bkribbs
New Member
So I'm not sure if you've heard of DayZ. I just bought the mod for Arma II and am trying it out. I heard about DayZ commander. Used to be great. Now the guy is a freaking jerk. He has crap on his website that looks like the real installer. Anyways, I think I removed everything, can you guys double check my combofix log came out clear?
ComboFix 14-04-20.01 - bkribbs 04/25/2014 23:31:50.2.8 - x64
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.16291.14074 [GMT -4:00]
Running from: C:\Users\bkribbs\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
((((((((((((((((((((((((( Files Created from 2014-03-26 to 2014-04-26 )))))))))))))))))))))))))))))))
2014-04-26 06:31:43 . 2014-04-26 02:46:48 -------- d-----w- C:\AdwCleaner
2014-04-26 03:34:39 . 2014-04-26 03:34:39 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-04-26 03:10:35 . 2014-04-26 03:10:35 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A3CCFF94-3C1C-4DA3-A54B-2453E78D76A5}\offreg.dll
2014-04-26 03:09:38 . 2014-04-26 03:09:38 -------- d-----w- C:\WINDOWS\ERUNT
2014-04-26 03:05:34 . 2014-04-26 03:05:35 -------- d-----w- C:\Users\bkribbs\AppData\Local\DayZCommander
2014-04-26 02:40:27 . 2014-04-26 02:40:27 -------- d-----w- C:\WINDOWS\Migration
2014-04-26 02:35:09 . 2014-04-26 03:29:37 119512 ----a-w- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-04-26 02:35:01 . 2014-04-26 02:35:02 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-26 02:35:01 . 2014-04-26 02:35:01 -------- d-----w- C:\ProgramData\Malwarebytes
2014-04-26 02:35:01 . 2014-04-03 13:51:16 63192 ----a-w- C:\WINDOWS\system32\drivers\mwac.sys
2014-04-26 02:35:01 . 2014-04-03 13:51:04 88280 ----a-w- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-04-26 02:35:01 . 2014-04-03 13:50:58 25816 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2014-04-26 01:50:52 . 2014-04-26 01:50:52 -------- d-----w- C:\Users\bkribbs\AppData\Local\ElevatedDiagnostics
2014-04-26 01:41:47 . 2014-04-26 01:41:47 -------- d-----w- C:\Program Files (x86)\7-Zip
2014-04-26 00:53:20 . 2014-04-26 00:53:20 -------- d-----w- C:\Program Files (x86)\Common Files\BattlEye
2014-04-26 00:44:57 . 2014-04-26 00:45:07 -------- d-----w- C:\Users\bkribbs\AppData\Local\ArmA 2
2014-04-26 00:42:10 . 2014-04-26 00:51:06 -------- d-----w- C:\Users\bkribbs\AppData\Local\ArmA 2 OA
2014-04-26 00:42:10 . 2014-04-26 00:42:10 -------- d-----w- C:\ProgramData\Bohemia Interactive Studio
2014-04-26 00:41:49 . 2014-04-26 00:41:49 -------- d-----w- C:\Program Files (x86)\Bohemia Interactive
2014-04-26 00:36:26 . 2014-04-26 00:36:26 71048 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2014-04-26 00:36:26 . 2014-04-26 00:36:26 692616 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2014-04-26 00:36:26 . 2014-04-26 00:36:26 -------- d-----w- C:\WINDOWS\SysWow64\Macromed
2014-04-26 00:36:25 . 2014-04-26 00:36:25 -------- d-----w- C:\WINDOWS\system32\Macromed
2014-04-26 00:13:33 . 2014-04-26 00:13:33 -------- d-----w- C:\ProgramData\SIX Networks
2014-04-26 00:13:09 . 2014-04-26 00:13:09 -------- d-----w- C:\Users\bkribbs\AppData\Local\IsolatedStorage
2014-04-26 00:13:07 . 2014-04-26 00:42:09 -------- d-----w- C:\Users\bkribbs\AppData\Local\SIX Networks
2014-04-26 00:13:07 . 2014-04-26 00:13:07 -------- d-----w- C:\Users\bkribbs\AppData\Roaming\SIX Networks
2014-04-25 23:07:10 . 2014-04-25 23:07:13 -------- d-----w- C:\WINDOWS\rescache
2014-04-25 22:22:43 . 2014-04-25 22:22:43 -------- d-----w- C:\Users\bkribbs\AppData\Local\Downloaded Installations
2014-04-25 22:07:54 . 2014-01-31 21:54:31 99288 ----a-w- C:\WINDOWS\system32\drivers\TeeDriverx64.sys
2014-04-25 22:07:54 . 2014-01-31 21:54:31 1795952 ----a-w- C:\WINDOWS\system32\WdfCoInstaller01011.dll
2014-04-25 22:07:28 . 2013-09-06 13:35:16 39424 ----a-w- C:\WINDOWS\system32\drivers\applemtp.sys
2014-04-25 22:07:24 . 2013-10-17 12:24:15 69120 ----a-w- C:\WINDOWS\system32\CirrusAPO_x64.dll
2014-04-25 22:06:39 . 2014-01-10 13:54:39 8061648 ----a-w- C:\WINDOWS\system32\drivers\BCMWL664.SYS
2014-04-25 22:06:38 . 2014-01-10 13:54:39 96560 ----a-w- C:\WINDOWS\system32\bcmwlcoi.dll
2014-04-25 22:06:38 . 2014-01-10 13:54:39 3674408 ----a-w- C:\WINDOWS\system32\bcmihvui64.dll
2014-04-25 22:06:38 . 2014-01-10 13:54:38 4406568 ----a-w- C:\WINDOWS\system32\bcmihvsrv64.dll
2014-04-25 22:06:30 . 2014-01-14 18:06:14 31232 ----a-w- C:\WINDOWS\system32\drivers\KeyMagic.sys
2014-04-25 21:25:12 . 2014-03-21 19:43:52 40392 ----a-w- C:\WINDOWS\system32\drivers\nvvad64v.sys
2014-04-25 21:25:12 . 2014-03-21 19:43:50 33568 ----a-w- C:\WINDOWS\SysWow64\nvaudcap32v.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2014-04-02 13:27:17 . 2013-12-04 00:41:34 1081112 ----a-w- C:\WINDOWS\SysWow64\nvspcap.dll
2014-04-02 13:27:05 . 2013-12-04 00:41:34 1225920 ----a-w- C:\WINDOWS\system32\nvspcap64.dll
2014-03-21 19:43:50 . 2013-12-04 00:37:11 37320 ----a-w- C:\WINDOWS\system32\nvaudcap64v.dll
2014-03-21 15:46:46 . 2014-03-21 15:46:46 152848 ----a-w- C:\WINDOWS\SysWow64\comdlg32.ocx
2014-03-21 15:46:46 . 2014-03-21 15:46:46 1081616 ----a-w- C:\WINDOWS\SysWow64\mscomctl.ocx
2014-02-01 01:54:28 . 2013-12-03 22:55:12 59688 ----a-w- C:\WINDOWS\SysWow64\CSVer.dll
2014-01-31 22:00:02 . 2014-01-31 22:00:02 16672 ----a-w- C:\WINDOWS\system32\drivers\AppleMNT.sys
2014-01-31 22:00:00 . 2014-01-31 22:00:00 72992 ----a-w- C:\WINDOWS\system32\drivers\AppleHFS.sys
2014-01-31 21:59:56 . 2014-01-31 21:59:56 1598272 ----a-w- C:\WINDOWS\system32\AppleControlPanel.exe
2014-01-31 21:54:34 . 2013-12-03 22:55:21 48608 ----a-w- C:\WINDOWS\system32\drivers\USB3Ver.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-01-31 21:54:34 291280]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DefaultLogonDomain"= BKRIBBS-BC
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
R3 applebmt;Apple Wireless Mouse;C:\WINDOWS\system32\drivers\applebmt.sys;C:\WINDOWS\SYSNATIVE\drivers\applebmt.sys [x]
R3 AppleDisplayFlt;Apple Display Driver;C:\WINDOWS\system32\drivers\aaplmonf.sys;C:\WINDOWS\SYSNATIVE\drivers\aaplmonf.sys [x]
R3 AppleODD;Apple ODD;C:\WINDOWS\system32\drivers\AppleODD.sys;C:\WINDOWS\SYSNATIVE\drivers\AppleODD.sys [x]
R3 AppleUSBEthernet;Apple USB Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\AppleUSBEthernet.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\AppleUSBEthernet.sys [x]
