Redirect Virus affecting All browsers

[Toology]

Hey guys, hoping for some help here. I've exhausted all my knowledge with this and haven't gotten anywhere. You all are my last hope before a total fresh install of Windows.

I'm getting redirects in every browser, from clicking on results from search queries from google, bing etc.

I've ran quite a few different things, Malwarebytes and then a few other popular cleaners, the ESET online scanner, combofix, TDSS killer. Nothing has helped.

Going to post my logs from these, hopefully I can get some help. I really don't want to have to reformat my drive and end up playing the reinstall game with 20 different programs if at all possible.

First: Malwarebytes finds zero threats.

Second: ESET found this:

C:\Qoobox\Quarantine\C\Windows\Installer\{5144d4c4-f38c-131e-ada9-cf5119e03c54}\U\80000000.@.vir Win64/Sirefef.AP trojan cleaned by deleting - quarantined

C:\Windows\System32\user32.dll Win32/Bamital.FQ trojan unable to clean

C:\Windows\SysWOW64\user32.dll Win32/Bamital.FQ trojan unable to clean

C:\Windows\winsxs\Temp\PendingDeletes\$$DeleteMe.services.exe.01cd7b5f94093b0b.0000 Win64/Patched.B.Gen trojan deleted - quarantined

M:\Music\[T - W]\The Offspring\2008 - Rise and Fall, Rage and Grace\08 - Offspring - Nothingtown.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan cleaned - quarantined

Operating memory Win32/Bamital.FQ trojan

TDSS Killer log:

01:42:16.0617 3916 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05

01:42:17.0121 3916 ============================================================

01:42:17.0121 3916 Current date / time: 2012/08/16 01:42:17.0121

01:42:17.0121 3916 SystemInfo:

01:42:17.0121 3916

01:42:17.0121 3916 OS Version: 6.1.7601 ServicePack: 1.0

01:42:17.0121 3916 Product type: Workstation

01:42:17.0121 3916 ComputerName: BOYBLUE-PC

01:42:17.0121 3916 UserName: BoyBlue

01:42:17.0121 3916 Windows directory: C:\Windows

01:42:17.0121 3916 System windows directory: C:\Windows

01:42:17.0121 3916 Running under WOW64

01:42:17.0121 3916 Processor architecture: Intel x64

01:42:17.0121 3916 Number of processors: 8

01:42:17.0121 3916 Page size: 0x1000

01:42:17.0121 3916 Boot type: Normal boot

01:42:17.0121 3916 ============================================================

01:42:17.0248 3916 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0xD72C, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040

01:42:17.0248 3916 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

01:42:17.0252 3916 ============================================================

01:42:17.0252 3916 \Device\Harddisk0\DR0:

01:42:17.0252 3916 MBR partitions:

01:42:17.0252 3916 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

01:42:17.0252 3916 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800

01:42:17.0252 3916 \Device\Harddisk1\DR1:

01:42:17.0471 3916 MBR partitions:

01:42:17.0471 3916 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3D090000

01:42:17.0471 3916 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3D090800, BlocksNum 0x37675000

01:42:17.0471 3916 ============================================================

01:42:17.0472 3916 C: <-> \Device\Harddisk0\DR0\Partition2

01:42:17.0485 3916 M: <-> \Device\Harddisk1\DR1\Partition1

01:42:17.0486 3916 A: <-> \Device\Harddisk1\DR1\Partition2

01:42:17.0486 3916 ============================================================

01:42:17.0487 3916 Initialize success

01:42:17.0487 3916 ============================================================

01:42:32.0072 2504 ============================================================

01:42:32.0072 2504 Scan started

01:42:32.0072 2504 Mode: Manual; SigCheck; TDLFS;

01:42:32.0072 2504 ============================================================

01:42:32.0126 2504 ================ Scan services =============================

01:42:32.0131 2504 [ 7d9d615201a483d6fa99491c2e655a5a ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

01:42:32.0163 2504 !SASCORE - ok

01:42:32.0196 2504 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

01:42:32.0208 2504 1394ohci - ok

01:42:32.0213 2504 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

01:42:32.0221 2504 ACPI - ok

01:42:32.0223 2504 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

01:42:32.0238 2504 AcpiPmi - ok

01:42:32.0259 2504 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

01:42:32.0266 2504 AdobeFlashPlayerUpdateSvc - ok

01:42:32.0273 2504 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

01:42:32.0284 2504 adp94xx - ok

01:42:32.0288 2504 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

01:42:32.0298 2504 adpahci - ok

01:42:32.0301 2504 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

01:42:32.0308 2504 adpu320 - ok

01:42:32.0311 2504 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

01:42:32.0331 2504 AeLookupSvc - ok

01:42:32.0337 2504 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys

01:42:32.0349 2504 AFD - ok

01:42:32.0351 2504 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

01:42:32.0357 2504 agp440 - ok

01:42:32.0360 2504 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe

01:42:32.0367 2504 ALG - ok

01:42:32.0369 2504 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys

01:42:32.0374 2504 aliide - ok

01:42:32.0376 2504 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys

01:42:32.0381 2504 amdide - ok

01:42:32.0383 2504 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

01:42:32.0391 2504 AmdK8 - ok

01:42:32.0393 2504 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

01:42:32.0400 2504 AmdPPM - ok

01:42:32.0403 2504 [ 6ec6d772eae38dc17c14aed9b178d24b ] amdsata C:\Windows\system32\drivers\amdsata.sys

01:42:32.0409 2504 amdsata - ok

01:42:32.0412 2504 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

01:42:32.0420 2504 amdsbs - ok

01:42:32.0422 2504 [ 1142a21db581a84ea5597b03a26ebaa0 ] amdxata C:\Windows\system32\drivers\amdxata.sys

01:42:32.0427 2504 amdxata - ok

01:42:32.0429 2504 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys

01:42:32.0453 2504 AppID - ok

01:42:32.0455 2504 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

01:42:32.0475 2504 AppIDSvc - ok

01:42:32.0478 2504 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll

01:42:32.0497 2504 Appinfo - ok

01:42:32.0503 2504 [ 7ef47644b74ebe721cc32211d3c35e76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

01:42:32.0508 2504 Apple Mobile Device - ok

01:42:32.0513 2504 [ 4aba3e75a76195a3e38ed2766c962899 ] AppMgmt C:\Windows\System32\appmgmts.dll

01:42:32.0521 2504 AppMgmt - ok

01:42:32.0524 2504 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys

01:42:32.0530 2504 arc - ok

01:42:32.0532 2504 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

01:42:32.0538 2504 arcsas - ok

01:42:32.0540 2504 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

01:42:32.0560 2504 AsyncMac - ok

01:42:32.0562 2504 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys

01:42:32.0567 2504 atapi - ok

01:42:32.0574 2504 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

01:42:32.0597 2504 AudioEndpointBuilder - ok

01:42:32.0603 2504 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

01:42:32.0625 2504 AudioSrv - ok

01:42:32.0630 2504 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll

01:42:32.0640 2504 AxInstSV - ok

01:42:32.0646 2504 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

01:42:32.0657 2504 b06bdrv - ok

01:42:32.0662 2504 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

01:42:32.0671 2504 b57nd60a - ok

01:42:32.0675 2504 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll

01:42:32.0683 2504 BDESVC - ok

01:42:32.0685 2504 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

01:42:32.0705 2504 Beep - ok

01:42:32.0715 2504 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll

01:42:32.0738 2504 BFE - ok

01:42:32.0741 2504 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

01:42:32.0748 2504 blbdrive - ok

01:42:32.0754 2504 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

01:42:32.0762 2504 Bonjour Service - ok

01:42:32.0765 2504 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

01:42:32.0772 2504 bowser - ok

01:42:32.0774 2504 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

01:42:32.0788 2504 BrFiltLo - ok

01:42:32.0789 2504 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

01:42:32.0797 2504 BrFiltUp - ok

01:42:32.0799 2504 [ 5c2f352a4e961d72518261257aae204b ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

01:42:32.0819 2504 BridgeMP - ok

01:42:32.0822 2504 [ 05f5a0d14a2ee1d8255c2aa0e9e8e694 ] Browser C:\Windows\System32\browser.dll

01:42:32.0829 2504 Browser - ok

01:42:32.0833 2504 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys

01:42:32.0843 2504 Brserid - ok

01:42:32.0845 2504 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

01:42:32.0854 2504 BrSerWdm - ok

01:42:32.0856 2504 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

01:42:32.0864 2504 BrUsbMdm - ok

01:42:32.0865 2504 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

01:42:32.0872 2504 BrUsbSer - ok

01:42:32.0874 2504 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

01:42:32.0883 2504 BTHMODEM - ok

01:42:32.0886 2504 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll

01:42:32.0906 2504 bthserv - ok

01:42:32.0907 2504 catchme - ok

01:42:32.0910 2504 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

01:42:32.0931 2504 cdfs - ok

01:42:32.0934 2504 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

01:42:32.0943 2504 cdrom - ok

01:42:32.0946 2504 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll

01:42:32.0966 2504 CertPropSvc - ok

01:42:32.0968 2504 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys

01:42:32.0977 2504 circlass - ok

01:42:32.0982 2504 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys

01:42:32.0991 2504 CLFS - ok

01:42:32.0997 2504 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

01:42:33.0002 2504 clr_optimization_v2.0.50727_32 - ok

01:42:33.0008 2504 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

01:42:33.0014 2504 clr_optimization_v2.0.50727_64 - ok

01:42:33.0016 2504 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

01:42:33.0023 2504 CmBatt - ok

01:42:33.0025 2504 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys

01:42:33.0030 2504 cmdide - ok

01:42:33.0036 2504 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys

01:42:33.0050 2504 CNG - ok

01:42:33.0052 2504 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

01:42:33.0058 2504 Compbatt - ok

01:42:33.0060 2504 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

01:42:33.0068 2504 CompositeBus - ok

01:42:33.0070 2504 COMSysApp - ok

01:42:33.0073 2504 [ c08063f052308b6f5882482615387f30 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys

01:42:33.0081 2504 cpuz135 - ok

01:42:33.0083 2504 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

01:42:33.0088 2504 crcdisk - ok

01:42:33.0092 2504 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

01:42:33.0100 2504 CryptSvc - ok

01:42:33.0108 2504 [ 54da3dfd29ed9f1619b6f53f3ce55e49 ] CSC C:\Windows\system32\drivers\csc.sys

01:42:33.0120 2504 CSC - ok

01:42:33.0127 2504 [ 3ab183ab4d2c79dcf459cd2c1266b043 ] CscService C:\Windows\System32\cscsvc.dll

01:42:33.0137 2504 CscService - ok

01:42:33.0143 2504 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll

01:42:33.0168 2504 DcomLaunch - ok

01:42:33.0173 2504 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll

01:42:33.0195 2504 defragsvc - ok

01:42:33.0198 2504 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

01:42:33.0217 2504 DfsC - ok

01:42:33.0222 2504 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll

01:42:33.0242 2504 Dhcp - ok

01:42:33.0245 2504 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys

01:42:33.0265 2504 discache - ok

01:42:33.0268 2504 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys

01:42:33.0274 2504 Disk - ok

01:42:33.0277 2504 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

01:42:33.0284 2504 Dnscache - ok

01:42:33.0288 2504 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll

01:42:33.0309 2504 dot3svc - ok

01:42:33.0312 2504 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll

01:42:33.0332 2504 DPS - ok

01:42:33.0334 2504 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

01:42:33.0342 2504 drmkaud - ok

01:42:33.0347 2504 [ 46571ed73ae84469dca53081d33cf3c8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys

01:42:33.0354 2504 dtsoftbus01 - ok

01:42:33.0364 2504 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

01:42:33.0378 2504 DXGKrnl - ok

01:42:33.0382 2504 [ 6bafd9819d9fec2edbaebc8493c711a4 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys

01:42:33.0389 2504 e1cexpress - ok

01:42:33.0391 2504 EagleX64 - ok

01:42:33.0394 2504 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll

01:42:33.0415 2504 EapHost - ok

01:42:33.0438 2504 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

01:42:33.0472 2504 ebdrv - ok

01:42:33.0475 2504 [ c569787c4b633a94d27f4d9c4e3b602b ] EfiVariable C:\Windows\SysWOW64\Drivers\variable64.sys

01:42:33.0481 2504 EfiVariable - ok

01:42:33.0483 2504 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe

01:42:33.0488 2504 EFS - ok

01:42:33.0496 2504 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

01:42:33.0509 2504 ehRecvr - ok

01:42:33.0512 2504 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe

01:42:33.0519 2504 ehSched - ok

01:42:33.0525 2504 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

01:42:33.0536 2504 elxstor - ok

01:42:33.0538 2504 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys

01:42:33.0545 2504 ErrDev - ok

01:42:33.0551 2504 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll

01:42:33.0573 2504 EventSystem - ok

01:42:33.0576 2504 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys

01:42:33.0597 2504 exfat - ok

01:42:33.0600 2504 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys

01:42:33.0622 2504 fastfat - ok

01:42:33.0631 2504 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe

01:42:33.0644 2504 Fax - ok

01:42:33.0646 2504 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys

01:42:33.0652 2504 fdc - ok

01:42:33.0654 2504 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll

01:42:33.0673 2504 fdPHost - ok

01:42:33.0675 2504 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

01:42:33.0695 2504 FDResPub - ok

01:42:33.0697 2504 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

01:42:33.0702 2504 FileInfo - ok

01:42:33.0704 2504 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

01:42:33.0723 2504 Filetrace - ok

01:42:33.0725 2504 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

01:42:33.0731 2504 flpydisk - ok

01:42:33.0735 2504 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

01:42:33.0744 2504 FltMgr - ok

01:42:33.0754 2504 [ b4447f606bb19fd8ad0bafb59b90f5d9 ] FontCache C:\Windows\system32\FntCache.dll

01:42:33.0779 2504 FontCache - ok

01:42:33.0782 2504 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

01:42:33.0788 2504 FontCache3.0.0.0 - ok

01:42:33.0790 2504 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

01:42:33.0796 2504 FsDepends - ok

01:42:33.0798 2504 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

01:42:33.0803 2504 Fs_Rec - ok

01:42:33.0808 2504 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

01:42:33.0818 2504 fvevol - ok

01:42:33.0821 2504 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

01:42:33.0826 2504 gagp30kx - ok

01:42:33.0829 2504 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

01:42:33.0833 2504 GEARAspiWDM - ok

01:42:33.0840 2504 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll

01:42:33.0863 2504 gpsvc - ok

01:42:33.0866 2504 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

01:42:33.0873 2504 hcw85cir - ok

01:42:33.0877 2504 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

01:42:33.0889 2504 HdAudAddService - ok

01:42:33.0891 2504 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

01:42:33.0900 2504 HDAudBus - ok

01:42:33.0902 2504 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

01:42:33.0908 2504 HidBatt - ok

01:42:33.0911 2504 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

01:42:33.0920 2504 HidBth - ok

01:42:33.0923 2504 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

01:42:33.0931 2504 HidIr - ok

01:42:33.0933 2504 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\System32\hidserv.dll

01:42:33.0953 2504 hidserv - ok

01:42:33.0955 2504 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

01:42:33.0961 2504 HidUsb - ok

01:42:33.0964 2504 [ 5350aef38ca2d8885f47d4455e7ef4ee ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe

01:42:33.0966 2504 HiPatchService ( UnsignedFile.Multi.Generic ) - warning

01:42:33.0966 2504 HiPatchService - detected UnsignedFile.Multi.Generic (1)

01:42:33.0969 2504 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll

01:42:33.0989 2504 hkmsvc - ok

01:42:33.0993 2504 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll

01:42:34.0001 2504 HomeGroupListener - ok

01:42:34.0005 2504 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

01:42:34.0012 2504 HomeGroupProvider - ok

01:42:34.0014 2504 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

01:42:34.0020 2504 HpSAMD - ok

01:42:34.0028 2504 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

01:42:34.0054 2504 HTTP - ok

01:42:34.0056 2504 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

01:42:34.0061 2504 hwpolicy - ok

01:42:34.0063 2504 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

01:42:34.0070 2504 i8042prt - ok

01:42:34.0075 2504 [ f7ce9be72edac499b713eca6dae5d26f ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

01:42:34.0083 2504 iaStor - ok

01:42:34.0086 2504 [ b25f192ea1f84a316eb7c19efcccf33d ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

01:42:34.0090 2504 IAStorDataMgrSvc - ok

01:42:34.0095 2504 [ 3df4395a7cf8b7a72a5f4606366b8c2d ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

01:42:34.0105 2504 iaStorV - ok

01:42:34.0113 2504 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

01:42:34.0127 2504 idsvc - ok

01:42:34.0129 2504 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

01:42:34.0135 2504 iirsp - ok

01:42:34.0143 2504 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll

01:42:34.0170 2504 IKEEXT - ok

01:42:34.0195 2504 [ c03463214d23b46b991f582821c8df69 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

01:42:34.0221 2504 IntcAzAudAddService - ok

01:42:34.0223 2504 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys

01:42:34.0228 2504 intelide - ok

01:42:34.0231 2504 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

01:42:34.0237 2504 intelppm - ok

01:42:34.0240 2504 [ 068ec06f3b6dd7b81b365d8fd2ce27e6 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe

01:42:34.0246 2504 Intel® PROSet Monitoring Service - ok

01:42:34.0248 2504 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll

01:42:34.0268 2504 IPBusEnum - ok

01:42:34.0271 2504 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

01:42:34.0290 2504 IpFilterDriver - ok

01:42:34.0298 2504 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

01:42:34.0320 2504 iphlpsvc - ok

01:42:34.0323 2504 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

01:42:34.0330 2504 IPMIDRV - ok

01:42:34.0332 2504 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

01:42:34.0353 2504 IPNAT - ok

01:42:34.0362 2504 [ 50d6ccc6ff5561f9f56946b3e6164fb8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

01:42:34.0373 2504 iPod Service - ok

01:42:34.0376 2504 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

01:42:34.0384 2504 IRENUM - ok

01:42:34.0386 2504 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

01:42:34.0391 2504 isapnp - ok

01:42:34.0396 2504 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

01:42:34.0404 2504 iScsiPrt - ok

01:42:34.0406 2504 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

01:42:34.0411 2504 kbdclass - ok

01:42:34.0413 2504 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

01:42:34.0419 2504 kbdhid - ok

01:42:34.0421 2504 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe

01:42:34.0426 2504 KeyIso - ok

01:42:34.0429 2504 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

01:42:34.0434 2504 KSecDD - ok

01:42:34.0437 2504 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

01:42:34.0444 2504 KSecPkg - ok

01:42:34.0446 2504 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

01:42:34.0464 2504 ksthunk - ok

01:42:34.0469 2504 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll

01:42:34.0491 2504 KtmRm - ok

01:42:34.0496 2504 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\System32\srvsvc.dll

01:42:34.0516 2504 LanmanServer - ok

01:42:34.0519 2504 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

01:42:34.0538 2504 LanmanWorkstation - ok

01:42:34.0541 2504 [ fa529fb35694c24bf98a9ef67c1cd9d0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys

01:42:34.0546 2504 LGBusEnum - ok

01:42:34.0548 2504 [ 94b29ce153765e768f004fb3440be2b0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys

01:42:34.0551 2504 LGVirHid - ok

01:42:34.0553 2504 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

01:42:34.0572 2504 lltdio - ok

01:42:34.0577 2504 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll

01:42:34.0598 2504 lltdsvc - ok

01:42:34.0600 2504 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll

01:42:34.0620 2504 lmhosts - ok

01:42:34.0623 2504 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

01:42:34.0630 2504 LSI_FC - ok

01:42:34.0632 2504 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

01:42:34.0638 2504 LSI_SAS - ok

01:42:34.0641 2504 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

01:42:34.0646 2504 LSI_SAS2 - ok

01:42:34.0649 2504 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

01:42:34.0655 2504 LSI_SCSI - ok

01:42:34.0658 2504 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys

01:42:34.0678 2504 luafv - ok

01:42:34.0681 2504 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

01:42:34.0689 2504 Mcx2Svc - ok

01:42:34.0691 2504 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

01:42:34.0696 2504 megasas - ok

01:42:34.0700 2504 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

01:42:34.0709 2504 MegaSR - ok

01:42:34.0711 2504 [ 1c6e73fc46b509eff9d0086aa37132df ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

01:42:34.0715 2504 MEIx64 - ok

01:42:34.0718 2504 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll

01:42:34.0737 2504 MMCSS - ok

01:42:34.0739 2504 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys

01:42:34.0758 2504 Modem - ok

01:42:34.0760 2504 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys

01:42:34.0768 2504 monitor - ok

01:42:34.0770 2504 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

01:42:34.0775 2504 mouclass - ok

01:42:34.0777 2504 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

01:42:34.0783 2504 mouhid - ok

01:42:34.0786 2504 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

01:42:34.0792 2504 mountmgr - ok

01:42:34.0794 2504 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

01:42:34.0800 2504 MozillaMaintenance - ok

01:42:34.0803 2504 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys

01:42:34.0810 2504 mpio - ok

01:42:34.0812 2504 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

01:42:34.0832 2504 mpsdrv - ok

01:42:34.0841 2504 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll

01:42:34.0865 2504 MpsSvc - ok

01:42:34.0868 2504 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

01:42:34.0879 2504 MRxDAV - ok

01:42:34.0883 2504 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

01:42:34.0890 2504 mrxsmb - ok

01:42:34.0894 2504 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

01:42:34.0903 2504 mrxsmb10 - ok

01:42:34.0907 2504 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

01:42:34.0913 2504 mrxsmb20 - ok

01:42:34.0916 2504 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys

01:42:34.0921 2504 msahci - ok

01:42:34.0924 2504 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

01:42:34.0930 2504 msdsm - ok

01:42:34.0933 2504 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe

01:42:34.0942 2504 MSDTC - ok

01:42:34.0945 2504 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

01:42:34.0964 2504 Msfs - ok

01:42:34.0966 2504 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

01:42:34.0984 2504 mshidkmdf - ok

01:42:34.0986 2504 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

01:42:34.0991 2504 msisadrv - ok

01:42:34.0994 2504 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

01:42:35.0016 2504 MSiSCSI - ok

01:42:35.0018 2504 msiserver - ok

01:42:35.0020 2504 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

01:42:35.0039 2504 MSKSSRV - ok

01:42:35.0041 2504 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

01:42:35.0061 2504 MSPCLOCK - ok

01:42:35.0063 2504 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

01:42:35.0082 2504 MSPQM - ok

01:42:35.0087 2504 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

01:42:35.0096 2504 MsRPC - ok

01:42:35.0099 2504 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

01:42:35.0105 2504 mssmbios - ok

01:42:35.0107 2504 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

01:42:35.0126 2504 MSTEE - ok

01:42:35.0128 2504 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

01:42:35.0135 2504 MTConfig - ok

01:42:35.0137 2504 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys

01:42:35.0142 2504 Mup - ok

01:42:35.0145 2504 [ 31a4631d77b2357ac9618e2a60021f11 ] NAL C:\Windows\system32\Drivers\iqvw64e.sys

01:42:35.0150 2504 NAL - ok

01:42:35.0156 2504 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll

01:42:35.0180 2504 napagent - ok

01:42:35.0184 2504 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

01:42:35.0196 2504 NativeWifiP - ok

01:42:35.0206 2504 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys

01:42:35.0222 2504 NDIS - ok

01:42:35.0224 2504 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

01:42:35.0243 2504 NdisCap - ok

01:42:35.0245 2504 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

01:42:35.0264 2504 NdisTapi - ok

01:42:35.0267 2504 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

01:42:35.0286 2504 Ndisuio - ok

01:42:35.0290 2504 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

01:42:35.0311 2504 NdisWan - ok

01:42:35.0314 2504 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

01:42:35.0333 2504 NDProxy - ok

01:42:35.0335 2504 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

01:42:35.0355 2504 NetBIOS - ok

01:42:35.0359 2504 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

01:42:35.0380 2504 NetBT - ok

01:42:35.0382 2504 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe

01:42:35.0388 2504 Netlogon - ok

01:42:35.0393 2504 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll

01:42:35.0414 2504 Netman - ok

01:42:35.0420 2504 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll

01:42:35.0443 2504 netprofm - ok

01:42:35.0445 2504 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

01:42:35.0451 2504 NetTcpPortSharing - ok

01:42:35.0453 2504 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

01:42:35.0459 2504 nfrd960 - ok

01:42:35.0464 2504 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

01:42:35.0485 2504 NlaSvc - ok

01:42:35.0487 2504 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

01:42:35.0506 2504 Npfs - ok

01:42:35.0509 2504 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll

01:42:35.0529 2504 nsi - ok

01:42:35.0531 2504 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

01:42:35.0550 2504 nsiproxy - ok

01:42:35.0566 2504 [ 05d78aa5cb5f3f5c31160bdb955d0b7c ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

01:42:35.0590 2504 Ntfs - ok

01:42:35.0592 2504 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys

01:42:35.0612 2504 Null - ok

01:42:35.0614 2504 [ c25cc69829e976c67b34152334eeddd1 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys

01:42:35.0620 2504 nusb3hub - ok

01:42:35.0623 2504 [ 20bc4b57a6dba0447adb3b623c200f8e ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys

01:42:35.0630 2504 nusb3xhc - ok

01:42:35.0633 2504 [ 8d4aac74b571fc356560e5b308955e93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys

01:42:35.0640 2504 NVHDA - ok

01:42:35.0746 2504 [ 0eb204639119370f5f8f2871fbf4e14b ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

01:42:35.0868 2504 nvlddmkm - ok

01:42:35.0873 2504 [ 5d9fd91f3d38dc9da01e3cb5fa89cd48 ] nvraid C:\Windows\system32\drivers\nvraid.sys

01:42:35.0880 2504 nvraid - ok

01:42:35.0883 2504 [ f7cd50fe7139f07e77da8ac8033d1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys

01:42:35.0890 2504 nvstor - ok

01:42:35.0899 2504 [ 32ff8ee6dcee5c0cb91ff892fb1ca364 ] nvsvc C:\Windows\system32\nvvsvc.exe

01:42:35.0912 2504 nvsvc - ok

01:42:35.0931 2504 [ bd012dc22c78be1071bc21eb125d782f ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

01:42:35.0956 2504 nvUpdatusService - ok

01:42:35.0959 2504 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

01:42:35.0966 2504 nv_agp - ok

01:42:35.0973 2504 [ 785f487a64950f3cb8e9f16253ba3b7b ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

01:42:35.0983 2504 odserv - ok

01:42:35.0985 2504 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

01:42:35.0992 2504 ohci1394 - ok

01:42:35.0995 2504 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

01:42:36.0001 2504 ose - ok

01:42:36.0007 2504 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

01:42:36.0016 2504 p2pimsvc - ok

01:42:36.0022 2504 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll

01:42:36.0032 2504 p2psvc - ok

01:42:36.0035 2504 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

01:42:36.0042 2504 Parport - ok

01:42:36.0044 2504 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys

01:42:36.0050 2504 partmgr - ok

01:42:36.0053 2504 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

01:42:36.0063 2504 PcaSvc - ok

01:42:36.0066 2504 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys

01:42:36.0073 2504 pci - ok

01:42:36.0075 2504 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys

01:42:36.0080 2504 pciide - ok

01:42:36.0083 2504 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

01:42:36.0090 2504 pcmcia - ok

01:42:36.0093 2504 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys

01:42:36.0098 2504 pcw - ok

01:42:36.0105 2504 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys

01:42:36.0130 2504 PEAUTH - ok

01:42:36.0142 2504 [ b9b0a4299dd2d76a4243f75fd54dc680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

01:42:36.0161 2504 PeerDistSvc - ok

01:42:36.0164 2504 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe

01:42:36.0172 2504 PerfHost - ok

01:42:36.0190 2504 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll

01:42:36.0224 2504 pla - ok

01:42:36.0229 2504 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

01:42:36.0238 2504 PlugPlay - ok

01:42:36.0240 2504 PnkBstrA - ok

01:42:36.0242 2504 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

01:42:36.0249 2504 PNRPAutoReg - ok

01:42:36.0252 2504 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

01:42:36.0261 2504 PNRPsvc - ok

01:42:36.0268 2504 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

01:42:36.0293 2504 PolicyAgent - ok

01:42:36.0297 2504 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll

01:42:36.0318 2504 Power - ok

01:42:36.0321 2504 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

01:42:36.0340 2504 PptpMiniport - ok

01:42:36.0342 2504 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys

01:42:36.0349 2504 Processor - ok

01:42:36.0353 2504 [ 5c78838b4d166d1a27db3a8a820c799a ] ProfSvc C:\Windows\system32\profsvc.dll

01:42:36.0373 2504 ProfSvc - ok

01:42:36.0375 2504 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe

01:42:36.0381 2504 ProtectedStorage - ok

01:42:36.0384 2504 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys

01:42:36.0404 2504 Psched - ok

01:42:36.0418 2504 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

01:42:36.0440 2504 ql2300 - ok

01:42:36.0443 2504 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

01:42:36.0450 2504 ql40xx - ok

01:42:36.0453 2504 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll

01:42:36.0465 2504 QWAVE - ok

01:42:36.0466 2504 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

01:42:36.0475 2504 QWAVEdrv - ok

01:42:36.0477 2504 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

01:42:36.0497 2504 RasAcd - ok

01:42:36.0499 2504 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

01:42:36.0519 2504 RasAgileVpn - ok

01:42:36.0521 2504 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll

01:42:36.0542 2504 RasAuto - ok

01:42:36.0545 2504 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

01:42:36.0565 2504 Rasl2tp - ok

01:42:36.0570 2504 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll

01:42:36.0591 2504 RasMan - ok

01:42:36.0594 2504 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

01:42:36.0614 2504 RasPppoe - ok

01:42:36.0616 2504 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

01:42:36.0637 2504 RasSstp - ok

01:42:36.0642 2504 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

01:42:36.0663 2504 rdbss - ok

01:42:36.0666 2504 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

01:42:36.0673 2504 rdpbus - ok

01:42:36.0675 2504 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

01:42:36.0694 2504 RDPCDD - ok

01:42:36.0699 2504 [ 1b6163c503398b23ff8b939c67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

01:42:36.0706 2504 RDPDR - ok

01:42:36.0708 2504 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

01:42:36.0727 2504 RDPENCDD - ok

01:42:36.0730 2504 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

01:42:36.0749 2504 RDPREFMP - ok

01:42:36.0752 2504 [ 70cba1a0c98600a2aa1863479b35cb90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

01:42:36.0760 2504 RdpVideoMiniport - ok

01:42:36.0764 2504 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

01:42:36.0773 2504 RDPWD - ok

01:42:36.0776 2504 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

01:42:36.0783 2504 rdyboost - ok

01:42:36.0786 2504 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll

01:42:36.0807 2504 RemoteAccess - ok

01:42:36.0811 2504 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

01:42:36.0832 2504 RemoteRegistry - ok

01:42:36.0835 2504 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

01:42:36.0855 2504 RpcEptMapper - ok

01:42:36.0857 2504 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe

01:42:36.0864 2504 RpcLocator - ok

01:42:36.0870 2504 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll

01:42:36.0892 2504 RpcSs - ok

01:42:36.0894 2504 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

01:42:36.0914 2504 rspndr - ok

01:42:36.0916 2504 [ e60c0a09f997826c7627b244195ab581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys

01:42:36.0922 2504 s3cap - ok

01:42:36.0924 2504 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe

01:42:36.0930 2504 SamSs - ok

01:42:36.0933 2504 [ 3289766038db2cb14d07dc84392138d5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

01:42:36.0937 2504 SASDIFSV - ok

01:42:36.0938 2504 [ 58a38e75f3316a83c23df6173d41f2b5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

01:42:36.0942 2504 SASKUTIL - ok

01:42:36.0945 2504 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

01:42:36.0951 2504 sbp2port - ok

01:42:36.0953 2504 SBRE - ok

01:42:36.0956 2504 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll

01:42:36.0978 2504 SCardSvr - ok

01:42:36.0980 2504 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

01:42:36.0999 2504 scfilter - ok

01:42:37.0009 2504 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll

01:42:37.0035 2504 Schedule - ok

01:42:37.0038 2504 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll

01:42:37.0057 2504 SCPolicySvc - ok

01:42:37.0060 2504 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

01:42:37.0069 2504 SDRSVC - ok

01:42:37.0071 2504 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

01:42:37.0090 2504 secdrv - ok

01:42:37.0092 2504 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll

01:42:37.0111 2504 seclogon - ok

01:42:37.0113 2504 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\system32\sens.dll

01:42:37.0133 2504 SENS - ok

01:42:37.0135 2504 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

01:42:37.0142 2504 SensrSvc - ok

01:42:37.0144 2504 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

01:42:37.0150 2504 Serenum - ok

01:42:37.0153 2504 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

01:42:37.0159 2504 Serial - ok

01:42:37.0161 2504 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

01:42:37.0167 2504 sermouse - ok

01:42:37.0172 2504 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll

01:42:37.0193 2504 SessionEnv - ok

01:42:37.0195 2504 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

01:42:37.0202 2504 sffdisk - ok

01:42:37.0204 2504 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

01:42:37.0211 2504 sffp_mmc - ok

01:42:37.0213 2504 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

01:42:37.0221 2504 sffp_sd - ok

01:42:37.0223 2504 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

01:42:37.0229 2504 sfloppy - ok

01:42:37.0234 2504 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll

01:42:37.0256 2504 SharedAccess - ok

01:42:37.0264 2504 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll

01:42:37.0285 2504 ShellHWDetection - ok

01:42:37.0288 2504 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

01:42:37.0293 2504 SiSRaid2 - ok

01:42:37.0295 2504 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

01:42:37.0301 2504 SiSRaid4 - ok

01:42:37.0303 2504 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

01:42:37.0323 2504 Smb - ok

01:42:37.0326 2504 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe

01:42:37.0333 2504 SNMPTRAP - ok

01:42:37.0336 2504 [ 12583af6cbe0050651eaf2723b3ad7b3 ] speedfan C:\Windows\syswow64\speedfan.sys

01:42:37.0341 2504 speedfan - ok

01:42:37.0343 2504 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys

01:42:37.0347 2504 spldr - ok

01:42:37.0355 2504 [ b96c17b5dc1424d56eea3a99e97428cd ] Spooler C:\Windows\System32\spoolsv.exe

01:42:37.0380 2504 Spooler - ok

01:42:37.0411 2504 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe

01:42:37.0451 2504 sppsvc - ok

01:42:37.0454 2504 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

01:42:37.0474 2504 sppuinotify - ok

01:42:37.0480 2504 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys

01:42:37.0490 2504 srv - ok

01:42:37.0495 2504 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

01:42:37.0505 2504 srv2 - ok

01:42:37.0508 2504 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

01:42:37.0515 2504 srvnet - ok

01:42:37.0518 2504 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

01:42:37.0540 2504 SSDPSRV - ok

01:42:37.0543 2504 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll

01:42:37.0562 2504 SstpSvc - ok

01:42:37.0563 2504 Steam Client Service - ok

01:42:37.0569 2504 [ fc0a58529a02b1eed55ddc58696b7908 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

01:42:37.0576 2504 Stereo Service - ok

01:42:37.0579 2504 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

01:42:37.0584 2504 stexstor - ok

01:42:37.0593 2504 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll

01:42:37.0606 2504 stisvc - ok

01:42:37.0608 2504 [ 7785dc213270d2fc066538daf94087e7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys

01:42:37.0613 2504 storflt - ok

01:42:37.0615 2504 [ d34e4943d5ac096c8edeebfd80d76e23 ] storvsc C:\Windows\system32\drivers\storvsc.sys

01:42:37.0621 2504 storvsc - ok

01:42:37.0623 2504 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys

01:42:37.0627 2504 swenum - ok

01:42:37.0633 2504 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll

01:42:37.0658 2504 swprv - ok

01:42:37.0660 2504 Synth3dVsc - ok

01:42:37.0675 2504 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll

01:42:37.0701 2504 SysMain - ok

01:42:37.0703 2504 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

01:42:37.0713 2504 TabletInputService - ok

01:42:37.0718 2504 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

01:42:37.0738 2504 TapiSrv - ok

01:42:37.0741 2504 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll

01:42:37.0761 2504 TBS - ok

01:42:37.0777 2504 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

01:42:37.0804 2504 Tcpip - ok

01:42:37.0820 2504 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

01:42:37.0841 2504 TCPIP6 - ok

01:42:37.0845 2504 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

01:42:37.0863 2504 tcpipreg - ok

01:42:37.0866 2504 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

01:42:37.0872 2504 TDPIPE - ok

01:42:37.0875 2504 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

01:42:37.0881 2504 TDTCP - ok

01:42:37.0885 2504 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

01:42:37.0905 2504 tdx - ok

01:42:37.0908 2504 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys

01:42:37.0913 2504 TermDD - ok

01:42:37.0920 2504 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll

01:42:37.0946 2504 TermService - ok

01:42:37.0948 2504 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll

01:42:37.0958 2504 Themes - ok

01:42:37.0960 2504 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll

01:42:37.0979 2504 THREADORDER - ok

01:42:37.0982 2504 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll

01:42:38.0002 2504 TrkWks - ok

01:42:38.0006 2504 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

01:42:38.0027 2504 TrustedInstaller - ok

01:42:38.0030 2504 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

01:42:38.0049 2504 tssecsrv - ok

01:42:38.0052 2504 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

01:42:38.0059 2504 TsUsbFlt - ok

01:42:38.0061 2504 tsusbhub - ok

01:42:38.0064 2504 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

01:42:38.0084 2504 tunnel - ok

01:42:38.0087 2504 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

01:42:38.0093 2504 uagp35 - ok

01:42:38.0099 2504 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

01:42:38.0121 2504 udfs - ok

01:42:38.0125 2504 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

01:42:38.0133 2504 UI0Detect - ok

01:42:38.0135 2504 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

01:42:38.0141 2504 uliagpkx - ok

01:42:38.0143 2504 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

01:42:38.0150 2504 umbus - ok

01:42:38.0152 2504 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

01:42:38.0158 2504 UmPass - ok

01:42:38.0163 2504 [ a293dcd756d04d8492a750d03b9a297c ] UmRdpService C:\Windows\System32\umrdp.dll

01:42:38.0173 2504 UmRdpService - ok

01:42:38.0178 2504 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll

01:42:38.0202 2504 upnphost - ok

01:42:38.0204 2504 [ fb251567f41bc61988b26731dec19e4b ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

01:42:38.0210 2504 USBAAPL64 - ok

01:42:38.0213 2504 [ 481dff26b4dca8f4cbac1f7dce1d6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

01:42:38.0220 2504 usbccgp - ok

01:42:38.0222 2504 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

01:42:38.0231 2504 usbcir - ok

01:42:38.0233 2504 [ 74ee782b1d9c241efe425565854c661c ] usbehci C:\Windows\system32\drivers\usbehci.sys

01:42:38.0240 2504 usbehci - ok

01:42:38.0244 2504 [ dc96bd9ccb8403251bcf25047573558e ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

01:42:38.0254 2504 usbhub - ok

01:42:38.0256 2504 [ 58e546bbaf87664fc57e0f6081e4f609 ] usbohci C:\Windows\system32\drivers\usbohci.sys

01:42:38.0263 2504 usbohci - ok

01:42:38.0265 2504 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

01:42:38.0273 2504 usbprint - ok

01:42:38.0275 2504 [ d76510cfa0fc09023077f22c2f979d86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

01:42:38.0283 2504 USBSTOR - ok

01:42:38.0285 2504 [ 81fb2216d3a60d1284455d511797db3d ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

01:42:38.0291 2504 usbuhci - ok

01:42:38.0293 2504 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll

01:42:38.0313 2504 UxSms - ok

01:42:38.0315 2504 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe

01:42:38.0320 2504 VaultSvc - ok

01:42:38.0322 2504 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

01:42:38.0327 2504 vdrvroot - ok

01:42:38.0334 2504 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe

01:42:38.0358 2504 vds - ok

01:42:38.0360 2504 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

01:42:38.0367 2504 vga - ok

01:42:38.0369 2504 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys

01:42:38.0388 2504 VgaSave - ok

01:42:38.0390 2504 VGPU - ok

01:42:38.0394 2504 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

01:42:38.0401 2504 vhdmp - ok

01:42:38.0404 2504 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys

01:42:38.0408 2504 viaide - ok

01:42:38.0412 2504 [ 86ea3e79ae350fea5331a1303054005f ] vmbus C:\Windows\system32\drivers\vmbus.sys

01:42:38.0418 2504 vmbus - ok

01:42:38.0420 2504 [ 7de90b48f210d29649380545db45a187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

01:42:38.0426 2504 VMBusHID - ok

01:42:38.0429 2504 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

01:42:38.0434 2504 volmgr - ok

01:42:38.0438 2504 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

01:42:38.0448 2504 volmgrx - ok

01:42:38.0451 2504 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

01:42:38.0460 2504 volsnap - ok

01:42:38.0463 2504 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

01:42:38.0470 2504 vsmraid - ok

01:42:38.0484 2504 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe

01:42:38.0517 2504 VSS - ok

01:42:38.0519 2504 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

01:42:38.0527 2504 vwifibus - ok

01:42:38.0532 2504 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll

01:42:38.0555 2504 W32Time - ok

01:42:38.0558 2504 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

01:42:38.0565 2504 WacomPen - ok

01:42:38.0568 2504 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

01:42:38.0587 2504 WANARP - ok

01:42:38.0589 2504 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

01:42:38.0608 2504 Wanarpv6 - ok

01:42:38.0624 2504 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

01:42:38.0647 2504 WatAdminSvc - ok

01:42:38.0661 2504 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe

01:42:38.0682 2504 wbengine - ok

01:42:38.0686 2504 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

01:42:38.0697 2504 WbioSrvc - ok

01:42:38.0702 2504 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll

01:42:38.0715 2504 wcncsvc - ok

01:42:38.0717 2504 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

01:42:38.0724 2504 WcsPlugInService - ok

01:42:38.0726 2504 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys

01:42:38.0731 2504 Wd - ok

01:42:38.0737 2504 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

01:42:38.0749 2504 Wdf01000 - ok

01:42:38.0752 2504 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll

01:42:38.0775 2504 WdiServiceHost - ok

01:42:38.0777 2504 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll

01:42:38.0787 2504 WdiSystemHost - ok

01:42:38.0792 2504 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll

01:42:38.0806 2504 WebClient - ok

01:42:38.0809 2504 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll

01:42:38.0832 2504 Wecsvc - ok

01:42:38.0835 2504 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

01:42:38.0856 2504 wercplsupport - ok

01:42:38.0858 2504 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll

01:42:38.0878 2504 WerSvc - ok

01:42:38.0880 2504 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

01:42:38.0899 2504 WfpLwf - ok

01:42:38.0901 2504 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys

01:42:38.0906 2504 WIMMount - ok

01:42:38.0908 2504 WinDefend - ok

01:42:38.0910 2504 WinHttpAutoProxySvc - ok

01:42:38.0918 2504 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

01:42:38.0939 2504 Winmgmt - ok

01:42:38.0958 2504 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll

01:42:38.0998 2504 WinRM - ok

01:42:39.0002 2504 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

01:42:39.0010 2504 WinUsb - ok

01:42:39.0019 2504 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll

01:42:39.0036 2504 Wlansvc - ok

01:42:39.0039 2504 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

01:42:39.0045 2504 WmiAcpi - ok

01:42:39.0050 2504 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

01:42:39.0059 2504 wmiApSrv - ok

01:42:39.0060 2504 WMPNetworkSvc - ok

01:42:39.0062 2504 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll

01:42:39.0070 2504 WPCSvc - ok

01:42:39.0073 2504 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

01:42:39.0081 2504 WPDBusEnum - ok

01:42:39.0083 2504 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

01:42:39.0102 2504 ws2ifsl - ok

01:42:39.0105 2504 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\system32\wscsvc.dll

01:42:39.0115 2504 wscsvc - ok

01:42:39.0116 2504 WSearch - ok

01:42:39.0139 2504 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll

01:42:39.0172 2504 wuauserv - ok

01:42:39.0175 2504 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

01:42:39.0195 2504 WudfPf - ok

01:42:39.0199 2504 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

01:42:39.0219 2504 WUDFRd - ok

01:42:39.0222 2504 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

01:42:39.0241 2504 wudfsvc - ok

01:42:39.0245 2504 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll

01:42:39.0259 2504 WwanSvc - ok

01:42:39.0261 2504 ================ Scan global ===============================

01:42:39.0263 2504 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll

01:42:39.0266 2504 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll

01:42:39.0270 2504 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll

01:42:39.0273 2504 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll

01:42:39.0277 2504 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe

01:42:39.0279 2504 [Global] - ok

01:42:39.0279 2504 ================ Scan MBR ==================================

01:42:39.0280 2504 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

01:42:39.0388 2504 \Device\Harddisk0\DR0 - ok

01:42:39.0389 2504 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1

01:42:39.0455 2504 \Device\Harddisk1\DR1 - ok

01:42:39.0455 2504 ================ Scan VBR ==================================

01:42:39.0458 2504 Boot (0x1200) (47780be45e881e402977f91efd946154) \Device\Harddisk0\DR0\Partition1

01:42:39.0459 2504 \Device\Harddisk0\DR0\Partition1 - ok

01:42:39.0460 2504 Boot (0x1200) (a7a1ea3cfef96dd09144c934035753ba) \Device\Harddisk0\DR0\Partition2

01:42:39.0461 2504 \Device\Harddisk0\DR0\Partition2 - ok

01:42:39.0462 2504 Boot (0x1200) (36cd9d29edda102b473de2680b93ad4e) \Device\Harddisk1\DR1\Partition1

01:42:39.0463 2504 \Device\Harddisk1\DR1\Partition1 - ok

01:42:39.0464 2504 Boot (0x1200) (0c21c855e3fd923e257cb29b5136db77) \Device\Harddisk1\DR1\Partition2

01:42:39.0465 2504 \Device\Harddisk1\DR1\Partition2 - ok

01:42:39.0465 2504 ============================================================

01:42:39.0465 2504 Scan finished

01:42:39.0465 2504 ============================================================

01:42:39.0469 3384 Detected object count: 1

01:42:39.0469 3384 Actual detected object count: 1

01:42:51.0597 3384 C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe - copied to quarantine

01:42:51.0597 3384 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

01:47:08.0182 2944 Deinitialize success

[Toology]

combo fix log:

ComboFix 12-08-16.01 - BoyBlue 08/16/2012 2:04.2.8 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.16366.12931 [GMT -6:00]

Running from: c:\users\BoyBlue\Downloads\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\buswaaa.tmp

c:\programdata\mkyqbaa.tmp

.

.

((((((((((((((((((((((((( Files Created from 2012-07-16 to 2012-08-16 )))))))))))))))))))))))))))))))

.

.

2012-08-16 08:06 . 2012-08-16 08:06 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-08-16 08:06 . 2012-08-16 08:06 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-16 07:46 . 2012-08-16 07:46 -------- d-----w- c:\program files (x86)\ESET

2012-08-16 07:42 . 2012-08-16 07:42 -------- d-----w- C:\TDSSKiller_Quarantine

2012-08-16 04:43 . 2012-08-16 04:43 -------- d-----w- c:\users\BoyBlue\AppData\Roaming\SUPERAntiSpyware.com

2012-08-16 04:43 . 2012-08-16 04:48 -------- d-----w- c:\program files (x86)\Google

2012-08-16 04:43 . 2012-08-16 04:43 -------- d-----w- c:\program files\SUPERAntiSpyware

2012-08-16 04:43 . 2012-08-16 04:43 -------- d-----w- c:\programdata\SUPERAntiSpyware.com

2012-08-16 04:43 . 2012-08-16 04:43 -------- d-----w- c:\programdata\SUPERSetup

2012-08-16 04:17 . 2012-08-16 04:17 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service

2012-08-16 04:05 . 2012-08-16 04:10 -------- d-----w- c:\program files (x86)\PC Tools

2012-08-16 04:03 . 2012-08-16 04:10 -------- d-----w- c:\program files (x86)\Common Files\PC Tools

2012-08-16 04:03 . 2012-06-22 21:35 251560 ----a-w- c:\windows\system32\drivers\PCTSD64.sys

2012-08-16 04:03 . 2012-08-16 04:09 -------- d-----w- c:\programdata\PC Tools

2012-08-16 04:03 . 2012-08-16 04:03 -------- d-----w- c:\users\BoyBlue\AppData\Roaming\TestApp

2012-08-16 03:49 . 2012-08-16 04:43 -------- d-----w- c:\users\BoyBlue\AppData\Local\Google

2012-08-16 03:48 . 2012-08-16 03:49 -------- d-----w- c:\users\BoyBlue\AppData\Local\Deployment

2012-08-16 03:48 . 2012-08-16 03:48 -------- d-----w- c:\users\BoyBlue\AppData\Local\Apps

2012-08-16 03:27 . 2012-08-16 03:27 -------- d-----w- c:\users\BoyBlue\AppData\Roaming\Malwarebytes

2012-08-16 03:27 . 2012-08-16 03:27 -------- d-----w- c:\programdata\Malwarebytes

2012-08-16 03:27 . 2012-08-16 03:27 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-08-16 03:27 . 2012-07-03 19:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-16 03:23 . 2012-08-16 03:23 -------- d-----w- c:\programdata\GFI Software

2012-08-16 02:39 . 2012-08-16 07:30 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-08-16 02:39 . 2012-08-16 07:17 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy

2012-08-15 09:34 . 2012-08-15 09:34 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%

2012-08-15 07:22 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A30150A-3AF7-43EB-923C-DCDC2AD8B6F5}\mpengine.dll

2012-08-07 10:18 . 2012-08-13 08:39 -------- d-----w- C:\Guild Wars 2

2012-07-26 21:24 . 2012-07-26 21:24 -------- d-----w- c:\program files\Microsoft Silverlight

2012-07-26 21:24 . 2012-07-26 21:24 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

2012-07-26 08:16 . 2012-07-26 08:41 -------- d-----w- c:\users\BoyBlue\AppData\Roaming\vlc

2012-07-26 08:15 . 2012-07-26 08:15 -------- d-----w- c:\program files (x86)\VideoLAN

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-15 09:00 . 2011-12-13 06:33 62134624 ----a-w- c:\windows\system32\MRT.exe

2012-08-15 02:21 . 2012-04-23 16:50 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-15 02:21 . 2011-12-13 05:45 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-06-09 05:43 . 2012-07-10 21:17 14172672 ----a-w- c:\windows\system32\shell32.dll

2012-06-07 02:59 . 2012-06-07 02:59 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX

2012-06-06 06:06 . 2012-07-10 21:17 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 06:06 . 2012-07-10 21:17 1881600 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 06:02 . 2012-07-10 21:17 1133568 ----a-w- c:\windows\system32\cdosys.dll

2012-06-06 05:05 . 2012-07-10 21:17 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:05 . 2012-07-10 21:17 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-06 05:03 . 2012-07-10 21:17 805376 ----a-w- c:\windows\SysWow64\cdosys.dll

2012-06-02 22:19 . 2012-06-23 01:13 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-23 01:13 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-23 01:13 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-23 01:13 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-23 01:13 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-23 01:13 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-23 01:13 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 21:19 . 2012-06-23 01:13 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 21:15 . 2012-06-23 01:13 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 05:50 . 2012-07-10 21:17 458704 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 05:48 . 2012-07-10 21:17 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:48 . 2012-07-10 21:17 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:45 . 2012-07-10 21:17 340992 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:44 . 2012-07-10 21:17 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 04:40 . 2012-07-10 21:17 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 04:40 . 2012-07-10 21:17 225280 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 04:39 . 2012-07-10 21:17 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:34 . 2012-07-10 21:17 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

2012-05-31 18:25 . 2011-12-13 06:06 279656 ------w- c:\windows\system32\MpSigStub.exe

.

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

[-] 2010-11-20 . D38E6A29DC4D432357AB7FBC55ACCA72 . 857600 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll

[7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll

.

((((((((((((((((((((((((((((( SnapShot@2012-08-16_04.30.23 )))))))))))))))))))))))))))))))))))))))))

.

- 2012-08-15 09:20 . 2012-08-16 04:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat

+ 2012-08-15 09:20 . 2012-08-16 08:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat

+ 2012-08-15 14:31 . 2012-08-16 08:02 98304 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2012-08-16 06:08 . 2012-08-16 08:02 65536 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012081620120817\index.dat

+ 2012-08-16 07:56 . 2012-08-16 07:56 39936 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{DA82D2DD-E777-11E1-A010-00224D6B27EC}.dat

+ 2012-08-16 08:02 . 2012-08-16 08:02 16896 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{B3DDA792-E778-11E1-A010-00224D6B27EC}.dat

+ 2012-08-16 06:08 . 2012-08-16 06:08 42496 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{BD21C70C-E768-11E1-803A-00224D6B27EC}.dat

+ 2012-08-16 06:28 . 2012-08-16 06:34 94208 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{99FC25EA-E76B-11E1-803A-00224D6B27EC}.dat

+ 2012-08-16 06:13 . 2012-08-16 06:19 24576 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{906E3A16-E769-11E1-803A-00224D6B27EC}.dat

+ 2012-08-16 06:34 . 2012-08-16 06:34 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7594BE0C-E76C-11E1-803A-00224D6B27EC}.dat

+ 2012-08-16 07:03 . 2012-08-16 07:03 16896 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{73026D4C-E770-11E1-BF97-00224D6B27EC}.dat

+ 2012-08-16 06:34 . 2012-08-16 06:34 39424 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6022ED29-E76C-11E1-803A-00224D6B27EC}.dat

+ 2012-08-16 05:58 . 2012-08-16 06:00 53760 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5BE45D4B-E767-11E1-807F-00224D6B27EC}.dat

+ 2012-08-16 06:10 . 2012-08-16 06:15 91136 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{13A9EC66-E769-11E1-803A-00224D6B27EC}.dat

+ 2012-08-16 06:10 . 2012-08-16 06:10 29696 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{13A9EC64-E769-11E1-803A-00224D6B27EC}.dat

+ 2012-08-15 09:23 . 2012-08-16 07:58 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat

- 2012-08-15 09:23 . 2012-08-16 04:21 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat

+ 2012-08-15 09:20 . 2012-08-16 08:02 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\index.dat

- 2012-08-15 09:20 . 2012-08-16 04:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\index.dat

+ 2011-12-13 05:38 . 2012-08-16 07:33 33814 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-08-16 07:33 30542 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

