dll2012-05-21 08:18 . 2012-05-21 08:18 367104 ----a-w- c:\windows\system32\html.iec2012-05-21 08:18 . 2012-05-21 08:18 420864 ----a-w- c:\windows\system32\vbscript.dll2012-05-21 08:18 . 2012-05-21 08:18 23552 ----a-w- c:\windows\system32\licmgr10.dll2012-05-21 08:18 . 2012-05-21 08:18 152064 ----a-w- c:\windows\system32\wextract.exe2012-05-21 08:18 . 2012-05-21 08:18 150528 ----a-w- c:\windows\system32\iexpress.exe2012-05-21 08:18 . 2012-05-21 08:18 35840 ----a-w- c:\windows\system32\imgutil.dll2012-05-21 08:18 . 2012-05-21 08:18 11776 ----a-w- c:\windows\system32\mshta.exe2012-05-21 08:18 . 2012-05-21 08:18 110592 ----a-w- c:\windows\system32\IEAdvpack.dll2012-05-21 08:18 . 2012-05-21 08:18 101888 ----a-w- c:\windows\system32\admparse.dll2012-05-21 08:17 . 2012-05-21 08:17 98816 ----a-w- c:\windows\system32\mfps.dll2012-05-21 08:17 . 2012-05-21 08:17 979456 ----a-w- c:\windows\system32\MFH264Dec.dll2012-05-21 08:17 . 2012-05-21 08:17 586240 ----a-w- c:\windows\system32\stobject.dll2012-05-21 08:17 . 2012-05-21 08:17 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll2012-05-21 08:17 . 2012-05-21 08:17 302592 ----a-w- c:\windows\system32\mfmp4src.dll2012-05-21 08:17 . 2012-05-21 08:17 2873344 ----a-w- c:\windows\system32\mf.dll2012-05-21 08:17 . 2012-05-21 08:17 261632 ----a-w- c:\windows\system32\mfreadwrite.dll2012-05-21 08:17 . 2012-05-21 08:17 209920 ----a-w- c:\windows\system32\mfplat.dll2012-05-21 08:17 . 2012-05-21 08:17 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe2012-05-21 08:17 . 2012-05-21 08:17 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys2012-05-21 08:17 . 2012-05-21 08:17 486400 ----a-w- c:\windows\system32\d3d10level9.dll2012-05-21 08:17 . 2012-05-21 08:17 478720 ----a-w- c:\windows\system32\dxgi.dll2012-05-21 08:17 . 2012-05-21 08:17 37376 ----a-w- c:\windows\system32\cdd.dll2012-05-21 08:17 . 2012-05-21 08:17 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll2012-05-21 08:17 . 2012-05-21 08:17 258048 ----a-w- c:\windows\system32\winspool.drv2012-05-21 08:17 . 2012-05-21 08:17 189952 ----a-w- c:\windows\system32\d3d10core.dll2012-05-21 08:17 . 2012-05-21 08:17 135680 ----a-w- c:\windows\system32\XpsRasterService.dll2012-05-21 08:17 . 2012-05-21 08:17 1029120 ----a-w- c:\windows\system32\d3d10.dll2012-05-21 08:17 . 2012-05-21 08:17 847360 ----a-w- c:\windows\system32\OpcServices.dll2012-05-21 08:17 . 2012-05-21 08:17 1554432 ----a-w- c:\windows\system32\xpsservices.dll2012-05-21 08:16 . 2012-05-21 08:16 519680 ----a-w- c:\windows\system32\d3d11.dll2012-05-21 08:16 . 2012-05-21 08:16 4096 ----a-w- c:\windows\system32\drivers\en-US\dxgkrnl.sys.mui2012-05-21 08:16 . 2012-05-21 08:16 369664 ----a-w- c:\windows\system32\WMPhoto.dll2012-05-21 08:16 . 2012-05-21 08:16 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll2012-05-21 08:16 . 2012-05-21 08:16 252928 ----a-w- c:\windows\system32\dxdiag.exe2012-05-21 08:16 . 2012-05-21 08:16 195584 ----a-w- c:\windows\system32\dxdiagn.dll2012-05-21 08:16 . 2012-05-21 08:16 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll2012-05-21 08:16 . 2012-05-21 08:16 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll2012-05-15 10:26 . 2012-05-06 23:18 883008 ----a-w- c:\windows\system32\nvgenco32.dll2012-05-15 10:26 . 2012-05-06 23:18 61248 ----a-w- c:\windows\system32\OpenCL.dll2012-05-15 10:26 . 2012-05-06 23:18 15322432 ----a-w- c:\windows\system32\nvd3dum.dll2012-05-15 10:26 . 2012-05-06 23:18 1000768 ----a-w- c:\windows\system32\nvdispco32.dll2012-05-15 10:26 . 2012-05-06 23:18 2368832 ----a-w- c:\windows\system32\nvapi.dll2012-05-15 09:28 . 2012-05-06 23:20 62272 ----a-w- c:\windows\system32\nvshext.dll2012-05-15 09:28 . 2009-08-25 22:27 645440 ----a-w- c:\windows\system32\nvvsvc.exe2012-05-15 09:28 . 2009-08-25 22:27 108352 ----a-w- c:\windows\system32\nvmctray.dll2012-05-15 09:28 . 2009-08-25 22:27 3931456 ----a-w- c:\windows\system32\nvcpl.dll2012-05-15 09:27 . 2009-08-25 22:27 2759488 ----a-w- c:\windows\system32\nvsvc.dll2012-05-15 07:21 . 2012-05-15 07:21 423744 ----a-w- c:\windows\system32\nvStreaming.exe2012-05-07 23:08 . 2012-05-07 23:09 772552 ----a-w- c:\windows\system32\npDeployJava1.dll2012-05-07 23:08 . 2012-05-07 23:09 687560 ----a-w- c:\windows\system32\deployJava1.dll2012-05-01 14:03 . 2012-06-13 23:07 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys2012-07-22 20:52 . 2012-05-08 04:11 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Steam"="c:\program files\Steam\steam.exe" [2012-05-06 1242448]"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-03 17417392].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"hpsysdrv"="c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]"HP Remote Software"="c:\program files\Hewlett-Packard\HP Remote\HP REMOTE V1.0.5.exe" [2009-02-06 143360]"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-04 75016]"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]"UpdatePSTShortCut"="c:\program files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" [2009-02-02 210216]"TSMAgent"="c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2009-04-10 1328424]"CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2009-04-10 185640]"DVDAgent"="c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2009-03-19 1148200]"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-03-06 915512]"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-06 224616]"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk - c:\program files\PictureMover\Bin\PictureMover.exe [2009-2-9 430080].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0).--- Other Services/Drivers In Memory ---.*NewlyCreated* - 56258551*NewlyCreated* - TRUESIGHT*Deregistered* - 56258551*Deregistered* - TrueSight.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalServiceAndNoImpersonation REG_MULTI_SZ FontCacheHPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12HPService REG_MULTI_SZ HPSLPSVC.Contents of the 'Scheduled Tasks' folder.2012-07-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2541054473-77353862-820802506-1000Core.job- c:\users\Noah\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-06 22:57].2012-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2541054473-77353862-820802506-1000UA.job- c:\users\Noah\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-06 22:57].2012-06-30 c:\windows\Tasks\PCDRScheduledMaintenance.job- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-02-02 19:00]..------- Supplementary Scan -------.uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cndtmStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cndtTCP: DhcpNameServer = 192.168.2.1FF - ProfilePath - c:\users\Noah\AppData\Roaming\Mozilla\Firefox\Profiles\sevabk2e.default\FF - prefs.js: browser.startup.homepage - hxxp://www.youtube.com/..**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2012-07-22 21:20Windows 6.0.6002 Service Pack 2 NTFS.scanning hidden processes ... .scanning hidden autostart entries ....scanning hidden files ... ..C:\avast! sandbox.scan completed successfullyhidden files: 1.**************************************************************************.[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security]"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1".[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCDSRVC{4F253FFC-7957E8FC-06000000}_0]"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc.pkms".Completion time: 2012-07-22 21:23:20ComboFix-quarantined-files.txt 2012-07-23 02:23.Pre-Run: 183,063,511,040 bytes freePost-Run: 180,601,483,264 bytes free.- - End Of File - - 0831A7235B415D0CBBE4C4673BEBB7D5 Link to post Share on other sites More sharing options...
MrCharlie Posted July 23, 2012 ID:574843 Share Posted July 23, 2012 Looks Good.....Please Update and run a Quick Scan with MBAM, post the report.Make sure that everything is checked, and click Remove Selected.--------------------------If it's OK...you're Good To Go.A little clean up to do....Please Uninstall ComboFix: (if you used it)Press the Windows logo key + R to bring up the "run box"Copy and paste next command in the field:ComboFix /uninstallMake sure there's a space between Combofix and /Then hit enter.This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point---------------------------------Please download OTL from one of the links below: (you may already have OTL on the system)http://oldtimer.geekstogo.com/OTL.exehttp://oldtimer.geekstogo.com/OTL.comSave it to your desktop.Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)Any other programs or logs you can manually delete.IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, etc....-------------------------------Any questions...please post back.If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.Take a look at My Preventive Maintenance to avoid being infected again.Good Luck and Thanks for using the forum, MrC Link to post Share on other sites More sharing options...
darkfire1713 Posted July 23, 2012 Author ID:574848 Share Posted July 23, 2012 Malwarebytes Anti-Malware (Trial) 1.62.0.1300www.malwarebytes.orgDatabase version: v2012.07.22.11Windows Vista Service Pack 2 x86 NTFSInternet Explorer 9.0.8112.16421Noah :: NOAH-PC [administrator]Protection: Disabled7/22/2012 9:36:54 PMmbam-log-2012-07-22 (21-36-54).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 218688Time elapsed: 3 minute(s), 44 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected) Link to post Share on other sites More sharing options...
MrCharlie Posted July 23, 2012 ID:574855 Share Posted July 23, 2012 How is it?? MrC Link to post Share on other sites More sharing options...
darkfire1713 Posted July 23, 2012 Author ID:574856 Share Posted July 23, 2012 Also Could i remove Mbam? Link to post Share on other sites More sharing options...
darkfire1713 Posted July 23, 2012 Author ID:574858 Share Posted July 23, 2012 Everything seems fine Im checking all tasks right now in task manager Link to post Share on other sites More sharing options...
MrCharlie Posted July 23, 2012 ID:574862 Share Posted July 23, 2012 Great, Take care...... MrC Link to post Share on other sites More sharing options...
darkfire1713 Posted July 23, 2012 Author ID:574864 Share Posted July 23, 2012 Can i remove Mbam? Link to post Share on other sites More sharing options...
MrCharlie Posted July 23, 2012 ID:574866 Share Posted July 23, 2012 If you like, MrC Link to post Share on other sites More sharing options...
Maurice Naggar Posted July 23, 2012 ID:575034 Share Posted July 23, 2012 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts