Jump to content

Worried about a possible keylogger


kisari

Recommended Posts

Hello! In the past 2 weeks, I have had password issues with both MSN messenger and Steam. MSN stated I was logged in at 2 places, so I changed my password and it hasn't happened since. I wrote it off as an error as it's an email I only use for business and monetary transactions.

Tonight, Steam stated my credentials had expired, although I was logged on just yesterday. I changed that password as well, but even that could be considered as an error. I do not want to take chances, though. Scans with Avast and MBAM have not found anything. Here are the DDS logs, and thank you.

Uhg >.< I'm really sorry for making 2 threads. I didn't see that I wasn't supposed to bump when I read the posting guidelines. If anyone would be so kind as to delete my other thread, I would really appreciate it.

In the past 2 weeks, I have had password issues with both MSN messenger and Steam. MSN stated I was logged in at 2 places, so I changed my password and it hasn't happened since. I wrote it off as an error as it's an email I only use for business and monetary transactions.

Tonight, Steam stated my credentials had expired, although I was logged on just yesterday. I changed that password as well, but even that could be considered as an error. I do not want to take chances, though. Scans with Avast and MBAM have not found anything. Here are the DDS logs, and thank you.

I just need clarify that one of my installed programs is a PS2 emulator that is run by BIOS from my personal PS2, and is used to run a game I own that was too scratched for my PS2 to read. I can prove this with photos if need be. I do not pirate games or use it for illegal purposes. If it is still an issue, I will uninstall it immediately.

DDS1.txt

Attach1.txt

Link to post
Share on other sites

Thank you for the reply!

MBAM log:

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Database version: v2012.12.27.10

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Tony :: TONY-PC [administrator]

12/27/2012 8:06:36 PM

mbam-log-2012-12-27 (20-06-36).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 233110

Time elapsed: 3 minute(s), 46 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

DDS:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2

Run by Tony at 20:12:07 on 2012-12-27

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8190.6001 [GMT -5:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\System32\TiltWheelMouse.exe

C:\Users\Tony\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Users\Tony\AppData\Local\Akamai\netsession_win.exe

C:\Windows\V0230Mon.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\system32\sppsvc.exe

\\?\C:\Windows\system32\wbem\WMIADAP.EXE

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uProxyOverride = <local>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

uRun: [Akamai NetSession Interface] "C:\Users\Tony\AppData\Local\Akamai\netsession_win.exe"

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

mRun: [V0230Mon.exe] C:\Windows\V0230Mon.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB

DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

TCP: NameServer = 71.252.0.12 68.237.161.12

TCP: Interfaces\{CE54720C-79E0-428A-A20A-6E94744A2A2B} : DHCPNameServer = 71.252.0.12 68.237.161.12

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [MouseDriver] TiltWheelMouse.exe

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\kkhjfy9r.default\

FF - plugin: C:\PROGRA~2\MEADCO~1\npmeadax.dll

FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll

FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-3-20 28504]

R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-3-2 984144]

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-3-2 370288]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-3-2 25232]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-3-2 71600]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-1 44808]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-15 398184]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-2 682344]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-12-2 24176]

R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-1-30 103992]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-1-30 123960]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]

S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Dragon Age\bin_ship\daupdatersvc.service.exe [2011-12-14 25832]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-13 48488]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]

S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]

S3 t_mouse.sys;iBall Advanced Mouse;C:\Windows\System32\drivers\t_mouse.sys [2009-4-16 25088]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-12-2 59392]

S3 V0230Vfx;V0230Vfx;C:\Windows\System32\drivers\V0230Vfx.sys [2011-12-5 10752]

S3 V0230VID;Live! Cam Video IM Pro;C:\Windows\System32\drivers\V0230VID.sys [2011-12-5 595488]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-2 1255736]

S3 xsherlock;xsherlock;C:\Windows\System32\xsherlock.xem --> C:\Windows\System32\xsherlock.xem [?]

.

=============== File Associations ===============

.

ShellExec: devenv.exe.11.0: edit="C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe" /dde

ShellExec: devenv.exe.11.0: open="C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe" "%1"

.

=============== Created Last 30 ================

.

2012-12-28 01:03:38 710504 ----a-w- C:\Windows\isRS-000.tmp

2012-12-28 01:01:06 -------- d-----w- C:\Users\Tony\AppData\Local\{5110E2C8-6AA7-42DF-AD44-07D1621ABAEF}

2012-12-27 02:47:40 -------- d-----w- C:\Users\Tony\AppData\Local\{00A6AFFC-23A4-4031-97D8-B85BB7791EA9}

2012-12-26 12:35:05 -------- d-----w- C:\Users\Tony\AppData\Local\{E094053E-9318-4500-8D01-EF1530CB298C}

2012-12-26 00:39:15 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{84E01A78-E3B0-45BC-AD7C-E0ADACB21C3D}\mpengine.dll

2012-12-26 00:34:39 -------- d-----w- C:\Users\Tony\AppData\Local\{BCAAAE93-E0E4-41FE-9C71-F11B5E9ABE5A}

2012-12-25 11:23:42 -------- d-----w- C:\Users\Tony\AppData\Local\{F9CC7E5F-74DE-4B25-A13B-A34F10F493A9}

2012-12-24 23:04:47 -------- d-----w- C:\Users\Tony\AppData\Local\{C6D13639-673C-4C2F-A1D2-4996827EBCF4}

2012-12-24 06:22:41 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2012-12-24 06:22:10 -------- d-----w- C:\Users\Tony\AppData\Local\Programs

2012-12-24 05:44:11 -------- d-----w- C:\Users\Tony\AppData\Local\{A0C72422-4693-4111-B4CA-0956AB29E98C}

2012-12-23 10:25:10 -------- d-----w- C:\Users\Tony\AppData\Local\{0237F228-5F54-4906-9F1D-2D1961780852}

2012-12-22 22:24:45 -------- d-----w- C:\Users\Tony\AppData\Local\{31854BA2-6C93-4EBB-8D85-C8BA83643AD4}

2012-12-22 01:12:11 -------- d-----w- C:\Users\Tony\AppData\Local\{F03F90D7-34D8-41BC-A5C5-FC2EAC0E0761}

2012-12-21 09:20:14 -------- d-----w- C:\Users\Tony\AppData\Local\{F5EFE777-B06C-4907-AF04-88DC75C71E22}

2012-12-20 22:49:54 46080 ----a-w- C:\Windows\System32\atmlib.dll

2012-12-20 22:49:54 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2012-12-20 22:49:53 367616 ----a-w- C:\Windows\System32\atmfd.dll

2012-12-20 22:49:52 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

2012-12-20 21:19:49 -------- d-----w- C:\Users\Tony\AppData\Local\{4567A17D-A308-4396-8937-FB6A4F7891A7}

2012-12-20 06:35:50 -------- d-----w- C:\Users\Tony\AppData\Local\{5929A5ED-92D3-4367-BF8E-7E6947810D17}

2012-12-19 18:35:22 -------- d-----w- C:\Users\Tony\AppData\Local\{410D1CAA-4F49-42C2-957B-E3BFDF0A77BE}

2012-12-19 06:37:39 8525240 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\BLR Installerv2\Blacklight Retribution.exe

2012-12-19 06:37:39 18912 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\AccessibleMarshal.dll

2012-12-19 01:40:49 -------- d-----w- C:\ProgramData\Blizzard Entertainment

2012-12-19 01:40:49 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment

2012-12-19 01:39:37 -------- d-----w- C:\ProgramData\Battle.net

2012-12-18 22:38:27 -------- d-----w- C:\Users\Tony\AppData\Local\{524834F3-187C-4DBF-A7ED-CDF50DE79A0C}

2012-12-17 01:03:23 -------- d-----w- C:\Users\Tony\AppData\Local\{126EE3FD-DAAD-49A4-8404-41FAD82DE7B7}

2012-12-16 03:02:46 -------- d-----w- C:\Users\Tony\AppData\Local\{4433E196-C8BD-4BA0-B3C7-AFEC566627C7}

2012-12-15 05:36:18 -------- d-----w- C:\Users\Tony\AppData\Local\{F2A3EE95-8886-444A-9261-5F57BF838A5D}

2012-12-14 17:35:53 -------- d-----w- C:\Users\Tony\AppData\Local\{DD25461D-DFE1-4389-9598-332955C29C89}

2012-12-14 05:25:45 -------- d-----w- C:\Users\Tony\AppData\Local\{DF06FA7A-C9D8-4F8F-8BA9-8A2D8D33BD10}

2012-12-13 11:36:37 -------- d-----w- C:\Users\Tony\AppData\Local\{CFA09399-DE5D-4B42-8AA9-C67ECEB866EB}

2012-12-12 23:51:25 1409 ----a-w- C:\Windows\QTFont.for

2012-12-12 23:42:54 -------- d-----w- C:\GOG Games

2012-12-12 23:36:12 -------- d-----w- C:\Users\Tony\AppData\Local\{1846CA4B-7FEB-450D-A6D8-09428CC5E9A5}

2012-12-12 01:33:35 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-12-12 01:33:35 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-12-12 01:33:30 3149824 ----a-w- C:\Windows\System32\win32k.sys

2012-12-12 01:20:30 -------- d-----w- C:\Users\Tony\AppData\Local\{16AA8632-39C7-4EE5-9A09-899E3ACE9191}

2012-12-11 02:45:13 -------- d-----w- C:\Users\Tony\AppData\Local\{7051AAF1-1F8D-4022-84E7-C926FDAECA50}

2012-12-10 13:58:31 -------- d-----w- C:\Users\Tony\AppData\Local\{F8AA06AC-F75E-44C2-B63C-F68B75D2D489}

2012-12-10 01:48:17 -------- d-----w- C:\Users\Tony\AppData\Local\{7B586502-E4CA-4C66-ADE9-F10E95306352}

2012-12-09 04:58:27 -------- d-----w- C:\Users\Tony\AppData\Local\{8E850273-F642-4B9A-BB43-11F82C1DB21A}

2012-12-08 16:58:03 -------- d-----w- C:\Users\Tony\AppData\Local\{E1E10510-495B-4A42-8765-7466BFF5835F}

2012-12-08 04:51:45 -------- d-----w- C:\Users\Tony\AppData\Local\{9F274BFE-25E3-4FDC-85E3-4753DB7A2A19}

2012-12-07 16:51:10 -------- d-----w- C:\Users\Tony\AppData\Local\{511C504E-3C0A-4D79-B1A0-F881B93384D4}

2012-12-07 04:50:35 -------- d-----w- C:\Users\Tony\AppData\Local\{33A30AA6-01F3-45C0-B69C-6AF3EB7869F1}

2012-12-06 16:50:11 -------- d-----w- C:\Users\Tony\AppData\Local\{D136141A-0E30-4EC2-BA96-F423275974D8}

2012-12-05 05:54:37 -------- d-----w- C:\Users\Tony\AppData\Local\{F68A4D06-D46B-4247-87C2-7888BD881840}

2012-12-04 16:23:24 -------- d-----w- C:\Users\Tony\AppData\Local\{202CFED5-8ADC-4A6E-B121-59C51DEF977C}

2012-12-03 22:40:30 -------- d-----w- C:\Users\Tony\AppData\Local\{4CFE4692-4129-425F-B33A-B92724DAA989}

2012-12-03 10:39:53 -------- d-----w- C:\Users\Tony\AppData\Local\{43ED8845-3CB1-40BA-8CC2-F588B51775F7}

2012-12-02 22:39:14 -------- d-----w- C:\Users\Tony\AppData\Local\{8B96B4E4-9FB0-4C58-805B-2727D692ED33}

2012-12-02 04:05:28 -------- d-----w- C:\Users\Tony\AppData\Local\{6939ADDF-220F-49F2-A989-A1FC6E52418B}

2012-12-02 00:25:48 -------- d-----w- C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP

2012-12-01 16:05:03 -------- d-----w- C:\Users\Tony\AppData\Local\{410AD651-DA59-4506-891A-D63867B92817}

2012-12-01 03:43:52 438632 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

2012-12-01 00:55:25 -------- d-----w- C:\Users\Tony\AppData\Local\{D6EEFDC2-EB61-4FD7-B902-F5FDC7D47E12}

2012-11-30 09:43:01 -------- d-----w- C:\Users\Tony\AppData\Local\{240FC28A-4199-46A3-B1D9-318A44F4AF02}

2012-11-29 19:13:55 -------- d-----w- C:\Users\Tony\AppData\Local\{4FC3300E-EEDE-464F-8AFF-257F6E5D0AF2}

2012-11-28 15:46:12 -------- d-----w- C:\Users\Tony\AppData\Local\{55463BAE-515F-4747-9A6C-B792484813DD}

2012-11-28 03:31:14 -------- d-----w- C:\Users\Tony\AppData\Local\{D1A6C9AE-0239-4D6D-A183-52A2FE85DAE0}

.

==================== Find3M ====================

.

2012-12-14 21:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-12-02 00:32:06 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2012-12-02 00:31:58 283032 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2012-12-02 00:31:58 283032 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2012-12-02 00:25:59 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2012-12-01 23:09:41 3130440 ----a-w- C:\Windows\SysWow64\pbsvc_blr.exe

2012-12-01 05:49:26 3663213 ----a-w- C:\Windows\System32\nvcoproc.bin

2012-12-01 05:49:25 63336 ----a-w- C:\Windows\System32\nvshext.dll

2012-12-01 05:49:25 118120 ----a-w- C:\Windows\System32\nvmctray.dll

2012-12-01 05:49:24 890216 ----a-w- C:\Windows\System32\nvvsvc.exe

2012-12-01 05:48:41 6223208 ----a-w- C:\Windows\System32\nvcpl.dll

2012-12-01 05:48:37 3311464 ----a-w- C:\Windows\System32\nvsvc64.dll

2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll

2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll

2012-10-30 22:51:55 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2012-10-30 22:51:55 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2012-10-30 22:51:07 41224 ----a-w- C:\Windows\avastSS.scr

2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll

2012-10-15 15:59:28 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2012-10-10 11:53:33 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-10 11:53:33 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll

2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll

2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll

2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll

2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll

2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll

2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2012-10-04 17:41:16 424960 ----a-w- C:\Windows\System32\KernelBase.dll

2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe

2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe

2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll

2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll

2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll

2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll

2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll

2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll

2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll

2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll

2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll

2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

2012-10-02 19:50:57 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll

.

============= FINISH: 20:12:45.88 ===============

Attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 12/2/2011 4:04:38 PM

System Uptime: 12/27/2012 8:04:37 PM (0 hours ago)

.

Motherboard: Gigabyte Technology Co., Ltd. | | M68MT-S2

Processor: AMD Phenom II X6 1100T Processor | Socket M2 | 3300/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 931 GiB total, 500.664 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP244: 12/11/2012 8:31:55 PM - Windows Update

RP245: 12/12/2012 3:00:11 AM - Windows Update

RP246: 12/18/2012 5:42:19 PM - Windows Update

RP247: 12/20/2012 5:49:40 PM - Windows Update

RP248: 12/24/2012 1:24:56 AM - Configured PlayOnline Viewer & Tetra Master

RP249: 12/25/2012 7:38:12 PM - Windows Update

.

==== Installed Programs ======================

.

7-Zip 9.20 (x64 edition)

Adobe AIR

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.4)

Akamai NetSession Interface

Alien Swarm

Amnesia - The Dark Descent

Amnesia: The Dark Descent

Apple Application Support

Assassin's Creed Brotherhood

Assassin's Creed II

avast! Free Antivirus

Baldur's Gate

Baldur's Gate Tutu

Baldur's Gate II - Throne of Bhaal

Bandisoft MPEG-1 Decoder

Bastion

Batman: Arkham Asylum GOTY Edition

BioShock

BioShock 2

Borderlands

Braid

Braid (Version 1.015)

Breath of Death VII

Company of Heroes

Company of Heroes: Opposing Fronts

Company of Heroes: Tales of Valor

CPUID HWMonitor 1.20

Creative Live! Cam Video IM Pro Driver (1.03.02.00)

Cthulhu Saves the World

D3DX10

Darksiders

Deus Ex: Human Revolution

Dotfuscator and Analytics Community Edition

Dragon Age Redesigned©

Dragon Age: Origins

Duke Nukem 3D

Dungeon Defenders

E.Y.E: Divine Cybermancy

EA Installer

EA Shared Game Component: Activation

Fable - The Lost Chapters

Fallout

Fallout 2

Fallout 3 - Game of the Year Edition

Fallout 3 - The Garden of Eden Creation Kit

Fallout 3 - Unofficial Fallout 3 Patch

Fallout Mod Manager 0.13.21

FINAL FANTASY XI: Chains of Promathia

FINAL FANTASY XI: Rise of the Zilart

FINAL FANTASY XI: Treasures of Aht Urhgan

FINAL FANTASY XI: Wings of the Goddess

FINAL FANTASY XIV

Half-Life 2

Half-Life 2: Episode One

Half-Life 2: Episode Two

Half-Life 2: Lost Coast

IIS 7.5 Express

Java 7 Update 9

Java Auto Updater

JavaFX 2.1.1

Junk Mail filter update

League of Legends

Left 4 Dead 2

LIMBO

LocalESPC

LocalESPCui for en-us

Lone Survivor

Malwarebytes Anti-Malware version 1.70.0.1100

Metro 2033

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft .NET Framework 4.5 Beta

Microsoft .NET Framework 4.5 Beta Multi-Targeting Pack

Microsoft .NET Framework 4.5 Beta SDK

Microsoft Application Error Reporting

Microsoft ASP.NET MVC 3

Microsoft ASP.NET MVC 3 - Visual Studio 11 Tools Update

Microsoft ASP.NET MVC 4

Microsoft ASP.NET MVC 4 - Visual Studio 11 Tools

Microsoft ASP.NET Web Pages

Microsoft ASP.NET Web Pages - Visual Studio 11 Tools

Microsoft ASP.NET Web Pages 2

Microsoft ASP.NET Web Pages 2 - Visual Studio 11 Tools

Microsoft Blend for Visual Studio

Microsoft Blend for Visual Studio ENU resources

Microsoft Expression Encoder 4 Screen Capture Codec

Microsoft Games for Windows - LIVE

Microsoft Games for Windows - LIVE Redistributable

Microsoft Help Viewer 2.0 Beta

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Portable Library Multi-Targeting Pack

Microsoft Portable Library Multi-Targeting Pack Language Pack - enu

Microsoft Report Viewer Add-On for Visual Studio 11 - Beta

Microsoft Silverlight

Microsoft Silverlight 4 SDK

Microsoft Silverlight 5 SDK

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2012 Command Line Utilities RC0

Microsoft SQL Server 2012 Data-Tier App Framework

Microsoft SQL Server 2012 Express LocalDB RC0

Microsoft SQL Server 2012 Management Objects RC0

Microsoft SQL Server 2012 Management Objects RC0 (x64)

Microsoft SQL Server 2012 Native Client RC0

Microsoft SQL Server 2012 T-SQL Language Service RC0

Microsoft SQL Server 2012 Transact-SQL Compiler Service RC0

Microsoft SQL Server 2012 Transact-SQL ScriptDom RC0

Microsoft SQL Server Compact 4.0 SP1 x64 ENU CTP1

Microsoft SQL Server Data Tools Build Utilities Mar 2012

Microsoft SQL Server Database Publishing Wizard 1.4

Microsoft System CLR Types for SQL Server 2012 RC0

Microsoft System CLR Types for SQL Server 2012 RC0 (x64)

Microsoft Visual C++ 11 Beta x64 Designtime - 11.0.50214

Microsoft Visual C++ 11 x64 Additional Runtime - 11.0.50214

Microsoft Visual C++ 11 x64 Debug Runtime - 11.0.50214

Microsoft Visual C++ 11 x64 Minimum Runtime - 11.0.50214

Microsoft Visual C++ 11 x86 Additional Runtime - 11.0.50214

Microsoft Visual C++ 11 x86 Debug Runtime - 11.0.50214

Microsoft Visual C++ 11 x86 Minimum Runtime - 11.0.50214

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ Compilers 11

Microsoft Visual C++ Compilers 11 - ENU Resources

Microsoft Visual C++ Core Libraries 11

Microsoft Visual C++ Extended Libraries 11

Microsoft Visual C++ Microsoft Foundation Class Libraries 11

Microsoft Visual Studio 11 Beta Tools for .Net 3.5

Microsoft Visual Studio 11 Developer Preview Language Pack - ENU

Microsoft Visual Studio 11 Developer Preview Pre-Clean Tool

Microsoft Visual Studio 11 LightSwitch Beta Core

Microsoft Visual Studio 11 LightSwitch Beta CoreRes - ENU

Microsoft Visual Studio 11 Performance Collection Tools Beta

Microsoft Visual Studio 11 Performance Collection Tools Beta - ENU

Microsoft Visual Studio 11 Professional Beta

Microsoft Visual Studio 11 Professional Beta - ENU

Microsoft Visual Studio 11 SharePoint Developer Tools Beta

Microsoft Visual Studio 11 SharePoint Developer Tools Beta enu Language Pack

Microsoft Visual Studio 11 Tools for SQL Server Compact 4.0 SP1 Beta ENU

Microsoft Visual Studio 11 Ultimate Beta XAML UI Designer Core

Microsoft Visual Studio 11 Ultimate Beta XAML UI Designer enu Resources

Microsoft Visual Studio 2010 Office Developer Tools (x64)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

Microsoft Visual Studio Team Foundation Server 11 Beta Object Model

Microsoft Visual Studio Team Foundation Server 11 Beta Object Model Language Pack - ENU

Microsoft Visual Studio Team Foundation Server 11 Beta Team Explorer

Microsoft Visual Studio Team Foundation Server 11 Beta Team Explorer Language Pack - ENU

Microsoft Web Deploy 3.0

Microsoft Web Deploy dbSqlPackage Provider Nov 2011

Microsoft Web Platform Installer 4.0

Microsoft Web Tooling Extensions - Visual Studio 11

Microsoft XNA Framework Redistributable 3.1

Microsoft XNA Framework Redistributable 4.0

Microsoft® SQL Server Data Tools, RC0 - enu

Mozilla Firefox 15.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

NVIDIA 3D Vision Controller Driver

NVIDIA 3D Vision Controller Driver 310.70

NVIDIA 3D Vision Driver 310.70

NVIDIA Control Panel 310.70

NVIDIA Drivers

NVIDIA Graphics Driver 310.70

NVIDIA HD Audio Driver 1.3.18.0

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX System Software 9.12.1031

NVIDIA Stereoscopic 3D Driver

NVIDIA Update 1.11.3

NVIDIA Update Components

PCSX2 - Playstation 2 Emulator

Planescape Torment

Portal

Portal 2

PreEmptive Analytics Visual Studio Components

Prerequisites for SSDT RC0

professional_finalizer

Psychonauts

PunkBuster Services

QuickTime

Realtek High Definition Audio Driver

Red Faction: Armageddon

Sanctum

Security Update for Microsoft .NET Framework 4.5 Beta (KB2686838)

Septerra Core

Skype™ 6.0

SpeedFan (remove only)

SQL Server Data Framework Tools

Star Wars: Knights of the Old Republic

Steam

Super Meat Boy

Super Meat Boy Editor

Super Meat Boy v1.5

Superbrothers: Sword & Sworcery EP

System Requirements Lab CYRI

Team Fortress 2

Team Fortress 2 Beta

The Elder Scrolls IV: Oblivion

The Last Remnant

The Longest Journey

The Witcher 2: Assassins of Kings Enhanced Edition

The Witcher: Enhanced Edition

Titan Quest

Torchlight

Torchlight II

Ubisoft Game Launcher

Visual Studio 11 Prerequisites

Visual Studio 11 Prerequisites - ENU Language Pack

Visual Studio 2008 x64 Redistributables

Visual Studio Extensions for Windows Library for JavaScript

vs_devenv

vs_devenvLP

vs_lightswitchserverprereqsmsi

vs_minshellcore

vs_minshellinterop

vs_minshellres

vslp_finalizer

Warhammer 40,000: Dawn of War - Game of the Year Edition

WCF RIA Services V1.0 SP2

Windows App Certification Kit

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Runtime Intellisense Content - English

Windows Software Development Kit

Windows Software Development Kit DirectX x64 Remote

Windows Software Development Kit DirectX x86 Remote

Windows Software Development Kit for Metro style Apps

Windows Software Development Kit for Metro style Apps DirectX x64 Remote

Windows Software Development Kit for Metro style Apps DirectX x86 Remote

Windows Software Development Kit Redistributables

WinRAR 4.01 (32-bit)

Ys Origin

Ys: The Oath in Felghana

.

==== Event Viewer Messages From Past Week ========

.

12/27/2012 8:05:24 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{CE54720C-79E0-428A-A20A-6E94744A2A2B} because another computer on the network has the same name. The server could not start.

12/27/2012 8:05:23 PM, Error: NetBT [4321] - The name "TONY-PC :20" could not be registered on the interface with IP address 192.168.2.103. The computer with the IP address 192.168.2.106 did not allow the name to be claimed by this computer.

12/27/2012 8:04:54 PM, Error: NetBT [4321] - The name "TONY-PC :0" could not be registered on the interface with IP address 192.168.2.103. The computer with the IP address 192.168.2.106 did not allow the name to be claimed by this computer.

12/25/2012 12:58:36 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.

12/25/2012 12:58:36 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.

12/25/2012 12:57:36 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.

12/25/2012 12:56:36 AM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

12/25/2012 12:56:36 AM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

12/25/2012 12:56:36 AM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

12/25/2012 12:56:36 AM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

12/25/2012 12:56:36 AM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

12/25/2012 12:56:36 AM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

12/25/2012 12:56:36 AM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

12/25/2012 12:56:36 AM, Error: Service Control Manager [7031] - The Secondary Logon service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

12/25/2012 12:56:36 AM, Error: Service Control Manager [7031] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

12/25/2012 12:56:36 AM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

12/25/2012 12:56:36 AM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

12/25/2012 12:56:36 AM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

12/25/2012 12:56:36 AM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

12/24/2012 1:37:13 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

12/24/2012 1:36:45 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

12/24/2012 1:36:45 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

12/24/2012 1:36:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

12/24/2012 1:36:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

12/24/2012 1:36:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

12/24/2012 1:36:37 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

12/24/2012 1:36:35 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswKbd aswRdr aswSnx aswSP aswTdi DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf ws2ifsl

12/24/2012 1:36:33 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

12/24/2012 1:36:33 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

12/24/2012 1:36:33 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

12/24/2012 1:36:33 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

12/24/2012 1:36:33 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

12/24/2012 1:36:33 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

12/24/2012 1:36:33 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

12/24/2012 1:36:33 AM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

12/24/2012 1:36:33 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

12/24/2012 1:36:33 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

12/24/2012 1:36:33 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

12/24/2012 1:36:33 AM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.

.

==== End Of File ===========================

*note: A lot of the errors at the end of the attach may have been me failing to start safe mode a bunch of times, then scanning in safe mode ^^;

Link to post
Share on other sites

  • Staff

Hi,

Please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

If after ComboFix reboots you get a message about an "Invalid Option Registry Key Marked for Deletion," please reboot again and the error will go away.

-screen317

Link to post
Share on other sites

Hello! Here is the log:

ComboFix 12-12-30.01 - Tony 12/30/2012 6:25.2.6 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8190.6613 [GMT -5:00]

Running from: c:\users\Tony\Downloads\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Install.exe

c:\users\Tony\AppData\Local\{08EFDCC4-B7D6-474B-9824-E45D84CC1C48}

c:\users\Tony\AppData\Local\assembly\tmp

.

.

((((((((((((((((((((((((( Files Created from 2012-11-28 to 2012-12-30 )))))))))))))))))))))))))))))))

.

.

2012-12-29 06:59 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FA69DF76-D55B-48EA-BCE6-B9F637D1DF19}\mpengine.dll

2012-12-24 06:22 . 2012-12-24 06:37 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-12-24 06:22 . 2012-12-24 06:22 -------- d-----w- c:\users\Tony\AppData\Local\Programs

2012-12-20 22:49 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll

2012-12-20 22:49 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2012-12-20 22:49 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll

2012-12-20 22:49 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll

2012-12-19 06:37 . 2012-09-12 22:07 18912 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\AccessibleMarshal.dll

2012-12-19 06:37 . 2012-02-23 02:12 8525240 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\BLR Installerv2\Blacklight Retribution.exe

2012-12-19 01:40 . 2012-12-19 18:34 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment

2012-12-19 01:40 . 2012-12-19 01:40 -------- d-----w- c:\programdata\Blizzard Entertainment

2012-12-19 01:39 . 2012-12-19 01:39 -------- d-----w- c:\programdata\Battle.net

2012-12-18 01:44 . 2012-12-18 01:44 -------- d-----w- c:\program files (x86)\AGEIA Technologies

2012-12-12 23:51 . 2012-12-12 23:51 1409 ----a-w- c:\windows\QTFont.for

2012-12-12 23:42 . 2012-12-12 23:42 -------- d-----w- C:\GOG Games

2012-12-12 01:33 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll

2012-12-12 01:33 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-12-12 01:33 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys

2012-12-10 14:01 . 2012-12-10 14:01 -------- d-----w- c:\program files (x86)\Common Files\Skype

2012-12-02 00:25 . 2012-12-02 00:25 -------- d-----w- c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP

2012-12-01 03:43 . 2012-12-01 03:43 438632 ----a-w- c:\windows\SysWow64\nvStreaming.exe

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-14 21:49 . 2011-12-02 23:00 24176 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-12 08:01 . 2011-12-02 21:27 67413224 ----a-w- c:\windows\system32\MRT.exe

2012-12-03 15:47 . 2012-10-11 02:23 1504104 ----a-w- c:\windows\system32\nvdispgenco64.dll

2012-12-03 15:47 . 2012-10-11 02:23 2816824 ----a-w- c:\windows\system32\nvapi64.dll

2012-12-03 15:47 . 2012-10-11 02:23 983936 ----a-w- c:\windows\system32\nvumdshimx.dll

2012-12-03 15:47 . 2012-10-11 02:23 15016256 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-12-03 15:47 . 2012-10-11 02:22 15122280 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-12-03 15:47 . 2011-12-03 17:09 1805672 ----a-w- c:\windows\system32\nvdispco64.dll

2012-12-02 00:32 . 2012-04-01 09:03 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe

2012-12-02 00:31 . 2012-04-01 09:20 283032 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr

2012-12-02 00:31 . 2012-04-01 09:03 283032 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2012-12-02 00:25 . 2012-04-01 09:03 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0

2012-12-01 23:09 . 2012-04-01 09:03 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe

2012-12-01 05:49 . 2012-03-02 11:53 3663213 ----a-w- c:\windows\system32\nvcoproc.bin

2012-12-01 05:49 . 2011-10-22 15:02 63336 ----a-w- c:\windows\system32\nvshext.dll

2012-12-01 05:49 . 2011-03-20 22:34 118120 ----a-w- c:\windows\system32\nvmctray.dll

2012-12-01 05:49 . 2011-03-20 22:34 890216 ----a-w- c:\windows\system32\nvvsvc.exe

2012-12-01 05:48 . 2011-03-20 22:33 6223208 ----a-w- c:\windows\system32\nvcpl.dll

2012-12-01 05:48 . 2011-03-20 22:33 3311464 ----a-w- c:\windows\system32\nvsvc64.dll

2012-10-30 22:51 . 2012-03-02 13:54 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-10-30 22:51 . 2012-03-02 13:54 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-10-30 22:51 . 2012-03-02 13:54 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-10-30 22:51 . 2012-03-02 13:54 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-10-30 22:51 . 2012-03-02 13:54 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-10-30 22:51 . 2012-03-02 13:53 41224 ----a-w- c:\windows\avastSS.scr

2012-10-30 22:50 . 2012-03-02 13:53 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe

2012-10-30 22:50 . 2011-12-02 22:09 285328 ----a-w- c:\windows\system32\aswBoot.exe

2012-10-16 08:38 . 2012-11-28 15:53 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38 . 2012-11-28 15:53 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39 . 2012-11-28 15:53 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-10-15 15:59 . 2012-03-02 13:54 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2012-10-10 11:53 . 2012-10-05 08:05 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-10-10 11:53 . 2011-12-02 22:41 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-09 18:17 . 2012-11-15 01:52 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll

2012-10-09 18:17 . 2012-11-15 01:52 226816 ----a-w- c:\windows\system32\dhcpcore6.dll

2012-10-09 17:40 . 2012-11-15 01:52 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-15 01:52 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll

2012-10-04 16:40 . 2012-12-12 01:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-10-03 17:56 . 2012-11-15 01:51 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-10-03 17:44 . 2012-11-15 01:51 70656 ----a-w- c:\windows\system32\nlaapi.dll

2012-10-03 17:44 . 2012-11-15 01:51 303104 ----a-w- c:\windows\system32\nlasvc.dll

2012-10-03 17:44 . 2012-11-15 01:51 246272 ----a-w- c:\windows\system32\netcorehc.dll

2012-10-03 17:44 . 2012-11-15 01:51 18944 ----a-w- c:\windows\system32\netevent.dll

2012-10-03 17:44 . 2012-11-15 01:51 216576 ----a-w- c:\windows\system32\ncsi.dll

2012-10-03 17:42 . 2012-11-15 01:51 569344 ----a-w- c:\windows\system32\iphlpsvc.dll

2012-10-03 16:42 . 2012-11-15 01:51 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll

2012-10-03 16:42 . 2012-11-15 01:51 18944 ----a-w- c:\windows\SysWow64\netevent.dll

2012-10-03 16:42 . 2012-11-15 01:51 156672 ----a-w- c:\windows\SysWow64\ncsi.dll

2012-10-03 16:07 . 2012-11-15 01:51 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2012-10-02 19:50 . 2011-03-20 22:34 2557800 ----a-w- c:\windows\system32\nvsvcr.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Akamai NetSession Interface"="c:\users\Tony\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"V0230Mon.exe"="c:\windows\V0230Mon.exe" [2006-09-07 32768]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-01-30 123960]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]

R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\dragon age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]

R3 t_mouse.sys;iBall Advanced Mouse;c:\windows\system32\DRIVERS\t_mouse.sys [2009-04-16 25088]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 V0230Vfx;V0230Vfx;c:\windows\system32\DRIVERS\V0230Vfx.sys [2006-05-05 10752]

R3 V0230VID;Live! Cam Video IM Pro;c:\windows\system32\DRIVERS\V0230VID.sys [2007-08-07 595488]

R3 vtany;vtany;c:\windows\vtany.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-03 1255736]

R3 X6va005;X6va005;c:\users\Tony\AppData\Local\Temp\0053ABE.tmp [x]

R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]

R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem [x]

S1 aswKbd;aswKbd; [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-01 382824]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

.

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-27 12681320]

"MouseDriver"="TiltWheelMouse.exe" [2010-11-01 241152]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = <local>

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: DhcpNameServer = 71.252.0.12 68.237.161.12

FF - ProfilePath - c:\users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\kkhjfy9r.default\

.

- - - - ORPHANS REMOVED - - - -

.

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]

"ImagePath"="\??\c:\users\Tony\AppData\Local\Temp\0053ABE.tmp"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va009]

"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\xsherlock]

"ImagePath"="c:\windows\system32\xsherlock.xem"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,

89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b

"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,

8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,

72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,

d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:30,5e,96,33,3f,53,cd,01

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,78,34,2b,86,ef,b2,6e,47,88,77,fc,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,78,34,2b,86,ef,b2,6e,47,88,77,fc,\

.

[HKEY_USERS\S-1-5-21-3333078809-3029524699-3599334297-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-3333078809-3029524699-3599334297-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_USERS\S-1-5-21-3333078809-3029524699-3599334297-1001\Software\SecuROM\License information*]

"datasecu"=hex:71,39,dd,9a,1f,32,2f,1b,34,56,cc,e9,4a,30,35,56,83,23,0d,f9,2d,

87,56,9f,75,bf,76,69,cd,87,1c,96,02,b1,60,bf,e3,09,b5,a0,46,dc,8e,dc,7a,37,\

"rkeysecu"=hex:6a,00,dc,63,ac,a7,e6,8c,a0,bd,05,45,70,9a,c6,3a

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-12-30 06:39:08

ComboFix-quarantined-files.txt 2012-12-30 11:39

ComboFix2.txt 2012-07-20 20:02

.

Pre-Run: 539,768,242,176 bytes free

Post-Run: 539,990,204,416 bytes free

.

- - End Of File - - E571156A946B0CD5DC0473D232BA47BD

Link to post
Share on other sites

  • Staff

Hi,

Run TFC by OldTimer to clear temporary files:

  • Please download TFC from here and save it to your desktop.
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Export the threats found (if any), and post them here.

Next, please download AdwCleaner by Xplode onto your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

Next, download my Security Check from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

-screen317

Link to post
Share on other sites

It's looking clean so far. Eset had no threats. Sorry, but I'll have to post in 2 parts. It's late ^^; Will do the other 2 scans tomorrow.

TDSS:

04:06:38.0321 1400 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

04:06:40.0334 1400 ============================================================

04:06:40.0334 1400 Current date / time: 2013/01/02 04:06:40.0334

04:06:40.0334 1400 SystemInfo:

04:06:40.0334 1400

04:06:40.0334 1400 OS Version: 6.1.7601 ServicePack: 1.0

04:06:40.0334 1400 Product type: Workstation

04:06:40.0334 1400 ComputerName: TONY-PC

04:06:40.0334 1400 UserName: Tony

04:06:40.0334 1400 Windows directory: C:\Windows

04:06:40.0334 1400 System windows directory: C:\Windows

04:06:40.0334 1400 Running under WOW64

04:06:40.0334 1400 Processor architecture: Intel x64

04:06:40.0334 1400 Number of processors: 6

04:06:40.0334 1400 Page size: 0x1000

04:06:40.0334 1400 Boot type: Normal boot

04:06:40.0334 1400 ============================================================

04:06:47.0603 1400 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040

04:06:47.0603 1400 ============================================================

04:06:47.0603 1400 \Device\Harddisk0\DR0:

04:06:47.0603 1400 MBR partitions:

04:06:47.0603 1400 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

04:06:47.0603 1400 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3000

04:06:47.0603 1400 ============================================================

04:06:47.0634 1400 C: <-> \Device\Harddisk0\DR0\Partition2

04:06:47.0634 1400 ============================================================

04:06:47.0634 1400 Initialize success

04:06:47.0634 1400 ============================================================

04:07:13.0998 3360 ============================================================

04:07:13.0998 3360 Scan started

04:07:13.0998 3360 Mode: Manual;

04:07:13.0998 3360 ============================================================

04:07:17.0212 3360 ================ Scan system memory ========================

04:07:17.0212 3360 System memory - ok

04:07:17.0212 3360 ================ Scan services =============================

04:07:17.0290 3360 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

04:07:17.0306 3360 1394ohci - ok

04:07:17.0321 3360 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

04:07:17.0321 3360 ACPI - ok

04:07:17.0337 3360 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

04:07:17.0337 3360 AcpiPmi - ok

04:07:17.0415 3360 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

04:07:17.0415 3360 AdobeARMservice - ok

04:07:17.0462 3360 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

04:07:17.0462 3360 adp94xx - ok

04:07:17.0477 3360 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

04:07:17.0477 3360 adpahci - ok

04:07:17.0493 3360 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

04:07:17.0493 3360 adpu320 - ok

04:07:17.0524 3360 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

04:07:17.0524 3360 AeLookupSvc - ok

04:07:17.0555 3360 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

04:07:17.0555 3360 AFD - ok

04:07:17.0586 3360 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

04:07:17.0586 3360 agp440 - ok

04:07:17.0586 3360 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

04:07:17.0602 3360 ALG - ok

04:07:17.0602 3360 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

04:07:17.0602 3360 aliide - ok

04:07:17.0618 3360 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

04:07:17.0618 3360 amdide - ok

04:07:17.0633 3360 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

04:07:17.0633 3360 AmdK8 - ok

04:07:17.0649 3360 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

04:07:17.0664 3360 AmdPPM - ok

04:07:17.0680 3360 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

04:07:17.0680 3360 amdsata - ok

04:07:17.0696 3360 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

04:07:17.0711 3360 amdsbs - ok

04:07:17.0711 3360 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

04:07:17.0711 3360 amdxata - ok

04:07:17.0742 3360 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

04:07:17.0742 3360 AppID - ok

04:07:17.0758 3360 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

04:07:17.0758 3360 AppIDSvc - ok

04:07:17.0774 3360 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

04:07:17.0774 3360 Appinfo - ok

04:07:17.0805 3360 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

04:07:17.0805 3360 arc - ok

04:07:17.0805 3360 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

04:07:17.0805 3360 arcsas - ok

04:07:17.0883 3360 [ FA558B04F900EF9801534D20F24FF2BF ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

04:07:17.0898 3360 aspnet_state - ok

04:07:17.0914 3360 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

04:07:17.0914 3360 aswFsBlk - ok

04:07:17.0961 3360 [ 316271CC32FDFFFCDB30677684906D5E ] aswKbd C:\Windows\system32\drivers\aswKbd.sys

04:07:17.0961 3360 aswKbd - ok

04:07:17.0961 3360 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

04:07:17.0976 3360 aswMonFlt - ok

04:07:17.0976 3360 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys

04:07:17.0976 3360 aswRdr - ok

04:07:18.0008 3360 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

04:07:18.0008 3360 aswSnx - ok

04:07:18.0023 3360 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys

04:07:18.0023 3360 aswSP - ok

04:07:18.0039 3360 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys

04:07:18.0039 3360 aswTdi - ok

04:07:18.0070 3360 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

04:07:18.0070 3360 AsyncMac - ok

04:07:18.0086 3360 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

04:07:18.0086 3360 atapi - ok

04:07:18.0117 3360 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

04:07:18.0117 3360 AudioEndpointBuilder - ok

04:07:18.0132 3360 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

04:07:18.0132 3360 AudioSrv - ok

04:07:18.0179 3360 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

04:07:18.0179 3360 avast! Antivirus - ok

04:07:18.0226 3360 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

04:07:18.0226 3360 AxInstSV - ok

04:07:18.0257 3360 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

04:07:18.0257 3360 b06bdrv - ok

04:07:18.0273 3360 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

04:07:18.0273 3360 b57nd60a - ok

04:07:18.0288 3360 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

04:07:18.0288 3360 BDESVC - ok

04:07:18.0288 3360 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

04:07:18.0288 3360 Beep - ok

04:07:18.0320 3360 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

04:07:18.0335 3360 BFE - ok

04:07:18.0351 3360 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll

04:07:18.0366 3360 BITS - ok

04:07:18.0366 3360 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

04:07:18.0366 3360 blbdrive - ok

04:07:18.0382 3360 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

04:07:18.0382 3360 bowser - ok

04:07:18.0398 3360 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

04:07:18.0398 3360 BrFiltLo - ok

04:07:18.0413 3360 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

04:07:18.0413 3360 BrFiltUp - ok

04:07:18.0429 3360 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

04:07:18.0429 3360 BridgeMP - ok

04:07:18.0444 3360 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

04:07:18.0444 3360 Browser - ok

04:07:18.0460 3360 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

04:07:18.0460 3360 Brserid - ok

04:07:18.0476 3360 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

04:07:18.0476 3360 BrSerWdm - ok

04:07:18.0491 3360 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

04:07:18.0491 3360 BrUsbMdm - ok

04:07:18.0507 3360 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

04:07:18.0507 3360 BrUsbSer - ok

04:07:18.0522 3360 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

04:07:18.0522 3360 BTHMODEM - ok

04:07:18.0538 3360 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

04:07:18.0538 3360 bthserv - ok

04:07:18.0554 3360 catchme - ok

04:07:18.0569 3360 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

04:07:18.0569 3360 cdfs - ok

04:07:18.0585 3360 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

04:07:18.0585 3360 cdrom - ok

04:07:18.0600 3360 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

04:07:18.0600 3360 CertPropSvc - ok

04:07:18.0616 3360 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

04:07:18.0616 3360 circlass - ok

04:07:18.0632 3360 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

04:07:18.0632 3360 CLFS - ok

04:07:18.0663 3360 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

04:07:18.0678 3360 clr_optimization_v2.0.50727_32 - ok

04:07:18.0710 3360 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

04:07:18.0710 3360 clr_optimization_v2.0.50727_64 - ok

04:07:18.0741 3360 [ F53E15A89675B7489FABE74F2091568E ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

04:07:18.0803 3360 clr_optimization_v4.0.30319_32 - ok

04:07:18.0819 3360 [ 101D397632B9007DF13E9A957EA68E04 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

04:07:18.0866 3360 clr_optimization_v4.0.30319_64 - ok

04:07:18.0881 3360 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

04:07:18.0881 3360 CmBatt - ok

04:07:18.0881 3360 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

04:07:18.0897 3360 cmdide - ok

04:07:18.0912 3360 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

04:07:18.0928 3360 CNG - ok

04:07:18.0928 3360 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

04:07:18.0928 3360 Compbatt - ok

04:07:18.0959 3360 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

04:07:18.0959 3360 CompositeBus - ok

04:07:18.0959 3360 COMSysApp - ok

04:07:18.0975 3360 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

04:07:18.0975 3360 crcdisk - ok

04:07:19.0006 3360 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

04:07:19.0006 3360 CryptSvc - ok

04:07:19.0053 3360 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

04:07:19.0068 3360 cvhsvc - ok

04:07:19.0115 3360 [ 914A7156B0C0F10BE645A02E13F576B2 ] DAUpdaterSvc C:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe

04:07:19.0115 3360 DAUpdaterSvc - ok

04:07:19.0146 3360 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

04:07:19.0146 3360 DcomLaunch - ok

04:07:19.0178 3360 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

04:07:19.0178 3360 defragsvc - ok

04:07:19.0193 3360 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

04:07:19.0193 3360 DfsC - ok

04:07:19.0224 3360 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

04:07:19.0224 3360 Dhcp - ok

04:07:19.0240 3360 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

04:07:19.0240 3360 discache - ok

04:07:19.0256 3360 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

04:07:19.0256 3360 Disk - ok

04:07:19.0271 3360 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

04:07:19.0271 3360 Dnscache - ok

04:07:19.0287 3360 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

04:07:19.0287 3360 dot3svc - ok

04:07:19.0318 3360 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

04:07:19.0318 3360 DPS - ok

04:07:19.0334 3360 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

04:07:19.0334 3360 drmkaud - ok

04:07:19.0365 3360 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

04:07:19.0365 3360 DXGKrnl - ok

04:07:19.0365 3360 EagleX64 - ok

04:07:19.0396 3360 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

04:07:19.0396 3360 EapHost - ok

04:07:19.0458 3360 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

04:07:19.0505 3360 ebdrv - ok

04:07:19.0521 3360 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

04:07:19.0521 3360 EFS - ok

04:07:19.0536 3360 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

04:07:19.0552 3360 ehRecvr - ok

04:07:19.0568 3360 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

04:07:19.0568 3360 ehSched - ok

04:07:19.0599 3360 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

04:07:19.0599 3360 elxstor - ok

04:07:19.0630 3360 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

04:07:19.0630 3360 ErrDev - ok

04:07:19.0646 3360 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

04:07:19.0646 3360 EventSystem - ok

04:07:19.0677 3360 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

04:07:19.0677 3360 exfat - ok

04:07:19.0677 3360 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

04:07:19.0677 3360 fastfat - ok

04:07:19.0708 3360 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

04:07:19.0724 3360 Fax - ok

04:07:19.0739 3360 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

04:07:19.0739 3360 fdc - ok

04:07:19.0755 3360 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

04:07:19.0755 3360 fdPHost - ok

04:07:19.0770 3360 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

04:07:19.0770 3360 FDResPub - ok

04:07:19.0786 3360 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

04:07:19.0786 3360 FileInfo - ok

04:07:19.0786 3360 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

04:07:19.0786 3360 Filetrace - ok

04:07:19.0802 3360 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

04:07:19.0802 3360 flpydisk - ok

04:07:19.0802 3360 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

04:07:19.0802 3360 FltMgr - ok

04:07:19.0833 3360 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

04:07:19.0848 3360 FontCache - ok

04:07:19.0895 3360 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

04:07:19.0895 3360 FontCache3.0.0.0 - ok

04:07:19.0911 3360 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

04:07:19.0911 3360 FsDepends - ok

04:07:19.0942 3360 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys

04:07:19.0942 3360 fssfltr - ok

04:07:20.0004 3360 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

04:07:20.0036 3360 fsssvc - ok

04:07:20.0051 3360 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

04:07:20.0051 3360 Fs_Rec - ok

04:07:20.0114 3360 [ BAEA55DDFC899B2388C498FFB6227F49 ] fussvc C:\Program Files\Windows Kits\8.0\App Certification Kit\fussvc.exe

04:07:20.0114 3360 fussvc - ok

04:07:20.0129 3360 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

04:07:20.0129 3360 fvevol - ok

04:07:20.0145 3360 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

04:07:20.0145 3360 gagp30kx - ok

04:07:20.0176 3360 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

04:07:20.0176 3360 gpsvc - ok

04:07:20.0223 3360 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys

04:07:20.0223 3360 hamachi - ok

04:07:20.0238 3360 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

04:07:20.0238 3360 hcw85cir - ok

04:07:20.0285 3360 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

04:07:20.0285 3360 HdAudAddService - ok

04:07:20.0316 3360 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

04:07:20.0316 3360 HDAudBus - ok

04:07:20.0332 3360 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

04:07:20.0332 3360 HidBatt - ok

04:07:20.0348 3360 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

04:07:20.0348 3360 HidBth - ok

04:07:20.0363 3360 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

04:07:20.0363 3360 HidIr - ok

04:07:20.0379 3360 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

04:07:20.0394 3360 hidserv - ok

04:07:20.0394 3360 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

04:07:20.0394 3360 HidUsb - ok

04:07:20.0426 3360 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

04:07:20.0426 3360 hkmsvc - ok

04:07:20.0441 3360 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

04:07:20.0441 3360 HomeGroupListener - ok

04:07:20.0457 3360 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

04:07:20.0457 3360 HomeGroupProvider - ok

04:07:20.0457 3360 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

04:07:20.0472 3360 HpSAMD - ok

04:07:20.0488 3360 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

04:07:20.0488 3360 HTTP - ok

04:07:20.0504 3360 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

04:07:20.0504 3360 hwpolicy - ok

04:07:20.0535 3360 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

04:07:20.0535 3360 i8042prt - ok

04:07:20.0535 3360 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

04:07:20.0550 3360 iaStorV - ok

04:07:20.0582 3360 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

04:07:20.0582 3360 idsvc - ok

04:07:20.0597 3360 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

04:07:20.0597 3360 iirsp - ok

04:07:20.0628 3360 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

04:07:20.0628 3360 IKEEXT - ok

04:07:20.0691 3360 [ A5F7CEF8A939EBE270462EDEFD629F20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

04:07:20.0706 3360 IntcAzAudAddService - ok

04:07:20.0722 3360 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

04:07:20.0722 3360 intelide - ok

04:07:20.0738 3360 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

04:07:20.0738 3360 intelppm - ok

04:07:20.0753 3360 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

04:07:20.0769 3360 IPBusEnum - ok

04:07:20.0769 3360 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

04:07:20.0769 3360 IpFilterDriver - ok

04:07:20.0800 3360 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

04:07:20.0800 3360 iphlpsvc - ok

04:07:20.0816 3360 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

04:07:20.0816 3360 IPMIDRV - ok

04:07:20.0847 3360 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

04:07:20.0847 3360 IPNAT - ok

04:07:20.0847 3360 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

04:07:20.0847 3360 IRENUM - ok

04:07:20.0862 3360 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

04:07:20.0862 3360 isapnp - ok

04:07:20.0878 3360 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

04:07:20.0878 3360 iScsiPrt - ok

04:07:20.0909 3360 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

04:07:20.0909 3360 kbdclass - ok

04:07:20.0925 3360 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

04:07:20.0925 3360 kbdhid - ok

04:07:20.0925 3360 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

04:07:20.0925 3360 KeyIso - ok

04:07:20.0956 3360 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

04:07:20.0956 3360 KSecDD - ok

04:07:20.0972 3360 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

04:07:20.0987 3360 KSecPkg - ok

04:07:20.0987 3360 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

04:07:20.0987 3360 ksthunk - ok

04:07:21.0003 3360 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

04:07:21.0003 3360 KtmRm - ok

04:07:21.0034 3360 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

04:07:21.0034 3360 LanmanServer - ok

04:07:21.0050 3360 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

04:07:21.0050 3360 LanmanWorkstation - ok

04:07:21.0065 3360 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

04:07:21.0065 3360 lltdio - ok

04:07:21.0081 3360 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

04:07:21.0081 3360 lltdsvc - ok

04:07:21.0096 3360 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

04:07:21.0096 3360 lmhosts - ok

04:07:21.0128 3360 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

04:07:21.0128 3360 LSI_FC - ok

04:07:21.0143 3360 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

04:07:21.0143 3360 LSI_SAS - ok

04:07:21.0143 3360 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

04:07:21.0143 3360 LSI_SAS2 - ok

04:07:21.0159 3360 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

04:07:21.0159 3360 LSI_SCSI - ok

04:07:21.0174 3360 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

04:07:21.0174 3360 luafv - ok

04:07:21.0221 3360 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

04:07:21.0221 3360 MBAMProtector - ok

04:07:21.0268 3360 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

04:07:21.0268 3360 MBAMScheduler - ok

04:07:21.0315 3360 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

04:07:21.0315 3360 MBAMService - ok

04:07:21.0346 3360 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

04:07:21.0346 3360 Mcx2Svc - ok

04:07:21.0362 3360 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

04:07:21.0362 3360 megasas - ok

04:07:21.0377 3360 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

04:07:21.0377 3360 MegaSR - ok

04:07:21.0408 3360 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

04:07:21.0408 3360 MMCSS - ok

04:07:21.0424 3360 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

04:07:21.0424 3360 Modem - ok

04:07:21.0440 3360 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

04:07:21.0440 3360 monitor - ok

04:07:21.0455 3360 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

04:07:21.0455 3360 mouclass - ok

04:07:21.0471 3360 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

04:07:21.0471 3360 mouhid - ok

04:07:21.0502 3360 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

04:07:21.0502 3360 mountmgr - ok

04:07:21.0533 3360 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

04:07:21.0533 3360 MozillaMaintenance - ok

04:07:21.0549 3360 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

04:07:21.0549 3360 mpio - ok

04:07:21.0564 3360 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

04:07:21.0564 3360 mpsdrv - ok

04:07:21.0596 3360 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

04:07:21.0611 3360 MpsSvc - ok

04:07:21.0627 3360 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

04:07:21.0627 3360 MRxDAV - ok

04:07:21.0658 3360 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

04:07:21.0658 3360 mrxsmb - ok

04:07:21.0658 3360 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

04:07:21.0674 3360 mrxsmb10 - ok

04:07:21.0674 3360 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

04:07:21.0674 3360 mrxsmb20 - ok

04:07:21.0689 3360 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

04:07:21.0689 3360 msahci - ok

04:07:21.0705 3360 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

04:07:21.0705 3360 msdsm - ok

04:07:21.0720 3360 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

04:07:21.0720 3360 MSDTC - ok

04:07:21.0736 3360 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

04:07:21.0736 3360 Msfs - ok

04:07:21.0752 3360 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

04:07:21.0752 3360 mshidkmdf - ok

04:07:21.0752 3360 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

04:07:21.0752 3360 msisadrv - ok

04:07:21.0767 3360 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

04:07:21.0783 3360 MSiSCSI - ok

04:07:21.0783 3360 msiserver - ok

04:07:21.0798 3360 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

04:07:21.0798 3360 MSKSSRV - ok

04:07:21.0798 3360 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

04:07:21.0798 3360 MSPCLOCK - ok

04:07:21.0814 3360 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

04:07:21.0814 3360 MSPQM - ok

04:07:21.0830 3360 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

04:07:21.0830 3360 MsRPC - ok

04:07:21.0845 3360 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

04:07:21.0845 3360 mssmbios - ok

04:07:21.0861 3360 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

04:07:21.0861 3360 MSTEE - ok

04:07:21.0876 3360 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

04:07:21.0876 3360 MTConfig - ok

04:07:21.0876 3360 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

04:07:21.0876 3360 Mup - ok

04:07:21.0892 3360 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

04:07:21.0892 3360 napagent - ok

04:07:21.0923 3360 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

04:07:21.0923 3360 NativeWifiP - ok

04:07:21.0954 3360 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

04:07:21.0970 3360 NDIS - ok

04:07:21.0970 3360 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

04:07:21.0970 3360 NdisCap - ok

04:07:21.0986 3360 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

04:07:22.0001 3360 NdisTapi - ok

04:07:22.0001 3360 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

04:07:22.0017 3360 Ndisuio - ok

04:07:22.0032 3360 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

04:07:22.0032 3360 NdisWan - ok

04:07:22.0048 3360 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

04:07:22.0048 3360 NDProxy - ok

04:07:22.0048 3360 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

04:07:22.0048 3360 NetBIOS - ok

04:07:22.0064 3360 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

04:07:22.0064 3360 NetBT - ok

04:07:22.0095 3360 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

04:07:22.0095 3360 Netlogon - ok

04:07:22.0110 3360 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

04:07:22.0126 3360 Netman - ok

04:07:22.0157 3360 [ 7E9228C814C0D0B551AF9A114B7E0B16 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

04:07:22.0173 3360 NetMsmqActivator - ok

04:07:22.0173 3360 [ 7E9228C814C0D0B551AF9A114B7E0B16 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

04:07:22.0173 3360 NetPipeActivator - ok

04:07:22.0188 3360 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

04:07:22.0188 3360 netprofm - ok

04:07:22.0188 3360 [ 7E9228C814C0D0B551AF9A114B7E0B16 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

04:07:22.0188 3360 NetTcpActivator - ok

04:07:22.0204 3360 [ 7E9228C814C0D0B551AF9A114B7E0B16 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

04:07:22.0204 3360 NetTcpPortSharing - ok

04:07:22.0220 3360 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

04:07:22.0220 3360 nfrd960 - ok

04:07:22.0251 3360 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

04:07:22.0251 3360 NlaSvc - ok

04:07:22.0251 3360 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

04:07:22.0251 3360 Npfs - ok

04:07:22.0282 3360 npggsvc - ok

04:07:22.0298 3360 NPPTNT2 - ok

04:07:22.0298 3360 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

04:07:22.0298 3360 nsi - ok

04:07:22.0313 3360 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

04:07:22.0313 3360 nsiproxy - ok

04:07:22.0360 3360 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

04:07:22.0376 3360 Ntfs - ok

04:07:22.0391 3360 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

04:07:22.0391 3360 Null - ok

04:07:22.0407 3360 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys

04:07:22.0407 3360 NVENETFD - ok

04:07:22.0454 3360 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys

04:07:22.0454 3360 NVHDA - ok

04:07:22.0610 3360 [ FE2909F7DFB12B9A20AD207FE23B7E96 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

04:07:22.0656 3360 nvlddmkm - ok

04:07:22.0688 3360 [ 0AD267A4674805B61A5D7B911D2A978A ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys

04:07:22.0688 3360 NVNET - ok

04:07:22.0719 3360 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

04:07:22.0734 3360 nvraid - ok

04:07:22.0750 3360 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

04:07:22.0750 3360 nvstor - ok

04:07:22.0781 3360 [ 3341D2C91989BC87C3C0BAA97C27253B ] nvsvc C:\Windows\system32\nvvsvc.exe

04:07:22.0781 3360 nvsvc - ok

04:07:22.0828 3360 [ 551CE34DAD2DFF0A480781E68B286E4D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

04:07:22.0828 3360 nvUpdatusService - ok

04:07:22.0859 3360 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

04:07:22.0859 3360 nv_agp - ok

04:07:22.0875 3360 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

04:07:22.0875 3360 ohci1394 - ok

04:07:22.0906 3360 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

04:07:22.0906 3360 ose - ok

04:07:22.0984 3360 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

04:07:23.0062 3360 osppsvc - ok

04:07:23.0093 3360 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

04:07:23.0093 3360 p2pimsvc - ok

04:07:23.0109 3360 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

04:07:23.0109 3360 p2psvc - ok

04:07:23.0124 3360 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

04:07:23.0140 3360 Parport - ok

04:07:23.0156 3360 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

04:07:23.0156 3360 partmgr - ok

04:07:23.0171 3360 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

04:07:23.0171 3360 PcaSvc - ok

04:07:23.0187 3360 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

04:07:23.0187 3360 pci - ok

04:07:23.0218 3360 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

04:07:23.0218 3360 pciide - ok

04:07:23.0234 3360 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

04:07:23.0249 3360 pcmcia - ok

04:07:23.0265 3360 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

04:07:23.0265 3360 pcw - ok

04:07:23.0280 3360 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

04:07:23.0296 3360 PEAUTH - ok

04:07:23.0343 3360 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

04:07:23.0405 3360 PerfHost - ok

04:07:23.0436 3360 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

04:07:23.0468 3360 pla - ok

04:07:23.0499 3360 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

04:07:23.0514 3360 PlugPlay - ok

04:07:23.0530 3360 PnkBstrA - ok

04:07:23.0546 3360 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

04:07:23.0546 3360 PNRPAutoReg - ok

04:07:23.0561 3360 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

04:07:23.0561 3360 PNRPsvc - ok

04:07:23.0577 3360 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

04:07:23.0577 3360 PolicyAgent - ok

04:07:23.0608 3360 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

04:07:23.0608 3360 Power - ok

04:07:23.0624 3360 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

04:07:23.0624 3360 PptpMiniport - ok

04:07:23.0639 3360 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

04:07:23.0639 3360 Processor - ok

04:07:23.0655 3360 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

04:07:23.0670 3360 ProfSvc - ok

04:07:23.0670 3360 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

04:07:23.0686 3360 ProtectedStorage - ok

04:07:23.0702 3360 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

04:07:23.0702 3360 Psched - ok

04:07:23.0748 3360 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

04:07:23.0764 3360 ql2300 - ok

04:07:23.0795 3360 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

04:07:23.0795 3360 ql40xx - ok

04:07:23.0811 3360 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

04:07:23.0811 3360 QWAVE - ok

04:07:23.0842 3360 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

04:07:23.0842 3360 QWAVEdrv - ok

04:07:23.0858 3360 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

04:07:23.0858 3360 RasAcd - ok

04:07:23.0873 3360 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

04:07:23.0873 3360 RasAgileVpn - ok

04:07:23.0873 3360 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

04:07:23.0873 3360 RasAuto - ok

04:07:23.0889 3360 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

04:07:23.0889 3360 Rasl2tp - ok

04:07:23.0904 3360 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

04:07:23.0904 3360 RasMan - ok

04:07:23.0904 3360 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

04:07:23.0920 3360 RasPppoe - ok

04:07:23.0920 3360 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

04:07:23.0920 3360 RasSstp - ok

04:07:23.0936 3360 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

04:07:23.0936 3360 rdbss - ok

04:07:23.0951 3360 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

04:07:23.0951 3360 rdpbus - ok

04:07:23.0967 3360 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

04:07:23.0967 3360 RDPCDD - ok

04:07:23.0982 3360 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

04:07:23.0998 3360 RDPENCDD - ok

04:07:23.0998 3360 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

04:07:23.0998 3360 RDPREFMP - ok

04:07:24.0029 3360 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

04:07:24.0029 3360 RDPWD - ok

04:07:24.0060 3360 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

04:07:24.0060 3360 rdyboost - ok

04:07:24.0076 3360 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

04:07:24.0076 3360 RemoteAccess - ok

04:07:24.0076 3360 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

04:07:24.0092 3360 RemoteRegistry - ok

04:07:24.0092 3360 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

04:07:24.0092 3360 RpcEptMapper - ok

04:07:24.0092 3360 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

04:07:24.0092 3360 RpcLocator - ok

04:07:24.0123 3360 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

04:07:24.0123 3360 RpcSs - ok

04:07:24.0138 3360 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

04:07:24.0138 3360 rspndr - ok

04:07:24.0154 3360 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

04:07:24.0154 3360 RTL8167 - ok

04:07:24.0154 3360 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

04:07:24.0154 3360 SamSs - ok

04:07:24.0170 3360 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

04:07:24.0170 3360 sbp2port - ok

04:07:24.0201 3360 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

04:07:24.0201 3360 SCardSvr - ok

04:07:24.0216 3360 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

04:07:24.0216 3360 scfilter - ok

04:07:24.0248 3360 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

04:07:24.0263 3360 Schedule - ok

04:07:24.0263 3360 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

04:07:24.0263 3360 SCPolicySvc - ok

04:07:24.0279 3360 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

04:07:24.0279 3360 SDRSVC - ok

04:07:24.0294 3360 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

04:07:24.0294 3360 secdrv - ok

04:07:24.0310 3360 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

04:07:24.0310 3360 seclogon - ok

04:07:24.0310 3360 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

04:07:24.0326 3360 SENS - ok

04:07:24.0326 3360 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

04:07:24.0326 3360 SensrSvc - ok

04:07:24.0357 3360 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

04:07:24.0357 3360 Serenum - ok

04:07:24.0372 3360 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

04:07:24.0372 3360 Serial - ok

04:07:24.0388 3360 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

04:07:24.0388 3360 sermouse - ok

04:07:24.0404 3360 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

04:07:24.0404 3360 SessionEnv - ok

04:07:24.0419 3360 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

04:07:24.0419 3360 sffdisk - ok

04:07:24.0435 3360 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

04:07:24.0435 3360 sffp_mmc - ok

04:07:24.0435 3360 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

04:07:24.0435 3360 sffp_sd - ok

04:07:24.0450 3360 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

04:07:24.0450 3360 sfloppy - ok

04:07:24.0497 3360 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys

04:07:24.0497 3360 Sftfs - ok

04:07:24.0544 3360 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

04:07:24.0544 3360 sftlist - ok

04:07:24.0560 3360 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys

04:07:24.0560 3360 Sftplay - ok

04:07:24.0575 3360 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys

04:07:24.0575 3360 Sftredir - ok

04:07:24.0591 3360 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys

04:07:24.0591 3360 Sftvol - ok

04:07:24.0606 3360 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

04:07:24.0606 3360 sftvsa - ok

04:07:24.0622 3360 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

04:07:24.0622 3360 SharedAccess - ok

04:07:24.0638 3360 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

04:07:24.0653 3360 ShellHWDetection - ok

04:07:24.0669 3360 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

04:07:24.0669 3360 SiSRaid2 - ok

04:07:24.0684 3360 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

04:07:24.0700 3360 SiSRaid4 - ok

04:07:24.0731 3360 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

04:07:24.0731 3360 SkypeUpdate - ok

04:07:24.0762 3360 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

04:07:24.0762 3360 Smb - ok

04:07:24.0794 3360 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

04:07:24.0794 3360 SNMPTRAP - ok

04:07:24.0809 3360 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys

04:07:24.0825 3360 speedfan - ok

04:07:24.0825 3360 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

04:07:24.0825 3360 spldr - ok

04:07:24.0840 3360 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

04:07:24.0856 3360 Spooler - ok

04:07:24.0903 3360 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

04:07:24.0965 3360 sppsvc - ok

04:07:24.0981 3360 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

04:07:24.0981 3360 sppuinotify - ok

04:07:25.0012 3360 [ CA1D717D195AE57766699BE76C915F21 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

04:07:25.0012 3360 SQLWriter - ok

04:07:25.0043 3360 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

04:07:25.0043 3360 srv - ok

04:07:25.0059 3360 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

04:07:25.0059 3360 srv2 - ok

04:07:25.0090 3360 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

04:07:25.0090 3360 srvnet - ok

04:07:25.0106 3360 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

04:07:25.0121 3360 SSDPSRV - ok

04:07:25.0121 3360 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

04:07:25.0137 3360 SstpSvc - ok

04:07:25.0152 3360 Steam Client Service - ok

04:07:25.0230 3360 [ 0632004181860960CF6E10DE8DDEF78B ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

04:07:25.0230 3360 Stereo Service - ok

04:07:25.0262 3360 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

04:07:25.0262 3360 stexstor - ok

04:07:25.0293 3360 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

04:07:25.0308 3360 stisvc - ok

04:07:25.0308 3360 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

04:07:25.0308 3360 swenum - ok

04:07:25.0340 3360 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

04:07:25.0340 3360 swprv - ok

04:07:25.0371 3360 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

04:07:25.0402 3360 SysMain - ok

04:07:25.0418 3360 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

04:07:25.0418 3360 TabletInputService - ok

04:07:25.0433 3360 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

04:07:25.0433 3360 TapiSrv - ok

04:07:25.0449 3360 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

04:07:25.0449 3360 TBS - ok

04:07:25.0496 3360 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

04:07:25.0527 3360 Tcpip - ok

04:07:25.0558 3360 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

04:07:25.0558 3360 TCPIP6 - ok

04:07:25.0589 3360 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

04:07:25.0589 3360 tcpipreg - ok

04:07:25.0605 3360 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

04:07:25.0605 3360 TDPIPE - ok

04:07:25.0636 3360 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

04:07:25.0636 3360 TDTCP - ok

04:07:25.0652 3360 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

04:07:25.0667 3360 tdx - ok

04:07:25.0667 3360 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

04:07:25.0667 3360 TermDD - ok

04:07:25.0698 3360 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

04:07:25.0714 3360 TermService - ok

04:07:25.0714 3360 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

04:07:25.0714 3360 Themes - ok

04:07:25.0745 3360 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

04:07:25.0745 3360 THREADORDER - ok

04:07:25.0745 3360 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

04:07:25.0761 3360 TrkWks - ok

04:07:25.0776 3360 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

04:07:25.0776 3360 TrustedInstaller - ok

04:07:25.0808 3360 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

04:07:25.0808 3360 tssecsrv - ok

04:07:25.0823 3360 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

04:07:25.0823 3360 TsUsbFlt - ok

04:07:25.0854 3360 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

04:07:25.0854 3360 tunnel - ok

04:07:25.0886 3360 [ F4EF9498A073122D6139CB2A19554E08 ] t_mouse.sys C:\Windows\system32\DRIVERS\t_mouse.sys

04:07:25.0886 3360 t_mouse.sys - ok

04:07:25.0886 3360 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

04:07:25.0886 3360 uagp35 - ok

04:07:25.0901 3360 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

04:07:25.0901 3360 udfs - ok

04:07:25.0917 3360 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

04:07:25.0932 3360 UI0Detect - ok

04:07:25.0948 3360 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

04:07:25.0948 3360 uliagpkx - ok

04:07:25.0964 3360 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

04:07:25.0964 3360 umbus - ok

04:07:25.0979 3360 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

04:07:25.0979 3360 UmPass - ok

04:07:26.0010 3360 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

04:07:26.0010 3360 upnphost - ok

04:07:26.0026 3360 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

04:07:26.0026 3360 usbaudio - ok

04:07:26.0042 3360 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

04:07:26.0042 3360 usbccgp - ok

04:07:26.0057 3360 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

04:07:26.0057 3360 usbcir - ok

04:07:26.0073 3360 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

04:07:26.0073 3360 usbehci - ok

04:07:26.0088 3360 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

04:07:26.0088 3360 usbhub - ok

04:07:26.0104 3360 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

04:07:26.0104 3360 usbohci - ok

04:07:26.0120 3360 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

04:07:26.0120 3360 usbprint - ok

04:07:26.0135 3360 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS

04:07:26.0135 3360 USBSTOR - ok

04:07:26.0135 3360 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

04:07:26.0135 3360 usbuhci - ok

04:07:26.0151 3360 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

04:07:26.0151 3360 UxSms - ok

04:07:26.0182 3360 [ 8B97DCD5D0C379696BC9DC74C7A23CC1 ] V0230Vfx C:\Windows\system32\DRIVERS\V0230Vfx.sys

04:07:26.0182 3360 V0230Vfx - ok

04:07:26.0213 3360 [ 4B326746BC2D1093B13D8EC2A0177CF7 ] V0230VID C:\Windows\system32\DRIVERS\V0230VID.sys

04:07:26.0229 3360 V0230VID - ok

04:07:26.0244 3360 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

04:07:26.0244 3360 VaultSvc - ok

04:07:26.0260 3360 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

04:07:26.0260 3360 vdrvroot - ok

04:07:26.0276 3360 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

04:07:26.0276 3360 vds - ok

04:07:26.0291 3360 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

04:07:26.0291 3360 vga - ok

04:07:26.0307 3360 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

04:07:26.0322 3360 VgaSave - ok

04:07:26.0338 3360 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

04:07:26.0338 3360 vhdmp - ok

04:07:26.0338 3360 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

04:07:26.0338 3360 viaide - ok

04:07:26.0354 3360 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

04:07:26.0354 3360 volmgr - ok

04:07:26.0369 3360 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

04:07:26.0369 3360 volmgrx - ok

04:07:26.0385 3360 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

04:07:26.0385 3360 volsnap - ok

04:07:26.0416 3360 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

04:07:26.0416 3360 vsmraid - ok

04:07:26.0494 3360 [ 2264088602A687D6032DDE26E808C4C5 ] VSPerfDrv110 C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys

04:07:26.0494 3360 VSPerfDrv110 - ok

04:07:26.0541 3360 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

04:07:26.0556 3360 VSS - ok

04:07:26.0588 3360 vtany - ok

04:07:26.0588 3360 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

04:07:26.0603 3360 vwifibus - ok

04:07:26.0619 3360 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

04:07:26.0619 3360 W32Time - ok

04:07:26.0650 3360 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

04:07:26.0650 3360 WacomPen - ok

04:07:26.0681 3360 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

04:07:26.0681 3360 WANARP - ok

04:07:26.0681 3360 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

04:07:26.0681 3360 Wanarpv6 - ok

04:07:26.0728 3360 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

04:07:26.0744 3360 WatAdminSvc - ok

04:07:26.0759 3360 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

04:07:26.0790 3360 wbengine - ok

04:07:26.0806 3360 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

04:07:26.0806 3360 WbioSrvc - ok

04:07:26.0837 3360 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

04:07:26.0837 3360 wcncsvc - ok

04:07:26.0853 3360 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

04:07:26.0853 3360 WcsPlugInService - ok

04:07:26.0868 3360 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

04:07:26.0868 3360 Wd - ok

04:07:26.0900 3360 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

04:07:26.0900 3360 Wdf01000 - ok

04:07:26.0915 3360 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

04:07:26.0915 3360 WdiServiceHost - ok

04:07:26.0915 3360 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

04:07:26.0931 3360 WdiSystemHost - ok

04:07:26.0931 3360 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

04:07:26.0946 3360 WebClient - ok

04:07:26.0946 3360 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

04:07:26.0946 3360 Wecsvc - ok

04:07:26.0962 3360 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

04:07:26.0962 3360 wercplsupport - ok

04:07:26.0978 3360 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

04:07:26.0978 3360 WerSvc - ok

04:07:26.0993 3360 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

04:07:27.0009 3360 WfpLwf - ok

04:07:27.0009 3360 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

04:07:27.0009 3360 WIMMount - ok

04:07:27.0024 3360 WinDefend - ok

04:07:27.0040 3360 WinHttpAutoProxySvc - ok

04:07:27.0071 3360 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

04:07:27.0071 3360 Winmgmt - ok

04:07:27.0102 3360 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

04:07:27.0134 3360 WinRM - ok

04:07:27.0165 3360 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

04:07:27.0180 3360 Wlansvc - ok

04:07:27.0243 3360 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

04:07:27.0274 3360 wlidsvc - ok

04:07:27.0305 3360 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

04:07:27.0305 3360 WmiAcpi - ok

04:07:27.0305 3360 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

04:07:27.0321 3360 wmiApSrv - ok

04:07:27.0336 3360 WMPNetworkSvc - ok

04:07:27.0336 3360 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

04:07:27.0336 3360 WPCSvc - ok

04:07:27.0368 3360 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

04:07:27.0368 3360 WPDBusEnum - ok

04:07:27.0368 3360 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

04:07:27.0368 3360 ws2ifsl - ok

04:07:27.0383 3360 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

04:07:27.0383 3360 wscsvc - ok

04:07:27.0383 3360 WSearch - ok

04:07:27.0430 3360 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

04:07:27.0461 3360 wuauserv - ok

04:07:27.0492 3360 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

04:07:27.0492 3360 WudfPf - ok

04:07:27.0524 3360 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

04:07:27.0524 3360 WUDFRd - ok

04:07:27.0539 3360 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

04:07:27.0539 3360 wudfsvc - ok

04:07:27.0555 3360 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

04:07:27.0555 3360 WwanSvc - ok

04:07:27.0664 3360 X6va005 - ok

04:07:27.0711 3360 X6va009 - ok

04:07:27.0742 3360 xsherlock - ok

04:07:27.0773 3360 [ 38F55D07B1D3391065C40EC065F984E2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys

04:07:27.0773 3360 xusb21 - ok

04:07:27.0789 3360 ================ Scan global ===============================

04:07:27.0804 3360 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

04:07:27.0820 3360 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll

04:07:27.0836 3360 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll

04:07:27.0851 3360 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

04:07:27.0882 3360 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

04:07:27.0882 3360 [Global] - ok

04:07:27.0882 3360 ================ Scan MBR ==================================

04:07:27.0898 3360 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

04:07:28.0023 3360 \Device\Harddisk0\DR0 - ok

04:07:28.0023 3360 ================ Scan VBR ==================================

04:07:28.0023 3360 [ 0AE33EC8E51CD168A6A305CD6ABC2224 ] \Device\Harddisk0\DR0\Partition1

04:07:28.0023 3360 \Device\Harddisk0\DR0\Partition1 - ok

04:07:28.0038 3360 [ C4AF33452B4A9ADD3BCD1D29A941DDAB ] \Device\Harddisk0\DR0\Partition2

04:07:28.0038 3360 \Device\Harddisk0\DR0\Partition2 - ok

04:07:28.0038 3360 ============================================================

04:07:28.0038 3360 Scan finished

04:07:28.0038 3360 ============================================================

04:07:28.0054 1548 Detected object count: 0

04:07:28.0054 1548 Actual detected object count: 0

Link to post
Share on other sites

Sorry for the delay! Things appear to be running fine, and have had no issues since.

ADWcleaner:

# AdwCleaner v2.104 - Logfile created 01/03/2013 at 06:21:29

# Updated 29/12/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Tony - TONY-PC

# Boot Mode : Normal

# Running from : C:\Users\Tony\Downloads\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

File Found : C:\END

Folder Found : C:\Users\Tony\AppData\Local\Conduit

Folder Found : C:\Users\Tony\AppData\LocalLow\Conduit

Folder Found : C:\Users\Tony\AppData\Roaming\PerformerSoft

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\SmartBar

Key Found : HKCU\Software\Softonic

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3227975

Key Found : HKLM\Software\Conduit

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

File : C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\kkhjfy9r.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1127 octets] - [03/01/2013 06:21:29]

########## EOF - C:\AdwCleaner[R1].txt - [1187 octets] ##########

Security Check:

Results of screen317's Security Check version 0.99.56

Windows 7 Service Pack 1 x64 (UAC is disabled!)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

avast! Antivirus

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.70.0.1100

JavaFX 2.1.1

Java 7 Update 9

Visual Studio Extensions for Windows Library for JavaScript

Adobe Flash Player 11.5.502.135

Adobe Reader 10.1.4 Adobe Reader out of Date!

Mozilla Firefox 15.0.1 Firefox out of Date!

````````Process Check: objlist.exe by Laurent````````

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

Malwarebytes' Anti-Malware mbamscheduler.exe

windows defender MpCmdRun.exe

AVAST Software Avast AvastSvc.exe

AVAST Software Avast AvastUI.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 4%

````````````````````End of Log``````````````````````

Link to post
Share on other sites

  • Staff

Hi,

Run TFC by OldTimer to clear temporary files:

  • Open TFC.exe if you already have it. If not, please download TFC from here and save it to your desktop.
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.

  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with OK.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number

Navigate to Start --> Run, and type Combofix /uninstall in the box that appears. Click OK afterward. Notice the space between the X and the /uninstall

This uninstalls all of ComboFix's components.

Delete SecurityCheck and TDSSKiller.

After that, navigate to Start --> Control Panel --> Add or Remove Programs, and uninstall the following program (if present):

JavaFX 2.1.1

Java 7 Update 9

Adobe Reader 10.1.4

Restart your computer.

Get the latest version of Java and Adobe Reader.

Open Firefox, click Help --> About, and ensure that it updates to version 17.

Click Start, type in Windows Update, and click on Windows Update when it appears. Install all available updates, including Internet Explorer 9.

Let me know what issues remain.

Link to post
Share on other sites

  • Staff

Great!

  • Please double click on adwcleaner.exe to run the tool.
  • Click on Uninstall.
  • Confirm with Yes.

I highly recommend the PRO version of MBAM; with it, it's likely that this issue would have been prevented in the first place.

Now that your computer seems to be in proper working order, please take the following steps to help prevent reinfection:

1) Download and install Javacool's SpywareBlaster, which will prevent malware from being installed on your computer. A tutorial on it can be found here.

2) Go to Windows Update frequently to get all of the latest updates (security or otherwise) for Windows.

3) Make sure your programs are up to date! Older versions may contain security risks. To find out what programs need to be updated, please run Secunia's Software Inspector.

4) WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

  • Green to go
  • Yellow for caution
  • Red to stop

WOT has an addon available for both Firefox and IE.

5) Be sure to update your Antivirus and Antispyware programs often!

Finally, please also take the time to read Tony Klein's excellent article on: So How Did I Get Infected in the First Place?

Safe surfing,

-screen317

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.