- 2011-12-12 21:20 . 2012-08-16 03:05 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2011-12-12 21:20 . 2012-08-16 04:33 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-12-12 21:20 . 2012-08-16 03:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2011-12-12 21:20 . 2012-08-16 04:33 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-08-16 04:33 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2012-08-16 03:05 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2012-06-28 09:07 . 2012-08-16 04:16 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2012-06-28 09:07 . 2012-08-16 04:46 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2012-06-28 09:07 . 2012-08-16 04:16 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2012-06-28 09:07 . 2012-08-16 04:46 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2012-06-28 09:07 . 2012-08-16 04:46 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2012-06-28 09:07 . 2012-08-16 04:16 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2011-12-13 05:55 . 2012-08-16 04:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2011-12-13 05:55 . 2012-08-16 08:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-12-13 05:55 . 2012-08-16 04:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-12-13 05:55 . 2012-08-16 08:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2012-08-16 07:56 . 2012-08-16 07:56 3584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{DA82D2E0-E777-11E1-A010-00224D6B27EC}.dat

+ 2012-08-16 07:56 . 2012-08-16 07:56 3584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{DA82D2DE-E777-11E1-A010-00224D6B27EC}.dat

+ 2012-08-16 07:56 . 2012-08-16 07:56 3584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{DA82D2DC-E777-11E1-A010-00224D6B27EC}.dat

- 2012-08-15 09:31 . 2012-08-16 04:26 3584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{002D142D-E6BC-11E1-B015-00224D6B27EC}.dat

+ 2012-08-15 09:31 . 2012-08-16 08:02 3584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{002D142D-E6BC-11E1-B015-00224D6B27EC}.dat

+ 2012-08-16 07:56 . 2012-08-16 07:56 4608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{DA82D2E1-E777-11E1-A010-00224D6B27EC}.dat

+ 2012-08-16 07:56 . 2012-08-16 07:56 4608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{DA82D2DF-E777-11E1-A010-00224D6B27EC}.dat

+ 2012-08-16 06:09 . 2012-08-16 06:16 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{EDDD5066-E768-11E1-803A-00224D6B27EC}.dat

+ 2012-08-16 06:08 . 2012-08-16 06:08 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{BD21C70B-E768-11E1-803A-00224D6B27EC}.dat

+ 2012-08-16 06:28 . 2012-08-16 06:34 5632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{99FC25E9-E76B-11E1-803A-00224D6B27EC}.dat

+ 2012-08-16 06:13 . 2012-08-16 06:19 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{906E3A15-E769-11E1-803A-00224D6B27EC}.dat

+ 2012-08-16 07:03 . 2012-08-16 07:03 3584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{73026D4B-E770-11E1-BF97-00224D6B27EC}.dat

+ 2012-08-16 05:58 . 2012-08-16 05:58 3584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5BE45D4A-E767-11E1-807F-00224D6B27EC}.dat

+ 2012-08-16 06:16 . 2012-08-16 06:16 4608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E7D68986-E769-11E1-803A-00224D6B27EC}.dat

+ 2011-12-13 05:33 . 2012-08-16 07:33 5190 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-952138183-2723791974-4286674705-1000_UserData.bin

- 2012-06-28 09:09 . 2012-06-28 09:09 9560 c:\windows\system32\NetworkList\Icons\{409BD8D6-1DF4-436D-8997-838AE32BF98D}_48.bin

+ 2012-06-28 09:09 . 2012-08-16 05:05 9560 c:\windows\system32\NetworkList\Icons\{409BD8D6-1DF4-436D-8997-838AE32BF98D}_48.bin

- 2012-06-28 09:09 . 2012-06-28 09:09 4280 c:\windows\system32\NetworkList\Icons\{409BD8D6-1DF4-436D-8997-838AE32BF98D}_32.bin

+ 2012-06-28 09:09 . 2012-08-16 05:05 4280 c:\windows\system32\NetworkList\Icons\{409BD8D6-1DF4-436D-8997-838AE32BF98D}_32.bin

+ 2012-06-28 09:09 . 2012-08-16 05:05 2456 c:\windows\system32\NetworkList\Icons\{409BD8D6-1DF4-436D-8997-838AE32BF98D}_24.bin

- 2012-06-28 09:09 . 2012-06-28 09:09 2456 c:\windows\system32\NetworkList\Icons\{409BD8D6-1DF4-436D-8997-838AE32BF98D}_24.bin

- 2012-08-16 04:30 . 2012-08-16 04:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-08-16 08:06 . 2012-08-16 08:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-08-15 09:20 . 2012-08-16 08:02 720896 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\PrivacIE\index.dat

+ 2012-08-15 09:20 . 2012-08-16 05:58 196608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012081520120816\index.dat

- 2012-08-15 09:20 . 2012-08-16 04:26 196608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012081520120816\index.dat

- 2009-07-14 04:54 . 2012-08-16 04:26 770048 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-08-16 08:02 770048 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2012-08-16 06:09 . 2012-08-16 06:15 165888 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EDDD5067-E768-11E1-803A-00224D6B27EC}.dat

+ 2009-07-14 02:36 . 2012-08-16 07:38 618026 c:\windows\system32\perfh009.dat

+ 2009-07-14 02:36 . 2012-08-16 07:38 104340 c:\windows\system32\perfc009.dat

+ 2009-07-14 05:01 . 2012-08-16 08:06 262704 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 05:01 . 2012-08-16 04:29 262704 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 04:54 . 2012-08-16 08:02 3162112 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-08-16 04:26 3162112 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2011-12-13 06:44 . 2012-08-16 08:06 25551204 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-952138183-2723791974-4286674705-1000-12288.dat

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"Steam"="c:\games\Steam\steam.exe" [2012-08-04 1353080]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-07-09 5661056]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]

"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]

"iTunesHelper"="m:\itunes\iTunesHelper.exe" [2012-03-27 421736]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 EfiVariable;Efi Variable Service;c:\windows\SysWOW64\Drivers\variable64.sys [2010-10-28 18200]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-13 1255736]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]

S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]

S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-08-15 8704]

S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-08-12 133800]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]

S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-09 283200]

S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [2010-09-21 313520]

S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]

S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-07-27 78848]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-07-27 180224]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-08-16 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 02:21]

.

2012-08-16 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 8495eee4-fe5d-4210-a317-32f19b527cf2.job

- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]

.

2012-08-16 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 9d142b9a-37bb-48ea-8144-623662aacfba.job

- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-10-05 11474024]

"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-12-07 5889816]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://google.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - d:\msoffi~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.0.1 205.171.2.25

FF - ProfilePath - c:\users\BoyBlue\AppData\Roaming\Mozilla\Firefox\Profiles\r67hnjpv.default\

FF - prefs.js: browser.startup.homepage - google.com

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHANS REMOVED - - - -

.

SafeBoot-91293092.sys

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,48,0e,15,4b,12,cf,29,4d,a4,8d,f0,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,48,0e,15,4b,12,cf,29,4d,a4,8d,f0,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\windows\SysWOW64\PnkBstrA.exe

c:\program files\Logitech Gaming Software\Applets\LCDMedia.exe

.

**************************************************************************

.

Completion time: 2012-08-16 02:08:09 - machine was rebooted

ComboFix-quarantined-files.txt 2012-08-16 08:08

.

Pre-Run: 4,977,467,392 bytes free

Post-Run: 4,863,590,400 bytes free

.

- - End Of File - - 140045DB65B05B997C883C9025200747

[Toology]

Oh,

I have also checked for Proxies being set-up as well as checking in my lan options for any changes. I also made sure there were no odd entries in my "host" file in system32 -> drivers

[Toology]

bump for any ideas on what else I could run!

[Toology]

I think I am infected with a pretty new version of Bamital (Bamital.FQ). Nothing seems to pick it up and find it at all except for yesterday's update of ESET online scanner which found it in 2 files and my memory, but cannot clean it.

Does anyone have any suggestions on what I can do other than a fresh format/reinstall of windows? I've tried ALL of the available anti-spyware / free anti-virus programs, none even see it except for ESET.

C:\Windows\System32\user32.dll Win32/Bamital.FQ trojan unable to clean

C:\Windows\SysWOW64\user32.dll Win32/Bamital.FQ trojan unable to clean

Operating memory Win32/Bamital.FQ trojan

I am getting my search results in all browsers redirected.

Thanks for any help.

[screen317]

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

[screen317]

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!