Inactive Slow performance and in-game (online) FPS lag

bentor79

Posts: 11   +0
Hi,
Recently my laptop has been experiencing delays in processing tasks, has blue screened a couple of times and is now slow running online games (fps drops to 4-6). As I believe that is has the necessary hardware to perform adequately in online settings (including streaming HD video) , I suspect that there may be another lurking problem. Copied below are the required preliminary components...

***************************************************************************************
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.27.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
USER :: USER-PC [administrator]

7/27/2012 1:03:39 AM
mbam-log-2012-07-27 (01-03-39).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 212637
Time elapsed: 20 minute(s), 38 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
************************************************************************************************
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.5.1
Run by USER at 1:59:59 on 2012-07-27
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6132.4658 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files (x86)\Stardock\MyColors\VistaSrv.exe
C:\Program Files (x86)\Stardock\MyColors\WBVista.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Alienware\Command Center\AlienFusionService.exe
C:\Program Files (x86)\OSD\OSD_Service.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
c:\app\user\product\112~1.0\dbhome_3\ccr\bin\nmz.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
C:\Program Files\Alienware\Command Center\AlienFusionController.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\UI0Detect.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe
C:\Program Files (x86)\OSD\OSD_Main.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Alienware\Command Center\AlienFXHook64Mngr.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120622063804.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: SSOIEAddonBHO Class: {da5bce70-d057-4d63-943d-5f3927ec59f1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
uRun: [Google Update] "C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [OSD_LAUNCH] c:\Program Files (x86)\OSD\Launch.exe
mRun: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
mRun: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [FAStartup]
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STARDO~1.LNK - C:\Program Files (x86)\Stardock\MyColors\SDDelayedLaunch.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{C57D747C-B4FA-46A5-AA29-282668B02570}\15D4169647C616E646 : DhcpNameServer = 65.32.5.74 65.32.5.75
TCP: Interfaces\{C57D747C-B4FA-46A5-AA29-282668B02570}\4523632423 : DhcpNameServer = 192.168.1.1 68.238.112.12
TCP: Interfaces\{C57D747C-B4FA-46A5-AA29-282668B02570}\533424D475 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{C57D747C-B4FA-46A5-AA29-282668B02570}\553564 : DhcpNameServer = 131.247.1.1 131.247.1.2
TCP: Interfaces\{C57D747C-B4FA-46A5-AA29-282668B02570}\E4544574541425 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{D5979464-27F9-4C7A-A78F-9578BB5D36AB} : DhcpNameServer = 65.32.5.111 65.32.5.112
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Notify: FastAccess - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli FAPassSync
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120622063804.dll
BHO-X64: scriptproxy - No File
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll
BHO-X64: SSOIEAddonBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [OSD_LAUNCH] c:\Program Files (x86)\OSD\Launch.exe
mRun-x64: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
mRun-x64: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [FAStartup]
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 stdflt;Disk Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdflt.sys --> C:\Windows\system32\DRIVERS\stdflt.sys [?]
R0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251);C:\Windows\system32\DRIVERS\tdrpm251.sys --> C:\Windows\system32\DRIVERS\tdrpm251.sys [?]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\system32\DRIVERS\ctxusbm.sys --> C:\Windows\system32\DRIVERS\ctxusbm.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Program Files\HWiNFO64\HWiNFO64A.SYS [2012-7-22 30592]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R2 afcdpsrv;Acronis Nonstop Backup service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-5-16 2326920]
R2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2010-5-21 14648]
R2 FAService;FAService;C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe [2010-4-4 2409800]
R2 HappyOSD;HappyOSD;C:\Program Files (x86)\OSD\OSD_Service.exe [2010-1-4 16384]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-13 13336]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe --> C:\Windows\system32\IProsetMonitor.exe [?]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-10-16 249936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-10-16 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-10-16 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-10-16 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-10-16 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-10-16 210584]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-5-9 2348352]
R2 Oraclec_app_user_product_112~1.0_dbhome_3ConfigurationManager;Oraclec_app_user_product_112~1.0_dbhome_3ConfigurationManager;c:\app\user\product\112~1.0\dbhome_3\ccr\bin\nmz.exe c:\app\user\product\112~1.0\dbhome_3\ccr\hosts\user-pc --> c:\app\user\product\112~1.0\dbhome_3\ccr\bin\nmz.exe c:\app\user\product\112~1.0\dbhome_3\ccr\hosts\user-pc [?]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272]
R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Acceler.sys --> C:\Windows\system32\DRIVERS\Acceler.sys [?]
R3 afcdp;afcdp;C:\Windows\system32\DRIVERS\afcdp.sys --> C:\Windows\system32\DRIVERS\afcdp.sys [?]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\Windows\system32\DRIVERS\e1k62x64.sys --> C:\Windows\system32\DRIVERS\e1k62x64.sys [?]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\system32\DRIVERS\nvoclk64.sys --> C:\Windows\system32\DRIVERS\nvoclk64.sys [?]
R3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\OSD\WinRing0x64.sys [2008-7-26 14544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-7-23 250056]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-5-16 1038088]
S3 ITECIRfilter;ITECIR Filter Driver;C:\Windows\system32\DRIVERS\ITECIRfilter.sys --> C:\Windows\system32\DRIVERS\ITECIRfilter.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 Razerlow;Razer Pro|Solutions;C:\Windows\system32\drivers\DB3G.sys --> C:\Windows\system32\drivers\DB3G.sys [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys --> C:\Windows\system32\DRIVERS\ssadserd.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
S4 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\AESTSr64.exe [2011-5-13 89600]
S4 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2011-5-13 59904]
S4 OracleDBConsoleAlien;OracleDBConsoleAlien;C:\app\USER\product\11.2.0\dbhome_3\BIN\nmesrvc.exe [2012-2-24 35328]
S4 OracleJobSchedulerALIEN;OracleJobSchedulerALIEN;c:\app\user\product\11.2.0\dbhome_3\Bin\extjob.exe ALIEN --> c:\app\user\product\11.2.0\dbhome_3\Bin\extjob.exe ALIEN [?]
S4 OracleJobSchedulerCGS2541;OracleJobSchedulerCGS2541;c:\app\user\product\11.2.0\dbhome_3\Bin\extjob.exe CGS2541 --> c:\app\user\product\11.2.0\dbhome_3\Bin\extjob.exe CGS2541 [?]
S4 OracleOraDb11g_home1ClrAgent;OracleOraDb11g_home1ClrAgent;C:\app\USER\product\11.2.0\dbhome_3\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS="EXTPROC_DLLS=ONLY:C:\app\USER\product\11.2.0\dbhome_3\bin\oraclr11.dll" --> C:\app\USER\product\11.2.0\dbhome_3\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS=EXTPROC_DLLS=ONLY:C:\app\USER\product\11.2.0\dbhome_3\bin\oraclr11.dll [?]
S4 OracleOraDb11g_home1TNSListener;OracleOraDb11g_home1TNSListener;C:\app\USER\product\11.2.0\dbhome_3\BIN\TNSLSNR --> C:\app\USER\product\11.2.0\dbhome_3\BIN\TNSLSNR [?]
S4 OracleServiceALIEN;OracleServiceALIEN;c:\app\user\product\11.2.0\dbhome_3\bin\ORACLE.EXE ALIEN --> c:\app\user\product\11.2.0\dbhome_3\bin\ORACLE.EXE ALIEN [?]
S4 OracleServiceCGS2541;OracleServiceCGS2541;c:\app\user\product\11.2.0\dbhome_3\bin\ORACLE.EXE CGS2541 --> c:\app\user\product\11.2.0\dbhome_3\bin\ORACLE.EXE CGS2541 [?]
S4 OracleVssWriterALIEN;Oracle ALIEN VSS Writer Service;c:\app\user\product\11.2.0\dbhome_3\bin\OraVSSW.exe ALIEN --> c:\app\user\product\11.2.0\dbhome_3\bin\OraVSSW.exe ALIEN [?]
S4 OracleVssWriterCGS2541;Oracle CGS2541 VSS Writer Service;c:\app\user\product\11.2.0\dbhome_3\bin\OraVSSW.exe CGS2541 --> c:\app\user\product\11.2.0\dbhome_3\bin\OraVSSW.exe CGS2541 [?]
.
=============== File Associations ===============
.
vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
jsefile\shell\open2\command=C:\Windows\System32\CScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-07-27 05:02:13--------d-----w-C:\Users\USER\AppData\Roaming\Malwarebytes
2012-07-27 05:01:26--------d-----w-C:\ProgramData\Malwarebytes
2012-07-27 05:01:1624904----a-w-C:\Windows\System32\drivers\mbam.sys
2012-07-27 05:01:15--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-23 18:17:1170344----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-23 18:17:11426184----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-22 14:33:03--------d-----w-C:\Program Files\HWiNFO64
2012-07-22 04:35:32--------d-----w-C:\Program Files (x86)\MSI Afterburner
2012-07-22 03:57:46--------d-----w-C:\Users\USER\AppData\Local\NVIDIA Corporation
2012-07-21 19:55:59--------d-----w-C:\Program Files (x86)\Oracle
2012-07-21 19:53:23772544----a-w-C:\Windows\SysWow64\npDeployJava1.dll
2012-07-12 07:15:553148800----a-w-C:\Windows\System32\win32k.sys
.
==================== Find3M ====================
.
2012-07-24 04:13:00955888----a-w-C:\Windows\System32\npdeployJava1.dll
2012-07-24 04:13:00839152----a-w-C:\Windows\System32\deployJava1.dll
2012-07-06 02:06:20687544----a-w-C:\Windows\SysWow64\deployJava1.dll
2012-06-06 06:06:162004480----a-w-C:\Windows\System32\msxml6.dll
2012-06-06 06:06:161881600----a-w-C:\Windows\System32\msxml3.dll
2012-06-06 06:02:541133568----a-w-C:\Windows\System32\cdosys.dll
2012-06-06 05:05:521390080----a-w-C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:521236992----a-w-C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06805376----a-w-C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:15:312622464----a-w-C:\Windows\System32\wucltux.dll
2012-06-02 22:15:0899840----a-w-C:\Windows\System32\wudriver.dll
2012-06-02 19:19:42186752----a-w-C:\Windows\System32\wuwebv.dll
2012-06-02 19:15:1236864----a-w-C:\Windows\System32\wuapp.exe
2012-06-02 05:50:10458704----a-w-C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:1695600----a-w-C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16151920----a-w-C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31340992----a-w-C:\Windows\System32\schannel.dll
2012-06-02 05:44:21307200----a-w-C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:4222016----a-w-C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39225280----a-w-C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10219136----a-w-C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:0996768----a-w-C:\Windows\SysWow64\sspicli.dll
2012-05-15 04:01:311188864----a-w-C:\Windows\System32\wininet.dll
2012-05-15 03:03:54981504----a-w-C:\Windows\SysWow64\wininet.dll
2012-05-04 11:06:225559664----a-w-C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:533968368----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:503913072----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2012-05-02 02:19:0374703----a-w-C:\Windows\SysWow64\mfc45.dll
2012-05-01 05:40:20209920----a-w-C:\Windows\System32\profsvc.dll
.
============= FINISH: 2:03:03.36 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 5/12/2011 7:14:30 PM
System Uptime: 7/27/2012 1:48:23 AM (1 hours ago)
.
Motherboard: Alienware | |
Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz | CPU 1 | 1729/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 447 GiB total, 348.848 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: facap, FastAccess Video Capture
Device ID: ROOT\IMAGE\0000
Manufacturer: Sensible Vision
Name: facap, FastAccess Video Capture
PNP Device ID: ROOT\IMAGE\0000
Service: FACAP
.
==== System Restore Points ===================
.
RP145: 7/21/2012 3:53:35 PM - Installed JavaFX 2.1.1
RP147: 7/21/2012 8:53:09 PM - Removed service pack backup files
RP148: 7/21/2012 11:55:56 PM - Installed NVIDIA Performance
RP149: 7/21/2012 11:58:15 PM - Installed NVIDIA System Monitor
RP150: 7/22/2012 12:00:10 AM - Installed NVIDIA System Update
RP151: 7/24/2012 12:07:55 AM - Installed Java(TM) 7 Update 5 (64-bit)
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
Accelerometer
Acronis True Image Home
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Linguistics CS4
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader X (10.1.3)
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Shockwave Player 11.6
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Advertising Center
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
Combined Community Codec Pack 2011-11-11
Command Center
Connect
CyberLink YouCam
DAEMON Tools Lite
Glary Utilities 2.41.0.1358
Google Chrome
IDT Audio
ImagXpress
Intel(R) Control Center
Intel(R) Rapid Storage Technology
IrfanView (remove only)
Java Auto Updater
Java(TM) 6 Update 31
Java(TM) 7 Update 5
JavaFX 2.1.1
kuler
League of Legends
Malwarebytes Anti-Malware version 1.62.0.1300
McAfee AntiVirus Plus
McAfee Virtual Technician
Microsoft Application Compatibility Toolkit 5.6
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MSI Afterburner 2.2.1
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 9 Essentials
Nero BurnRights
Nero BurnRights Help
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero Disc Copy Gadget
Nero Disc Copy Gadget Help
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero Rescue Agent
Nero RescueAgent Help
Nero StartSmart
Nero StartSmart Help
NeroExpress
neroxml
NVIDIA 3D Vision Controller Driver
NVIDIA Performance
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
NVIDIA System Monitor
NVIDIA System Update
OSD Setup
PDF Settings CS4
Photoshop Camera Raw
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.57.01
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Skype™ 5.10
Stardock MyColors
StreamTorrent 1.0
Suite Shared Configuration CS4
swMSM
TI Connect 1.6
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC90_CRT_x64
Vuze
Windows Media Player Firefox Plugin
.
==== Event Viewer Messages From Past Week ========
.
7/27/2012 1:50:29 AM, Error: Service Control Manager [7022] - The Windows Audio service hung on starting.
7/27/2012 1:47:24 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
7/27/2012 1:45:28 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/27/2012 1:45:28 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/27/2012 1:45:28 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
7/27/2012 1:45:28 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
7/27/2012 1:45:27 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/27/2012 1:45:21 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/27/2012 1:45:14 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC ctxusbm DfsC discache HWiNFO32 mfehidk mfenlfk NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf
7/27/2012 1:45:14 AM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
7/27/2012 1:45:14 AM, Error: Service Control Manager [7001] - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
7/27/2012 1:45:14 AM, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
7/27/2012 1:45:13 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/27/2012 1:45:13 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
7/27/2012 1:45:13 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
7/27/2012 1:45:13 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/27/2012 1:45:13 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/27/2012 1:45:13 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
7/27/2012 1:45:13 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/27/2012 1:45:13 AM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.
7/27/2012 1:45:13 AM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: The dependency service or group failed to start.
7/27/2012 1:45:13 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/27/2012 1:45:13 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/27/2012 1:45:13 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
7/22/2012 10:42:14 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Alienware Fusion Service service to connect.
7/22/2012 10:42:14 AM, Error: Service Control Manager [7000] - The Alienware Fusion Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/20/2012 5:17:58 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/20/2012 5:17:29 PM, Error: Service Control Manager [7034] - The OracleOraDb11g_home1TNSListener service terminated unexpectedly. It has done this 1 time(s).
7/20/2012 5:17:23 PM, Error: Service Control Manager [7034] - The OracleMTSRecoveryService service terminated unexpectedly. It has done this 1 time(s).
7/20/2012 5:15:51 PM, Error: Service Control Manager [7034] - The OracleServiceCGS2541 service terminated unexpectedly. It has done this 1 time(s).
7/20/2012 5:15:51 PM, Error: Service Control Manager [7034] - The OracleServiceALIEN service terminated unexpectedly. It has done this 1 time(s).
7/20/2012 5:15:45 PM, Error: Service Control Manager [7024] - The OracleDBConsoleAlien service terminated with service-specific error The system cannot find the file specified..
.
==== End Of File ===========================
 
Hello, and welcome to TechSpot.


rulesx.png
Please see here for the board rules and other FAQ.

Please feel free to introduce yourself, after you follow the steps below to get started.

Information
  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • If you have already asked for help somewhere, please post the link to the topic you were helped.
  • We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.


tdss_1.jpg


-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

tdss_2.jpg


------------------------

Click the Start Scan button.

tdss_3.jpg


-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue


tdss_4.jpg


----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


tdss_5.jpg



--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
 
Thanks for the prompt response! The results of TDSKiller as below:





11:40:05.0027 7624TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
11:40:06.0121 7624============================================================
11:40:06.0121 7624Current date / time: 2012/07/27 11:40:06.0120
11:40:06.0121 7624SystemInfo:
11:40:06.0121 7624
11:40:06.0122 7624OS Version: 6.1.7601 ServicePack: 1.0
11:40:06.0122 7624Product type: Workstation
11:40:06.0123 7624ComputerName: USER-PC
11:40:06.0124 7624UserName: USER
11:40:06.0124 7624Windows directory: C:\Windows
11:40:06.0124 7624System windows directory: C:\Windows
11:40:06.0124 7624Running under WOW64
11:40:06.0124 7624Processor architecture: Intel x64
11:40:06.0124 7624Number of processors: 8
11:40:06.0125 7624Page size: 0x1000
11:40:06.0125 7624Boot type: Normal boot
11:40:06.0125 7624============================================================
11:40:08.0629 7624Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:40:08.0669 7624============================================================
11:40:08.0669 7624\Device\Harddisk0\DR0:
11:40:08.0669 7624MBR partitions:
11:40:08.0670 7624\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x27800, BlocksNum 0x256B000
11:40:08.0670 7624\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2592800, BlocksNum 0x37DF3000
11:40:08.0670 7624============================================================
11:40:08.0691 7624C: <-> \Device\Harddisk0\DR0\Partition1
11:40:08.0692 7624============================================================
11:40:08.0692 7624Initialize success
11:40:08.0692 7624============================================================
11:40:30.0700 6176============================================================
11:40:30.0701 6176Scan started
11:40:30.0701 6176Mode: Manual; SigCheck; TDLFS;
11:40:30.0701 6176============================================================
11:40:33.0514 61761394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:40:34.0509 61761394ohci - ok
11:40:34.0562 6176Acceler (e388503069001f0797ec200ce19b265e) C:\Windows\system32\DRIVERS\Acceler.sys
11:40:35.0091 6176Acceler - ok
11:40:35.0173 6176ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:40:35.0326 6176ACPI - ok
11:40:35.0382 6176AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:40:36.0005 6176AcpiPmi - ok
11:40:36.0193 6176AcrSch2Svc (2582060d70153b4ab12ff226b6ed7146) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
11:40:36.0393 6176AcrSch2Svc - ok
11:40:36.0456 6176adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
11:40:36.0957 6176adfs - ok
11:40:37.0067 6176AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:40:37.0174 6176AdobeARMservice - ok
11:40:37.0391 6176AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:40:37.0515 6176AdobeFlashPlayerUpdateSvc - ok
11:40:37.0607 6176adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:40:37.0821 6176adp94xx - ok
11:40:37.0886 6176adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:40:38.0089 6176adpahci - ok
11:40:38.0130 6176adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:40:38.0295 6176adpu320 - ok
11:40:38.0349 6176AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:40:38.0863 6176AeLookupSvc - ok
11:40:38.0982 6176AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\AESTSr64.exe
11:40:39.0578 6176AESTFilters - ok
11:40:39.0640 6176afcdp (3426a6eaa09077f3ab946fb9ceb85d8e) C:\Windows\system32\DRIVERS\afcdp.sys
11:40:39.0744 6176afcdp - ok
11:40:40.0064 6176afcdpsrv (986a134b1a1770599b7af9354cbb066f) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
11:40:40.0870 6176afcdpsrv - ok
11:40:41.0061 6176AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:40:41.0602 6176AFD - ok
11:40:41.0654 6176agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:40:41.0800 6176agp440 - ok
11:40:41.0844 6176ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:40:42.0057 6176ALG - ok
11:40:42.0142 6176AlienFusionService (a99e57669390f265d25288c8ba042d78) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
11:40:42.0219 6176AlienFusionService - ok
11:40:42.0268 6176aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:40:42.0410 6176aliide - ok
11:40:42.0437 6176amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:40:42.0560 6176amdide - ok
11:40:42.0592 6176AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:40:42.0776 6176AmdK8 - ok
11:40:42.0810 6176AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:40:42.0978 6176AmdPPM - ok
11:40:43.0046 6176amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:40:43.0562 6176amdsata - ok
11:40:43.0618 6176amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:40:43.0796 6176amdsbs - ok
11:40:43.0821 6176amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:40:43.0923 6176amdxata - ok
11:40:43.0974 6176androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
11:40:44.0581 6176androidusb - ok
11:40:44.0645 6176AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:40:45.0429 6176AppID - ok
11:40:45.0474 6176AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:40:45.0809 6176AppIDSvc - ok
11:40:45.0860 6176Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:40:46.0532 6176Appinfo - ok
11:40:46.0592 6176AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
11:40:46.0766 6176AppMgmt - ok
11:40:46.0821 6176arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:40:46.0949 6176arc - ok
11:40:46.0978 6176arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:40:47.0141 6176arcsas - ok
11:40:47.0247 6176aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:40:47.0342 6176aspnet_state - ok
11:40:47.0395 6176AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:40:47.0733 6176AsyncMac - ok
11:40:47.0782 6176atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:40:47.0890 6176atapi - ok
11:40:48.0011 6176AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:40:48.0735 6176AudioEndpointBuilder - ok
11:40:48.0771 6176AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:40:49.0088 6176AudioSrv - ok
11:40:49.0166 6176AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:40:49.0724 6176AxInstSV - ok
11:40:49.0795 6176b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:40:50.0029 6176b06bdrv - ok
11:40:50.0090 6176b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:40:50.0259 6176b57nd60a - ok
11:40:50.0312 6176BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:40:50.0504 6176BDESVC - ok
11:40:50.0527 6176Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:40:50.0849 6176Beep - ok
11:40:50.0966 6176BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:40:51.0761 6176BFE - ok
11:40:51.0875 6176BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
11:40:53.0039 6176BITS - ok
11:40:53.0105 6176blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:40:53.0286 6176blbdrive - ok
11:40:53.0364 6176bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:40:53.0573 6176bowser - ok
11:40:53.0602 6176BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:40:53.0850 6176BrFiltLo - ok
11:40:53.0879 6176BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:40:54.0053 6176BrFiltUp - ok
11:40:54.0112 6176Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:40:54.0743 6176Browser - ok
11:40:54.0796 6176Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:40:55.0006 6176Brserid - ok
11:40:55.0035 6176BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:40:55.0214 6176BrSerWdm - ok
11:40:55.0259 6176BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:40:55.0424 6176BrUsbMdm - ok
11:40:55.0447 6176BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:40:55.0621 6176BrUsbSer - ok
11:40:55.0656 6176BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:40:55.0806 6176BTHMODEM - ok
11:40:55.0870 6176bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:40:56.0218 6176bthserv - ok
11:40:56.0271 6176cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:40:56.0925 6176cdfs - ok
11:40:57.0000 6176cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:40:57.0571 6176cdrom - ok
11:40:57.0643 6176CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:40:58.0273 6176CertPropSvc - ok
11:40:58.0346 6176cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
11:40:58.0814 6176cfwids - ok
11:40:58.0852 6176circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:40:59.0009 6176circlass - ok
11:40:59.0072 6176CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:40:59.0212 6176CLFS - ok
11:40:59.0299 6176clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:40:59.0422 6176clr_optimization_v2.0.50727_32 - ok
11:40:59.0499 6176clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:40:59.0642 6176clr_optimization_v2.0.50727_64 - ok
11:40:59.0731 6176clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:40:59.0831 6176clr_optimization_v4.0.30319_32 - ok
11:40:59.0889 6176clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:40:59.0979 6176clr_optimization_v4.0.30319_64 - ok
11:41:00.0040 6176CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:41:00.0229 6176CmBatt - ok
11:41:00.0286 6176cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:41:00.0432 6176cmdide - ok
11:41:00.0526 6176CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
11:41:00.0746 6176CNG - ok
11:41:00.0781 6176Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:41:00.0898 6176Compbatt - ok
11:41:00.0943 6176CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:41:01.0564 6176CompositeBus - ok
11:41:01.0595 6176COMSysApp - ok
11:41:01.0658 6176crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:41:01.0798 6176crcdisk - ok
11:41:01.0873 6176CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
11:41:02.0445 6176CryptSvc - ok
11:41:02.0534 6176CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
11:41:03.0142 6176CSC - ok
11:41:03.0234 6176CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
11:41:03.0444 6176CscService - ok
11:41:03.0528 6176ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
11:41:04.0042 6176ctxusbm - ok
11:41:04.0101 6176dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
11:41:04.0741 6176dc3d - ok
11:41:04.0854 6176DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:41:05.0186 6176DcomLaunch - ok
11:41:05.0270 6176defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:41:05.0742 6176defragsvc - ok
11:41:05.0795 6176DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:41:06.0140 6176DfsC - ok
11:41:06.0223 6176Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:41:06.0956 6176Dhcp - ok
11:41:06.0994 6176discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:41:07.0329 6176discache - ok
11:41:07.0385 6176Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:41:07.0493 6176Disk - ok
11:41:07.0555 6176Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:41:08.0071 6176Dnscache - ok
11:41:08.0159 6176dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:41:08.0799 6176dot3svc - ok
11:41:08.0870 6176DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:41:09.0549 6176DPS - ok
11:41:09.0596 6176drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:41:09.0780 6176drmkaud - ok
11:41:09.0864 6176dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:41:10.0446 6176dtsoftbus01 - ok
11:41:10.0596 6176DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:41:11.0370 6176DXGKrnl - ok
11:41:11.0470 6176e1kexpress (324fcd2dd8a4229ddef3cc954ff12fa5) C:\Windows\system32\DRIVERS\e1k62x64.sys
11:41:12.0107 6176e1kexpress - ok
11:41:12.0173 6176EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:41:12.0574 6176EapHost - ok
11:41:12.0936 6176ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:41:13.0402 6176ebdrv - ok
11:41:13.0543 6176EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:41:14.0195 6176EFS - ok
11:41:14.0333 6176ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:41:15.0044 6176ehRecvr - ok
11:41:15.0084 6176ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:41:15.0261 6176ehSched - ok
11:41:15.0407 6176elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:41:15.0595 6176elxstor - ok
11:41:15.0633 6176ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:41:15.0791 6176ErrDev - ok
11:41:15.0895 6176EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:41:16.0255 6176EventSystem - ok
11:41:16.0304 6176exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:41:16.0707 6176exfat - ok
11:41:16.0787 6176FACAP (2c1d443e14f376e8331f52f135dca9ef) C:\Windows\system32\DRIVERS\facap.sys
11:41:17.0325 6176FACAP - ok
11:41:17.0661 6176FAService (53e30a6e86aa93c0ffc0bc0439e3e636) C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe
11:41:18.0033 6176FAService - ok
11:41:18.0182 6176fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:41:18.0478 6176fastfat - ok
11:41:18.0585 6176Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:41:19.0177 6176Fax - ok
11:41:19.0221 6176fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:41:19.0384 6176fdc - ok
11:41:19.0435 6176fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:41:19.0778 6176fdPHost - ok
11:41:19.0808 6176FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:41:20.0125 6176FDResPub - ok
11:41:20.0164 6176FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:41:20.0286 6176FileInfo - ok
11:41:20.0319 6176Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:41:20.0619 6176Filetrace - ok
11:41:20.0770 6176FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:41:21.0544 6176FLEXnet Licensing Service - ok
11:41:21.0683 6176FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
11:41:22.0426 6176FLEXnet Licensing Service 64 - ok
11:41:22.0559 6176flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:41:22.0705 6176flpydisk - ok
11:41:22.0779 6176FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:41:22.0915 6176FltMgr - ok
11:41:23.0069 6176FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:41:23.0637 6176FontCache - ok
11:41:23.0722 6176FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:41:24.0212 6176FontCache3.0.0.0 - ok
11:41:24.0270 6176FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:41:24.0391 6176FsDepends - ok
11:41:24.0436 6176Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:41:24.0996 6176Fs_Rec - ok
11:41:25.0067 6176fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:41:25.0216 6176fvevol - ok
11:41:25.0257 6176gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:41:25.0394 6176gagp30kx - ok
11:41:25.0500 6176gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:41:25.0877 6176gpsvc - ok
11:41:25.0968 6176HappyOSD (8cd92502fec49e837155b9f20e5e2d2c) C:\Program Files (x86)\OSD\OSD_Service.exe
11:41:27.0255 6176HappyOSD ( UnsignedFile.Multi.Generic ) - warning
11:41:27.0258 6176HappyOSD - detected UnsignedFile.Multi.Generic (1)
11:41:27.0296 6176hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:41:27.0443 6176hcw85cir - ok
11:41:27.0544 6176HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:41:28.0105 6176HdAudAddService - ok
11:41:28.0144 6176HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:41:28.0753 6176HDAudBus - ok
11:41:28.0805 6176HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:41:28.0953 6176HidBatt - ok
11:41:28.0996 6176HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:41:29.0188 6176HidBth - ok
11:41:29.0223 6176HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:41:29.0390 6176HidIr - ok
11:41:29.0429 6176hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:41:29.0846 6176hidserv - ok
11:41:29.0910 6176HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
11:41:30.0469 6176HidUsb - ok
11:41:30.0602 6176hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:41:31.0264 6176hkmsvc - ok
11:41:31.0323 6176HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:41:31.0868 6176HomeGroupListener - ok
11:41:31.0963 6176HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:41:32.0425 6176HomeGroupProvider - ok
11:41:32.0494 6176HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:41:32.0993 6176HpSAMD - ok
11:41:33.0117 6176HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:41:33.0883 6176HTTP - ok
11:41:34.0044 6176HWiNFO32 (f78ff50c486d530504b7d2bb36b1ed22) C:\Program Files\HWiNFO64\HWiNFO64A.SYS
11:41:34.0172 6176HWiNFO32 - ok
11:41:34.0221 6176hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:41:34.0332 6176hwpolicy - ok
11:41:34.0464 6176i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:41:34.0636 6176i8042prt - ok
11:41:34.0731 6176iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
11:41:34.0876 6176iaStor - ok
11:41:34.0980 6176IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:41:35.0065 6176IAStorDataMgrSvc - ok
11:41:35.0177 6176iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:41:35.0839 6176iaStorV - ok
11:41:36.0145 6176idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:41:36.0772 6176idsvc - ok
11:41:36.0856 6176iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:41:37.0020 6176iirsp - ok
11:41:37.0155 6176IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:41:37.0865 6176IKEEXT - ok
11:41:37.0983 6176InstallFilterService (cb8e52c468d674324260d1102955d42e) C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
11:41:38.0035 6176InstallFilterService ( UnsignedFile.Multi.Generic ) - warning
11:41:38.0035 6176InstallFilterService - detected UnsignedFile.Multi.Generic (1)
11:41:38.0174 6176Intel(R) PROSet Monitoring Service (4a9eb8ac8959c580adcaddbdbbebe033) C:\Windows\system32\IProsetMonitor.exe
11:41:38.0692 6176Intel(R) PROSet Monitoring Service - ok
11:41:38.0732 6176intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:41:38.0854 6176intelide - ok
11:41:38.0902 6176intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:41:39.0100 6176intelppm - ok
11:41:39.0145 6176IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:41:39.0499 6176IPBusEnum - ok
11:41:39.0673 6176IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:41:40.0347 6176IpFilterDriver - ok
11:41:40.0441 6176iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:41:40.0810 6176iphlpsvc - ok
11:41:40.0915 6176IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:41:41.0433 6176IPMIDRV - ok
11:41:41.0480 6176IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:41:41.0870 6176IPNAT - ok
11:41:41.0901 6176IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:41:42.0106 6176IRENUM - ok
11:41:42.0149 6176isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:41:42.0267 6176isapnp - ok
11:41:42.0316 6176iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:41:42.0856 6176iScsiPrt - ok
11:41:42.0930 6176itecir (9291643b494f87bfdac95a524f69e737) C:\Windows\system32\DRIVERS\itecir.sys
11:41:43.0470 6176itecir - ok
11:41:43.0496 6176ITECIRfilter (e5aac07b053d15ba8f67ba7d49c20971) C:\Windows\system32\DRIVERS\ITECIRfilter.sys
11:41:43.0983 6176ITECIRfilter - ok
11:41:44.0036 6176kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:41:44.0170 6176kbdclass - ok
11:41:44.0244 6176kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:41:44.0864 6176kbdhid - ok
11:41:44.0910 6176KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:41:45.0038 6176KeyIso - ok
11:41:45.0093 6176KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
11:41:45.0214 6176KSecDD - ok
11:41:45.0262 6176KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
11:41:45.0377 6176KSecPkg - ok
11:41:45.0427 6176ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:41:45.0753 6176ksthunk - ok
11:41:45.0869 6176KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:41:46.0272 6176KtmRm - ok
11:41:46.0375 6176LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
11:41:46.0977 6176LanmanServer - ok
11:41:47.0056 6176LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:41:47.0729 6176LanmanWorkstation - ok
11:41:47.0833 6176lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:41:48.0177 6176lltdio - ok
11:41:48.0271 6176lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:41:48.0654 6176lltdsvc - ok
11:41:48.0715 6176lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:41:49.0049 6176lmhosts - ok
11:41:49.0108 6176LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:41:49.0248 6176LSI_FC - ok
11:41:49.0323 6176LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:41:49.0448 6176LSI_SAS - ok
11:41:49.0482 6176LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:41:49.0597 6176LSI_SAS2 - ok
11:41:49.0645 6176LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:41:49.0807 6176LSI_SCSI - ok
11:41:49.0857 6176luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:41:50.0202 6176luafv - ok
11:41:50.0450 6176McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:41:50.0560 6176McAfee SiteAdvisor Service - ok
11:41:50.0585 6176McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:41:50.0695 6176McMPFSvc - ok
11:41:50.0732 6176mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:41:50.0833 6176mcmscsvc - ok
11:41:50.0865 6176McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:41:50.0991 6176McNaiAnn - ok
11:41:51.0035 6176McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:41:51.0132 6176McNASvc - ok
11:41:51.0438 6176McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe
11:41:51.0581 6176McODS - ok
11:41:51.0617 6176McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:41:51.0718 6176McProxy - ok
11:41:51.0827 6176McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
11:41:52.0393 6176McShield - ok
11:41:52.0461 6176Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:41:52.0929 6176Mcx2Svc - ok
11:41:52.0968 6176megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:41:53.0102 6176megasas - ok
11:41:53.0190 6176MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:41:53.0360 6176MegaSR - ok
11:41:53.0446 6176mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
11:41:53.0975 6176mfeapfk - ok
11:41:54.0085 6176mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
11:41:54.0691 6176mfeavfk - ok
11:41:54.0736 6176mfeavfk01 - ok
11:41:54.0787 6176mfeavfk02 - ok
11:41:54.0872 6176mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
11:41:55.0381 6176mfefire - ok
11:41:55.0505 6176mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
11:41:56.0004 6176mfefirek - ok
11:41:56.0156 6176mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
11:41:56.0317 6176mfehidk - ok
11:41:56.0423 6176mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
11:41:56.0905 6176mfenlfk - ok
11:41:57.0038 6176mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
11:41:57.0134 6176mferkdet - ok
11:41:57.0209 6176mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
11:41:57.0759 6176mfevtp - ok
11:41:57.0822 6176mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
11:41:57.0945 6176mfewfpk - ok
11:41:58.0057 6176Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
11:41:58.0176 6176Microsoft Office Groove Audit Service - ok
11:41:58.0257 6176MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:41:58.0609 6176MMCSS - ok
11:41:58.0641 6176Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:41:58.0960 6176Modem - ok
11:41:59.0006 6176monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:41:59.0168 6176monitor - ok
11:41:59.0229 6176mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:41:59.0382 6176mouclass - ok
11:41:59.0437 6176mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:41:59.0580 6176mouhid - ok
11:41:59.0636 6176mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:41:59.0755 6176mountmgr - ok
11:41:59.0872 6176mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:42:00.0392 6176mpio - ok
11:42:00.0435 6176mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:42:00.0787 6176mpsdrv - ok
11:42:00.0907 6176MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:42:01.0591 6176MpsSvc - ok
11:42:01.0645 6176MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:42:02.0273 6176MRxDAV - ok
11:42:02.0379 6176mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:42:02.0540 6176mrxsmb - ok
11:42:02.0613 6176mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:42:02.0770 6176mrxsmb10 - ok
11:42:02.0832 6176mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:42:02.0974 6176mrxsmb20 - ok
11:42:03.0020 6176msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:42:03.0130 6176msahci - ok
11:42:03.0189 6176msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:42:03.0882 6176msdsm - ok
11:42:03.0962 6176MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:42:04.0139 6176MSDTC - ok
11:42:04.0205 6176Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:42:04.0517 6176Msfs - ok
11:42:04.0542 6176mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:42:04.0893 6176mshidkmdf - ok
11:42:04.0939 6176msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:42:05.0048 6176msisadrv - ok
11:42:05.0117 6176MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:42:05.0466 6176MSiSCSI - ok
11:42:05.0485 6176msiserver - ok
11:42:05.0554 6176MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:42:05.0932 6176MSKSSRV - ok
11:42:05.0973 6176MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:42:06.0365 6176MSPCLOCK - ok
11:42:06.0396 6176MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:42:06.0685 6176MSPQM - ok
11:42:06.0858 6176MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:42:06.0994 6176MsRPC - ok
11:42:07.0054 6176mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:42:07.0204 6176mssmbios - ok
11:42:07.0249 6176MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:42:07.0587 6176MSTEE - ok
11:42:07.0617 6176MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:42:07.0790 6176MTConfig - ok
11:42:07.0842 6176Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:42:07.0951 6176Mup - ok
11:42:08.0061 6176napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:42:08.0379 6176napagent - ok
11:42:08.0522 6176NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:42:08.0792 6176NativeWifiP - ok
11:42:08.0956 6176NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:42:09.0201 6176NDIS - ok
11:42:09.0271 6176NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:42:09.0636 6176NdisCap - ok
11:42:09.0674 6176NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:42:09.0989 6176NdisTapi - ok
11:42:10.0035 6176Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:42:10.0806 6176Ndisuio - ok
11:42:10.0879 6176NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:42:11.0646 6176NdisWan - ok
11:42:11.0706 6176NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:42:12.0385 6176NDProxy - ok
11:42:12.0584 6176Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
11:42:13.0343 6176Nero BackItUp Scheduler 4.0 - ok
11:42:13.0411 6176NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:42:13.0750 6176NetBIOS - ok
11:42:13.0820 6176NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:42:14.0562 6176NetBT - ok
11:42:14.0610 6176Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:42:14.0714 6176Netlogon - ok
11:42:14.0798 6176Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:42:15.0177 6176Netman - ok
11:42:15.0285 6176NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:42:15.0406 6176NetMsmqActivator - ok
11:42:15.0423 6176NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d)
 
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:42:15.0520 6176NetPipeActivator - ok
11:42:15.0630 6176netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:42:15.0993 6176netprofm - ok
11:42:16.0015 6176NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:42:16.0105 6176NetTcpActivator - ok
11:42:16.0121 6176NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:42:16.0222 6176NetTcpPortSharing - ok
11:42:16.0986 6176netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
11:42:17.0697 6176netw5v64 - ok
11:42:17.0859 6176nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:42:18.0002 6176nfrd960 - ok
11:42:18.0091 6176NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:42:18.0801 6176NlaSvc - ok
11:42:18.0867 6176Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:42:19.0184 6176Npfs - ok
11:42:19.0224 6176nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:42:19.0535 6176nsi - ok
11:42:19.0570 6176nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:42:19.0887 6176nsiproxy - ok
11:42:20.0141 6176Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:42:20.0423 6176Ntfs - ok
11:42:20.0554 6176nTuneService - ok
11:42:20.0709 6176Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:42:21.0098 6176Null - ok
11:42:21.0182 6176NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
11:42:21.0778 6176NVHDA - ok
11:42:23.0148 6176nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:42:25.0151 6176nvlddmkm - ok
11:42:25.0342 6176nvoclk64 (8c1d181480796d7d3366a9381fd7782d) C:\Windows\system32\DRIVERS\nvoclk64.sys
11:42:25.0898 6176nvoclk64 - ok
11:42:25.0966 6176nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:42:26.0523 6176nvraid - ok
11:42:26.0566 6176nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:42:27.0113 6176nvstor - ok
11:42:27.0254 6176nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
11:42:27.0902 6176nvsvc - ok
11:42:28.0231 6176nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:42:29.0109 6176nvUpdatusService - ok
11:42:29.0276 6176nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:42:29.0441 6176nv_agp - ok
11:42:29.0648 6176odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:42:29.0798 6176odserv - ok
11:42:29.0867 6176ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:42:30.0020 6176ohci1394 - ok
11:42:30.0160 6176Oraclec_app_user_product_112~1.0_dbhome_3ConfigurationManager - ok
11:42:30.0274 6176OracleDBConsoleAlien (985b95883b5e54d1966ee84ca76085e4) C:\app\USER\product\11.2.0\dbhome_3\bin\nmesrvc.exe
11:42:30.0729 6176OracleDBConsoleAlien ( UnsignedFile.Multi.Generic ) - warning
11:42:30.0730 6176OracleDBConsoleAlien - detected UnsignedFile.Multi.Generic (1)
11:42:30.0759 6176OracleJobSchedulerALIEN - ok
11:42:30.0795 6176OracleJobSchedulerCGS2541 - ok
11:42:30.0822 6176OracleMTSRecoveryService - ok
11:42:30.0849 6176OracleOraDb11g_home1ClrAgent - ok
11:42:30.0872 6176OracleOraDb11g_home1TNSListener - ok
11:42:30.0898 6176OracleServiceALIEN - ok
11:42:30.0930 6176OracleServiceCGS2541 - ok
11:42:30.0954 6176OracleVssWriterALIEN - ok
11:42:30.0982 6176OracleVssWriterCGS2541 - ok
11:42:31.0040 6176ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:42:31.0155 6176ose - ok
11:42:31.0246 6176p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:42:31.0465 6176p2pimsvc - ok
11:42:31.0539 6176p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:42:31.0779 6176p2psvc - ok
11:42:31.0826 6176Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:42:31.0985 6176Parport - ok
11:42:32.0031 6176partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:42:32.0135 6176partmgr - ok
11:42:32.0194 6176PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:42:32.0422 6176PcaSvc - ok
11:42:32.0476 6176pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:42:32.0595 6176pci - ok
11:42:32.0638 6176pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:42:32.0778 6176pciide - ok
11:42:32.0879 6176pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:42:33.0016 6176pcmcia - ok
11:42:33.0057 6176pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:42:33.0178 6176pcw - ok
11:42:33.0277 6176PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:42:33.0697 6176PEAUTH - ok
11:42:33.0870 6176PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
11:42:34.0217 6176PeerDistSvc - ok
11:42:34.0328 6176PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:42:34.0493 6176PerfHost - ok
11:42:34.0768 6176pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:42:35.0502 6176pla - ok
11:42:35.0587 6176PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:42:36.0125 6176PlugPlay - ok
11:42:36.0162 6176PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:42:36.0359 6176PNRPAutoReg - ok
11:42:36.0421 6176PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:42:36.0565 6176PNRPsvc - ok
11:42:36.0664 6176PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:42:37.0330 6176PolicyAgent - ok
11:42:37.0398 6176Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:42:37.0776 6176Power - ok
11:42:37.0864 6176PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:42:38.0661 6176PptpMiniport - ok
11:42:38.0709 6176Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:42:38.0848 6176Processor - ok
11:42:38.0957 6176ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
11:42:39.0512 6176ProfSvc - ok
11:42:39.0559 6176ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:42:39.0688 6176ProtectedStorage - ok
11:42:39.0757 6176Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:42:40.0480 6176Psched - ok
11:42:40.0680 6176ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:42:41.0048 6176ql2300 - ok
11:42:41.0195 6176ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:42:41.0329 6176ql40xx - ok
11:42:41.0392 6176QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:42:41.0600 6176QWAVE - ok
11:42:41.0653 6176QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:42:41.0840 6176QWAVEdrv - ok
11:42:41.0871 6176RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:42:42.0196 6176RasAcd - ok
11:42:42.0253 6176RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:42:42.0622 6176RasAgileVpn - ok
11:42:42.0674 6176RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:42:43.0064 6176RasAuto - ok
11:42:43.0120 6176Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:42:43.0870 6176Rasl2tp - ok
11:42:43.0933 6176RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:42:44.0565 6176RasMan - ok
11:42:44.0613 6176RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:42:44.0961 6176RasPppoe - ok
11:42:45.0018 6176RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:42:45.0340 6176RasSstp - ok
11:42:45.0396 6176Razerlow (81ddbf4fe998ef1f4ba230f7e8d8c67e) C:\Windows\system32\drivers\DB3G.sys
11:42:45.0952 6176Razerlow - ok
11:42:46.0032 6176rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:42:46.0361 6176rdbss - ok
11:42:46.0408 6176rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:42:46.0604 6176rdpbus - ok
11:42:46.0637 6176RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:42:46.0983 6176RDPCDD - ok
11:42:47.0052 6176RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
11:42:47.0641 6176RDPDR - ok
11:42:47.0700 6176RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:42:48.0040 6176RDPENCDD - ok
11:42:48.0091 6176RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:42:48.0385 6176RDPREFMP - ok
11:42:48.0477 6176RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
11:42:49.0039 6176RdpVideoMiniport - ok
11:42:49.0120 6176RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
11:42:49.0707 6176RDPWD - ok
11:42:49.0777 6176rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:42:49.0918 6176rdyboost - ok
11:42:49.0972 6176RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:42:50.0337 6176RemoteAccess - ok
11:42:50.0380 6176RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:42:50.0692 6176RemoteRegistry - ok
11:42:50.0761 6176rimmptsk (cb7c996f3878e936bfdd9cdfe6a3a987) C:\Windows\system32\DRIVERS\rimmpx64.sys
11:42:51.0343 6176rimmptsk - ok
11:42:51.0380 6176rimsptsk (2c543f0e04b5f6fd5c17509d0ece6d1d) C:\Windows\system32\DRIVERS\rimspx64.sys
11:42:51.0917 6176rimsptsk - ok
11:42:51.0988 6176RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
11:42:52.0540 6176RimUsb - ok
11:42:52.0583 6176rismxdp (481c3fdeacaae04b74c58288dbc91df9) C:\Windows\system32\DRIVERS\rixdpx64.sys
11:42:53.0199 6176rismxdp - ok
11:42:53.0245 6176RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:42:53.0657 6176RpcEptMapper - ok
11:42:53.0704 6176RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:42:53.0880 6176RpcLocator - ok
11:42:53.0979 6176RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:42:54.0329 6176RpcSs - ok
11:42:54.0384 6176rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:42:54.0695 6176rspndr - ok
11:42:54.0733 6176s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
11:42:55.0362 6176s3cap - ok
11:42:55.0408 6176SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:42:55.0534 6176SamSs - ok
11:42:55.0582 6176sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:42:56.0189 6176sbp2port - ok
11:42:56.0246 6176SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:42:56.0619 6176SCardSvr - ok
11:42:56.0662 6176scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:42:57.0392 6176scfilter - ok
11:42:57.0573 6176Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:42:58.0292 6176Schedule - ok
11:42:58.0360 6176SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:42:58.0630 6176SCPolicySvc - ok
11:42:58.0707 6176sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
11:42:59.0298 6176sdbus - ok
11:42:59.0352 6176SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:42:59.0837 6176SDRSVC - ok
11:42:59.0919 6176secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:43:00.0266 6176secdrv - ok
11:43:00.0319 6176seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:43:00.0885 6176seclogon - ok
11:43:00.0929 6176SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:43:01.0274 6176SENS - ok
11:43:01.0317 6176SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:43:01.0484 6176SensrSvc - ok
11:43:01.0545 6176Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:43:01.0686 6176Serenum - ok
11:43:01.0739 6176Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:43:01.0883 6176Serial - ok
11:43:01.0929 6176sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:43:02.0071 6176sermouse - ok
11:43:02.0171 6176SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:43:02.0794 6176SessionEnv - ok
11:43:02.0842 6176sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:43:02.0997 6176sffdisk - ok
11:43:03.0019 6176sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:43:03.0222 6176sffp_mmc - ok
11:43:03.0245 6176sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:43:03.0787 6176sffp_sd - ok
11:43:03.0832 6176sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:43:03.0983 6176sfloppy - ok
11:43:04.0058 6176SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:43:04.0474 6176SharedAccess - ok
11:43:04.0558 6176ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:43:05.0254 6176ShellHWDetection - ok
11:43:05.0355 6176SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:43:05.0480 6176SiSRaid2 - ok
11:43:05.0511 6176SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:43:05.0635 6176SiSRaid4 - ok
11:43:05.0756 6176SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files (x86)\Skype\Updater\Updater.exe
11:43:05.0843 6176SkypeUpdate - ok
11:43:05.0898 6176Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:43:06.0170 6176Smb - ok
11:43:06.0257 6176snapman (446eb38ce4a6d040f548b2f547ca96ff) C:\Windows\system32\DRIVERS\snapman.sys
11:43:06.0345 6176snapman - ok
11:43:06.0403 6176SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:43:06.0603 6176SNMPTRAP - ok
11:43:06.0638 6176spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:43:06.0732 6176spldr - ok
11:43:06.0837 6176Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:43:07.0616 6176Spooler - ok
11:43:07.0994 6176sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:43:09.0017 6176sppsvc - ok
11:43:09.0146 6176sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:43:09.0475 6176sppuinotify - ok
11:43:09.0566 6176srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:43:09.0771 6176srv - ok
11:43:09.0860 6176srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:43:10.0012 6176srv2 - ok
11:43:10.0062 6176srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:43:10.0189 6176srvnet - ok
11:43:10.0291 6176ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
11:43:10.0938 6176ssadbus - ok
11:43:10.0988 6176ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
11:43:11.0566 6176ssadmdfl - ok
11:43:11.0628 6176ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
11:43:12.0220 6176ssadmdm - ok
11:43:12.0309 6176ssadserd (d33d1bd3ec0e766211a234f56a12726d) C:\Windows\system32\DRIVERS\ssadserd.sys
11:43:12.0897 6176ssadserd - ok
11:43:12.0966 6176SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:43:13.0358 6176SSDPSRV - ok
11:43:13.0410 6176SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:43:13.0826 6176SstpSvc - ok
11:43:13.0976 6176STacSV (1fcaf9c8a17985a28507338f36200320) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\STacSV64.exe
11:43:14.0588 6176STacSV - ok
11:43:14.0647 6176stdflt (3d69f5f3beb8aa28d7f46f5548b8d6d7) C:\Windows\system32\DRIVERS\stdflt.sys
11:43:14.0736 6176stdflt - ok
11:43:14.0890 6176Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:43:15.0032 6176Stereo Service - ok
11:43:15.0070 6176stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:43:15.0207 6176stexstor - ok
11:43:15.0458 6176STHDA (3c400155894b9caf176eb4f64737050b) C:\Windows\system32\DRIVERS\stwrt64.sys
11:43:15.0999 6176STHDA - ok
11:43:16.0117 6176stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:43:16.0661 6176stisvc - ok
11:43:16.0717 6176storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
11:43:16.0834 6176storflt - ok
11:43:16.0871 6176storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
11:43:17.0433 6176storvsc - ok
11:43:17.0467 6176swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:43:17.0620 6176swenum - ok
11:43:17.0699 6176swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:43:18.0059 6176swprv - ok
11:43:18.0098 6176Synth3dVsc - ok
11:43:18.0195 6176SynTP (5c9bb68b1f4bbcb85b4f6e675fc523a0) C:\Windows\system32\DRIVERS\SynTP.sys
11:43:18.0822 6176SynTP - ok
11:43:19.0026 6176SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:43:19.0647 6176SysMain - ok
11:43:19.0812 6176TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:43:20.0356 6176TabletInputService - ok
11:43:20.0417 6176TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:43:21.0106 6176TapiSrv - ok
11:43:21.0154 6176TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:43:21.0515 6176TBS - ok
11:43:21.0766 6176Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:43:22.0091 6176Tcpip - ok
11:43:22.0403 6176TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:43:22.0710 6176TCPIP6 - ok
11:43:22.0883 6176tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:43:23.0641 6176tcpipreg - ok
11:43:23.0703 6176TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:43:23.0921 6176TDPIPE - ok
11:43:24.0128 6176tdrpman251 (df9179b7bdf0c5b71f9c3d93c016bae5) C:\Windows\system32\DRIVERS\tdrpm251.sys
11:43:24.0374 6176tdrpman251 - ok
11:43:24.0518 6176TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:43:24.0967 6176TDTCP - ok
11:43:25.0036 6176tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:43:25.0720 6176tdx - ok
11:43:25.0768 6176TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:43:26.0232 6176TermDD - ok
11:43:26.0329 6176TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:43:27.0086 6176TermService - ok
11:43:27.0143 6176Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:43:27.0340 6176Themes - ok
11:43:27.0386 6176THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:43:27.0702 6176THREADORDER - ok
11:43:27.0770 6176TIEHDUSB (199c2e87d9a5ec58d0bcd94e893bf629) C:\Windows\system32\DRIVERS\tiehdusb.sys
11:43:28.0346 6176TIEHDUSB - ok
11:43:28.0479 6176timounter (f7546ead58cc3000ac02cf9529b9934e) C:\Windows\system32\DRIVERS\timntr.sys
11:43:28.0657 6176timounter - ok
11:43:28.0713 6176TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:43:29.0090 6176TrkWks - ok
11:43:29.0171 6176TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:43:29.0902 6176TrustedInstaller - ok
11:43:29.0990 6176tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:43:30.0741 6176tssecsrv - ok
11:43:30.0806 6176TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:43:31.0356 6176TsUsbFlt - ok
11:43:31.0387 6176tsusbhub - ok
11:43:31.0476 6176tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:43:32.0186 6176tunnel - ok
11:43:32.0237 6176uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:43:32.0374 6176uagp35 - ok
11:43:32.0458 6176udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:43:33.0217 6176udfs - ok
11:43:33.0299 6176UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:43:33.0481 6176UI0Detect - ok
11:43:33.0542 6176uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:43:33.0682 6176uliagpkx - ok
11:43:33.0734 6176umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:43:34.0341 6176umbus - ok
11:43:34.0395 6176UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:43:34.0520 6176UmPass - ok
11:43:34.0594 6176UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
11:43:35.0065 6176UmRdpService - ok
11:43:35.0197 6176UpdateCenterService - ok
11:43:35.0289 6176upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:43:35.0665 6176upnphost - ok
11:43:35.0730 6176usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:43:36.0376 6176usbccgp - ok
11:43:36.0445 6176usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:43:36.0649 6176usbcir - ok
11:43:36.0690 6176usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:43:37.0282 6176usbehci - ok
11:43:37.0367 6176usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:43:37.0915 6176usbhub - ok
11:43:37.0951 6176usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:43:38.0529 6176usbohci - ok
11:43:38.0586 6176usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:43:38.0768 6176usbprint - ok
11:43:38.0826 6176usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:43:38.0990 6176usbscan - ok
11:43:39.0052 6176USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:43:39.0617 6176USBSTOR - ok
11:43:39.0650 6176usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:43:40.0203 6176usbuhci - ok
11:43:40.0278 6176usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
11:43:40.0827 6176usbvideo - ok
11:43:40.0889 6176UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:43:41.0242 6176UxSms - ok
11:43:41.0282 6176VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:43:41.0402 6176VaultSvc - ok
11:43:41.0443 6176vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:43:41.0558 6176vdrvroot - ok
11:43:41.0658 6176vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:43:42.0479 6176vds - ok
11:43:42.0541 6176vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:43:42.0703 6176vga - ok
11:43:42.0743 6176VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:43:43.0066 6176VgaSave - ok
11:43:43.0088 6176VGPU - ok
11:43:43.0159 6176vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:43:43.0653 6176vhdmp - ok
11:43:43.0692 6176viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:43:43.0820 6176viaide - ok
11:43:43.0873 6176vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
11:43:44.0010 6176vmbus - ok
11:43:44.0052 6176VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
11:43:44.0580 6176VMBusHID - ok
11:43:44.0615 6176volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:43:44.0731 6176volmgr - ok
11:43:44.0822 6176volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:43:44.0947 6176volmgrx - ok
11:43:45.0007 6176volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:43:45.0166 6176volsnap - ok
11:43:45.0318 6176vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:43:45.0469 6176vsmraid - ok
11:43:45.0676 6176VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:43:46.0142 6176VSS - ok
11:43:46.0277 6176vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
11:43:46.0431 6176vwifibus - ok
11:43:46.0536 6176W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:43:46.0926 6176W32Time - ok
11:43:46.0988 6176WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:43:47.0140 6176WacomPen - ok
11:43:47.0204 6176WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:43:47.0938 6176WANARP - ok
11:43:47.0967 6176Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:43:48.0276 6176Wanarpv6 - ok
11:43:48.0462 6176WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:43:49.0134 6176WatAdminSvc - ok
11:43:49.0315 6176wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:43:49.0966 6176wbengine - ok
11:43:50.0145 6176WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:43:50.0375 6176WbioSrvc - ok
11:43:50.0463 6176wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:43:50.0962 6176wcncsvc - ok
11:43:51.0010 6176WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:43:51.0185 6176WcsPlugInService - ok
11:43:51.0239 6176Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:43:51.0394 6176Wd - ok
11:43:51.0484 6176Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:43:51.0672 6176Wdf01000 - ok
11:43:51.0722 6176WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:43:51.0993 6176WdiServiceHost - ok
11:43:52.0016 6176WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:43:52.0184 6176WdiSystemHost - ok
11:43:52.0254 6176WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:43:52.0734 6176WebClient - ok
11:43:52.0809 6176Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:43:53.0201 6176Wecsvc - ok
11:43:53.0265 6176wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:43:53.0652 6176wercplsupport - ok
11:43:53.0704 6176WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:43:54.0047 6176WerSvc - ok
11:43:54.0111 6176WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:43:54.0424 6176WfpLwf - ok
11:43:54.0456 6176WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:43:54.0569 6176WIMMount - ok
11:43:54.0644 6176WinDefend - ok
11:43:54.0834 6176WindowBlinds (8258726d076c8fff994f468712ddfbab) C:\Program Files (x86)\Stardock\MyColors\VistaSrv.exe
11:43:54.0946 6176WindowBlinds - ok
11:43:54.0995 6176WinHttpAutoProxySvc - ok
11:43:55.0090 6176Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:43:55.0468 6176Winmgmt - ok
11:43:55.0540 6176WinRing0_1_2_0 (0c0195c48b6b8582fa6f6373032118da) C:\Program Files (x86)\OSD\WinRing0x64.sys
11:43:55.0656 6176WinRing0_1_2_0 - ok
11:43:55.0892 6176WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:43:56.0639 6176WinRM - ok
11:43:56.0848 6176WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:43:57.0442 6176WinUsb - ok
11:43:57.0582 6176Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:43:57.0884 6176Wlansvc - ok
11:43:57.0950 6176WmBEnum (680a7846370000d20d7e74917d5b7936) C:\Windows\system32\drivers\WmBEnum.sys
11:43:58.0503 6176WmBEnum - ok
11:43:58.0590 6176WmFilter (14c35ba8189c6f65d839163aa285e954) C:\Windows\system32\drivers\WmFilter.sys
11:43:59.0137 6176WmFilter - ok
11:43:59.0204 6176WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:43:59.0368 6176WmiAcpi - ok
11:43:59.0476 6176wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:43:59.0677 6176wmiApSrv - ok
11:43:59.0749 6176WMPNetworkSvc - ok
11:43:59.0811 6176WmVirHid (8488dd91a3ee54a8e29f02ad7bb8201e) C:\Windows\system32\drivers\WmVirHid.sys
11:44:00.0328 6176WmVirHid - ok
11:44:00.0385 6176WmXlCore (14802b3a30aa849c97cb968ccc813bf3) C:\Windows\system32\drivers\WmXlCore.sys
11:44:00.0891 6176WmXlCore - ok
11:44:00.0930 6176WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:44:01.0117 6176WPCSvc - ok
11:44:01.0184 6176WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:44:01.0645 6176WPDBusEnum - ok
11:44:01.0690 6176ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:44:02.0010 6176ws2ifsl - ok
11:44:02.0056 6176wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
11:44:02.0251 6176wscsvc - ok
11:44:02.0272 6176WSearch - ok
11:44:02.0573 6176wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
11:44:02.0975 6176wuauserv - ok
11:44:03.0142 6176WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:44:03.0864 6176WudfPf - ok
11:44:03.0918 6176WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:44:04.0694 6176WUDFRd - ok
11:44:04.0750 6176wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:44:05.0415 6176wudfsvc - ok
11:44:05.0476 6176WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:44:05.0712 6176WwanSvc - ok
11:44:05.0786 6176xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
11:44:06.0282 6176xusb21 - ok
11:44:06.0342 6176MBR (0x1B8) (a276cd651395257281084752048c27c1) \Device\Harddisk0\DR0
11:44:09.0207 6176\Device\Harddisk0\DR0 - ok
11:44:09.0224 6176Boot (0x1200) (d04792d574ea36f90fb7ac3e8d2f9404) \Device\Harddisk0\DR0\Partition0
11:44:09.0233 6176\Device\Harddisk0\DR0\Partition0 - ok
11:44:09.0281 6176Boot (0x1200) (f2846d36df232fd3bea12864a650f834) \Device\Harddisk0\DR0\Partition1
11:44:09.0291 6176\Device\Harddisk0\DR0\Partition1 - ok
11:44:09.0294 6176============================================================
11:44:09.0295 6176Scan finished
11:44:09.0295 6176============================================================
11:44:09.0355 6684Detected object count: 3
11:44:09.0355 6684Actual detected object count: 3
11:45:06.0342 6684HappyOSD ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:06.0342 6684HappyOSD ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:45:06.0344 6684InstallFilterService ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:06.0344 6684InstallFilterService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:45:06.0346 6684OracleDBConsoleAlien ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:06.0346 6684OracleDBConsoleAlien ( UnsignedFile.Multi.Generic ) - User select action: Skip
 
You're welcome..and good job! Now, for this tool:

ComboFix

Please download ComboFix
combofix.gif
by sUBs
From BleepingComputer.com

Please save the file to your Desktop.

Important information about ComboFix

Before the download:
  • Please copy and paste these instructions to Notepad and save to your Desktop, or print them - for easier access.
  • It is important to rename ComboFix before the download.
  • Please do not rename ComboFix to other names, but only the one indicated.
After the download:
  • Close any open browsers.
  • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.
Running ComboFix:
  • Double click on svchost.exe & follow the prompts.
  • It will attempt to install the Recovery Console:
  • When ComboFix finishes, it will produce a report for you.
  • Please post the "C:\Combo-Fix.txt" in your next reply.
Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.
 
Hello again,

here are the results from the last scan but I think that I didnt name it correctly as svchost.exe and will re-run and post those results as well...


ComboFix 12-07-27.03 - USER 07/28/2012 13:19:50.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6132.4121 [GMT -4:00]
Running from: c:\users\USER\Downloads\Combo-Fix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\USER\GoToAssistDownloadHelper.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-06-28 to 2012-07-28 )))))))))))))))))))))))))))))))
.
.
2012-07-28 17:47 . 2012-07-28 17:47--------d-----w-c:\users\UpdatusUser\AppData\Local\temp
2012-07-28 17:47 . 2012-07-28 17:47--------d-----w-c:\users\Default\AppData\Local\temp
2012-07-27 05:02 . 2012-07-27 05:02--------d-----w-c:\users\USER\AppData\Roaming\Malwarebytes
2012-07-27 05:01 . 2012-07-27 05:01--------d-----w-c:\programdata\Malwarebytes
2012-07-27 05:01 . 2012-07-03 17:4624904----a-w-c:\windows\system32\drivers\mbam.sys
2012-07-27 05:01 . 2012-07-27 05:01--------d-----w-c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-24 04:14 . 2012-07-24 04:13268784----a-w-c:\windows\system32\javaws.exe
2012-07-24 04:13 . 2012-07-24 04:13189424----a-w-c:\windows\system32\javaw.exe
2012-07-24 04:13 . 2012-07-24 04:13188912----a-w-c:\windows\system32\java.exe
2012-07-24 04:12 . 2012-07-24 04:12--------d-----w-c:\program files\Java
2012-07-23 18:17 . 2012-07-27 02:34426184----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-23 18:17 . 2012-07-27 02:3470344----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-22 14:33 . 2012-07-22 14:33--------d-----w-c:\program files\HWiNFO64
2012-07-22 04:35 . 2012-07-22 04:37--------d-----w-c:\program files (x86)\MSI Afterburner
2012-07-22 03:57 . 2012-07-22 04:03--------d-----w-c:\users\USER\AppData\Local\NVIDIA Corporation
2012-07-21 19:57 . 2012-07-21 19:57--------d-----w-c:\program files (x86)\Common Files\Java
2012-07-21 19:55 . 2012-07-21 19:55--------d-----w-c:\program files (x86)\Oracle
2012-07-21 19:53 . 2012-07-06 02:06772544----a-w-c:\windows\SysWow64\npDeployJava1.dll
2012-07-12 07:15 . 2012-06-12 03:083148800----a-w-c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-24 04:13 . 2012-02-25 03:07955888----a-w-c:\windows\system32\npdeployJava1.dll
2012-07-24 04:13 . 2012-02-25 03:07839152----a-w-c:\windows\system32\deployJava1.dll
2012-07-12 07:06 . 2011-05-16 17:5859701280----a-w-c:\windows\system32\MRT.exe
2012-07-06 02:06 . 2011-07-20 15:12687544----a-w-c:\windows\SysWow64\deployJava1.dll
2012-06-02 22:19 . 2012-06-21 10:2638424----a-w-c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 10:272428952----a-w-c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 10:2744056----a-w-c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 10:2757880----a-w-c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 10:26701976----a-w-c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 10:272622464----a-w-c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 10:2699840----a-w-c:\windows\system32\wudriver.dll
2012-06-02 19:19 . 2012-06-21 10:26186752----a-w-c:\windows\system32\wuwebv.dll
2012-06-02 19:15 . 2012-06-21 10:2636864----a-w-c:\windows\system32\wuapp.exe
2012-05-15 04:01 . 2012-06-13 17:141188864----a-w-c:\windows\system32\wininet.dll
2012-05-15 03:59 . 2012-06-13 17:1364512----a-w-c:\windows\system32\jsproxy.dll
2012-05-15 03:03 . 2012-06-13 17:14981504----a-w-c:\windows\SysWow64\wininet.dll
2012-05-04 11:06 . 2012-06-13 17:125559664----a-w-c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 17:123968368----a-w-c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 17:123913072----a-w-c:\windows\SysWow64\ntoskrnl.exe
2012-05-02 02:19 . 2012-05-02 02:1974703----a-w-c:\windows\SysWow64\mfc45.dll
2012-05-01 05:40 . 2012-06-13 17:12209920----a-w-c:\windows\system32\profsvc.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"OSD_LAUNCH"="c:\program files (x86)\OSD\Launch.exe" [2010-01-04 32768]
"FATrayAlert"="c:\program files\Alienware\Command Center\AlienSense\FATrayMon.exe" [2010-04-04 95560]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-09-12 5048488]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1675160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock MyColors.lnk - c:\program files (x86)\Stardock\MyColors\SDDelayedLaunch.exe [2009-12-15 11520]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
IconPackager.lnk - c:\program files (x86)\Stardock\MyColors\IconPackager.exe [2009-12-16 1387688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess]
2010-04-04 18:43144712----a-w-c:\program files\Alienware\Command Center\AlienSense\FALogNot.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification PackagesREG_MULTI_SZ scecli FAPassSync
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe [2010-05-21 14648]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 250056]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-05-13 36328]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
R3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [2008-09-25 238848]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-05-16 1038088]
R3 ITECIRfilter;ITECIR Filter Driver;c:\windows\system32\DRIVERS\ITECIRfilter.sys [2011-03-22 28264]
R3 mfeavfk01;McAfee Inc.;Device\mfeavfk01.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912]
R3 Razerlow;Razer Pro|Solutions;c:\windows\system32\drivers\DB3G.sys [2005-11-07 21120]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-13 1255736]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R4 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\AESTSr64.exe [2009-03-03 89600]
R4 InstallFilterService;FF Install Filter Service;c:\program files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2009-11-30 59904]
R4 OracleDBConsoleAlien;OracleDBConsoleAlien;c:\app\USER\product\11.2.0\dbhome_3\bin\nmesrvc.exe [2010-03-02 35328]
R4 OracleJobSchedulerALIEN;OracleJobSchedulerALIEN;c:\app\user\product\11.2.0\dbhome_3\Bin\extjob.exe ALIEN [x]
R4 OracleJobSchedulerCGS2541;OracleJobSchedulerCGS2541;c:\app\user\product\11.2.0\dbhome_3\Bin\extjob.exe CGS2541 [x]
R4 OracleOraDb11g_home1ClrAgent;OracleOraDb11g_home1ClrAgent;c:\app\USER\product\11.2.0\dbhome_3\bin\OraClrAgnt.exe [2010-03-12 83968]
R4 OracleOraDb11g_home1TNSListener;OracleOraDb11g_home1TNSListener;c:\app\USER\product\11.2.0\dbhome_3\BIN\TNSLSNR [x]
R4 OracleServiceALIEN;OracleServiceALIEN;c:\app\user\product\11.2.0\dbhome_3\bin\ORACLE.EXE ALIEN [x]
R4 OracleServiceCGS2541;OracleServiceCGS2541;c:\app\user\product\11.2.0\dbhome_3\bin\ORACLE.EXE CGS2541 [x]
R4 OracleVssWriterALIEN;Oracle ALIEN VSS Writer Service;c:\app\user\product\11.2.0\dbhome_3\bin\OraVSSW.exe ALIEN [x]
R4 OracleVssWriterCGS2541;Oracle CGS2541 VSS Writer Service;c:\app\user\product\11.2.0\dbhome_3\bin\OraVSSW.exe CGS2541 [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]
S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdflt.sys [2009-11-27 19504]
S0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251);c:\windows\system32\DRIVERS\tdrpm251.sys [2011-05-16 1455648]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2009-10-05 87600]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-17 279616]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\HWiNFO64\HWiNFO64A.SYS [2012-05-10 30592]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-05-16 2326920]
S2 FAService;FAService;c:\program files\Alienware\Command Center\AlienSense\FAService.exe [2010-04-04 2409800]
S2 HappyOSD;HappyOSD;c:\program files (x86)\OSD\OSD_Service.exe [2010-01-04 16384]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2011-11-09 189608]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-03-20 162192]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
S2 Oraclec_app_user_product_112~1.0_dbhome_3ConfigurationManager;Oraclec_app_user_product_112~1.0_dbhome_3ConfigurationManager;c:\app\user\product\112~1.0\dbhome_3\ccr\bin\nmz.exe [2012-04-07 77824]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [2009-11-27 25136]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2011-05-16 250400]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2012-02-02 509104]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2009-03-09 60416]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
S3 nvoclk64;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclk64.sys [2009-09-15 42088]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - mfeavfk02
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-23 02:34]
.
2012-07-28 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-07-07 21:09]
.
2012-07-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-818084476-2355694618-123184659-1000Core.job
- c:\users\USER\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21 04:15]
.
2012-07-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-818084476-2355694618-123184659-1000UA.job
- c:\users\USER\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21 04:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-09-16 487424]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe" [2009-07-22 2463232]
"AlienFX Controller"="c:\program files\Alienware\Command Center\AlienwareAlienFXController.exe" [2010-05-21 63304]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-09-12 357384]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-04-13 1860496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 65.32.5.111 65.32.5.112
.
.
------- File Associations -------
.
vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
jsefile\shell\open2\command=c:\windows\System32\CScript.exe "%1" %*
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-FAStartup - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-(Default) - (no file)
AddRemove-McAfee Virtual Technician - c:\program files (x86)\McAfee\Supportability\MVT\MVTInstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\OracleOraDb11g_home1ClrAgent]
"ImagePath"="c:\app\USER\product\11.2.0\dbhome_3\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS=\"EXTPROC_DLLS=ONLY:c:\app\USER\product\11.2.0\dbhome_3\bin\oraclr11.dll\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\OracleOraDb11g_home1TNSListener]
"ImagePath"="c:\app\USER\product\11.2.0\dbhome_3\BIN\TNSLSNR "
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\05\01\10\0e\12\0d?"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Completion time: 2012-07-28 14:09:57 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-28 18:09
.
Pre-Run: 373,914,996,736 bytes free
Post-Run: 374,810,742,784 bytes free
.
- - End Of File - - 93FCAD0F927EA93FDC31FBE12609F80F
 
I changed the file name to svchost but it seems to have reverted back to the original naming....


ComboFix 12-07-27.03 - USER 07/28/2012 14:28:19.2.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6132.4646 [GMT -4:00]
Running from: c:\users\USER\Downloads\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-06-28 to 2012-07-28 )))))))))))))))))))))))))))))))
.
.
2012-07-28 18:39 . 2012-07-28 18:39--------d-----w-c:\users\UpdatusUser\AppData\Local\temp
2012-07-28 18:39 . 2012-07-28 18:39--------d-----w-c:\users\Default\AppData\Local\temp
2012-07-27 05:02 . 2012-07-27 05:02--------d-----w-c:\users\USER\AppData\Roaming\Malwarebytes
2012-07-27 05:01 . 2012-07-27 05:01--------d-----w-c:\programdata\Malwarebytes
2012-07-27 05:01 . 2012-07-03 17:4624904----a-w-c:\windows\system32\drivers\mbam.sys
2012-07-27 05:01 . 2012-07-27 05:01--------d-----w-c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-24 04:14 . 2012-07-24 04:13268784----a-w-c:\windows\system32\javaws.exe
2012-07-24 04:13 . 2012-07-24 04:13189424----a-w-c:\windows\system32\javaw.exe
2012-07-24 04:13 . 2012-07-24 04:13188912----a-w-c:\windows\system32\java.exe
2012-07-24 04:12 . 2012-07-24 04:12--------d-----w-c:\program files\Java
2012-07-23 18:17 . 2012-07-27 02:34426184----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-23 18:17 . 2012-07-27 02:3470344----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-22 14:33 . 2012-07-22 14:33--------d-----w-c:\program files\HWiNFO64
2012-07-22 04:35 . 2012-07-22 04:37--------d-----w-c:\program files (x86)\MSI Afterburner
2012-07-22 03:57 . 2012-07-22 04:03--------d-----w-c:\users\USER\AppData\Local\NVIDIA Corporation
2012-07-21 19:57 . 2012-07-21 19:57--------d-----w-c:\program files (x86)\Common Files\Java
2012-07-21 19:55 . 2012-07-21 19:55--------d-----w-c:\program files (x86)\Oracle
2012-07-21 19:53 . 2012-07-06 02:06772544----a-w-c:\windows\SysWow64\npDeployJava1.dll
2012-07-12 07:15 . 2012-06-12 03:083148800----a-w-c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-24 04:13 . 2012-02-25 03:07955888----a-w-c:\windows\system32\npdeployJava1.dll
2012-07-24 04:13 . 2012-02-25 03:07839152----a-w-c:\windows\system32\deployJava1.dll
2012-07-12 07:06 . 2011-05-16 17:5859701280----a-w-c:\windows\system32\MRT.exe
2012-07-06 02:06 . 2011-07-20 15:12687544----a-w-c:\windows\SysWow64\deployJava1.dll
2012-06-02 22:19 . 2012-06-21 10:2638424----a-w-c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 10:272428952----a-w-c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 10:2744056----a-w-c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 10:2757880----a-w-c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 10:26701976----a-w-c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 10:272622464----a-w-c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 10:2699840----a-w-c:\windows\system32\wudriver.dll
2012-06-02 19:19 . 2012-06-21 10:26186752----a-w-c:\windows\system32\wuwebv.dll
2012-06-02 19:15 . 2012-06-21 10:2636864----a-w-c:\windows\system32\wuapp.exe
2012-05-15 04:01 . 2012-06-13 17:141188864----a-w-c:\windows\system32\wininet.dll
2012-05-15 03:59 . 2012-06-13 17:1364512----a-w-c:\windows\system32\jsproxy.dll
2012-05-15 03:03 . 2012-06-13 17:14981504----a-w-c:\windows\SysWow64\wininet.dll
2012-05-04 11:06 . 2012-06-13 17:125559664----a-w-c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 17:123968368----a-w-c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 17:123913072----a-w-c:\windows\SysWow64\ntoskrnl.exe
2012-05-02 02:19 . 2012-05-02 02:1974703----a-w-c:\windows\SysWow64\mfc45.dll
2012-05-01 05:40 . 2012-06-13 17:12209920----a-w-c:\windows\system32\profsvc.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-28_17.54.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-05-13 21:00 . 2012-07-28 18:1854750 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-28 18:1841070 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-05-13 18:07 . 2012-07-28 18:1816466 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-818084476-2355694618-123184659-1000_UserData.bin
- 2011-05-13 02:08 . 2012-07-28 17:0932768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-13 02:08 . 2012-07-28 18:1532768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-05-13 02:08 . 2012-07-28 17:0932768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-05-13 02:08 . 2012-07-28 18:1532768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-28 17:0916384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-28 18:1516384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-05-16 14:10 . 2012-07-27 05:5416384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-16 14:10 . 2012-07-28 18:1816384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-16 14:10 . 2012-07-28 18:1832768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-05-16 14:10 . 2012-07-27 05:5432768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-05-16 14:10 . 2012-07-27 05:5416384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-16 14:10 . 2012-07-28 18:1816384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-05-13 19:07 . 2012-07-28 17:0416384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-13 19:07 . 2012-07-28 18:1816384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-13 19:07 . 2012-07-28 18:1816384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-05-13 19:07 . 2012-07-28 17:0416384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-07-28 17:50 . 2012-07-28 17:502048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-28 18:49 . 2012-07-28 18:492048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-28 18:49 . 2012-07-28 18:492048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-28 17:50 . 2012-07-28 17:502048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:01 . 2012-07-28 18:39475828 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-07-28 17:48475828 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"OSD_LAUNCH"="c:\program files (x86)\OSD\Launch.exe" [2010-01-04 32768]
"FATrayAlert"="c:\program files\Alienware\Command Center\AlienSense\FATrayMon.exe" [2010-04-04 95560]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-09-12 5048488]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1675160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"FAStartup"="" [BU]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock MyColors.lnk - c:\program files (x86)\Stardock\MyColors\SDDelayedLaunch.exe [2009-12-15 11520]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
IconPackager.lnk - c:\program files (x86)\Stardock\MyColors\IconPackager.exe [2009-12-16 1387688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess]
2010-04-04 18:43144712----a-w-c:\program files\Alienware\Command Center\AlienSense\FALogNot.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification PackagesREG_MULTI_SZ scecli FAPassSync
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 250056]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-05-13 36328]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
R3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [2008-09-25 238848]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-05-16 1038088]
R3 ITECIRfilter;ITECIR Filter Driver;c:\windows\system32\DRIVERS\ITECIRfilter.sys [2011-03-22 28264]
R3 mfeavfk01;McAfee Inc.;Device\mfeavfk01.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912]
R3 Razerlow;Razer Pro|Solutions;c:\windows\system32\drivers\DB3G.sys [2005-11-07 21120]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-13 1255736]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R4 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\AESTSr64.exe [2009-03-03 89600]
R4 InstallFilterService;FF Install Filter Service;c:\program files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2009-11-30 59904]
R4 OracleDBConsoleAlien;OracleDBConsoleAlien;c:\app\USER\product\11.2.0\dbhome_3\bin\nmesrvc.exe [2010-03-02 35328]
R4 OracleJobSchedulerALIEN;OracleJobSchedulerALIEN;c:\app\user\product\11.2.0\dbhome_3\Bin\extjob.exe ALIEN [x]
R4 OracleJobSchedulerCGS2541;OracleJobSchedulerCGS2541;c:\app\user\product\11.2.0\dbhome_3\Bin\extjob.exe CGS2541 [x]
R4 OracleOraDb11g_home1ClrAgent;OracleOraDb11g_home1ClrAgent;c:\app\USER\product\11.2.0\dbhome_3\bin\OraClrAgnt.exe [2010-03-12 83968]
R4 OracleOraDb11g_home1TNSListener;OracleOraDb11g_home1TNSListener;c:\app\USER\product\11.2.0\dbhome_3\BIN\TNSLSNR [x]
R4 OracleServiceALIEN;OracleServiceALIEN;c:\app\user\product\11.2.0\dbhome_3\bin\ORACLE.EXE ALIEN [x]
R4 OracleServiceCGS2541;OracleServiceCGS2541;c:\app\user\product\11.2.0\dbhome_3\bin\ORACLE.EXE CGS2541 [x]
R4 OracleVssWriterALIEN;Oracle ALIEN VSS Writer Service;c:\app\user\product\11.2.0\dbhome_3\bin\OraVSSW.exe ALIEN [x]
R4 OracleVssWriterCGS2541;Oracle CGS2541 VSS Writer Service;c:\app\user\product\11.2.0\dbhome_3\bin\OraVSSW.exe CGS2541 [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]
S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdflt.sys [2009-11-27 19504]
S0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251);c:\windows\system32\DRIVERS\tdrpm251.sys [2011-05-16 1455648]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2009-10-05 87600]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-17 279616]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\HWiNFO64\HWiNFO64A.SYS [2012-05-10 30592]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-05-16 2326920]
S2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe [2010-05-21 14648]
S2 FAService;FAService;c:\program files\Alienware\Command Center\AlienSense\FAService.exe [2010-04-04 2409800]
S2 HappyOSD;HappyOSD;c:\program files (x86)\OSD\OSD_Service.exe [2010-01-04 16384]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2011-11-09 189608]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-03-20 162192]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
S2 Oraclec_app_user_product_112~1.0_dbhome_3ConfigurationManager;Oraclec_app_user_product_112~1.0_dbhome_3ConfigurationManager;c:\app\user\product\112~1.0\dbhome_3\ccr\bin\nmz.exe [2012-04-07 77824]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [2009-11-27 25136]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2011-05-16 250400]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2012-02-02 509104]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2009-03-09 60416]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
S3 nvoclk64;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclk64.sys [2009-09-15 42088]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk02
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-23 02:34]
.
2012-07-28 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-07-07 21:09]
.
2012-07-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-818084476-2355694618-123184659-1000Core.job
- c:\users\USER\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21 04:15]
.
2012-07-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-818084476-2355694618-123184659-1000UA.job
- c:\users\USER\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21 04:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-09-16 487424]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe" [2009-07-22 2463232]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"AlienFX Controller"="c:\program files\Alienware\Command Center\AlienwareAlienFXController.exe" [2010-05-21 63304]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-09-12 357384]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-04-13 1860496]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 65.32.5.111 65.32.5.112
.
.
------- File Associations -------
.
vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
jsefile\shell\open2\command=c:\windows\System32\CScript.exe "%1" %*
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\OracleOraDb11g_home1ClrAgent]
"ImagePath"="c:\app\USER\product\11.2.0\dbhome_3\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS=\"EXTPROC_DLLS=ONLY:c:\app\USER\product\11.2.0\dbhome_3\bin\oraclr11.dll\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\OracleOraDb11g_home1TNSListener]
"ImagePath"="c:\app\USER\product\11.2.0\dbhome_3\BIN\TNSLSNR "
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\05\01\10\0e\12\0d?"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files\Alienware\Command Center\AlienFusionController.exe
.
**************************************************************************
.
Completion time: 2012-07-28 14:57:38 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-28 18:57
ComboFix2.txt 2012-07-28 18:09
.
Pre-Run: 374,645,284,864 bytes free
Post-Run: 374,539,325,440 bytes free
.
- - End Of File - - 52B844A629986092C3B9AC08044F8DBA
 
ESET Online Scan

Please run a free online scan with the ESET Online Scanner
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic
 
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=bdd198208133b04eaec3a26ace06765b
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-30 10:10:25
# local_time=2012-07-30 06:10:25 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5121 16777213 100 75 4246581 7895570 0 0
# compatibility_mode=5893 16776574 100 94 35442531 95156724 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=451371
# found=1
# cleaned=1
# scan_time=29752
C:\Users\USER\Downloads\cnet2_vdm_free_exe.exea variant of Win32/InstallCore.D application (cleaned by deleting - quarantined)00000000000000000000000000000000C
 
Any more issues?

We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

Many of the things to note for us would be:

  • Slow computer
  • Error messages
  • Fake antivirus alerts or the icon in the system tray
  • svchost.exe running at 100%
  • System crashes or blue screen of death
 
The computer has generally begun to run slower than it did initially when I first got it. I am still experiencing severe fps lag and wish to rule out infestations so that I may be able to investigate any incompatibilities. The computer blue screen a few times a couple of weeks ago, but has not acted up since. I'm at a loss to identify where the potential conflicts may be
 
Thank you for your help and continued patience. I am baffled by this issue and have no idea why this particular laptop is experiencing any such issues. It is after all intended as a gaming laptop and is relatively modern

[LEFT][FONT=courier new]Speed Test #102285086 by dslreports.com[/FONT][/LEFT]
[LEFT][FONT=courier new]Run: 2012-07-31 15:19:20 EST[/FONT][/LEFT]
[LEFT][FONT=courier new]Download: [/FONT][/LEFT][LEFT][FONT=courier new]8790[/FONT][/LEFT][LEFT][FONT=courier new] ([/FONT][/LEFT][LEFT][FONT=courier new]Kbps[/FONT][/LEFT][LEFT][FONT=courier new])[/FONT][/LEFT]
[LEFT][FONT=courier new]Upload: [/FONT][/LEFT][LEFT][FONT=courier new]994[/FONT][/LEFT][LEFT][FONT=courier new] ([/FONT][/LEFT][LEFT][FONT=courier new]Kbps[/FONT][/LEFT][LEFT][FONT=courier new])[/FONT][/LEFT]
[LEFT][FONT=courier new]In kilobytes per second: 1072.9 down 121.3 up[/FONT][/LEFT]
[LEFT][FONT=courier new]Boost: 21333[/FONT][/LEFT]
[LEFT][FONT=courier new]Latency: 34 ms[/FONT][/LEFT]
[LEFT][FONT=courier new]Tested by server: 68 flash[/FONT][/LEFT]
[LEFT][FONT=courier new]User: anonymous[/FONT][/LEFT]
[LEFT][FONT=courier new]User's DNS: bhn.net[/FONT][/LEFT]
[LEFT][FONT=courier new]Compared to the average of 29 tests from bhn.net:[/FONT][/LEFT]
[LEFT][FONT=courier new]* download is 7% better, upload is 64% worse[/FONT][/LEFT]
 
Well, your Internet speed could use improvement, for what it's worth!

Le'ts go ahead and clean up a bit, and see if this boosts the speed/performance...

Clean up System Restore

Now, to get you off to a clean start, we will be creating a new Restore Point, then clearing the old ones to make sure you do not get reinfected, in case you need to "restore back."

To manually create a new Restore Point
  • Go to Control Panel and select System and Maintenance
  • Select System
  • On the left select Advance System Settings and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name I.e. Clean
  • Select Create
Now we can purge the infected ones
  • Go back to the System and Maintenance page
  • Select Performance Information and Tools
  • On the left select Open Disk Cleanup
  • Select Files from all users and accept the warning if you get one
  • In the drop down box select your main drive I.e. C
  • For a few moments the system will make some calculations:
    diskcleanup1.png
  • Select the More Options tab
    moreoptions.png
  • In the System Restore and Shadow Backups select Clean up
    moreoptions2.png
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Run OTC to remove our tools

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:
  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.
Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

Purge old temporary files

Download CCleaner Slim and save it to your Desktop - Alternate download link

When the file has been saved, go to your Desktop and double-click on ccsetupxxx_slim.exe
Follow the prompts to install the program.

* Double-click the CCleaner shortcut on the desktop to start the program.
* Click on the Options block on the left, then choose Cookies.
* Under Cookies to Delete, highlight any cookies you would like to retain permanently
* Click the right arrow > to move them to the Cookies to Keep window.
* Go into Options > Advanced & uncheck Only delete files in Windows Temp folders older than 48 hours
* Click Cleaner on the left then Run Cleaner on the right to run the program.
* Important: Make sure that ALL browser windows are closed before selecting Run Cleaner

Caution: Only use the Registry feature if you are very familiar with the registry.
Always back up your registry before making any changes. Exit CCleaner after it has completed it's process.

Security Check

Please download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Tell me in your next reply, if you have completed these tasks:
  • Cleaned System Restore
  • Ran OTC
  • Ran TFC
  • Ran Security Check
Also, let me know how your computer is running, and don't forget to post the contents of the Security Check log.
 
Hey DMJ,

I ran all of the necessary steps and the security check log is below...I still get the same in-game lag even with my settings on very low, which shouldn't be happening. I'm beginning to suspect more and more that it may just be an incompatibility issue of some sort, but have no idea where to start. The nvidia forums have been suspended because they got hacked and dell doesn't offer much in the way of support for this kind of problem. All of my drivers are up to date and I have no hardware modifications. Thank you for all of your help to date with trying to diagnose my problem. It has been much appreciated.

Results of screen317's Security Check version 0.99.43
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
McAfee Anti-Virus and Anti-Spyware
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
JavaFX 2.1.1
Java(TM) 6 Update 31
Java(TM) 7 Update 5
Adobe Reader X (10.1.3)
Google Chrome 20.0.1132.57
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
 
Hello. Are you still with us?

Your thread has been marked as "Inactive" because of your lack of reply. Please let us know how your computer is running, or if you want to continue in this topic.

Thanks.
 
Back