R3 applewtp;Apple Wireless Trackpad;C:\WINDOWS\system32\drivers\applewtp.sys;C:\WINDOWS\SYSNATIVE\drivers\applewtp.sys [x]
R3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dmvsc;dmvsc;C:\WINDOWS\system32\drivers\dmvsc.sys;C:\WINDOWS\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\system32\IEEtwCollector.exe;C:\WINDOWS\SYSNATIVE\IEEtwCollector.exe [x]
R3 IRRemoteFlt;IR Receiver Filter Driver;C:\WINDOWS\system32\drivers\IRFilter.sys;C:\WINDOWS\SYSNATIVE\drivers\IRFilter.sys [x]
R3 lpasvc;Microsoft Policy Platform Local Authority;C:\Program Files\Microsoft Policy Platform\policyHost.exe;C:\Program Files\Microsoft Policy Platform\policyHost.exe [x]
R3 lppsvc;Microsoft Policy Platform Processor;C:\Program Files\Microsoft Policy Platform\policyHost.exe;C:\Program Files\Microsoft Policy Platform\policyHost.exe [x]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\WINDOWS\system32\drivers\nvstusb.sys;C:\WINDOWS\SYSNATIVE\drivers\nvstusb.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\WINDOWS\system32\drivers\rdpvideominiport.sys;C:\WINDOWS\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;C:\WINDOWS\system32\drivers\synth3dvsc.sys;C:\WINDOWS\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;C:\WINDOWS\system32\drivers\terminpt.sys;C:\WINDOWS\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\WINDOWS\system32\drivers\tsusbflt.sys;C:\WINDOWS\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\WINDOWS\system32\drivers\TsUsbGD.sys;C:\WINDOWS\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;C:\WINDOWS\system32\drivers\tsusbhub.sys;C:\WINDOWS\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;C:\WINDOWS\system32\drivers\rdvgkmd.sys;C:\WINDOWS\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;C:\WINDOWS\system32\Wat\WatAdminSvc.exe;C:\WINDOWS\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Users\bkribbs\Downloads\RealTemp_370\WinRing0x64.sys;C:\Users\bkribbs\Downloads\RealTemp_370\WinRing0x64.sys [x]
R4 CmRcService;Configuration Manager Remote Control;C:\WINDOWS\CCM\RemCtrl\CmRcService.exe;C:\WINDOWS\CCM\RemCtrl\CmRcService.exe [x]
R4 vxlsnyaiet64;vxlsnyaiet64;C:\Program Files\003\vxlsnyaiet64.exe run options=01100010030000000000000000000000 sourceguid=6E6B36EB-9156-411B-B951-C735F4747DCF;C:\Program Files\003\vxlsnyaiet64.exe run options=01100010030000000000000000000000 sourceguid=6E6B36EB-9156-411B-B951-C735F4747DCF [x]
S0 amdkmafd;AMD Audio Bus Lower Filter;C:\WINDOWS\system32\drivers\amdkmafd.sys;C:\WINDOWS\SYSNATIVE\drivers\amdkmafd.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\WINDOWS\system32\drivers\amdkmpfd.sys;C:\WINDOWS\SYSNATIVE\drivers\amdkmpfd.sys [x]
S0 AppleHFS;AppleHFS; [x]
S0 AppleMNT;AppleMNT; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\WINDOWS\system32\drivers\iusb3hcs.sys;C:\WINDOWS\SYSNATIVE\drivers\iusb3hcs.sys [x]
S2 AppleOSSMgr;Apple OS Switch Manager;C:\WINDOWS\system32\AppleOSSMgr.exe;C:\WINDOWS\SYSNATIVE\AppleOSSMgr.exe [x]
S2 AppleTimeSrv;Apple Time Service;C:\WINDOWS\system32\AppleTimeSrv.exe;C:\WINDOWS\SYSNATIVE\AppleTimeSrv.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 KeyAgent;KeyAgent;C:\WINDOWS\system32\drivers\KeyAgent.sys;C:\WINDOWS\SYSNATIVE\drivers\KeyAgent.sys [x]
S2 MacHALDriver;Mac HAL;C:\WINDOWS\system32\drivers\MacHALDriver.sys;C:\WINDOWS\SYSNATIVE\drivers\MacHALDriver.sys [x]
S2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 acpials;ALS Sensor Filter;C:\WINDOWS\system32\DRIVERS\acpials.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\acpials.sys [x]
S3 AppleBtBc;Apple Broadcom Built-in Bluetooth;C:\WINDOWS\system32\DRIVERS\AppleBtBc.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\AppleBtBc.sys [x]
S3 applemtm;Apple Multitouch Mouse;C:\WINDOWS\system32\DRIVERS\applemtm.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\applemtm.sys [x]
S3 applemtp;Apple Multitouch;C:\WINDOWS\system32\DRIVERS\applemtp.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\applemtp.sys [x]
S3 B57ports;Broadcom Simple Communications Device;C:\WINDOWS\system32\DRIVERS\b57ports.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\b57ports.sys [x]
S3 bScsiSDa;bScsiSDa;C:\WINDOWS\system32\DRIVERS\bScsiSDa.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 CirrusFilter;CS420xLowerFilter;C:\WINDOWS\system32\DRIVERS\CS420x64.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\CS420x64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\WINDOWS\system32\DRIVERS\iusb3hub.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\WINDOWS\system32\DRIVERS\iusb3xhc.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 KeyMagic;USB Keyboard HID Filter;C:\WINDOWS\system32\DRIVERS\KeyMagic.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\KeyMagic.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\system32\drivers\nvvad64v.sys;C:\WINDOWS\SYSNATIVE\drivers\nvvad64v.sys [x]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
Contents of the 'Scheduled Tasks' folder
2014-04-26 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-26 00:36:27 . 2014-04-26 00:36:27]
2014-04-25 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-490158340-1184732796-1716885235-1000Core.job
- C:\Users\bkribbs\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-03 23:22:35 . 2013-12-03 23:22:26]
2014-04-26 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-490158340-1184732796-1716885235-1000UA.job
- C:\Users\bkribbs\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-03 23:22:35 . 2013-12-03 23:22:26]
--------- X64 Entries -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apple_KbdMgr"="C:\Program Files\Boot Camp\Bootcamp.exe" [2014-01-31 21:59:58 746816]
"ShadowPlay"="C:\WINDOWS\system32\nvspcap64.dll" [2014-04-02 13:27:05 1225920]
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-02 13:29:05 2201032]
------- Supplementary Scan -------
uLocal Page = C:\WINDOWS\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = C:\WINDOWS\system32\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:50136;https=127.0.0.1:50136
uInternet Settings,ProxyOverride = <-loopback>
TCP: DhcpNameServer = 130.127.255.250 130.127.255.251
- - - - ORPHANS REMOVED - - - -
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
AddRemove-BattlEye for A2 - D:\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
AddRemove-BrowserSafeguard - C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe
AddRemove-PunkBusterSvc - D:\Origin\Battlefield 4\pbsvc.exe
AddRemove-Steam - C:\Program Files (x86)\Steam\uninstall.exe
AddRemove-Steam App 4000 - C:\Program Files (x86)\Steam\steam.exe
ComboFix 14-04-20.01 - bkribbs 04/25/2014 23:31:50.2.8 - x64
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.16291.14074 [GMT -4:00]
Running from: C:\Users\bkribbs\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
((((((((((((((((((((((((( Files Created from 2014-03-26 to 2014-04-26 )))))))))))))))))))))))))))))))
2014-04-26 06:31:43 . 2014-04-26 02:46:48 -------- d-----w- C:\AdwCleaner
2014-04-26 03:34:39 . 2014-04-26 03:34:39 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-04-26 03:10:35 . 2014-04-26 03:10:35 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A3CCFF94-3C1C-4DA3-A54B-2453E78D76A5}\offreg.dll
2014-04-26 03:09:38 . 2014-04-26 03:09:38 -------- d-----w- C:\WINDOWS\ERUNT
2014-04-26 03:05:34 . 2014-04-26 03:05:35 -------- d-----w- C:\Users\bkribbs\AppData\Local\DayZCommander
2014-04-26 02:40:27 . 2014-04-26 02:40:27 -------- d-----w- C:\WINDOWS\Migration
2014-04-26 02:35:09 . 2014-04-26 03:29:37 119512 ----a-w- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-04-26 02:35:01 . 2014-04-26 02:35:02 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-26 02:35:01 . 2014-04-26 02:35:01 -------- d-----w- C:\ProgramData\Malwarebytes
2014-04-26 02:35:01 . 2014-04-03 13:51:16 63192 ----a-w- C:\WINDOWS\system32\drivers\mwac.sys
2014-04-26 02:35:01 . 2014-04-03 13:51:04 88280 ----a-w- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-04-26 02:35:01 . 2014-04-03 13:50:58 25816 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2014-04-26 01:50:52 . 2014-04-26 01:50:52 -------- d-----w- C:\Users\bkribbs\AppData\Local\ElevatedDiagnostics
2014-04-26 01:41:47 . 2014-04-26 01:41:47 -------- d-----w- C:\Program Files (x86)\7-Zip
2014-04-26 00:53:20 . 2014-04-26 00:53:20 -------- d-----w- C:\Program Files (x86)\Common Files\BattlEye
2014-04-26 00:44:57 . 2014-04-26 00:45:07 -------- d-----w- C:\Users\bkribbs\AppData\Local\ArmA 2
2014-04-26 00:42:10 . 2014-04-26 00:51:06 -------- d-----w- C:\Users\bkribbs\AppData\Local\ArmA 2 OA
2014-04-26 00:42:10 . 2014-04-26 00:42:10 -------- d-----w- C:\ProgramData\Bohemia Interactive Studio
2014-04-26 00:41:49 . 2014-04-26 00:41:49 -------- d-----w- C:\Program Files (x86)\Bohemia Interactive
2014-04-26 00:36:26 . 2014-04-26 00:36:26 71048 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2014-04-26 00:36:26 . 2014-04-26 00:36:26 692616 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2014-04-26 00:36:26 . 2014-04-26 00:36:26 -------- d-----w- C:\WINDOWS\SysWow64\Macromed
2014-04-26 00:36:25 . 2014-04-26 00:36:25 -------- d-----w- C:\WINDOWS\system32\Macromed
2014-04-26 00:13:33 . 2014-04-26 00:13:33 -------- d-----w- C:\ProgramData\SIX Networks
2014-04-26 00:13:09 . 2014-04-26 00:13:09 -------- d-----w- C:\Users\bkribbs\AppData\Local\IsolatedStorage
2014-04-26 00:13:07 . 2014-04-26 00:42:09 -------- d-----w- C:\Users\bkribbs\AppData\Local\SIX Networks
2014-04-26 00:13:07 . 2014-04-26 00:13:07 -------- d-----w- C:\Users\bkribbs\AppData\Roaming\SIX Networks
2014-04-25 23:07:10 . 2014-04-25 23:07:13 -------- d-----w- C:\WINDOWS\rescache
2014-04-25 22:22:43 . 2014-04-25 22:22:43 -------- d-----w- C:\Users\bkribbs\AppData\Local\Downloaded Installations
2014-04-25 22:07:54 . 2014-01-31 21:54:31 99288 ----a-w- C:\WINDOWS\system32\drivers\TeeDriverx64.sys
2014-04-25 22:07:54 . 2014-01-31 21:54:31 1795952 ----a-w- C:\WINDOWS\system32\WdfCoInstaller01011.dll
2014-04-25 22:07:28 . 2013-09-06 13:35:16 39424 ----a-w- C:\WINDOWS\system32\drivers\applemtp.sys
2014-04-25 22:07:24 . 2013-10-17 12:24:15 69120 ----a-w- C:\WINDOWS\system32\CirrusAPO_x64.dll
2014-04-25 22:06:39 . 2014-01-10 13:54:39 8061648 ----a-w- C:\WINDOWS\system32\drivers\BCMWL664.SYS
2014-04-25 22:06:38 . 2014-01-10 13:54:39 96560 ----a-w- C:\WINDOWS\system32\bcmwlcoi.dll
2014-04-25 22:06:38 . 2014-01-10 13:54:39 3674408 ----a-w- C:\WINDOWS\system32\bcmihvui64.dll
2014-04-25 22:06:38 . 2014-01-10 13:54:38 4406568 ----a-w- C:\WINDOWS\system32\bcmihvsrv64.dll
2014-04-25 22:06:30 . 2014-01-14 18:06:14 31232 ----a-w- C:\WINDOWS\system32\drivers\KeyMagic.sys
2014-04-25 21:25:12 . 2014-03-21 19:43:52 40392 ----a-w- C:\WINDOWS\system32\drivers\nvvad64v.sys
2014-04-25 21:25:12 . 2014-03-21 19:43:50 33568 ----a-w- C:\WINDOWS\SysWow64\nvaudcap32v.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2014-04-02 13:27:17 . 2013-12-04 00:41:34 1081112 ----a-w- C:\WINDOWS\SysWow64\nvspcap.dll
2014-04-02 13:27:05 . 2013-12-04 00:41:34 1225920 ----a-w- C:\WINDOWS\system32\nvspcap64.dll
2014-03-21 19:43:50 . 2013-12-04 00:37:11 37320 ----a-w- C:\WINDOWS\system32\nvaudcap64v.dll
2014-03-21 15:46:46 . 2014-03-21 15:46:46 152848 ----a-w- C:\WINDOWS\SysWow64\comdlg32.ocx
2014-03-21 15:46:46 . 2014-03-21 15:46:46 1081616 ----a-w- C:\WINDOWS\SysWow64\mscomctl.ocx
2014-02-01 01:54:28 . 2013-12-03 22:55:12 59688 ----a-w- C:\WINDOWS\SysWow64\CSVer.dll
2014-01-31 22:00:02 . 2014-01-31 22:00:02 16672 ----a-w- C:\WINDOWS\system32\drivers\AppleMNT.sys
2014-01-31 22:00:00 . 2014-01-31 22:00:00 72992 ----a-w- C:\WINDOWS\system32\drivers\AppleHFS.sys
2014-01-31 21:59:56 . 2014-01-31 21:59:56 1598272 ----a-w- C:\WINDOWS\system32\AppleControlPanel.exe
2014-01-31 21:54:34 . 2013-12-03 22:55:21 48608 ----a-w- C:\WINDOWS\system32\drivers\USB3Ver.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-01-31 21:54:34 291280]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DefaultLogonDomain"= BKRIBBS-BC
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
R3 applebmt;Apple Wireless Mouse;C:\WINDOWS\system32\drivers\applebmt.sys;C:\WINDOWS\SYSNATIVE\drivers\applebmt.sys [x]
R3 AppleDisplayFlt;Apple Display Driver;C:\WINDOWS\system32\drivers\aaplmonf.sys;C:\WINDOWS\SYSNATIVE\drivers\aaplmonf.sys [x]
R3 AppleODD;Apple ODD;C:\WINDOWS\system32\drivers\AppleODD.sys;C:\WINDOWS\SYSNATIVE\drivers\AppleODD.sys [x]
R3 AppleUSBEthernet;Apple USB Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\AppleUSBEthernet.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\AppleUSBEthernet.sys [x]
R3 applewtp;Apple Wireless Trackpad;C:\WINDOWS\system32\drivers\applewtp.sys;C:\WINDOWS\SYSNATIVE\drivers\applewtp.sys [x]
R3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dmvsc;dmvsc;C:\WINDOWS\system32\drivers\dmvsc.sys;C:\WINDOWS\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\system32\IEEtwCollector.exe;C:\WINDOWS\SYSNATIVE\IEEtwCollector.exe [x]
R3 IRRemoteFlt;IR Receiver Filter Driver;C:\WINDOWS\system32\drivers\IRFilter.sys;C:\WINDOWS\SYSNATIVE\drivers\IRFilter.sys [x]
R3 lpasvc;Microsoft Policy Platform Local Authority;C:\Program Files\Microsoft Policy Platform\policyHost.exe;C:\Program Files\Microsoft Policy Platform\policyHost.exe [x]
R3 lppsvc;Microsoft Policy Platform Processor;C:\Program Files\Microsoft Policy Platform\policyHost.exe;C:\Program Files\Microsoft Policy Platform\policyHost.exe [x]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\WINDOWS\system32\drivers\nvstusb.sys;C:\WINDOWS\SYSNATIVE\drivers\nvstusb.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\WINDOWS\system32\drivers\rdpvideominiport.sys;C:\WINDOWS\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;C:\WINDOWS\system32\drivers\synth3dvsc.sys;C:\WINDOWS\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;C:\WINDOWS\system32\drivers\terminpt.sys;C:\WINDOWS\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\WINDOWS\system32\drivers\tsusbflt.sys;C:\WINDOWS\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\WINDOWS\system32\drivers\TsUsbGD.sys;C:\WINDOWS\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;C:\WINDOWS\system32\drivers\tsusbhub.sys;C:\WINDOWS\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;C:\WINDOWS\system32\drivers\rdvgkmd.sys;C:\WINDOWS\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;C:\WINDOWS\system32\Wat\WatAdminSvc.exe;C:\WINDOWS\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Users\bkribbs\Downloads\RealTemp_370\WinRing0x64.sys;C:\Users\bkribbs\Downloads\RealTemp_370\WinRing0x64.sys [x]
R4 CmRcService;Configuration Manager Remote Control;C:\WINDOWS\CCM\RemCtrl\CmRcService.exe;C:\WINDOWS\CCM\RemCtrl\CmRcService.exe [x]
R4 vxlsnyaiet64;vxlsnyaiet64;C:\Program Files\003\vxlsnyaiet64.exe run options=01100010030000000000000000000000 sourceguid=6E6B36EB-9156-411B-B951-C735F4747DCF;C:\Program Files\003\vxlsnyaiet64.exe run options=01100010030000000000000000000000 sourceguid=6E6B36EB-9156-411B-B951-C735F4747DCF [x]
S0 amdkmafd;AMD Audio Bus Lower Filter;C:\WINDOWS\system32\drivers\amdkmafd.sys;C:\WINDOWS\SYSNATIVE\drivers\amdkmafd.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\WINDOWS\system32\drivers\amdkmpfd.sys;C:\WINDOWS\SYSNATIVE\drivers\amdkmpfd.sys [x]
S0 AppleHFS;AppleHFS; [x]
S0 AppleMNT;AppleMNT; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\WINDOWS\system32\drivers\iusb3hcs.sys;C:\WINDOWS\SYSNATIVE\drivers\iusb3hcs.sys [x]
S2 AppleOSSMgr;Apple OS Switch Manager;C:\WINDOWS\system32\AppleOSSMgr.exe;C:\WINDOWS\SYSNATIVE\AppleOSSMgr.exe [x]
S2 AppleTimeSrv;Apple Time Service;C:\WINDOWS\system32\AppleTimeSrv.exe;C:\WINDOWS\SYSNATIVE\AppleTimeSrv.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 KeyAgent;KeyAgent;C:\WINDOWS\system32\drivers\KeyAgent.sys;C:\WINDOWS\SYSNATIVE\drivers\KeyAgent.sys [x]
S2 MacHALDriver;Mac HAL;C:\WINDOWS\system32\drivers\MacHALDriver.sys;C:\WINDOWS\SYSNATIVE\drivers\MacHALDriver.sys [x]
S2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 acpials;ALS Sensor Filter;C:\WINDOWS\system32\DRIVERS\acpials.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\acpials.sys [x]
S3 AppleBtBc;Apple Broadcom Built-in Bluetooth;C:\WINDOWS\system32\DRIVERS\AppleBtBc.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\AppleBtBc.sys [x]
S3 applemtm;Apple Multitouch Mouse;C:\WINDOWS\system32\DRIVERS\applemtm.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\applemtm.sys [x]
S3 applemtp;Apple Multitouch;C:\WINDOWS\system32\DRIVERS\applemtp.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\applemtp.sys [x]
S3 B57ports;Broadcom Simple Communications Device;C:\WINDOWS\system32\DRIVERS\b57ports.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\b57ports.sys [x]
S3 bScsiSDa;bScsiSDa;C:\WINDOWS\system32\DRIVERS\bScsiSDa.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 CirrusFilter;CS420xLowerFilter;C:\WINDOWS\system32\DRIVERS\CS420x64.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\CS420x64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\WINDOWS\system32\DRIVERS\iusb3hub.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\WINDOWS\system32\DRIVERS\iusb3xhc.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 KeyMagic;USB Keyboard HID Filter;C:\WINDOWS\system32\DRIVERS\KeyMagic.sys;C:\WINDOWS\SYSNATIVE\DRIVERS\KeyMagic.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\system32\drivers\nvvad64v.sys;C:\WINDOWS\SYSNATIVE\drivers\nvvad64v.sys [x]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
Contents of the 'Scheduled Tasks' folder
2014-04-26 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-26 00:36:27 . 2014-04-26 00:36:27]
2014-04-25 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-490158340-1184732796-1716885235-1000Core.job
- C:\Users\bkribbs\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-03 23:22:35 . 2013-12-03 23:22:26]
2014-04-26 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-490158340-1184732796-1716885235-1000UA.job
- C:\Users\bkribbs\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-03 23:22:35 . 2013-12-03 23:22:26]
--------- X64 Entries -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apple_KbdMgr"="C:\Program Files\Boot Camp\Bootcamp.exe" [2014-01-31 21:59:58 746816]
"ShadowPlay"="C:\WINDOWS\system32\nvspcap64.dll" [2014-04-02 13:27:05 1225920]
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-02 13:29:05 2201032]
------- Supplementary Scan -------
uLocal Page = C:\WINDOWS\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = C:\WINDOWS\system32\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:50136;https=127.0.0.1:50136
uInternet Settings,ProxyOverride = <-loopback>
TCP: DhcpNameServer = 130.127.255.250 130.127.255.251
- - - - ORPHANS REMOVED - - - -
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
AddRemove-BattlEye for A2 - D:\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
AddRemove-BrowserSafeguard - C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe
AddRemove-PunkBusterSvc - D:\Origin\Battlefield 4\pbsvc.exe
AddRemove-Steam - C:\Program Files (x86)\Steam\uninstall.exe
AddRemove-Steam App 4000 - C:\Program Files (x86)\Steam\steam.exe
Last edited by a moderator: