djbusta Posted November 10, 2012 ID:611451 Share Posted November 10, 2012 Hello,I recently bought an old alienware computer from a friend that had a bunch of viruses. After installing windows 7 It seems to be running smoother, yet still seems a bit glitchy. I downloaded DDS and here are the two logs it produced, hopefully someone can let me know if I have any issues I would really appreciate it. Just a young college kid with no money trying to use this computer for gaming and dont have the money to take it to get fixed. Thanks so much for your help!DDS (Ver_2012-11-07.01) - NTFS_x86Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.9.2Run by Busta at 17:05:42 on 2012-11-09Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2048.1415 [GMT -8:00].SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\nvvsvc.exeC:\Windows\System32\spoolsv.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Windows\System32\WinService.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Windows\SOUNDMAN.EXEC:\Program Files\NETGEAR\WG111v2\WG111v2.exeC:\Users\Busta\AppData\Local\Apps\2.0\A81M0EKW.RMM\M5R8EYE8.BJE\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\conhost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted.============== Pseudo HJT Report ===============.uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dllmRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [soundMan] SOUNDMAN.EXEStartupFolder: c:\users\busta\appdata\roaming\microsoft\windows\start menu\programs\startup\CurseClientStartup.ccipStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111v2\WG111v2.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dllTCP: NameServer = 192.168.1.1TCP: Interfaces\{1BCCB3E2-B580-4677-9B30-B75DE2FAED4D} : DHCPNameServer = 209.18.47.61 209.18.47.62TCP: Interfaces\{4F828CCA-FF27-494D-80B0-6A727E7E4998} : DHCPNameServer = 192.168.1.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLLSSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - c:\users\busta\appdata\roaming\mozilla\firefox\profiles\79bjpox7.default\FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLLFF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLLFF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_110.dllFF - plugin: c:\windows\system32\npDeployJava1.dllFF - plugin: c:\windows\system32\npmproxy.dll.============= SERVICES / DRIVERS ===============.R0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\drivers\SCMNdisP.sys [2012-11-7 21728]R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-7 399432]R2 SCM_Service;SCM_Service;c:\windows\system32\WinService.exe [2012-11-7 186848]S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-11-7 676936]S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-11-7 22856]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-6 14848]S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v2.sys [2012-11-7 377856]S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-20 77184]S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-11-6 24064]S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-6 49664]S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-11-6 27136]S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-11-6 1343400].=============== Created Last 30 ================.2012-11-10 00:54:02 6918632 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll2012-11-10 00:53:58 6918632 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{701343d3-37d1-44fa-a26d-4369c769d001}\mpengine.dll2012-11-09 05:22:22 -------- d-----w- c:\program files\CCleaner2012-11-08 12:07:19 -------- d-----w- c:\users\busta\appdata\local\Macromedia2012-11-08 12:07:00 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-11-08 12:07:00 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-11-08 03:50:30 -------- d-----w- c:\users\busta\appdata\local\Mozilla2012-11-07 22:52:28 -------- d-----w- c:\windows\PCHEALTH2012-11-07 22:50:09 -------- d-----w- c:\program files\Microsoft Analysis Services2012-11-07 22:48:49 -------- d-----w- c:\users\busta\appdata\local\Microsoft Help2012-11-07 22:47:38 -------- d-----w- c:\users\busta\appdata\roaming\Malwarebytes2012-11-07 22:47:12 -------- d-----w- c:\programdata\Malwarebytes2012-11-07 22:47:10 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2012-11-07 22:47:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-11-07 22:39:22 377856 ----a-w- c:\windows\system32\drivers\wg111v2.sys2012-11-07 22:39:22 290816 ------w- c:\windows\system32\SCMLib.dll2012-11-07 22:39:22 21728 ----a-w- c:\windows\system32\drivers\SCMNdisP.sys2012-11-07 22:39:22 186848 ----a-w- c:\windows\system32\WinService.exe2012-11-07 22:39:21 -------- d-----w- c:\program files\NETGEAR2012-11-07 09:22:26 -------- d-sh--w- C:\Recovery2012-11-07 09:05:53 -------- d-----w- c:\windows\Panther2012-11-07 08:58:08 -------- d-----w- C:\Windows.old2012-11-07 08:56:17 -------- d-sh--w- C:\Boot2012-11-07 07:55:03 -------- d-----w- c:\programdata\NVIDIA Corporation2012-11-07 07:54:59 -------- d-----w- c:\program files\NVIDIA Corporation2012-11-07 07:50:17 245760 ----a-w- c:\windows\system32\OxpsConverter.exe2012-11-07 07:50:14 369856 ----a-w- c:\windows\system32\drivers\cng.sys2012-11-07 07:50:14 247808 ----a-w- c:\windows\system32\schannel.dll2012-11-07 07:50:14 220160 ----a-w- c:\windows\system32\ncrypt.dll2012-11-07 07:50:14 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys2012-11-07 07:50:14 1039360 ----a-w- c:\windows\system32\lsasrv.dll2012-11-07 07:50:10 478720 ----a-w- c:\windows\system32\timedate.cpl2012-11-07 07:50:08 164352 ----a-w- c:\windows\system32\profsvc.dll2012-11-07 07:45:34 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys2012-11-07 07:44:32 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys2012-11-07 07:39:24 -------- d-----w- c:\windows\system32\Wat2012-11-07 07:05:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll2012-11-07 07:05:33 240496 ----a-w- c:\windows\system32\drivers\netio.sys2012-11-07 07:05:33 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS2012-11-07 07:05:33 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys2012-11-07 07:05:21 338944 ----a-w- c:\windows\system32\drivers\afd.sys2012-11-07 07:05:12 741376 ----a-w- c:\windows\system32\inetcomm.dll2012-11-07 07:05:12 311808 ----a-w- c:\windows\system32\drivers\srv.sys2012-11-07 07:05:12 310272 ----a-w- c:\windows\system32\drivers\srv2.sys2012-11-07 07:05:12 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys2012-11-07 07:05:09 172544 ----a-w- c:\windows\system32\wintrust.dll2012-11-07 07:05:09 1288472 ----a-w- c:\windows\system32\ntdll.dll2012-11-07 07:05:07 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys2012-11-07 07:05:04 2048 ----a-w- c:\windows\system32\tzres.dll2012-11-07 07:03:58 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe2012-11-07 06:56:23 826880 ----a-w- c:\windows\system32\rdpcore.dll2012-11-07 06:56:23 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys2012-11-07 06:46:12 821736 ----a-w- c:\windows\system32\npDeployJava1.dll2012-11-07 06:46:12 746984 ----a-w- c:\windows\system32\deployJava1.dll2012-11-07 06:46:02 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2012-11-07 06:44:18 237072 ------w- c:\windows\system32\MpSigStub.exe2012-11-07 06:43:58 -------- d-----w- c:\users\busta\appdata\local\ElevatedDiagnostics2012-11-07 06:36:14 -------- d-----w- c:\users\busta\appdata\local\CRE2012-11-07 06:36:07 -------- d-----w- c:\program files\Conduit2012-11-07 06:36:06 -------- d-sh--w- c:\windows\Installer2012-11-07 06:36:02 -------- d-----w- c:\users\busta\appdata\local\Conduit2012-11-07 06:34:06 -------- d-----w- c:\programdata\Blizzard Entertainment2012-11-07 06:34:06 -------- d-----w- c:\program files\World of Warcraft2012-11-07 06:34:06 -------- d-----w- c:\program files\common files\Blizzard Entertainment2012-11-07 06:33:31 -------- d-----w- c:\programdata\Battle.net2012-11-07 06:31:44 -------- d-----w- c:\users\busta\appdata\local\Google2012-11-07 06:31:32 -------- d-----w- c:\users\busta\appdata\local\Deployment2012-11-07 06:31:32 -------- d-----w- c:\users\busta\appdata\local\Apps2012-11-07 06:30:22 2422272 ----a-w- c:\windows\system32\wucltux.dll2012-11-07 06:30:14 88576 ----a-w- c:\windows\system32\wudriver.dll2012-11-07 06:30:04 33792 ----a-w- c:\windows\system32\wuapp.exe2012-11-07 06:30:04 171904 ----a-w- c:\windows\system32\wuwebv.dll2012-11-07 00:08:01 55808 ----a-w- C:\devcon.exe2012-11-07 00:08:01 335029 ----a-w- C:\DPsFnshr.exe2012-11-07 00:08:01 291573 ----a-w- C:\DSPdsblr.exe2012-11-07 00:08:01 281723 ----a-w- C:\pmtimer.exe2012-11-07 00:08:01 20992 ----a-w- C:\makePNF.exe2012-11-07 00:08:01 137728 ----a-w- C:\mute.exe2012-11-07 00:07:53 -------- d-----w- C:\D.==================== Find3M ====================.2012-08-31 17:18:09 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys2012-08-30 17:12:02 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe2012-08-23 15:52:09 3072 ----a-w- c:\windows\system32\drivers\en-us\tsusbflt.sys.mui2012-08-23 14:48:14 221184 ----a-w- c:\windows\system32\rdpudd.dll2012-08-23 14:46:55 24064 ----a-w- c:\windows\system32\drivers\terminpt.sys2012-08-23 14:44:32 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys2012-08-23 14:41:34 27136 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys2012-08-23 14:40:25 49664 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys2012-08-23 14:10:40 12288 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe2012-08-23 14:10:04 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll2012-08-23 13:52:25 12800 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll2012-08-23 13:47:20 46592 ----a-w- c:\windows\system32\MsRdpWebAccess.dll2012-08-23 13:46:20 16896 ----a-w- c:\windows\system32\wksprtPS.dll2012-08-23 13:32:59 32768 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll2012-08-23 13:18:14 37376 ----a-w- c:\windows\system32\tsgqec.dll2012-08-23 11:40:43 56320 ----a-w- c:\windows\system32\TSWbPrxy.exe2012-08-23 11:32:48 317440 ----a-w- c:\windows\system32\wksprt.exe2012-08-23 11:15:57 269312 ----a-w- c:\windows\system32\aaclient.dll2012-08-23 11:12:17 192000 ----a-w- c:\windows\system32\rdpendp_winip.dll2012-08-23 10:39:24 1048064 ----a-w- c:\windows\system32\mstsc.exe2012-08-23 10:08:49 2739712 ----a-w- c:\windows\system32\rdpcorets.dll2012-08-23 08:19:01 4916224 ----a-w- c:\windows\system32\mstscax.dll2012-08-22 17:16:46 712048 ----a-w- c:\windows\system32\drivers\ndis.sys2012-08-20 17:40:31 169984 ----a-w- c:\windows\system32\winsrv.dll2012-08-20 17:40:01 293376 ----a-w- c:\windows\system32\KernelBase.dll2012-08-20 17:37:58 271360 ----a-w- c:\windows\system32\conhost.exe2012-08-20 15:33:28 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll2012-08-20 15:33:28 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2012-08-20 15:33:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll2012-08-20 15:33:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll.============= FINISH: 17:06:25.13 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-07.01).Microsoft Windows 7 UltimateBoot Device: \Device\HarddiskVolume1Install Date: 11/7/2012 1:23:28 AMSystem Uptime: 11/9/2012 4:44:36 PM (1 hours ago).Motherboard: ASUSTeK Computer INC. | | P5ND2-SLIProcessor: Intel® Pentium® D CPU 3.00GHz | Socket 775 | 3000/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 233 GiB total, 169.825 GiB free.D: is CDROM (CDFS).==== Disabled Device Manager Items =============.Class GUID:Description: SM Bus ControllerDevice ID: PCI\VEN_10DE&DEV_0034&SUBSYS_818A1043&REV_A2\3&2411E6FE&2&51Manufacturer:Name: SM Bus ControllerPNP Device ID: PCI\VEN_10DE&DEV_0034&SUBSYS_818A1043&REV_A2\3&2411E6FE&2&51Service:.==== System Restore Points ===================.RP10: 11/7/2012 2:39:04 PM - Installed NETGEAR WG111v2 wireless USB 2.0 adapterRP11: 11/7/2012 2:39:42 PM - Device Driver Package Install: NETGEAR Inc. Network ProtocolRP12: 11/7/2012 2:47:31 PM - Installed Microsoft Office Professional 2010 TrialRP13: 11/8/2012 1:41:08 AM - Windows UpdateRP14: 11/8/2012 3:58:21 AM - Windows Update.==== Installed Programs ======================.Adobe Flash Player 11 PluginCCleanerCurse ClientDefinition update for Microsoft Office 2010 (KB982726)ERUNT 1.1jGoogle ChromeGoogle Update HelperJava 7 Update 9Java Auto UpdaterMalwarebytes Anti-Malware version 1.65.1.1000Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Single Image 2010Microsoft Office Word MUI (English) 2010Mozilla Firefox 16.0.2 (x86 en-US)Mozilla Maintenance ServiceNETGEAR WG111v2 wireless USB 2.0 adapterNVIDIA Display Control PanelNVIDIA DriversPVSonyDllRealtek AC'97 AudioWorld of Warcraft.==== Event Viewer Messages From Past Week ========.11/8/2012 9:42:15 PM, Error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).11/7/2012 2:40:22 PM, Error: Service Control Manager [7030] - The SCM_Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.11/7/2012 2:32:04 PM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.11/6/2012 11:29:59 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 (KB2544521).11/6/2012 11:07:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80080005: Security Update for Windows 7 (KB2691442)..==== End Of File =========================== Link to post Share on other sites More sharing options...
Staff screen317 Posted November 10, 2012 Staff ID:611468 Share Posted November 10, 2012 Hi and welcome to Malwarebytes. Please update MBAM, run a Quick Scan, and post its log. Next, please visit this webpage for instructions for running ComboFix: http://www.bleepingcomputer.com/combofix/how-to-use-combofix When the tool is finished, it will produce a report for you.Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system. Link to post Share on other sites More sharing options...
djbusta Posted November 10, 2012 Author ID:611685 Share Posted November 10, 2012 Ok so this is the mbam log and combofix logMalwarebytes Anti-Malware (Trial) 1.65.1.1000www.malwarebytes.orgDatabase version: v2012.11.10.07Windows 7 Service Pack 1 x86 NTFSInternet Explorer 9.0.8112.16421Busta :: BUSTA-PC [administrator]Protection: Enabled11/10/2012 2:47:57 PMmbam-log-2012-11-10 (14-47-57).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 185621Time elapsed: 3 minute(s), 6 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end)ComboFix 12-11-09.02 - Busta 11/10/2012 14:35:07.1.2 - x86Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2048.643 [GMT -8:00]Running from: c:\users\Busta\Desktop\ComboFix.exeSP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\windows\system32\winservice.exe..((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Service_SCM_Service..((((((((((((((((((((((((( Files Created from 2012-10-10 to 2012-11-10 )))))))))))))))))))))))))))))))..2012-11-10 22:41 . 2012-11-10 22:41 -------- d-----w- c:\users\Default\AppData\Local\temp2012-11-10 00:53 . 2012-10-17 09:32 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{701343D3-37D1-44FA-A26D-4369C769D001}\mpengine.dll2012-11-09 05:22 . 2012-11-09 05:22 -------- d-----w- c:\program files\CCleaner2012-11-09 05:15 . 2012-11-09 05:16 -------- d-----w- c:\program files\ERUNT2012-11-08 12:07 . 2012-11-08 12:07 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-11-08 12:07 . 2012-11-08 12:07 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-11-08 12:06 . 2012-11-08 12:06 -------- d-----w- c:\windows\system32\Macromed2012-11-08 03:14 . 2012-11-08 03:14 -------- d-----w- c:\program files\Mozilla Maintenance Service2012-11-07 22:52 . 2012-11-07 22:52 -------- d-----w- c:\windows\PCHEALTH2012-11-07 22:52 . 2012-11-07 22:52 -------- d-----w- c:\program files\Microsoft.NET2012-11-07 22:50 . 2012-11-07 22:50 -------- d-----w- c:\program files\Microsoft Analysis Services2012-11-07 22:48 . 2012-11-08 02:07 -------- d-----w- c:\programdata\Microsoft Help2012-11-07 22:47 . 2012-11-07 22:47 -------- d-----r- C:\MSOCache2012-11-07 22:47 . 2012-11-07 22:47 -------- d-----w- c:\programdata\Malwarebytes2012-11-07 22:47 . 2012-11-07 22:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-11-07 22:47 . 2012-09-30 03:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2012-11-07 22:39 . 2010-04-06 22:12 377856 ----a-w- c:\windows\system32\drivers\wg111v2.sys2012-11-07 22:39 . 2007-07-17 23:15 290816 ------w- c:\windows\system32\SCMLib.dll2012-11-07 22:39 . 2007-01-19 11:20 21728 ----a-w- c:\windows\system32\drivers\SCMNdisP.sys2012-11-07 22:39 . 2012-11-07 22:39 -------- d-----w- c:\program files\NETGEAR2012-11-07 22:39 . 2012-11-07 22:39 -------- d--h--w- c:\program files\InstallShield Installation Information2012-11-07 09:24 . 2012-11-08 06:09 -------- d-----w- c:\users\Busta2012-11-07 09:22 . 2012-11-07 09:22 -------- d-----w- C:\Recovery2012-11-07 09:05 . 2012-11-09 05:24 -------- d-----w- c:\windows\Panther2012-11-07 08:58 . 2012-11-07 08:58 -------- d-----w- C:\Windows.old2012-11-07 08:56 . 2012-11-07 09:05 -------- d-----w- C:\Boot2012-11-07 08:01 . 2012-11-07 08:01 -------- d-----w- c:\programdata\NVIDIA2012-11-07 07:55 . 2012-11-07 07:55 -------- d-----w- c:\programdata\NVIDIA Corporation2012-11-07 07:54 . 2012-11-07 07:55 -------- d-----w- c:\program files\NVIDIA Corporation2012-11-07 07:50 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe2012-11-07 07:50 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys2012-11-07 07:50 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys2012-11-07 07:50 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll2012-11-07 07:50 . 2012-08-24 16:57 220160 ----a-w- c:\windows\system32\ncrypt.dll2012-11-07 07:50 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll2012-11-07 07:50 . 2011-12-30 05:27 478720 ----a-w- c:\windows\system32\timedate.cpl2012-11-07 07:50 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll2012-11-07 07:45 . 2011-04-22 19:14 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys2012-11-07 07:44 . 2011-02-03 05:54 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys2012-11-07 07:39 . 2012-11-07 07:39 -------- d-----w- c:\windows\system32\Wat2012-11-07 07:05 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll2012-11-07 07:05 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys2012-11-07 07:05 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys2012-11-07 07:05 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS2012-11-07 07:05 . 2011-04-25 02:18 338944 ----a-w- c:\windows\system32\drivers\afd.sys2012-11-07 07:05 . 2011-05-03 04:30 741376 ----a-w- c:\windows\system32\inetcomm.dll2012-11-07 07:05 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys2012-11-07 07:05 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys2012-11-07 07:05 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys2012-11-07 07:05 . 2012-08-24 16:57 172544 ----a-w- c:\windows\system32\wintrust.dll2012-11-07 07:05 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll2012-11-07 07:05 . 2012-06-02 04:45 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys2012-11-07 07:05 . 2012-09-14 18:28 2048 ----a-w- c:\windows\system32\tzres.dll2012-11-07 07:03 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe2012-11-07 06:56 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll2012-11-07 06:56 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys2012-11-07 06:46 . 2012-11-07 06:46 -------- d-----w- c:\program files\Common Files\Java2012-11-07 06:46 . 2012-11-07 06:45 821736 ----a-w- c:\windows\system32\npDeployJava1.dll2012-11-07 06:46 . 2012-11-07 06:45 746984 ----a-w- c:\windows\system32\deployJava1.dll2012-11-07 06:46 . 2012-11-07 06:45 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2012-11-07 06:45 . 2012-11-07 06:45 -------- d-----w- c:\program files\Java2012-11-07 06:45 . 2012-11-07 06:45 -------- d-----w- c:\programdata\McAfee2012-11-07 06:44 . 2012-05-31 19:25 237072 ------w- c:\windows\system32\MpSigStub.exe2012-11-07 06:36 . 2012-11-07 06:36 -------- d-----w- c:\program files\Conduit2012-11-07 06:36 . 2012-11-08 02:07 -------- d-sh--w- c:\windows\Installer2012-11-07 06:34 . 2012-11-08 03:53 -------- d-----w- c:\program files\World of Warcraft2012-11-07 06:34 . 2012-11-07 06:34 -------- d-----w- c:\programdata\Blizzard Entertainment2012-11-07 06:34 . 2012-11-07 06:34 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment2012-11-07 06:33 . 2012-11-07 06:33 -------- d-----w- c:\programdata\Battle.net2012-11-07 06:31 . 2012-11-07 06:32 -------- d-----w- c:\program files\Google2012-11-07 06:30 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe2012-11-07 06:30 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll2012-11-07 06:30 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll2012-11-07 06:30 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll2012-11-07 06:30 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll2012-11-07 06:30 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll2012-11-07 06:30 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll2012-11-07 06:30 . 2012-06-02 23:19 171904 ----a-w- c:\windows\system32\wuwebv.dll2012-11-07 06:30 . 2012-06-02 23:12 33792 ----a-w- c:\windows\system32\wuapp.exe2012-11-07 00:08 . 2010-06-15 18:15 281723 ----a-w- C:\pmtimer.exe2012-11-07 00:08 . 2010-06-15 18:15 291573 ----a-w- C:\DSPdsblr.exe2012-11-07 00:08 . 2010-06-15 18:15 335029 ----a-w- C:\DPsFnshr.exe2012-11-07 00:08 . 2010-01-24 04:05 55808 ----a-w- C:\devcon.exe2012-11-07 00:08 . 2010-01-24 04:05 20992 ----a-w- C:\makePNF.exe2012-11-07 00:08 . 2010-01-24 04:05 137728 ----a-w- C:\mute.exe2012-11-07 00:07 . 2010-08-08 19:17 -------- d-----w- C:\D...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-08-23 15:52 . 2012-11-07 07:56 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui2012-10-24 17:50 . 2012-11-08 03:14 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]"SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704].c:\users\Busta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2012-11-7 0].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v2 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v2\WG111v2.exe [2012-11-7 1268192].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys [x]S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys [x]..--- Other Services/Drivers In Memory ---.*NewlyCreated* - WS2IFSL.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]GPSvcGroup REG_MULTI_SZ GPSvc.Contents of the 'Scheduled Tasks' folder.2012-11-10 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-08 12:07].2012-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-07 06:31].2012-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-07 06:31]..------- Supplementary Scan -------.TCP: DhcpNameServer = 192.168.1.1FF - ProfilePath - c:\users\Busta\AppData\Roaming\Mozilla\Firefox\Profiles\79bjpox7.default\.- - - - ORPHANS REMOVED - - - -.URLSearchHooks-{7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Other Running Processes ------------------------.c:\windows\system32\nvvsvc.exec:\windows\system32\nvvsvc.exec:\program files\Malwarebytes' Anti-Malware\mbamgui.exec:\windows\system32\taskhost.exec:\windows\system32\conhost.exec:\windows\SOUNDMAN.EXEc:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exec:\program files\Windows Media Player\wmpnetwk.exec:\windows\system32\sppsvc.exe.**************************************************************************.Completion time: 2012-11-10 14:46:20 - machine was rebootedComboFix-quarantined-files.txt 2012-11-10 22:46.Pre-Run: 182,970,036,224 bytes freePost-Run: 182,775,578,624 bytes free.- - End Of File - - 42CD3478179086B2C8F250C5ABD4A24C Link to post Share on other sites More sharing options...
djbusta Posted November 10, 2012 Author ID:611690 Share Posted November 10, 2012 and these are the new dds reports.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-07.01).Microsoft Windows 7 UltimateBoot Device: \Device\HarddiskVolume1Install Date: 11/7/2012 1:23:28 AMSystem Uptime: 11/10/2012 2:42:18 PM (0 hours ago).Motherboard: ASUSTeK Computer INC. | | P5ND2-SLIProcessor: Intel® Pentium® D CPU 3.00GHz | Socket 775 | 3000/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 233 GiB total, 170.151 GiB free.D: is CDROM (CDFS).==== Disabled Device Manager Items =============.Class GUID:Description: SM Bus ControllerDevice ID: PCI\VEN_10DE&DEV_0034&SUBSYS_818A1043&REV_A2\3&2411E6FE&2&51Manufacturer:Name: SM Bus ControllerPNP Device ID: PCI\VEN_10DE&DEV_0034&SUBSYS_818A1043&REV_A2\3&2411E6FE&2&51Service:.==== System Restore Points ===================.RP12: 11/7/2012 2:47:31 PM - Installed Microsoft Office Professional 2010 TrialRP13: 11/8/2012 1:41:08 AM - Windows UpdateRP14: 11/8/2012 3:58:21 AM - Windows UpdateRP15: 11/10/2012 2:33:38 PM - ComboFix created restore point.==== Installed Programs ======================.Adobe Flash Player 11 PluginCCleanerCurse ClientDefinition update for Microsoft Office 2010 (KB982726)ERUNT 1.1jGoogle ChromeGoogle Update HelperJava 7 Update 9Java Auto UpdaterMalwarebytes Anti-Malware version 1.65.1.1000Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Single Image 2010Microsoft Office Word MUI (English) 2010Mozilla Firefox 16.0.2 (x86 en-US)Mozilla Maintenance ServiceNETGEAR WG111v2 wireless USB 2.0 adapterNVIDIA Display Control PanelNVIDIA DriversPVSonyDllRealtek AC'97 AudioWorld of Warcraft.==== Event Viewer Messages From Past Week ========.11/8/2012 9:42:15 PM, Error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).11/7/2012 2:40:22 PM, Error: Service Control Manager [7030] - The SCM_Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.11/7/2012 2:32:04 PM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.11/6/2012 11:29:59 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 (KB2544521).11/6/2012 11:07:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80080005: Security Update for Windows 7 (KB2691442).11/10/2012 2:41:27 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.11/10/2012 2:34:47 PM, Error: Service Control Manager [7034] - The SCM_Service service terminated unexpectedly. It has done this 1 time(s)..==== End Of File ===========================DDS (Ver_2012-11-07.01) - NTFS_x86Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.9.2Run by Busta at 14:53:47 on 2012-11-10Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2048.1313 [GMT -8:00].SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\nvvsvc.exeC:\Windows\System32\spoolsv.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskhost.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Windows\SOUNDMAN.EXEC:\Program Files\NETGEAR\WG111v2\WG111v2.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\Explorer.exeC:\Windows\servicing\TrustedInstaller.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\conhost.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\System32\svchost.exe -k LocalServicePeerNet.============== Pseudo HJT Report ===============.BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dllmRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [soundMan] SOUNDMAN.EXEStartupFolder: c:\users\busta\appdata\roaming\microsoft\windows\start menu\programs\startup\CurseClientStartup.ccipStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111v2\WG111v2.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145uPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dllTCP: NameServer = 192.168.1.1TCP: Interfaces\{1BCCB3E2-B580-4677-9B30-B75DE2FAED4D} : DHCPNameServer = 209.18.47.61 209.18.47.62TCP: Interfaces\{4F828CCA-FF27-494D-80B0-6A727E7E4998} : DHCPNameServer = 192.168.1.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLLSSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - c:\users\busta\appdata\roaming\mozilla\firefox\profiles\79bjpox7.default\FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLLFF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLLFF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_110.dllFF - plugin: c:\windows\system32\npDeployJava1.dllFF - plugin: c:\windows\system32\npmproxy.dll.============= SERVICES / DRIVERS ===============.R0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\drivers\SCMNdisP.sys [2012-11-7 21728]R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-7 399432]R3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v2.sys [2012-11-7 377856]S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-11-7 676936]S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-11-7 22856]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-6 14848]S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-20 77184]S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-11-6 24064]S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-6 49664]S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-11-6 27136]S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-11-6 1343400].=============== Created Last 30 ================.2012-11-10 22:43:24 -------- d-----w- C:\$RECYCLE.BIN2012-11-10 22:41:14 -------- d-----w- c:\users\busta\appdata\local\temp2012-11-10 22:33:23 98816 ----a-w- c:\windows\sed.exe2012-11-10 22:33:23 256000 ----a-w- c:\windows\PEV.exe2012-11-10 22:33:23 208896 ----a-w- c:\windows\MBR.exe2012-11-10 00:54:02 6918632 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll2012-11-10 00:53:58 6918632 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{701343d3-37d1-44fa-a26d-4369c769d001}\mpengine.dll2012-11-09 05:22:22 -------- d-----w- c:\program files\CCleaner2012-11-08 12:07:19 -------- d-----w- c:\users\busta\appdata\local\Macromedia2012-11-08 12:07:00 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-11-08 12:07:00 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-11-08 03:50:30 -------- d-----w- c:\users\busta\appdata\local\Mozilla2012-11-07 22:52:28 -------- d-----w- c:\windows\PCHEALTH2012-11-07 22:50:09 -------- d-----w- c:\program files\Microsoft Analysis Services2012-11-07 22:48:49 -------- d-----w- c:\users\busta\appdata\local\Microsoft Help2012-11-07 22:47:38 -------- d-----w- c:\users\busta\appdata\roaming\Malwarebytes2012-11-07 22:47:12 -------- d-----w- c:\programdata\Malwarebytes2012-11-07 22:47:10 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2012-11-07 22:47:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-11-07 22:39:22 377856 ----a-w- c:\windows\system32\drivers\wg111v2.sys2012-11-07 22:39:22 290816 ------w- c:\windows\system32\SCMLib.dll2012-11-07 22:39:22 21728 ----a-w- c:\windows\system32\drivers\SCMNdisP.sys2012-11-07 22:39:21 -------- d-----w- c:\program files\NETGEAR2012-11-07 09:22:26 -------- d-----w- C:\Recovery2012-11-07 09:05:53 -------- d-----w- c:\windows\Panther2012-11-07 08:58:08 -------- d-----w- C:\Windows.old2012-11-07 08:56:17 -------- d-----w- C:\Boot2012-11-07 07:55:03 -------- d-----w- c:\programdata\NVIDIA Corporation2012-11-07 07:54:59 -------- d-----w- c:\program files\NVIDIA Corporation2012-11-07 07:50:17 245760 ----a-w- c:\windows\system32\OxpsConverter.exe2012-11-07 07:50:14 369856 ----a-w- c:\windows\system32\drivers\cng.sys2012-11-07 07:50:14 247808 ----a-w- c:\windows\system32\schannel.dll2012-11-07 07:50:14 220160 ----a-w- c:\windows\system32\ncrypt.dll2012-11-07 07:50:14 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys2012-11-07 07:50:14 1039360 ----a-w- c:\windows\system32\lsasrv.dll2012-11-07 07:50:10 478720 ----a-w- c:\windows\system32\timedate.cpl2012-11-07 07:50:08 164352 ----a-w- c:\windows\system32\profsvc.dll2012-11-07 07:45:34 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys2012-11-07 07:44:32 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys2012-11-07 07:39:24 -------- d-----w- c:\windows\system32\Wat2012-11-07 07:05:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll2012-11-07 07:05:33 240496 ----a-w- c:\windows\system32\drivers\netio.sys2012-11-07 07:05:33 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS2012-11-07 07:05:33 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys2012-11-07 07:05:21 338944 ----a-w- c:\windows\system32\drivers\afd.sys2012-11-07 07:05:12 741376 ----a-w- c:\windows\system32\inetcomm.dll2012-11-07 07:05:12 311808 ----a-w- c:\windows\system32\drivers\srv.sys2012-11-07 07:05:12 310272 ----a-w- c:\windows\system32\drivers\srv2.sys2012-11-07 07:05:12 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys2012-11-07 07:05:09 172544 ----a-w- c:\windows\system32\wintrust.dll2012-11-07 07:05:09 1288472 ----a-w- c:\windows\system32\ntdll.dll2012-11-07 07:05:07 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys2012-11-07 07:05:04 2048 ----a-w- c:\windows\system32\tzres.dll2012-11-07 07:03:58 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe2012-11-07 06:56:23 826880 ----a-w- c:\windows\system32\rdpcore.dll2012-11-07 06:56:23 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys2012-11-07 06:46:12 821736 ----a-w- c:\windows\system32\npDeployJava1.dll2012-11-07 06:46:12 746984 ----a-w- c:\windows\system32\deployJava1.dll2012-11-07 06:46:02 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2012-11-07 06:44:18 237072 ------w- c:\windows\system32\MpSigStub.exe2012-11-07 06:43:58 -------- d-----w- c:\users\busta\appdata\local\ElevatedDiagnostics2012-11-07 06:36:14 -------- d-----w- c:\users\busta\appdata\local\CRE2012-11-07 06:36:07 -------- d-----w- c:\program files\Conduit2012-11-07 06:36:06 -------- d-sh--w- c:\windows\Installer2012-11-07 06:36:02 -------- d-----w- c:\users\busta\appdata\local\Conduit2012-11-07 06:34:06 -------- d-----w- c:\programdata\Blizzard Entertainment2012-11-07 06:34:06 -------- d-----w- c:\program files\World of Warcraft2012-11-07 06:34:06 -------- d-----w- c:\program files\common files\Blizzard Entertainment2012-11-07 06:33:31 -------- d-----w- c:\programdata\Battle.net2012-11-07 06:31:44 -------- d-----w- c:\users\busta\appdata\local\Google2012-11-07 06:31:32 -------- d-----w- c:\users\busta\appdata\local\Deployment2012-11-07 06:31:32 -------- d-----w- c:\users\busta\appdata\local\Apps2012-11-07 06:30:22 2422272 ----a-w- c:\windows\system32\wucltux.dll2012-11-07 06:30:14 88576 ----a-w- c:\windows\system32\wudriver.dll2012-11-07 06:30:04 33792 ----a-w- c:\windows\system32\wuapp.exe2012-11-07 06:30:04 171904 ----a-w- c:\windows\system32\wuwebv.dll2012-11-07 00:08:01 55808 ----a-w- C:\devcon.exe2012-11-07 00:08:01 335029 ----a-w- C:\DPsFnshr.exe2012-11-07 00:08:01 291573 ----a-w- C:\DSPdsblr.exe2012-11-07 00:08:01 281723 ----a-w- C:\pmtimer.exe2012-11-07 00:08:01 20992 ----a-w- C:\makePNF.exe2012-11-07 00:08:01 137728 ----a-w- C:\mute.exe2012-11-07 00:07:53 -------- d-----w- C:\D.==================== Find3M ====================.2012-08-31 17:18:09 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys2012-08-30 17:12:02 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe2012-08-23 15:52:09 3072 ----a-w- c:\windows\system32\drivers\en-us\tsusbflt.sys.mui2012-08-23 14:48:14 221184 ----a-w- c:\windows\system32\rdpudd.dll2012-08-23 14:46:55 24064 ----a-w- c:\windows\system32\drivers\terminpt.sys2012-08-23 14:44:32 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys2012-08-23 14:41:34 27136 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys2012-08-23 14:40:25 49664 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys2012-08-23 14:10:40 12288 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe2012-08-23 14:10:04 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll2012-08-23 13:52:25 12800 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll2012-08-23 13:47:20 46592 ----a-w- c:\windows\system32\MsRdpWebAccess.dll2012-08-23 13:46:20 16896 ----a-w- c:\windows\system32\wksprtPS.dll2012-08-23 13:32:59 32768 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll2012-08-23 13:18:14 37376 ----a-w- c:\windows\system32\tsgqec.dll2012-08-23 11:40:43 56320 ----a-w- c:\windows\system32\TSWbPrxy.exe2012-08-23 11:32:48 317440 ----a-w- c:\windows\system32\wksprt.exe2012-08-23 11:15:57 269312 ----a-w- c:\windows\system32\aaclient.dll2012-08-23 11:12:17 192000 ----a-w- c:\windows\system32\rdpendp_winip.dll2012-08-23 10:39:24 1048064 ----a-w- c:\windows\system32\mstsc.exe2012-08-23 10:08:49 2739712 ----a-w- c:\windows\system32\rdpcorets.dll2012-08-23 08:19:01 4916224 ----a-w- c:\windows\system32\mstscax.dll2012-08-22 17:16:46 712048 ----a-w- c:\windows\system32\drivers\ndis.sys2012-08-20 17:40:31 169984 ----a-w- c:\windows\system32\winsrv.dll2012-08-20 17:40:01 293376 ----a-w- c:\windows\system32\KernelBase.dll2012-08-20 17:37:58 271360 ----a-w- c:\windows\system32\conhost.exe2012-08-20 15:33:28 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll2012-08-20 15:33:28 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2012-08-20 15:33:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll2012-08-20 15:33:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll.============= FINISH: 14:54:12.06 =============== Link to post Share on other sites More sharing options...
Staff screen317 Posted November 12, 2012 Staff ID:612589 Share Posted November 12, 2012 Hi,Run TFC by OldTimer to clear temporary files:Please download TFC from here and save it to your desktop.Close any open programs and Internet browsers.Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.Please be patient as clearing out temp files may take a while.Once it completes you may be prompted to restart your computer, please do so.Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.Download the file TDSSKiller.zip and extract it into a folder on the infected PC.Execute the file TDSSKiller.exe by double-clicking on it.Wait for the scan and disinfection process to be over.When its work is over, the utility prompts for a reboot to complete the disinfection.By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).The log is like UtilityName.Version_Date_Time_log.txt.for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.Please post that log here.Next, please run a free online scan with the ESET Online ScannerNote: You will need to use Internet Explorer for this scan.Tick the box next to YES, I accept the Terms of Use.Click StartWhen asked, allow the ActiveX control to installClick StartMake sure that the options Remove found threats and the option Scan unwanted applications is checkedClick ScanWait for the scan to finishExport the threats found (if any), and post them here.Next, please download AdwCleaner by Xplode onto your Desktop.Double click on AdwCleaner.exe to run the tool.Click on Search.A logfile will automatically open after the scan has finished.Please post the content of that logfile in your reply.You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.Next, download my Security Check from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.Let me know how things are running now and what issues remain.-screen317 Link to post Share on other sites More sharing options...
djbusta Posted November 13, 2012 Author ID:612688 Share Posted November 13, 2012 this is the tdss log16:10:49.0772 3480 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:3516:10:50.0131 3480 ============================================================16:10:50.0131 3480 Current date / time: 2012/11/12 16:10:50.013116:10:50.0131 3480 SystemInfo:16:10:50.0131 3480 16:10:50.0131 3480 OS Version: 6.1.7601 ServicePack: 1.016:10:50.0131 3480 Product type: Workstation16:10:50.0131 3480 ComputerName: BUSTA-PC16:10:50.0131 3480 UserName: Busta16:10:50.0131 3480 Windows directory: C:\Windows16:10:50.0131 3480 System windows directory: C:\Windows16:10:50.0131 3480 Processor architecture: Intel x8616:10:50.0131 3480 Number of processors: 216:10:50.0131 3480 Page size: 0x100016:10:50.0131 3480 Boot type: Normal boot16:10:50.0131 3480 ============================================================16:10:51.0194 3480 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005016:10:51.0194 3480 ============================================================16:10:51.0194 3480 \Device\Harddisk0\DR0:16:10:51.0194 3480 MBR partitions:16:10:51.0194 3480 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C068116:10:51.0194 3480 ============================================================16:10:51.0209 3480 C: <-> \Device\Harddisk0\DR0\Partition116:10:51.0209 3480 ============================================================16:10:51.0209 3480 Initialize success16:10:51.0209 3480 ============================================================16:10:59.0241 1428 ============================================================16:10:59.0241 1428 Scan started16:10:59.0241 1428 Mode: Manual;16:10:59.0241 1428 ============================================================16:10:59.0834 1428 ================ Scan system memory ========================16:10:59.0834 1428 System memory - ok16:10:59.0834 1428 ================ Scan services =============================16:10:59.0975 1428 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys16:10:59.0975 1428 1394ohci - ok16:11:00.0006 1428 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys16:11:00.0006 1428 ACPI - ok16:11:00.0038 1428 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys16:11:00.0053 1428 AcpiPmi - ok16:11:00.0116 1428 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe16:11:00.0116 1428 AdobeFlashPlayerUpdateSvc - ok16:11:00.0163 1428 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys16:11:00.0178 1428 adp94xx - ok16:11:00.0209 1428 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys16:11:00.0209 1428 adpahci - ok16:11:00.0225 1428 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys16:11:00.0225 1428 adpu320 - ok16:11:00.0256 1428 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll16:11:00.0256 1428 AeLookupSvc - ok16:11:00.0303 1428 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys16:11:00.0319 1428 AFD - ok16:11:00.0319 1428 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys16:11:00.0334 1428 agp440 - ok16:11:00.0366 1428 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys16:11:00.0381 1428 aic78xx - ok16:11:00.0506 1428 [ 7997B6F02CBDA0E31FA18CC85871B938 ] ALCXWDM C:\Windows\system32\drivers\RTKVAC.SYS16:11:00.0538 1428 ALCXWDM - ok16:11:00.0584 1428 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe16:11:00.0584 1428 ALG - ok16:11:00.0616 1428 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys16:11:00.0616 1428 aliide - ok16:11:00.0631 1428 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys16:11:00.0631 1428 amdagp - ok16:11:00.0647 1428 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys16:11:00.0647 1428 amdide - ok16:11:00.0678 1428 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys16:11:00.0678 1428 AmdK8 - ok16:11:00.0709 1428 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys16:11:00.0709 1428 AmdPPM - ok16:11:00.0741 1428 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys16:11:00.0741 1428 amdsata - ok16:11:00.0772 1428 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys16:11:00.0772 1428 amdsbs - ok16:11:00.0788 1428 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys16:11:00.0788 1428 amdxata - ok16:11:00.0819 1428 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys16:11:00.0834 1428 AppID - ok16:11:00.0881 1428 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll16:11:00.0881 1428 AppIDSvc - ok16:11:00.0913 1428 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll16:11:00.0913 1428 Appinfo - ok16:11:00.0959 1428 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll16:11:00.0959 1428 AppMgmt - ok16:11:00.0991 1428 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys16:11:00.0991 1428 arc - ok16:11:01.0006 1428 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys16:11:01.0006 1428 arcsas - ok16:11:01.0053 1428 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys16:11:01.0053 1428 AsyncMac - ok16:11:01.0069 1428 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys16:11:01.0069 1428 atapi - ok16:11:01.0100 1428 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll16:11:01.0116 1428 AudioEndpointBuilder - ok16:11:01.0116 1428 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll16:11:01.0131 1428 Audiosrv - ok16:11:01.0163 1428 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll16:11:01.0163 1428 AxInstSV - ok16:11:01.0209 1428 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys16:11:01.0209 1428 b06bdrv - ok16:11:01.0241 1428 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys16:11:01.0256 1428 b57nd60x - ok16:11:01.0288 1428 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll16:11:01.0288 1428 BDESVC - ok16:11:01.0319 1428 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys16:11:01.0319 1428 Beep - ok16:11:01.0366 1428 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll16:11:01.0381 1428 BFE - ok16:11:01.0413 1428 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll16:11:01.0413 1428 BITS - ok16:11:01.0444 1428 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys16:11:01.0444 1428 blbdrive - ok16:11:01.0491 1428 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys16:11:01.0491 1428 bowser - ok16:11:01.0506 1428 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys16:11:01.0506 1428 BrFiltLo - ok16:11:01.0522 1428 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys16:11:01.0522 1428 BrFiltUp - ok16:11:01.0569 1428 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys16:11:01.0569 1428 BridgeMP - ok16:11:01.0584 1428 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll16:11:01.0584 1428 Browser - ok16:11:01.0600 1428 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys16:11:01.0616 1428 Brserid - ok16:11:01.0631 1428 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys16:11:01.0631 1428 BrSerWdm - ok16:11:01.0647 1428 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys16:11:01.0647 1428 BrUsbMdm - ok16:11:01.0663 1428 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys16:11:01.0663 1428 BrUsbSer - ok16:11:01.0678 1428 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys16:11:01.0678 1428 BTHMODEM - ok16:11:01.0725 1428 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll16:11:01.0725 1428 bthserv - ok16:11:01.0819 1428 catchme - ok16:11:01.0866 1428 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys16:11:01.0866 1428 cdfs - ok16:11:01.0913 1428 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys16:11:01.0913 1428 cdrom - ok16:11:01.0959 1428 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll16:11:01.0975 1428 CertPropSvc - ok16:11:01.0991 1428 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys16:11:01.0991 1428 circlass - ok16:11:02.0006 1428 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys16:11:02.0006 1428 CLFS - ok16:11:02.0100 1428 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe16:11:02.0100 1428 clr_optimization_v2.0.50727_32 - ok16:11:02.0116 1428 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys16:11:02.0131 1428 CmBatt - ok16:11:02.0163 1428 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys16:11:02.0163 1428 cmdide - ok16:11:02.0194 1428 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys16:11:02.0194 1428 CNG - ok16:11:02.0209 1428 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys16:11:02.0209 1428 Compbatt - ok16:11:02.0241 1428 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys16:11:02.0241 1428 CompositeBus - ok16:11:02.0256 1428 COMSysApp - ok16:11:02.0272 1428 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys16:11:02.0272 1428 crcdisk - ok16:11:02.0334 1428 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll16:11:02.0334 1428 CryptSvc - ok16:11:02.0350 1428 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys16:11:02.0366 1428 CSC - ok16:11:02.0381 1428 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll16:11:02.0397 1428 CscService - ok16:11:02.0428 1428 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll16:11:02.0444 1428 DcomLaunch - ok16:11:02.0459 1428 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll16:11:02.0459 1428 defragsvc - ok16:11:02.0506 1428 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys16:11:02.0506 1428 DfsC - ok16:11:02.0538 1428 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll16:11:02.0553 1428 Dhcp - ok16:11:02.0569 1428 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys16:11:02.0569 1428 discache - ok16:11:02.0584 1428 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys16:11:02.0584 1428 Disk - ok16:11:02.0616 1428 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys16:11:02.0616 1428 dmvsc - ok16:11:02.0631 1428 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll16:11:02.0647 1428 Dnscache - ok16:11:02.0663 1428 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll16:11:02.0663 1428 dot3svc - ok16:11:02.0694 1428 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll16:11:02.0694 1428 DPS - ok16:11:02.0741 1428 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys16:11:02.0741 1428 drmkaud - ok16:11:02.0772 1428 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys16:11:02.0788 1428 DXGKrnl - ok16:11:02.0866 1428 [ 22EF8965101685ADD128F03A2B03CE16 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys16:11:02.0897 1428 E1G60 - ok16:11:02.0928 1428 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll16:11:02.0928 1428 EapHost - ok16:11:03.0022 1428 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys16:11:03.0084 1428 ebdrv - ok16:11:03.0100 1428 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe16:11:03.0116 1428 EFS - ok16:11:03.0178 1428 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe16:11:03.0178 1428 ehRecvr - ok16:11:03.0209 1428 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe16:11:03.0209 1428 ehSched - ok16:11:03.0241 1428 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys16:11:03.0256 1428 elxstor - ok16:11:03.0288 1428 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys16:11:03.0288 1428 ErrDev - ok16:11:03.0350 1428 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll16:11:03.0350 1428 EventSystem - ok16:11:03.0381 1428 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys16:11:03.0381 1428 exfat - ok16:11:03.0413 1428 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys16:11:03.0413 1428 fastfat - ok16:11:03.0506 1428 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe16:11:03.0553 1428 Fax - ok16:11:03.0584 1428 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys16:11:03.0584 1428 fdc - ok16:11:03.0616 1428 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll16:11:03.0616 1428 fdPHost - ok16:11:03.0631 1428 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll16:11:03.0631 1428 FDResPub - ok16:11:03.0663 1428 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys16:11:03.0663 1428 FileInfo - ok16:11:03.0678 1428 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys16:11:03.0678 1428 Filetrace - ok16:11:03.0694 1428 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys16:11:03.0694 1428 flpydisk - ok16:11:03.0725 1428 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys16:11:03.0725 1428 FltMgr - ok16:11:03.0772 1428 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll16:11:03.0772 1428 FontCache - ok16:11:03.0834 1428 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe16:11:03.0850 1428 FontCache3.0.0.0 - ok16:11:03.0850 1428 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys16:11:03.0850 1428 FsDepends - ok16:11:03.0881 1428 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys16:11:03.0881 1428 Fs_Rec - ok16:11:03.0913 1428 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys16:11:03.0913 1428 fvevol - ok16:11:03.0959 1428 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys16:11:03.0959 1428 gagp30kx - ok16:11:03.0991 1428 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll16:11:04.0006 1428 gpsvc - ok16:11:04.0084 1428 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe16:11:04.0084 1428 gupdate - ok16:11:04.0084 1428 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe16:11:04.0084 1428 gupdatem - ok16:11:04.0116 1428 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys16:11:04.0116 1428 hcw85cir - ok16:11:04.0131 1428 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys16:11:04.0131 1428 HDAudBus - ok16:11:04.0147 1428 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys16:11:04.0147 1428 HidBatt - ok16:11:04.0163 1428 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys16:11:04.0163 1428 HidBth - ok16:11:04.0194 1428 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys16:11:04.0209 1428 HidIr - ok16:11:04.0225 1428 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll16:11:04.0225 1428 hidserv - ok16:11:04.0272 1428 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys16:11:04.0272 1428 HidUsb - ok16:11:04.0288 1428 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll16:11:04.0288 1428 hkmsvc - ok16:11:04.0334 1428 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll16:11:04.0334 1428 HomeGroupListener - ok16:11:04.0366 1428 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll16:11:04.0366 1428 HomeGroupProvider - ok16:11:04.0397 1428 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys16:11:04.0397 1428 HpSAMD - ok16:11:04.0444 1428 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys16:11:04.0444 1428 HTTP - ok16:11:04.0459 1428 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys16:11:04.0459 1428 hwpolicy - ok16:11:04.0491 1428 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys16:11:04.0491 1428 i8042prt - ok16:11:04.0538 1428 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys16:11:04.0538 1428 iaStorV - ok16:11:04.0600 1428 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe16:11:04.0616 1428 idsvc - ok16:11:04.0631 1428 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys16:11:04.0631 1428 iirsp - ok16:11:04.0694 1428 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll16:11:04.0709 1428 IKEEXT - ok16:11:04.0725 1428 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys16:11:04.0725 1428 intelide - ok16:11:04.0741 1428 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys16:11:04.0741 1428 intelppm - ok16:11:04.0772 1428 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll16:11:04.0788 1428 IPBusEnum - ok16:11:04.0788 1428 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys16:11:04.0788 1428 IpFilterDriver - ok16:11:04.0819 1428 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll16:11:04.0834 1428 iphlpsvc - ok16:11:04.0850 1428 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys16:11:04.0866 1428 IPMIDRV - ok16:11:04.0881 1428 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys16:11:04.0881 1428 IPNAT - ok16:11:04.0913 1428 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys16:11:04.0913 1428 IRENUM - ok16:11:04.0944 1428 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys16:11:04.0944 1428 isapnp - ok16:11:04.0959 1428 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys16:11:04.0975 1428 iScsiPrt - ok16:11:05.0006 1428 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys16:11:05.0006 1428 kbdclass - ok16:11:05.0038 1428 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys16:11:05.0038 1428 kbdhid - ok16:11:05.0053 1428 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe16:11:05.0053 1428 KeyIso - ok16:11:05.0084 1428 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys16:11:05.0084 1428 KSecDD - ok16:11:05.0116 1428 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys16:11:05.0116 1428 KSecPkg - ok16:11:05.0147 1428 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll16:11:05.0147 1428 KtmRm - ok16:11:05.0194 1428 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll16:11:05.0194 1428 LanmanServer - ok16:11:05.0241 1428 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll16:11:05.0241 1428 LanmanWorkstation - ok16:11:05.0303 1428 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys16:11:05.0303 1428 lltdio - ok16:11:05.0334 1428 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll16:11:05.0334 1428 lltdsvc - ok16:11:05.0350 1428 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll16:11:05.0366 1428 lmhosts - ok16:11:05.0413 1428 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys16:11:05.0413 1428 LSI_FC - ok16:11:05.0428 1428 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys16:11:05.0428 1428 LSI_SAS - ok16:11:05.0444 1428 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys16:11:05.0444 1428 LSI_SAS2 - ok16:11:05.0459 1428 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys16:11:05.0459 1428 LSI_SCSI - ok16:11:05.0491 1428 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys16:11:05.0491 1428 luafv - ok16:11:05.0538 1428 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys16:11:05.0538 1428 MBAMProtector - ok16:11:05.0584 1428 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe16:11:05.0584 1428 MBAMScheduler - ok16:11:05.0616 1428 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe16:11:05.0631 1428 MBAMService - ok16:11:05.0663 1428 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll16:11:05.0663 1428 Mcx2Svc - ok16:11:05.0694 1428 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys16:11:05.0694 1428 megasas - ok16:11:05.0725 1428 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys16:11:05.0741 1428 MegaSR - ok16:11:05.0756 1428 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll16:11:05.0756 1428 MMCSS - ok16:11:05.0772 1428 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys16:11:05.0772 1428 Modem - ok16:11:05.0803 1428 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys16:11:05.0819 1428 monitor - ok16:11:05.0881 1428 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys16:11:05.0881 1428 mouclass - ok16:11:05.0928 1428 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys16:11:05.0928 1428 mouhid - ok16:11:05.0944 1428 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys16:11:05.0944 1428 mountmgr - ok16:11:05.0991 1428 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe16:11:05.0991 1428 MozillaMaintenance - ok16:11:06.0022 1428 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys16:11:06.0022 1428 mpio - ok16:11:06.0038 1428 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys16:11:06.0038 1428 mpsdrv - ok16:11:06.0100 1428 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll16:11:06.0100 1428 MpsSvc - ok16:11:06.0116 1428 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys16:11:06.0131 1428 MRxDAV - ok16:11:06.0178 1428 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys16:11:06.0178 1428 mrxsmb - ok16:11:06.0194 1428 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys16:11:06.0194 1428 mrxsmb10 - ok16:11:06.0225 1428 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys16:11:06.0225 1428 mrxsmb20 - ok16:11:06.0241 1428 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys16:11:06.0241 1428 msahci - ok16:11:06.0272 1428 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys16:11:06.0272 1428 msdsm - ok16:11:06.0319 1428 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe16:11:06.0334 1428 MSDTC - ok16:11:06.0334 1428 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys16:11:06.0350 1428 Msfs - ok16:11:06.0366 1428 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys16:11:06.0366 1428 mshidkmdf - ok16:11:06.0381 1428 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys16:11:06.0381 1428 msisadrv - ok16:11:06.0428 1428 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll16:11:06.0428 1428 MSiSCSI - ok16:11:06.0428 1428 msiserver - ok16:11:06.0475 1428 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys16:11:06.0475 1428 MSKSSRV - ok16:11:06.0491 1428 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys16:11:06.0491 1428 MSPCLOCK - ok16:11:06.0506 1428 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys16:11:06.0522 1428 MSPQM - ok16:11:06.0538 1428 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys16:11:06.0538 1428 MsRPC - ok16:11:06.0553 1428 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys16:11:06.0553 1428 mssmbios - ok16:11:06.0553 1428 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys16:11:06.0553 1428 MSTEE - ok16:11:06.0569 1428 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys16:11:06.0569 1428 MTConfig - ok16:11:06.0616 1428 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys16:11:06.0616 1428 MTsensor - ok16:11:06.0631 1428 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys16:11:06.0631 1428 Mup - ok16:11:06.0678 1428 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll16:11:06.0678 1428 napagent - ok16:11:06.0741 1428 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys16:11:06.0741 1428 NativeWifiP - ok16:11:06.0788 1428 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys16:11:06.0788 1428 NDIS - ok16:11:06.0819 1428 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys16:11:06.0819 1428 NdisCap - ok16:11:06.0866 1428 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys16:11:06.0866 1428 NdisTapi - ok16:11:06.0897 1428 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys16:11:06.0897 1428 Ndisuio - ok16:11:06.0913 1428 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys16:11:06.0913 1428 NdisWan - ok16:11:06.0928 1428 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys16:11:06.0928 1428 NDProxy - ok16:11:06.0959 1428 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys16:11:06.0959 1428 NetBIOS - ok16:11:06.0975 1428 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys16:11:06.0975 1428 NetBT - ok16:11:06.0991 1428 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe16:11:06.0991 1428 Netlogon - ok16:11:07.0038 1428 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll16:11:07.0053 1428 Netman - ok16:11:07.0069 1428 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll16:11:07.0069 1428 netprofm - ok16:11:07.0100 1428 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe16:11:07.0116 1428 NetTcpPortSharing - ok16:11:07.0147 1428 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys16:11:07.0147 1428 nfrd960 - ok16:11:07.0178 1428 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll16:11:07.0178 1428 NlaSvc - ok16:11:07.0194 1428 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys16:11:07.0194 1428 Npfs - ok16:11:07.0225 1428 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll16:11:07.0225 1428 nsi - ok16:11:07.0241 1428 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys16:11:07.0241 1428 nsiproxy - ok16:11:07.0303 1428 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys16:11:07.0319 1428 Ntfs - ok16:11:07.0334 1428 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys16:11:07.0334 1428 Null - ok16:11:07.0616 1428 [ 377140A534D013BD661C69F1741DE43C ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys16:11:07.0678 1428 nvlddmkm - ok16:11:07.0709 1428 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys16:11:07.0709 1428 nvraid - ok16:11:07.0741 1428 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys16:11:07.0756 1428 nvstor - ok16:11:07.0788 1428 [ 4ED813EFD77A9B7E57E341CDC1C5CBC4 ] nvsvc C:\Windows\system32\nvvsvc.exe16:11:07.0788 1428 nvsvc - ok16:11:07.0819 1428 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys16:11:07.0819 1428 nv_agp - ok16:11:07.0850 1428 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys16:11:07.0866 1428 ohci1394 - ok16:11:07.0913 1428 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE16:11:07.0913 1428 ose - ok16:11:08.0194 1428 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE16:11:08.0350 1428 osppsvc - ok16:11:08.0397 1428 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll16:11:08.0397 1428 p2pimsvc - ok16:11:08.0428 1428 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll16:11:08.0428 1428 p2psvc - ok16:11:08.0475 1428 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys16:11:08.0475 1428 Parport - ok16:11:08.0506 1428 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys16:11:08.0506 1428 partmgr - ok16:11:08.0522 1428 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys16:11:08.0522 1428 Parvdm - ok16:11:08.0538 1428 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll16:11:08.0538 1428 PcaSvc - ok16:11:08.0569 1428 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys16:11:08.0569 1428 pci - ok16:11:08.0584 1428 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys16:11:08.0584 1428 pciide - ok16:11:08.0600 1428 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys16:11:08.0600 1428 pcmcia - ok16:11:08.0616 1428 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys16:11:08.0616 1428 pcw - ok16:11:08.0678 1428 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys16:11:08.0678 1428 PEAUTH - ok16:11:08.0725 1428 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll16:11:08.0741 1428 PeerDistSvc - ok16:11:08.0803 1428 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll16:11:08.0819 1428 pla - ok16:11:08.0881 1428 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll16:11:08.0881 1428 PlugPlay - ok16:11:08.0913 1428 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll16:11:08.0913 1428 PNRPAutoReg - ok16:11:08.0928 1428 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll16:11:08.0944 1428 PNRPsvc - ok16:11:08.0959 1428 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll16:11:08.0975 1428 PolicyAgent - ok16:11:08.0991 1428 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll16:11:08.0991 1428 Power - ok16:11:09.0038 1428 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys16:11:09.0038 1428 PptpMiniport - ok16:11:09.0053 1428 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys16:11:09.0069 1428 Processor - ok16:11:09.0116 1428 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll16:11:09.0116 1428 ProfSvc - ok16:11:09.0131 1428 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe16:11:09.0147 1428 ProtectedStorage - ok16:11:09.0178 1428 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys16:11:09.0178 1428 Psched - ok16:11:09.0225 1428 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys16:11:09.0241 1428 ql2300 - ok16:11:09.0272 1428 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys16:11:09.0272 1428 ql40xx - ok16:11:09.0303 1428 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll16:11:09.0303 1428 QWAVE - ok16:11:09.0334 1428 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys16:11:09.0334 1428 QWAVEdrv - ok16:11:09.0350 1428 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys16:11:09.0350 1428 RasAcd - ok16:11:09.0397 1428 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys16:11:09.0397 1428 RasAgileVpn - ok16:11:09.0413 1428 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll16:11:09.0413 1428 RasAuto - ok16:11:09.0428 1428 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys16:11:09.0428 1428 Rasl2tp - ok16:11:09.0475 1428 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll16:11:09.0475 1428 RasMan - ok16:11:09.0491 1428 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys16:11:09.0491 1428 RasPppoe - ok16:11:09.0506 1428 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys16:11:09.0506 1428 RasSstp - ok16:11:09.0538 1428 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys16:11:09.0538 1428 rdbss - ok16:11:09.0569 1428 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys16:11:09.0569 1428 rdpbus - ok16:11:09.0569 1428 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys16:11:09.0569 1428 RDPCDD - ok16:11:09.0600 1428 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys16:11:09.0600 1428 RDPDR - ok16:11:09.0631 1428 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys16:11:09.0631 1428 RDPENCDD - ok16:11:09.0663 1428 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys16:11:09.0663 1428 RDPREFMP - ok16:11:09.0678 1428 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys16:11:09.0678 1428 RdpVideoMiniport - ok16:11:09.0709 1428 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys16:11:09.0709 1428 RDPWD - ok16:11:09.0772 1428 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys16:11:09.0772 1428 rdyboost - ok16:11:09.0819 1428 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll16:11:09.0834 1428 RemoteAccess - ok16:11:09.0866 1428 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll16:11:09.0866 1428 RemoteRegistry - ok16:11:09.0897 1428 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll16:11:09.0897 1428 RpcEptMapper - ok16:11:09.0928 1428 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe16:11:09.0928 1428 RpcLocator - ok16:11:09.0944 1428 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll16:11:09.0959 1428 RpcSs - ok16:11:09.0991 1428 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys16:11:09.0991 1428 rspndr - ok16:11:10.0038 1428 [ 86D27D129CC701183E22EFD001BE926F ] RTL8187 C:\Windows\system32\DRIVERS\wg111v2.sys16:11:10.0053 1428 RTL8187 - ok16:11:10.0084 1428 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys16:11:10.0084 1428 s3cap - ok16:11:10.0084 1428 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe16:11:10.0084 1428 SamSs - ok16:11:10.0131 1428 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys16:11:10.0131 1428 sbp2port - ok16:11:10.0163 1428 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll16:11:10.0178 1428 SCardSvr - ok16:11:10.0178 1428 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys16:11:10.0178 1428 scfilter - ok16:11:10.0225 1428 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll16:11:10.0241 1428 Schedule - ok16:11:10.0288 1428 [ 3B68015683C27CB00C7A6B60A37CBCFD ] SCMNdisP C:\Windows\system32\DRIVERS\scmndisp.sys16:11:10.0288 1428 SCMNdisP - ok16:11:10.0303 1428 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll16:11:10.0303 1428 SCPolicySvc - ok16:11:10.0319 1428 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll16:11:10.0334 1428 SDRSVC - ok16:11:10.0366 1428 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys16:11:10.0381 1428 secdrv - ok16:11:10.0381 1428 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll16:11:10.0397 1428 seclogon - ok16:11:10.0428 1428 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll16:11:10.0428 1428 SENS - ok16:11:10.0444 1428 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll16:11:10.0459 1428 SensrSvc - ok16:11:10.0475 1428 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys16:11:10.0475 1428 Serenum - ok16:11:10.0491 1428 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys16:11:10.0491 1428 Serial - ok16:11:10.0506 1428 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys16:11:10.0522 1428 sermouse - ok16:11:10.0553 1428 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll16:11:10.0569 1428 SessionEnv - ok16:11:10.0584 1428 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys16:11:10.0584 1428 sffdisk - ok16:11:10.0584 1428 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys16:11:10.0584 1428 sffp_mmc - ok16:11:10.0616 1428 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys16:11:10.0616 1428 sffp_sd - ok16:11:10.0631 1428 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys16:11:10.0631 1428 sfloppy - ok16:11:10.0663 1428 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll16:11:10.0663 1428 SharedAccess - ok16:11:10.0694 1428 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll16:11:10.0694 1428 ShellHWDetection - ok16:11:10.0709 1428 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys16:11:10.0709 1428 sisagp - ok16:11:10.0741 1428 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys16:11:10.0741 1428 SiSRaid2 - ok16:11:10.0756 1428 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys16:11:10.0756 1428 SiSRaid4 - ok16:11:10.0788 1428 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys16:11:10.0803 1428 Smb - ok16:11:10.0834 1428 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe16:11:10.0834 1428 SNMPTRAP - ok16:11:10.0850 1428 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys16:11:10.0850 1428 spldr - ok16:11:10.0897 1428 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe16:11:10.0913 1428 Spooler - ok16:11:11.0006 1428 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe16:11:11.0022 1428 sppsvc - ok16:11:11.0038 1428 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll16:11:11.0053 1428 sppuinotify - ok16:11:11.0100 1428 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys16:11:11.0100 1428 srv - ok16:11:11.0116 1428 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys16:11:11.0116 1428 srv2 - ok16:11:11.0147 1428 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys16:11:11.0147 1428 srvnet - ok16:11:11.0178 1428 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll16:11:11.0178 1428 SSDPSRV - ok16:11:11.0194 1428 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll16:11:11.0194 1428 SstpSvc - ok16:11:11.0225 1428 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys16:11:11.0225 1428 stexstor - ok16:11:11.0303 1428 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll16:11:11.0334 1428 StiSvc - ok16:11:11.0366 1428 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys16:11:11.0366 1428 storflt - ok16:11:11.0413 1428 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys16:11:11.0413 1428 storvsc - ok16:11:11.0413 1428 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys16:11:11.0428 1428 swenum - ok16:11:11.0459 1428 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll16:11:11.0459 1428 swprv - ok16:11:11.0491 1428 [ F2AD8960812FD111E20E84659EF19D43 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys16:11:11.0491 1428 Synth3dVsc - ok16:11:11.0538 1428 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll16:11:11.0553 1428 SysMain - ok16:11:11.0569 1428 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll16:11:11.0569 1428 TabletInputService - ok16:11:11.0600 1428 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll16:11:11.0600 1428 TapiSrv - ok16:11:11.0616 1428 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll16:11:11.0631 1428 TBS - ok16:11:11.0678 1428 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys16:11:11.0694 1428 Tcpip - ok16:11:11.0741 1428 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys16:11:11.0741 1428 TCPIP6 - ok16:11:11.0772 1428 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys16:11:11.0772 1428 tcpipreg - ok16:11:11.0803 1428 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys16:11:11.0803 1428 TDPIPE - ok16:11:11.0834 1428 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys16:11:11.0834 1428 TDTCP - ok16:11:11.0850 1428 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys16:11:11.0850 1428 tdx - ok16:11:11.0881 1428 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys16:11:11.0881 1428 TermDD - ok16:11:11.0897 1428 [ E951866BAC5A23403F62A349EDBB6EEB ] terminpt C:\Windows\system32\drivers\terminpt.sys16:11:11.0897 1428 terminpt - ok16:11:11.0944 1428 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll16:11:11.0959 1428 TermService - ok16:11:11.0975 1428 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll16:11:11.0975 1428 Themes - ok16:11:11.0991 1428 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll16:11:11.0991 1428 THREADORDER - ok16:11:12.0022 1428 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll16:11:12.0038 1428 TrkWks - ok16:11:12.0084 1428 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe16:11:12.0084 1428 TrustedInstaller - ok16:11:12.0100 1428 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys16:11:12.0100 1428 tssecsrv - ok16:11:12.0131 1428 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys16:11:12.0131 1428 TsUsbFlt - ok16:11:12.0163 1428 [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys16:11:12.0163 1428 TsUsbGD - ok16:11:12.0194 1428 [ 045ACB987C650D8186C6B4A692223860 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys16:11:12.0194 1428 tsusbhub - ok16:11:12.0225 1428 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys16:11:12.0225 1428 tunnel - ok16:11:12.0241 1428 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys16:11:12.0241 1428 uagp35 - ok16:11:12.0272 1428 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys16:11:12.0272 1428 udfs - ok16:11:12.0303 1428 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe16:11:12.0319 1428 UI0Detect - ok16:11:12.0350 1428 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys16:11:12.0350 1428 uliagpkx - ok16:11:12.0381 1428 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys16:11:12.0381 1428 umbus - ok16:11:12.0397 1428 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys16:11:12.0397 1428 UmPass - ok16:11:12.0428 1428 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll16:11:12.0428 1428 UmRdpService - ok16:11:12.0459 1428 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll16:11:12.0475 1428 upnphost - ok16:11:12.0491 1428 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys16:11:12.0491 1428 usbccgp - ok16:11:12.0522 1428 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys16:11:12.0522 1428 usbcir - ok16:11:12.0553 1428 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys16:11:12.0553 1428 usbehci - ok16:11:12.0584 1428 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys16:11:12.0600 1428 usbhub - ok16:11:12.0616 1428 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys16:11:12.0616 1428 usbohci - ok16:11:12.0631 1428 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys16:11:12.0631 1428 usbprint - ok16:11:12.0647 1428 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS16:11:12.0647 1428 USBSTOR - ok16:11:12.0663 1428 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys16:11:12.0663 1428 usbuhci - ok16:11:12.0694 1428 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll16:11:12.0694 1428 UxSms - ok16:11:12.0725 1428 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe16:11:12.0725 1428 VaultSvc - ok16:11:12.0756 1428 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys16:11:12.0756 1428 vdrvroot - ok16:11:12.0788 1428 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe16:11:12.0788 1428 vds - ok16:11:12.0834 1428 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys16:11:12.0834 1428 vga - ok16:11:12.0834 1428 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys16:11:12.0850 1428 VgaSave - ok16:11:12.0850 1428 VGPU - ok16:11:12.0897 1428 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys16:11:12.0897 1428 vhdmp - ok16:11:12.0928 1428 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys16:11:12.0928 1428 viaagp - ok16:11:12.0944 1428 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys16:11:12.0944 1428 ViaC7 - ok16:11:12.0959 1428 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys16:11:12.0959 1428 viaide - ok16:11:12.0991 1428 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys16:11:12.0991 1428 vmbus - ok16:11:13.0006 1428 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys16:11:13.0006 1428 VMBusHID - ok16:11:13.0038 1428 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys16:11:13.0038 1428 volmgr - ok16:11:13.0053 1428 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys16:11:13.0053 1428 volmgrx - ok16:11:13.0084 1428 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys16:11:13.0084 1428 volsnap - ok16:11:13.0131 1428 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys16:11:13.0147 1428 vsmraid - ok16:11:13.0178 1428 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe16:11:13.0194 1428 VSS - ok16:11:13.0225 1428 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys16:11:13.0225 1428 vwifibus - ok16:11:13.0256 1428 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys16:11:13.0256 1428 vwififlt - ok16:11:13.0334 1428 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll16:11:13.0334 1428 W32Time - ok16:11:13.0366 1428 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys16:11:13.0381 1428 WacomPen - ok16:11:13.0413 1428 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys16:11:13.0413 1428 WANARP - ok16:11:13.0428 1428 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys16:11:13.0428 1428 Wanarpv6 - ok16:11:13.0506 1428 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe16:11:13.0522 1428 WatAdminSvc - ok16:11:13.0584 1428 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe16:11:13.0600 1428 wbengine - ok16:11:13.0616 1428 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll16:11:13.0616 1428 WbioSrvc - ok16:11:13.0647 1428 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll16:11:13.0647 1428 wcncsvc - ok16:11:13.0663 1428 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll16:11:13.0678 1428 WcsPlugInService - ok16:11:13.0694 1428 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys16:11:13.0694 1428 Wd - ok16:11:13.0725 1428 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys16:11:13.0725 1428 Wdf01000 - ok16:11:13.0756 1428 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll16:11:13.0756 1428 WdiServiceHost - ok16:11:13.0772 1428 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll16:11:13.0772 1428 WdiSystemHost - ok16:11:13.0788 1428 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll16:11:13.0803 1428 WebClient - ok16:11:13.0819 1428 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll16:11:13.0834 1428 Wecsvc - ok16:11:13.0850 1428 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll16:11:13.0850 1428 wercplsupport - ok16:11:13.0897 1428 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll16:11:13.0897 1428 WerSvc - ok16:11:14.0006 1428 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys16:11:14.0006 1428 WfpLwf - ok16:11:14.0022 1428 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys16:11:14.0022 1428 WIMMount - ok16:11:14.0084 1428 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll16:11:14.0084 1428 WinDefend - ok16:11:14.0100 1428 WinHttpAutoProxySvc - ok16:11:14.0147 1428 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll16:11:14.0147 1428 Winmgmt - ok16:11:14.0209 1428 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll16:11:14.0225 1428 WinRM - ok16:11:14.0288 1428 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll16:11:14.0303 1428 Wlansvc - ok16:11:14.0334 1428 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys16:11:14.0334 1428 WmiAcpi - ok16:11:14.0350 1428 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe16:11:14.0350 1428 wmiApSrv - ok16:11:14.0428 1428 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe16:11:14.0444 1428 WMPNetworkSvc - ok16:11:14.0459 1428 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll16:11:14.0475 1428 WPCSvc - ok16:11:14.0475 1428 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll16:11:14.0491 1428 WPDBusEnum - ok16:11:14.0506 1428 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys16:11:14.0506 1428 ws2ifsl - ok16:11:14.0538 1428 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll16:11:14.0538 1428 wscsvc - ok16:11:14.0553 1428 WSearch - ok16:11:14.0616 1428 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll16:11:14.0631 1428 wuauserv - ok16:11:14.0647 1428 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys16:11:14.0647 1428 WudfPf - ok16:11:14.0694 1428 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll16:11:14.0694 1428 wudfsvc - ok16:11:14.0725 1428 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll16:11:14.0741 1428 WwanSvc - ok16:11:14.0756 1428 ================ Scan global ===============================16:11:14.0788 1428 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll16:11:14.0819 1428 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll16:11:14.0834 1428 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll16:11:14.0866 1428 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll16:11:14.0897 1428 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe16:11:14.0897 1428 [Global] - ok16:11:14.0897 1428 ================ Scan MBR ==================================16:11:14.0913 1428 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR016:11:15.0334 1428 \Device\Harddisk0\DR0 - ok16:11:15.0334 1428 ================ Scan VBR ==================================16:11:15.0334 1428 [ DB30C159EE617A639483FFE4FCE584C9 ] \Device\Harddisk0\DR0\Partition116:11:15.0334 1428 \Device\Harddisk0\DR0\Partition1 - ok16:11:15.0334 1428 ============================================================16:11:15.0334 1428 Scan finished16:11:15.0334 1428 ============================================================16:11:15.0350 0168 Detected object count: 016:11:15.0350 0168 Actual detected object count: 0 Link to post Share on other sites More sharing options...
djbusta Posted November 13, 2012 Author ID:612715 Share Posted November 13, 2012 eset found 24 threatsC:\Windows.old\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\ycqovo36.default\user.js JS/SecurityDisabler.A.Gen application cleaned by deleting - quarantinedC:\Windows.old\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\ycqovo36.default\extensions\ojclrmzlsk@ojclrmzlsk.org.xpi JS/Redirector.NCA trojan deleted - quarantinedC:\Windows.old\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\ycqovo36.default\extensions\plugin@startsearcher.com\content\sudoku.js Win32/StartSearcher application cleaned by deleting - quarantinedC:\Windows.old\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\ycqovo36.default\extensions\plugin@yontoo.com\content\overlay.js Win32/Adware.Yontoo application cleaned by deleting - quarantinedC:\Windows.old\Documents and Settings\Alex\Application Data\Sun\Java\Deployment\cache\6.0\18\3b4bb792-46c72ebd multiple threats deleted - quarantinedC:\Windows.old\Documents and Settings\Alex\Application Data\Sun\Java\Deployment\cache\6.0\2\334b81c2-58360e94 multiple threats deleted - quarantinedC:\Windows.old\Documents and Settings\Alex\Application Data\Sun\Java\Deployment\cache\6.0\63\30f7177f-226ce1b7 a variant of Java/Exploit.CVE-2012-1723.AL trojan deleted - quarantinedC:\Windows.old\Documents and Settings\Alex\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\aagfgbgfgbdegbdcgfdhdjdbdedbdggb\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantinedC:\Windows.old\Documents and Settings\Alex\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\aagfgbgfgbdegbdcgfdhdjdbdedbdggb\ContentScript.js Win32/BHO.OEI trojan cleaned by deleting - quarantinedC:\Windows.old\Documents and Settings\Alex\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\27\5e65a3db-191decce Java/Exploit.CVE-2012-1723.BP trojan deleted - quarantinedC:\Windows.old\Documents and Settings\Alex\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\38\1ad0b766-2b9d76da a variant of Java/Exploit.CVE-2012-4681.AK trojan deleted - quarantinedC:\Windows.old\Documents and Settings\Alex\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\57\287adeb9-5d2a138b a variant of Java/Exploit.CVE-2012-4681.AK trojan deleted - quarantinedC:\Windows.old\Documents and Settings\Alex\Local Settings\Temp\124kkk290347.exe Win32/LockScreen.AKU trojan cleaned by deleting - quarantinedC:\Windows.old\Documents and Settings\Alex\Local Settings\Temp\ezLooker-S-Setup_Suite1.exe Win32/Adware.Yontoo application cleaned by deleting - quarantinedC:\Windows.old\Documents and Settings\Alex\Local Settings\Temp\YontooFFClient.xpi Win32/Adware.Yontoo application deleted - quarantinedC:\Windows.old\Documents and Settings\Alex\Local Settings\Temp\YontooSetup-S.exe Win32/Adware.Yontoo application cleaned by deleting - quarantinedC:\Windows.old\Documents and Settings\Alex\Local Settings\TempDIR\BetterInstaller.exe a variant of Win32/Somoto.A application cleaned by deleting - quarantinedC:\Windows.old\Documents and Settings\Alex\Local Settings\Temporary Internet Files\Content.IE5\CXYF8PER\ezLooker-S-Setup_Suite1[1].exe Win32/Adware.Yontoo application cleaned by deleting - quarantinedC:\Windows.old\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll Win32/Adware.Yontoo.B application cleaned by deleting - quarantinedC:\Windows.old\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantinedC:\Windows.old\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantinedC:\Windows.old\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe probably a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantinedC:\Windows.old\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantinedC:\Windows.old\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined Link to post Share on other sites More sharing options...
djbusta Posted November 13, 2012 Author ID:612717 Share Posted November 13, 2012 adcleaner log# AdwCleaner v2.007 - Logfile created 11/12/2012 at 17:32:41# Updated 06/11/2012 by Xplode# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)# User : Busta - BUSTA-PC# Boot Mode : Normal# Running from : C:\Users\Busta\Downloads\adwcleaner.exe# Option [search]***** [services] ********** [Files / Folders] *****File Found : C:\user.jsFolder Found : C:\Program Files\ConduitFolder Found : C:\Users\Busta\AppData\Local\ConduitFolder Found : C:\Users\Busta\AppData\LocalLow\Conduit***** [Registry] *****Key Found : HKCU\Software\AppDataLow\Software\SmartBarKey Found : HKCU\Software\ConduitKey Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468Key Found : HKLM\Software\ConduitKey Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}Key Found : HKU\S-1-5-21-2150842207-1263672275-3154387700-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}***** [internet Browsers] *****-\\ Internet Explorer v9.0.8112.16421[OK] Registry is clean.-\\ Mozilla Firefox v16.0.2 (en-US)Profile name : defaultFile : C:\Users\Busta\AppData\Roaming\Mozilla\Firefox\Profiles\79bjpox7.default\prefs.js[OK] File is clean.-\\ Google Chrome v [unable to get version]File : C:\Users\Busta\AppData\Local\Google\Chrome\User Data\Default\Preferences[OK] File is clean.*************************AdwCleaner[R1].txt - [1775 octets] - [12/11/2012 17:32:28]AdwCleaner[R2].txt - [1706 octets] - [12/11/2012 17:32:41]########## EOF - C:\AdwCleaner[R2].txt - [1766 octets] ########## Link to post Share on other sites More sharing options...
djbusta Posted November 13, 2012 Author ID:612723 Share Posted November 13, 2012 the link for security check said Unfortunately the page that you requested does not exist. Link to post Share on other sites More sharing options...
Staff screen317 Posted November 15, 2012 Staff ID:613348 Share Posted November 15, 2012 Hi,Please try this link instead:http://www.bleepingcomputer.com/download/securitycheck/Please close all open programs and internet browsers.Double click on adwcleaner.exe to run the tool.Click on Delete.Confirm each time with OK.Your computer will be rebooted automatically. A text file will open after the restart.Please post the content of that logfile in your reply.You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number Link to post Share on other sites More sharing options...
djbusta Posted November 15, 2012 Author ID:613412 Share Posted November 15, 2012 this is security check Results of screen317's Security Check version 0.99.54 Windows 7 Service Pack 1 x86 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update.`````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.65.1.1000 CCleaner Java 7 Update 9 Adobe Flash Player 11.5.502.110 Mozilla Firefox (16.0.2) Google Chrome 23.0.1271.64 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0%````````````````````End of Log``````````````````````this is adcleaner# AdwCleaner v2.007 - Logfile created 11/15/2012 at 00:28:08# Updated 06/11/2012 by Xplode# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)# User : Busta - BUSTA-PC# Boot Mode : Normal# Running from : C:\Users\Busta\Desktop\adwcleaner.exe# Option [Delete]***** [services] ********** [Files / Folders] *****File Deleted : C:\user.jsFolder Deleted : C:\Program Files\ConduitFolder Deleted : C:\Users\Busta\AppData\Local\ConduitFolder Deleted : C:\Users\Busta\AppData\LocalLow\Conduit***** [Registry] *****Key Deleted : HKCU\Software\AppDataLow\Software\SmartBarKey Deleted : HKCU\Software\ConduitKey Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468Key Deleted : HKLM\Software\ConduitKey Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}***** [internet Browsers] *****-\\ Internet Explorer v9.0.8112.16421[OK] Registry is clean.-\\ Mozilla Firefox v16.0.2 (en-US)Profile name : defaultFile : C:\Users\Busta\AppData\Roaming\Mozilla\Firefox\Profiles\79bjpox7.default\prefs.js[OK] File is clean.-\\ Google Chrome v [unable to get version]File : C:\Users\Busta\AppData\Local\Google\Chrome\User Data\Default\Preferences[OK] File is clean.*************************AdwCleaner[R1].txt - [1775 octets] - [12/11/2012 17:32:28]AdwCleaner[R2].txt - [1835 octets] - [12/11/2012 17:32:41]AdwCleaner[R3].txt - [1893 octets] - [12/11/2012 17:37:00]AdwCleaner[s1].txt - [1693 octets] - [15/11/2012 00:28:08]########## EOF - C:\AdwCleaner[s1].txt - [1753 octets] ########## Link to post Share on other sites More sharing options...
Staff screen317 Posted November 19, 2012 Staff ID:614912 Share Posted November 19, 2012 Hi,I apologize for the delay.Run TFC by OldTimer to clear temporary files:Open TFC.exe if you already have it. If not, please download TFC from here and save it to your desktop.Close any open programs and Internet browsers.Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.Please be patient as clearing out temp files may take a while.Once it completes you may be prompted to restart your computer, please do so.Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.Please double click on adwcleaner.exe to run the tool.Click on Uninstall.Confirm with Yes.Navigate to Start --> Run, and type Combofix /uninstall in the box that appears. Click OK afterward. Notice the space between the X and the /uninstallThis uninstalls all of ComboFix's components.Delete SecurityCheck and TDSSKiller.Click Start, type in Windows Update, and click on Windows Update when it appears. Install all available updates.Let me know what issues remain. Link to post Share on other sites More sharing options...
djbusta Posted November 19, 2012 Author ID:614949 Share Posted November 19, 2012 Ok so I did everything you said and then deleted the programs. Then I tried to do an update but it took like 10 minutes on the "preparing to install" phase an then said "some updates were not installed" and it gave man an error code 80243004 Link to post Share on other sites More sharing options...
Staff screen317 Posted November 23, 2012 Staff ID:616275 Share Posted November 23, 2012 Hi,Reboot and give it another try. Is it a particular update that is triggering the error? Does it provide any additional information? Link to post Share on other sites More sharing options...
Staff screen317 Posted December 12, 2012 Staff ID:622539 Share Posted December 12, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts