Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Maljava trojan found by symantec. poss existing other infections


  • This topic is locked This topic is locked
6 replies to this topic

#1 CCPC

CCPC

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:39 PM

Posted 04 August 2012 - 06:01 AM

My AV Symantec recently found the trojan MALJAVA. It said it cleaned by deletion but i have have signs of possible infection. My msconfig.exe crashes when i try and select normal startup option. Internet explorer when started the link window is initially blank...pauses then finally goes to my home page. Im games i get random video freezes for about 2 or 3 seconds at a time. I would appreciate any help you could provide to clear any malware on my system.

DDS.txt log

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Chris at 5:19:17 on 2012-08-04
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3327.1687 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
d:\Applications\DirecTV\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe
D:\applications\Symantec AntiVirus\DefWatch.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\msiexec.exe
C:\Windows\system32\PnkBstrA.exe
D:\applications\GEEK SQUAD POWER MANAGEMENT\ppped.exe
C:\Windows\system32\svchost.exe -k imgsvc
D:\applications\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
d:\applications\ASUS\AI Suite\CpuLevelUpHookLaunch.exe
d:\applications\ASUS\AI Suite\EnergySaving\PwSave.exe
D:\Applications\Symantec AntiVirus\VPTray.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
D:\Applications\Razer\Diamondback\Razer\Diamondback\razerhid.exe
C:\Windows\System32\Ctxfihlp.exe
D:\Applications\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe
D:\Applications\ASUS\AI Suite\CpuLevelUpHelp.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Applications\ASUS\AI Suite\AiNap\AiNap.exe
D:\Applications\GEEK SQUAD POWER MANAGEMENT\pppeuser.exe
D:\Applications\NaturalPoint\TrackIR5\TrackIR5.exe
d:\applications\ASUS\AI Suite\CpuLevelUpHook32.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
D:\Applications\Razer\Diamondback\Razer\Diamondback\razertra.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Windows\system32\SearchIndexer.exe
D:\Applications\Razer\Diamondback\Razer\Diamondback\razerofa.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\ASUS\AASP\1.00.95\aaCenter.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uStart Page = hxxp://www.bing.com/
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
TB: {8E8C6E0B-6EBD-4DFC-8BA0-E92140678F59} - No File
TB: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
uRun: [PowerPanel Personal Edition User Interaction] "d:\applications\geek squad power management\pppeuser.exe"
uRun: [NaturalPoint] d:\applications\naturalpoint\trackir5\TrackIR5.exe
uRun: [Google Update] "c:\users\chris\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
mRun: [vptray] d:\applic~1\symant~1\VPTray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QFan Help] "d:\applications\asus\ai suite\qfan3\QFanHelp.exe"
mRun: [LifeChat] "c:\program files\microsoft lifechat\LifeChat.exe"
mRun: [Launch LCore] c:\program files\logitech gaming software\LCore.exe /minimized
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [Diamondback] d:\applications\razer\diamondback\razer\diamondback\razerhid.exe
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [CPU Power Monitor] "d:\applications\asus\ai suite\aigear3\CpuPowerMonitor.exe"
mRun: [Cpu Level Up help] "d:\applications\asus\ai suite\CpuLevelUpHelp.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [Ai Nap] "d:\applications\asus\ai suite\ainap\AiNap.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
Trusted Zone: intuit.com\ttlc
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: DhcpNameServer = 68.94.156.1 68.94.157.1
TCP: Interfaces\{2ADC9A12-2D52-4FD3-989B-54777B7B1A5C} : DhcpNameServer = 68.94.156.1 68.94.157.1
TCP: Interfaces\{EB95A658-4D04-48D0-86A5-A806625511E5} : DhcpNameServer = 192.168.0.1
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
AppInit_DLLs: {DLL_Str}
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll
.
============= SERVICES / DRIVERS ===============
.
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-9-17 11448]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 CLDTVHNService;CLDTVHNService;d:\applications\directv\directv\directv\kernel\dmp\CLDTVHNService.exe [2009-9-17 75048]
R2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [2010-9-17 20328]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2011-8-25 13672]
R2 ntk_dtv;ntk_dtv;d:\applications\directv\directv\directv\kernel\dmp\ntk_dtv.sys [2009-9-17 119792]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-7-29 1262400]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-5-15 382272]
R2 Symantec AntiVirus;Symantec AntiVirus;d:\applications\symantec antivirus\Rtvscan.exe [2006-11-28 1962136]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2010-5-5 171096]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2010-5-5 1324120]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2010-5-5 72792]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-6-8 106656]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 14856]
R3 npusbio;npusbio;c:\windows\system32\drivers\npusbio.sys [2012-8-1 37408]
R3 Razerlow;Razerlow USB Filter Driver;c:\windows\system32\drivers\Razerlow.sys [2010-9-12 13225]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\common files\creative labs shared\service\AL6Licensing.exe [2010-9-18 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2010-9-18 79360]
S3 Creative Dolby Digital Live Pack Licensing Service;Creative Dolby Digital Live Pack Licensing Service;c:\program files\common files\creative labs shared\service\DDLLicensing.exe [2011-10-23 79360]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2010-5-5 171096]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2010-5-5 1324120]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2010-5-5 72792]
S3 NetFlixDownloadManager;VMC NetFlix Download Manager;d:\applications\luttmann\vmcnetflix\netflixdownloadmanager.exe --> d:\applications\luttmann\vmcnetflix\NetFlixDownloadManager.exe [?]
S3 SavRoam;SavRoam;d:\applications\symantec antivirus\SavRoam.exe [2006-11-28 122008]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-2 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-9-14 1343400]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-4-16 11520]
.
=============== Created Last 30 ================
.
2012-08-04 09:28:16 -------- d-----w- c:\program files\trend micro
2012-08-03 23:15:46 6891424 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{f381ceb7-e854-4b2c-977d-4f1a1ad66929}\mpengine.dll
2012-08-02 01:09:49 37408 ----a-w- c:\windows\system32\drivers\npusbio.sys
2012-08-02 01:09:04 212992 ------w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll
2012-08-01 22:53:20 5982528 ----a-w- c:\windows\system32\nvcuda.dll
2012-08-01 22:53:20 2524992 ----a-w- c:\windows\system32\nvcuvid.dll
2012-08-01 22:53:20 2445120 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-08-01 22:53:20 17551680 ----a-w- c:\windows\system32\nvcompiler.dll
2012-08-01 22:53:20 15322432 ----a-w- c:\windows\system32\nvd3dum.dll
2012-08-01 22:53:20 11354944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-07-29 14:50:46 645440 ----a-w- c:\windows\system32\nvvsvc.exe
2012-07-29 14:50:46 62272 ----a-w- c:\windows\system32\nvshext.dll
2012-07-29 14:50:46 3931456 ----a-w- c:\windows\system32\nvcpl.dll
2012-07-29 14:50:46 2759488 ----a-w- c:\windows\system32\nvsvc.dll
2012-07-29 14:50:44 108352 ----a-w- c:\windows\system32\nvmctray.dll
2012-07-29 14:50:12 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-07-27 03:24:18 935632 ----a-w- c:\windows\system32\Vb40016.dll
2012-07-27 03:24:18 31152 ----a-w- c:\windows\system32\COMP4701.rra
2012-07-27 02:57:28 181993864 ----a-w- C:\07262012.reg
2012-07-26 03:08:09 -------- d-----w- C:\ViewSonic
2012-07-26 02:48:37 61248 ----a-w- c:\windows\system32\OpenCL.dll
2012-07-26 02:43:39 883008 ----a-w- c:\windows\system32\nvgenco32.dll
2012-07-26 02:43:39 8105280 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-07-26 02:43:39 2368832 ----a-w- c:\windows\system32\nvapi.dll
2012-07-26 02:43:39 19607872 ----a-w- c:\windows\system32\nvoglv32.dll
2012-07-26 02:43:39 1000768 ----a-w- c:\windows\system32\nvdispco32.dll
2012-07-26 00:30:17 -------- d-----w- c:\windows\pss
2012-07-14 23:09:54 -------- d-----w- c:\users\chris\appdata\local\SIX_Projects
2012-07-14 22:55:31 -------- d-----w- c:\users\chris\appdata\roaming\six-zsync
2012-07-14 22:55:31 -------- d-----w- c:\users\chris\appdata\roaming\six-updater
2012-07-11 03:14:26 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-08 17:53:53 -------- d--h--w- c:\program files\InstallJammer Registry
2012-07-07 21:30:57 -------- d-----w- c:\users\chris\appdata\local\CRE
2012-07-07 21:30:54 -------- d-----w- c:\program files\Conduit
2012-07-07 15:44:39 -------- d-----w- C:\Vac backup
.
==================== Find3M ====================
.
2012-07-03 19:36:52 234576 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-07-03 19:36:52 234576 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-07-03 16:46:02 138608 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-07-03 16:45:43 234576 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-07-01 23:47:28 177750758 ----a-w- C:\before mkv codec 7_1_2012.reg
2012-06-22 23:58:30 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-22 23:58:30 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-06 05:05:52 1390080 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- c:\windows\system32\cdosys.dll
2012-06-02 22:12:32 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12:13 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 20:19:42 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 20:12:20 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 08:33:25 1800192 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 04:45:04 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 04:45:03 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 04:40:59 369336 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 04:40:39 225280 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- c:\windows\system32\ncrypt.dll
2012-05-31 17:25:14 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-15 07:21:50 423744 ----a-w- c:\windows\system32\nvStreaming.exe
2012-05-07 11:56:28 126976 ----a-w- c:\windows\system32\DWUtilities.dll
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: ST332062 rev.3.AA -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
c:\windows\system32\drivers\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver
1 ntkrnlpa!IofCallDriver[0x82C4F55A] -> \Device\Harddisk0\DR0[0x86EE3030]
3 CLASSPNP[0x8C1A059E] -> ntkrnlpa!IofCallDriver[0x82C4F55A] -> \Device\Ide\IAAStorageDevice-0[0x860CF028]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user != kernel MBR !!!
error: Read The request could not be performed because of an I/O device error.
.
============= FINISH: 5:20:28.50 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Larusso

Larusso

    Raggamuffin


  • Malware Response Team
  • 305 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austria
  • Local time:08:39 PM

Posted 07 August 2012 - 10:09 AM

Hy
my name is Daniel and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.
  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.



Your DDS Log appears clean, so let me dig a little bit deeper.



Download OTL to your Desktop.
  • Double click on the icon to run it.
  • Under the Posted Image box paste this in
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
%windir%\installer\*. /5
%localappdata%\*. /5
/md5start
services.exe
user32.dll
/md5stop
CREATERESTOREPOINT
  • Make sure all other windows are closed to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

Please post both logfiles in your next reply.




Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

Please post the contents of that log in your next reply.
regards,
Daniel

Bread for the world instead Bombs and Bangers


I'll always help for free but if you want to support me in my fight against malware, please btn_donate_SM.gif

#3 CCPC

CCPC
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:39 PM

Posted 08 August 2012 - 03:09 PM

Bellow are the OTL logs

OTL logfile created on: 8/4/2012 4:54:02 AM - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = E:\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 59.01% Memory free
6.50 Gb Paging File | 4.85 Gb Available in Paging File | 74.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297.99 Gb Total Space | 256.10 Gb Free Space | 85.94% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 64.59 Gb Free Space | 21.67% Space Free | Partition Type: NTFS
Drive E: | 279.46 Gb Total Space | 216.46 Gb Free Space | 77.46% Space Free | Partition Type: NTFS

Computer Name: GAMER | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/04 04:52:29 | 000,595,456 | ---- | M] (OldTimer Tools) -- E:\Downloads\OTL.exe
PRC - [2012/05/21 10:11:12 | 000,661,304 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
PRC - [2012/05/21 10:11:00 | 000,676,664 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
PRC - [2012/05/21 10:10:48 | 005,092,152 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\LCore.exe
PRC - [2012/05/15 05:26:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/05/15 04:28:16 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012/05/15 04:27:34 | 000,857,920 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/03/17 18:40:28 | 007,953,960 | ---- | M] (NaturalPoint, Inc.) -- D:\Applications\NaturalPoint\TrackIR5\TrackIR5.exe
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 07:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/09/17 21:28:36 | 000,622,080 | ---- | M] () -- C:\Program Files\ASUS\AASP\1.00.95\aaCenter.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/05/05 19:56:42 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\Ctxfihlp.exe
PRC - [2010/05/05 19:51:56 | 001,212,928 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\CTxfispi.exe
PRC - [2010/02/12 10:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2009/10/09 20:11:38 | 000,226,816 | ---- | M] () -- D:\Applications\Razer\Diamondback\Razer\Diamondback\razerhid.exe
PRC - [2009/09/28 12:48:08 | 000,264,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeChat\LifeChat.exe
PRC - [2009/09/17 18:40:44 | 000,075,048 | ---- | M] () -- d:\Applications\DirecTV\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe
PRC - [2009/07/01 20:23:52 | 001,435,136 | ---- | M] () -- D:\Applications\ASUS\AI Suite\AiNap\AiNap.exe
PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/01/22 20:43:54 | 001,352,704 | ---- | M] () -- d:\Applications\ASUS\AI Suite\EnergySaving\PwSave.exe
PRC - [2008/01/09 10:17:18 | 000,627,200 | ---- | M] () -- D:\Applications\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe
PRC - [2007/11/30 20:03:28 | 000,881,152 | ---- | M] () -- D:\Applications\ASUS\AI Suite\CpuLevelUpHelp.exe
PRC - [2007/10/16 14:48:50 | 000,319,488 | ---- | M] (ASUS) -- d:\Applications\ASUS\AI Suite\CpuLevelUpHook32.exe
PRC - [2007/10/11 17:09:50 | 000,582,656 | ---- | M] () -- d:\Applications\ASUS\AI Suite\CpuLevelUpHookLaunch.exe
PRC - [2007/02/14 11:11:18 | 000,163,840 | ---- | M] (Razer Inc.) -- D:\Applications\Razer\Diamondback\Razer\Diamondback\razerofa.exe
PRC - [2007/02/07 16:00:02 | 000,131,072 | ---- | M] () -- D:\Applications\Razer\Diamondback\Razer\Diamondback\razertra.exe
PRC - [2006/11/28 06:34:38 | 000,134,808 | ---- | M] (Symantec Corporation) -- D:\Applications\Symantec AntiVirus\VPTray.exe
PRC - [2006/11/28 06:34:18 | 001,962,136 | ---- | M] (Symantec Corporation) -- D:\Applications\Symantec AntiVirus\Rtvscan.exe
PRC - [2006/11/28 06:34:00 | 000,030,872 | ---- | M] (Symantec Corporation) -- D:\Applications\Symantec AntiVirus\DefWatch.exe
PRC - [2006/11/22 17:12:36 | 000,107,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2006/11/22 17:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2005/09/21 15:05:32 | 000,270,336 | ---- | M] () -- D:\Applications\GEEK SQUAD POWER MANAGEMENT\pppeuser.exe
PRC - [2005/09/20 17:49:36 | 000,487,424 | ---- | M] () -- D:\Applications\GEEK SQUAD POWER MANAGEMENT\ppped.exe


========== Modules (No Company Name) ==========

MOD - [2010/09/17 21:28:39 | 000,204,851 | ---- | M] () -- C:\Program Files\ASUS\AASP\1.00.95\PowerDll.dll
MOD - [2010/09/17 21:28:39 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\AASP\1.00.95\cpuutil.dll
MOD - [2010/09/17 21:28:38 | 000,188,928 | ---- | M] () -- C:\Program Files\ASUS\AASP\1.00.95\aasp.dll
MOD - [2010/09/17 21:28:36 | 000,622,080 | ---- | M] () -- C:\Program Files\ASUS\AASP\1.00.95\aaCenter.exe
MOD - [2010/09/17 21:18:40 | 000,024,576 | ---- | M] () -- C:\Windows\System32\AsIO.dll
MOD - [2010/05/05 19:56:46 | 000,002,560 | ---- | M] () -- C:\Windows\CTXFIRES.DLL
MOD - [2009/11/25 23:23:08 | 000,492,544 | ---- | M] () -- D:\Applications\NaturalPoint\TrackIR5\Styles\TrackIR.cjstyles
MOD - [2009/10/09 20:11:38 | 000,226,816 | ---- | M] () -- D:\Applications\Razer\Diamondback\Razer\Diamondback\razerhid.exe
MOD - [2009/07/01 20:23:52 | 001,435,136 | ---- | M] () -- D:\Applications\ASUS\AI Suite\AiNap\AiNap.exe
MOD - [2009/03/26 14:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\System32\APOMngr.DLL
MOD - [2009/01/22 20:43:54 | 001,352,704 | ---- | M] () -- d:\Applications\ASUS\AI Suite\EnergySaving\PwSave.exe
MOD - [2009/01/22 20:43:54 | 000,409,088 | ---- | M] () -- d:\Applications\ASUS\AI Suite\EnergySaving\AnimationView.dll
MOD - [2008/02/25 15:08:54 | 000,208,896 | ---- | M] () -- D:\Applications\ASUS\AI Suite\AiNap\AiNap.dll
MOD - [2008/01/09 10:17:18 | 000,627,200 | ---- | M] () -- D:\Applications\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe
MOD - [2007/11/30 20:03:28 | 000,881,152 | ---- | M] () -- D:\Applications\ASUS\AI Suite\CpuLevelUpHelp.exe
MOD - [2007/10/11 17:09:50 | 000,582,656 | ---- | M] () -- d:\Applications\ASUS\AI Suite\CpuLevelUpHookLaunch.exe
MOD - [2007/10/11 14:51:00 | 000,053,248 | ---- | M] () -- d:\Applications\ASUS\AI Suite\HookKey32.dll
MOD - [2007/02/07 16:00:02 | 000,131,072 | ---- | M] () -- D:\Applications\Razer\Diamondback\Razer\Diamondback\razertra.exe
MOD - [2007/01/03 22:25:56 | 000,008,704 | ---- | M] () -- D:\Applications\ASUS\AI Suite\AiNap\vvc.dll
MOD - [2005/09/21 15:05:32 | 000,270,336 | ---- | M] () -- D:\Applications\GEEK SQUAD POWER MANAGEMENT\pppeuser.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- D:\applications\Luttmann\vmcNetFlix\NetFlixDownloadManager.exe -- (NetFlixDownloadManager)
SRV - [2012/08/01 20:31:21 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/15 05:26:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/01/26 20:21:22 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\DDLLicensing.exe -- (Creative Dolby Digital Live Pack Licensing Service)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2010/09/18 23:08:02 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/09/18 22:57:17 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/09/13 23:58:43 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/02/12 10:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009/09/17 18:40:44 | 000,075,048 | ---- | M] () [Auto | Running] -- d:\Applications\DirecTV\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe -- (CLDTVHNService)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/11/28 06:34:26 | 000,122,008 | ---- | M] (symantec) [On_Demand | Stopped] -- D:\Applications\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2006/11/28 06:34:18 | 001,962,136 | ---- | M] (Symantec Corporation) [Auto | Running] -- D:\Applications\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2006/11/28 06:34:00 | 000,030,872 | ---- | M] (Symantec Corporation) [Auto | Running] -- D:\Applications\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2006/11/22 17:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2006/11/22 17:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2006/10/31 10:32:09 | 002,541,248 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2005/09/20 17:49:36 | 000,487,424 | ---- | M] () [Auto | Running] -- D:\Applications\GEEK SQUAD POWER MANAGEMENT\ppped.exe -- (ppped)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- C:\Users\Chris\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24[1].gadget\WinRing0.sys -- (WinRing0_1_2_0)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\Senfilt.sys -- (SenFiltService)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTHDRVSP.sys -- (PTHDRVSP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTHDRMDM.sys -- (PTHDRMDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTHDRBUS.sys -- (PTHDRBUS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mvvideodemo.sys -- (mvvideodemo)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Applications\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Chris\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AmdLLD.sys -- (AmdLLD)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\AEAudio.sys -- (AEAudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2012/05/16 03:00:00 | 001,589,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120803.004\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/05/16 03:00:00 | 000,087,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120803.004\NAVENG.SYS -- (NAVENG)
DRV - [2012/05/15 23:15:56 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/05/15 23:15:51 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/05/15 05:26:00 | 011,354,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/09/11 11:06:52 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010/09/17 21:28:35 | 000,006,504 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2010/09/17 21:18:41 | 000,011,448 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2010/09/17 21:18:41 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2010/09/12 17:17:53 | 000,109,744 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/07/09 13:18:54 | 000,020,328 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz134_x32.sys -- (cpuz134)
DRV - [2010/05/05 21:29:18 | 001,178,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2010/05/05 21:29:10 | 000,095,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2010/05/05 21:29:02 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2010/05/05 21:28:54 | 000,014,424 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2010/05/05 21:24:44 | 000,130,136 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2010/05/05 21:24:34 | 000,347,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2010/05/05 21:24:24 | 000,526,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2010/05/05 21:24:14 | 000,511,064 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2010/05/05 21:24:04 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV - [2010/05/05 21:24:04 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2010/05/05 21:23:52 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV - [2010/05/05 21:23:52 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2010/05/05 21:23:46 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV - [2010/05/05 21:23:46 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2009/12/17 17:49:02 | 000,037,408 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\npusbio.sys -- (npusbio)
DRV - [2009/11/23 17:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid)
DRV - [2009/11/23 17:37:08 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV - [2009/09/28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/09/17 18:40:52 | 000,119,792 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- d:\Applications\DirecTV\DirecTV\DirecTV\Kernel\DMP\ntk_dtv.sys -- (ntk_dtv)
DRV - [2008/04/16 08:27:04 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2006/11/22 16:17:06 | 000,274,328 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2006/11/22 16:17:06 | 000,247,144 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2006/11/22 16:17:06 | 000,025,448 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2006/10/26 12:01:34 | 000,185,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2006/10/26 12:01:34 | 000,026,384 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2006/10/06 14:26:16 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2005/04/24 22:43:58 | 000,013,225 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Razerlow.sys -- (Razerlow)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3154289940-1777885061-1526483830-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3154289940-1777885061-1526483830-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
IE - HKU\S-1-5-21-3154289940-1777885061-1526483830-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3154289940-1777885061-1526483830-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-3154289940-1777885061-1526483830-1001\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKU\S-1-5-21-3154289940-1777885061-1526483830-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3154289940-1777885061-1526483830-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {e2fda1a4-762b-4020-b5ad-a41df1933103}:1.0b2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Components: d:\applications\Mozilla Thunderbird\components [2012/06/27 17:05:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Plugins: d:\applications\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: D:\Applications\Mozilla Thunderbird\components [2012/06/27 17:05:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: D:\Applications\Mozilla Thunderbird\plugins

[2010/09/12 17:31:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions
[2010/09/12 17:31:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/07/07 16:30:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\extensions
[2012/07/07 16:30:56 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012/07/25 18:34:55 | 000,000,000 | ---D | M] (Lightning) -- C:\USERS\CHRIS\APPDATA\ROAMING\THUNDERBIRD\PROFILES\TZU9SSDR.DEFAULT\EXTENSIONS\{E2FDA1A4-762B-4020-B5AD-A41DF1933103}
[2012/05/15 20:13:35 | 000,564,732 | ---- | M] () (No name found) -- C:\USERS\CHRIS\APPDATA\ROAMING\THUNDERBIRD\PROFILES\TZU9SSDR.DEFAULT\EXTENSIONS\TBTESTPILOT@LABS.MOZILLA.COM.XPI

========== Chrome ==========

CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTerms}&AF=100486&tt=090212_ctrl&babsrc=SP_ss&mntrId=32a4cb2b000000000000001e8c2e25c3
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Chris\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Late Night = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0_0\
CHR - Extension: Gmail = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2010/10/24 11:05:37 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-3154289940-1777885061-1526483830-1001\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKU\S-1-5-21-3154289940-1777885061-1526483830-1001\..\Toolbar\WebBrowser: (no name) - {8E8C6E0B-6EBD-4DFC-8BA0-E92140678F59} - No CLSID value found.
O3 - HKU\S-1-5-21-3154289940-1777885061-1526483830-1001\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [Ai Nap] d:\applications\ASUS\AI Suite\AiNap\AiNap.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Cpu Level Up help] d:\applications\ASUS\AI Suite\CpuLevelUpHelp.exe ()
O4 - HKLM..\Run: [CPU Power Monitor] d:\applications\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe ()
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Diamondback] d:\Applications\Razer\Diamondback\Razer\Diamondback\razerhid.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [LifeChat] C:\Program Files\Microsoft LifeChat\LifeChat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [QFan Help] d:\applications\ASUS\AI Suite\QFan3\QFanHelp.exe ()
O4 - HKLM..\Run: [vptray] D:\Applications\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKU\S-1-5-21-3154289940-1777885061-1526483830-1001..\Run: [NaturalPoint] D:\Applications\NaturalPoint\TrackIR5\TrackIR5.exe (NaturalPoint, Inc.)
O4 - HKU\S-1-5-21-3154289940-1777885061-1526483830-1001..\Run: [PowerPanel Personal Edition User Interaction] D:\applications\GEEK SQUAD POWER MANAGEMENT\pppeuser.exe ()
O4 - HKU\S-1-5-21-3154289940-1777885061-1526483830-1007..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3154289940-1777885061-1526483830-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3154289940-1777885061-1526483830-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]
O7 - HKU\S-1-5-21-3154289940-1777885061-1526483830-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3154289940-1777885061-1526483830-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-3154289940-1777885061-1526483830-1001\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2ADC9A12-2D52-4FD3-989B-54777B7B1A5C}: DhcpNameServer = 68.94.156.1 68.94.157.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB95A658-4D04-48D0-86A5-A806625511E5}: DhcpNameServer = 192.168.0.1
O20 - AppInit_DLLs: ({DLL_Str}) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/12 23:08:43 | 000,000,052 | ---- | M] () - C:\AUTOEXEC.001 -- [ NTFS ]
O32 - AutoRun File - [2011/02/13 00:52:04 | 000,000,052 | ---- | M] () - C:\AUTOEXEC.002 -- [ NTFS ]
O32 - AutoRun File - [2011/02/13 01:52:24 | 000,000,052 | ---- | M] () - C:\AUTOEXEC.003 -- [ NTFS ]
O32 - AutoRun File - [2011/02/15 12:25:22 | 000,000,052 | ---- | M] () - C:\AUTOEXEC.004 -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\AUTOEXEC.BAK -- [ NTFS ]
O32 - AutoRun File - [2011/02/15 14:46:10 | 000,000,052 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - State: "bootini" - 2
MsConfig - State: "startup" - 0
MsConfig - State: "services" - 0

Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - File not found
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/04 04:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012/08/04 04:28:16 | 000,000,000 | ---D | C] -- C:\rsit
[2012/08/01 20:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrackIR v5
[2012/08/01 17:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/07/29 09:50:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/07/25 22:08:09 | 000,000,000 | ---D | C] -- C:\ViewSonic
[2012/07/25 21:49:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/07/25 21:48:37 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2012/07/25 19:30:17 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/07/15 08:26:51 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\Nas
[2012/07/14 18:46:06 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\ArmA 2 Other Profiles
[2012/07/14 18:09:54 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\SIX_Projects
[2012/07/14 17:55:31 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\six-zsync
[2012/07/14 17:55:31 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\six-updater
[2012/07/14 17:54:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Six Projects
[2012/07/08 12:53:53 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallJammer Registry
[2012/07/07 16:30:57 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\CRE
[2012/07/07 16:30:54 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2012/07/07 11:27:17 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Voice Activated Commands
[2012/07/07 10:44:39 | 000,000,000 | ---D | C] -- C:\Vac backup
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\Chris\AppData\Local\*.tmp files -> C:\Users\Chris\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/04 04:37:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3154289940-1777885061-1526483830-1001UA.job
[2012/08/04 04:37:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3154289940-1777885061-1526483830-1001Core.job
[2012/08/04 04:16:38 | 000,019,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/04 04:16:38 | 000,019,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/04 04:08:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/04 04:07:59 | 2616,545,280 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/04 04:06:09 | 000,055,996 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000005-00000000-00000001-00001102-00000005-002C1102}.rfx
[2012/08/04 04:06:09 | 000,055,996 | ---- | M] () -- C:\Windows\System32\BMXState-{00000005-00000000-00000001-00001102-00000005-002C1102}.rfx
[2012/08/04 04:06:09 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000005-00000000-00000001-00001102-00000005-002C1102}.rfx
[2012/08/03 18:16:04 | 000,623,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/08/03 18:16:04 | 000,106,316 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/02 21:46:38 | 000,007,651 | ---- | M] () -- C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
[2012/08/02 19:35:43 | 000,000,455 | ---- | M] () -- C:\Users\Chris\Desktop\DayZ Map - DayZDB.website
[2012/08/01 20:10:28 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\TrackIR v5.lnk
[2012/08/01 17:41:37 | 000,002,450 | ---- | M] () -- C:\Users\Chris\Desktop\Google Chrome.lnk
[2012/07/29 10:07:33 | 000,000,732 | ---- | M] () -- C:\Users\Chris\Desktop\EVGA Precision X.lnk
[2012/07/27 16:25:30 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Six Updater.lnk
[2012/07/27 16:25:30 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Six Launcher.lnk
[2012/07/26 22:29:41 | 000,012,741 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\PStrip.ini
[2012/07/26 21:57:36 | 181,993,864 | ---- | M] () -- C:\07262012.reg
[2012/07/26 21:37:51 | 000,012,407 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\PStrip.bak
[2012/07/25 22:25:37 | 000,012,157 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\PStrip.bk!
[2012/07/25 21:52:43 | 000,009,134 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\PStrip.bko
[2012/07/23 22:33:52 | 000,000,898 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2012/07/15 10:15:30 | 000,000,207 | ---- | M] () -- C:\Users\Chris\Desktop\Dayz.url
[2012/07/10 22:19:18 | 000,403,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/09 18:18:14 | 000,001,151 | ---- | M] () -- C:\Users\Chris\Desktop\Complex 8.2.3.lnk
[2012/07/09 18:17:32 | 000,001,237 | ---- | M] () -- C:\Users\Chris\Desktop\Homeworld 2 Complex simpleMod.lnk
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\Chris\AppData\Local\*.tmp files -> C:\Users\Chris\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/01 20:10:28 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\TrackIR v5.lnk
[2012/08/01 20:09:49 | 000,037,408 | ---- | C] () -- C:\Windows\System32\drivers\npusbio.sys
[2012/07/26 21:57:28 | 181,993,864 | ---- | C] () -- C:\07262012.reg
[2012/07/25 21:43:39 | 000,011,190 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2012/07/25 21:42:08 | 000,012,157 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\PStrip.bk!
[2012/07/25 21:42:04 | 000,009,134 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\PStrip.bko
[2012/07/25 21:34:46 | 000,012,407 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\PStrip.bak
[2012/07/25 20:37:57 | 000,012,741 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\PStrip.ini
[2012/07/16 23:05:07 | 000,000,455 | ---- | C] () -- C:\Users\Chris\Desktop\DayZ Map - DayZDB.website
[2012/07/15 10:15:30 | 000,000,207 | ---- | C] () -- C:\Users\Chris\Desktop\Dayz.url
[2012/07/14 17:54:11 | 000,002,573 | ---- | C] () -- C:\Users\Public\Desktop\Six Updater.lnk
[2012/07/14 17:54:11 | 000,002,573 | ---- | C] () -- C:\Users\Public\Desktop\Six Launcher.lnk
[2012/07/09 15:59:30 | 000,001,151 | ---- | C] () -- C:\Users\Chris\Desktop\Complex 8.2.3.lnk
[2012/07/08 21:26:37 | 000,001,237 | ---- | C] () -- C:\Users\Chris\Desktop\Homeworld 2 Complex simpleMod.lnk
[2012/05/15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012/02/15 16:02:03 | 003,566,434 | ---- | C] () -- C:\Windows\System32\fun_avcodec.dll
[2012/02/15 16:02:03 | 000,827,392 | ---- | C] () -- C:\Windows\System32\Mpeg4System.dll
[2012/02/15 16:02:03 | 000,241,664 | ---- | C] () -- C:\Windows\System32\AMR.dll
[2012/02/15 16:02:03 | 000,167,936 | ---- | C] () -- C:\Windows\System32\Mpeg4Tools.dll
[2012/02/15 16:02:03 | 000,122,880 | ---- | C] () -- C:\Windows\System32\Mpeg4DSF.dll
[2012/02/15 16:02:03 | 000,057,344 | ---- | C] () -- C:\Windows\System32\EvrcDecDll.dll
[2012/02/15 16:02:03 | 000,057,344 | ---- | C] () -- C:\Windows\System32\AMRDSF.dll
[2012/02/15 16:02:03 | 000,042,108 | ---- | C] () -- C:\Windows\System32\fun_avutil.dll
[2012/02/15 15:51:43 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2012/02/06 18:28:55 | 000,000,307 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/01/29 10:05:42 | 000,000,080 | ---- | C] () -- C:\Users\Chris\AppData\Local\X-Plane Installer.prf
[2012/01/10 15:06:56 | 001,236,992 | ---- | C] () -- C:\Windows\System32\spk.dll
[2011/09/07 01:08:39 | 000,000,346 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011/08/24 18:26:44 | 000,000,100 | ---- | C] () -- C:\Windows\Sfc3ng.ini
[2011/08/22 11:52:26 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/08/20 08:39:06 | 000,003,248 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\glide_wrapper.zbag.ini
[2011/07/19 21:21:25 | 000,000,000 | ---- | C] () -- C:\Windows\EAREMOVE.INI
[2011/07/19 21:21:21 | 000,000,048 | ---- | C] () -- C:\Windows\WININIT.INI
[2011/07/06 16:24:41 | 000,006,144 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/31 19:11:12 | 000,000,208 | ---- | C] () -- C:\Windows\Ulead32.ini
[2011/03/02 06:43:44 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/02/15 15:03:26 | 000,061,440 | ---- | C] () -- C:\Windows\System32\VDDLoader.dll
[2011/02/13 12:41:58 | 000,000,210 | ---- | C] () -- C:\Windows\PowerReg.dat
[2011/02/12 23:57:05 | 000,000,023 | ---- | C] () -- C:\Windows\System32\vesa768.dll
[2011/02/12 20:49:15 | 000,000,632 | ---- | C] () -- C:\Windows\EF2.INI
[2011/01/29 23:00:12 | 000,024,576 | ---- | C] () -- C:\Windows\System32\ealtest.exe
[2011/01/28 20:31:04 | 000,000,001 | ---- | C] () -- C:\Windows\System32\OutN64proc64.dll
[2011/01/28 20:31:04 | 000,000,001 | ---- | C] () -- C:\Windows\System32\InN64proc64.dll
[2011/01/27 20:53:02 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/12/26 06:20:52 | 000,081,920 | ---- | C] () -- C:\Windows\asr32311.dll
[2010/10/24 10:59:44 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/10/24 10:59:43 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/10/24 10:59:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/10/24 10:59:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/10/24 10:59:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/10/05 17:39:41 | 002,601,752 | ---- | C] () -- C:\Windows\System32\pbsvc_moh.exe
[2010/09/23 00:14:09 | 000,000,351 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\GPU Monitor_Settings.ini
[2010/09/20 19:32:44 | 000,000,073 | ---- | C] () -- C:\Windows\System32\everest_cpl.ini
[2010/09/18 22:56:26 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2010/09/18 22:56:26 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2010/09/18 09:17:54 | 000,007,651 | ---- | C] () -- C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
[2010/09/17 21:59:36 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2010/09/17 21:59:36 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2010/09/17 21:19:52 | 000,011,448 | ---- | C] () -- C:\Windows\System32\drivers\AsUpIO.sys
[2010/09/17 21:19:50 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2010/09/17 21:19:50 | 000,011,296 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2010/09/14 00:18:28 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010/09/12 22:25:43 | 000,138,608 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/09/12 22:25:43 | 000,138,056 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\PnkBstrK.sys
[2010/09/12 22:25:08 | 000,234,576 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/09/12 22:25:07 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010/09/12 22:25:07 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe

========== LOP Check ==========

[2010/11/10 20:24:00 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\.minecraft
[2012/06/19 21:10:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\ArmA II Launcher
[2012/02/15 15:51:36 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Babylon
[2010/11/01 20:14:52 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\CheckPoint
[2011/01/31 21:24:56 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\DAEMON Tools Lite
[2012/04/12 00:28:36 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FSW2
[2012/05/05 22:01:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\GetRightToGo
[2010/12/08 18:32:37 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Hi-Rez Studios
[2011/01/31 21:18:25 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\InfraRecorder
[2012/01/07 19:17:04 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\KillerogDownloader
[2012/06/23 20:43:48 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Leadertech
[2012/08/03 18:33:56 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Mumble
[2012/07/25 18:34:54 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Notepad++
[2011/03/08 23:51:20 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\OpenOffice.org
[2010/10/21 07:08:25 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PDF Reading
[2011/09/23 22:04:12 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PowerCinema
[2012/07/14 19:09:21 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\six-updater
[2012/07/14 17:55:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\six-zsync
[2010/09/12 17:31:37 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Thunderbird
[2011/05/31 19:18:27 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Ulead Systems
[2010/12/25 18:36:57 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\wxlauncher
[2011/05/07 10:43:08 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\XRay Engine
[2012/07/25 19:20:00 | 000,032,568 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.sys /90 >
[2012/06/11 21:40:48 | 002,345,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32k.sys
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %SYSTEMDRIVE%\*.* >
[2012/07/26 21:57:36 | 181,993,864 | ---- | M] () -- C:\07262012.reg
[2011/09/19 09:44:54 | 179,930,902 | ---- | M] () -- C:\9_19_2011.reg
[2010/10/12 16:52:21 | 000,000,382 | ---- | M] () -- C:\aaw7boot.log
[2011/02/12 23:08:43 | 000,000,052 | ---- | M] () -- C:\AUTOEXEC.001
[2011/02/13 00:52:04 | 000,000,052 | ---- | M] () -- C:\AUTOEXEC.002
[2011/02/13 01:52:24 | 000,000,052 | ---- | M] () -- C:\AUTOEXEC.003
[2011/02/15 12:25:22 | 000,000,052 | ---- | M] () -- C:\AUTOEXEC.004
[2009/06/10 16:42:20 | 000,000,024 | ---- | M] () -- C:\AUTOEXEC.BAK
[2011/02/15 14:46:10 | 000,000,052 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/07/06 16:18:56 | 168,929,448 | ---- | M] () -- C:\before codecs.reg
[2011/10/16 12:35:20 | 230,797,806 | ---- | M] () -- C:\before coh trainer.reg
[2012/07/01 18:47:28 | 177,750,758 | ---- | M] () -- C:\before mkv codec 7_1_2012.reg
[2012/01/26 20:14:03 | 191,926,694 | ---- | M] () -- C:\before mkv hak.reg
[2011/10/30 11:57:27 | 183,673,018 | ---- | M] () -- C:\before sidewinder.reg
[2012/02/05 05:00:45 | 191,257,738 | ---- | M] () -- C:\before tweeking for aero.reg
[2011/02/12 23:10:43 | 000,066,336 | -H-- | M] () -- C:\BGAKCLAC
[2011/02/12 23:11:05 | 000,382,752 | -H-- | M] () -- C:\BGALAFBN
[2011/07/10 22:55:19 | 000,000,301 | ---- | M] () -- C:\CLDTCPIPLib.log
[2010/10/24 11:07:15 | 000,013,456 | ---- | M] () -- C:\ComboFix.txt
[2009/06/10 16:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2012/02/15 16:29:28 | 000,000,000 | ---- | M] () -- C:\conmgr.log
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2012/08/04 04:07:59 | 2616,545,280 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2010/09/14 00:14:25 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/09/14 00:14:25 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012/08/04 04:08:18 | 3488,731,136 | -HS- | M] () -- C:\pagefile.sys
[2011/02/26 00:32:53 | 142,555,654 | ---- | M] () -- C:\reg backup before fixing shortcut link.reg
[2010/09/23 00:11:40 | 000,005,047 | ---- | M] () -- C:\scramble.log
[2012/02/15 15:51:46 | 000,001,497 | ---- | M] () -- C:\user.js
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
[2012/01/29 03:41:05 | 000,000,161 | ---- | M] () -- C:\X-Plane Installer.prf

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2009/07/13 20:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll
[2010/11/20 07:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\winprint.dll

< %systemroot%\*. /mp /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< End of report >



OTL Extras logfile created on: 8/4/2012 4:54:02 AM - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = E:\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 59.01% Memory free
6.50 Gb Paging File | 4.85 Gb Available in Paging File | 74.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297.99 Gb Total Space | 256.10 Gb Free Space | 85.94% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 64.59 Gb Free Space | 21.67% Space Free | Partition Type: NTFS
Drive E: | 279.46 Gb Total Space | 216.46 Gb Free Space | 77.46% Space Free | Partition Type: NTFS

Computer Name: GAMER | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3154289940-1777885061-1526483830-1001\SOFTWARE\Classes\<extension>]
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.pif [@ = piffile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "D:\applications\Opera\opera.exe" "%1"
https [open] -- "D:\applications\Opera\opera.exe" "%1"
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\applications\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\applications\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"d:\applications\xchat\xchat.exe" = d:\applications\xchat\xchat.exe:*:Enabled:XChat IRC Client
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{18096771-FE6B-4427-BA4B-CE4A73B101F4}" = lport=137 | protocol=17 | dir=in | app=system |
"{19E8BC74-D92D-4087-BAD9-A31D64D6528A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{21D5A201-FFC4-4CD0-8FF0-8D20508E2805}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{24F6D2D7-9A0F-429E-8C3C-2A0D26E81DB9}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service v4\intuitupdater.exe |
"{3882B5EF-21C5-445E-A33B-3C07BDC0113E}" = lport=445 | protocol=6 | dir=in | app=system |
"{54C4DE5A-55E3-4417-9B0A-A6AAA175F74B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{69985C7B-C1F7-4716-92DD-A8C123DFA227}" = rport=139 | protocol=6 | dir=out | app=system |
"{8D55D667-41D3-4923-B967-1E91CA5913CC}" = rport=137 | protocol=17 | dir=out | app=system |
"{9401E874-DBCF-455D-849C-CD62C20CF9C0}" = rport=138 | protocol=17 | dir=out | app=system |
"{97E70F3A-2C64-4509-A485-0EFFF3AB7F5F}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service v4\intuitupdateservice.exe |
"{ABFCF230-F33B-419D-A7FA-D675AEA19A9B}" = lport=445 | protocol=6 | dir=in | app=system |
"{B05B6B7D-8345-4DAA-81F8-893283296D4F}" = lport=139 | protocol=6 | dir=in | app=system |
"{BA821012-8847-4685-9880-61DD40DACFDF}" = lport=138 | protocol=17 | dir=in | app=system |
"{E7717950-FCEF-4168-846F-D7F4A9F52D09}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FD5BB0B5-7394-42FF-A4B9-A4E67A2BE1A9}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0634F3CD-7016-45CC-AA38-C6030FA8C517}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0BA197B0-177A-4150-853D-07F1E9BCDDA8}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1AA1F732-C1BC-4083-8EEE-293D4C0AB25F}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |
"{2A3E2576-501B-44AD-998F-365F72DF2938}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\naval war arctic circle\nwac.exe |
"{2CCCD8BB-9570-4B4C-8B47-7C3C2835E06F}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\fleet command\steamrun.exe |
"{36E7693A-D37D-4D70-9DAE-514405730F7A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3A2BAB66-67AE-468B-95D2-427D3988651D}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\arma 2 operation arrowhead\dlcsetup\baf\datacachepreprocessor.exe |
"{429B4D45-2F2A-466C-930A-0B7A10D316EB}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{4333D1CE-273A-4C21-BA3D-E1760922DE27}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4871581D-76E9-47E2-8393-7F0F61A54F52}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\naval war arctic circle\nwac.exe |
"{50EB251C-3889-4D02-BD62-DAB14EF956CB}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\dangerous waters\steamrun.exe |
"{58B97A74-7A10-4057-BC78-EA80C2981F24}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\arma 2 operation arrowhead\dlcsetup\pmc\datacachepreprocessor.exe |
"{5B05E1C5-0399-4958-8B4F-065089FACC00}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\arma 2\arma2.exe |
"{5C882EA2-C932-4B3B-B64A-BE8BB53653ED}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{5E13354E-4C34-4586-9AB8-32662904EEE8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5E28BD5C-876F-4B68-9683-827EAA0EDC0D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6733D1EB-04D7-40D6-A854-8F0CA06CF480}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6B13C11C-B673-4D49-99A2-A3D6718C618F}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{6F1B2FB3-7CA5-4EE6-8B58-4576FFD80071}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{751CCBBA-198B-4E42-A6BC-90EA9ADDB1AA}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\arma 2 operation arrowhead\dlcsetup\baf\datacachepreprocessor.exe |
"{761F2071-2EAC-4EEA-8C9E-E034462E584F}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{7E077ADA-9143-4F2E-85E0-7BE7A9EB5989}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\arma 2 operation arrowhead\dlcsetup\pmc\datacachepreprocessor.exe |
"{88381A74-FC98-482C-90BD-4575DC0B3C0D}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\pacific storm\pacificstorm.bat |
"{8A3A94CD-F3A2-4275-89E7-7D0D228073F1}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |
"{8C4A66E7-8302-498F-B349-9B32A9E9F053}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\lunar flight\lunarflight.exe |
"{91BF2EB3-7769-4DCE-841F-9053CBABA8AA}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{95B1C562-0731-4C38-9B1A-DA9420D4E5F6}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\pacific storm\pacificstorm.bat |
"{98E7FFD3-BD87-4AE2-B2C5-822604AD5E09}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{A8E314D1-8843-4115-9E37-ADE224C5E997}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AA1D92C4-ED69-4921-813C-94657971A0B5}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\arma 2\arma2.exe |
"{AF1B9741-0ED5-4BDE-B7FB-2B299012F5FE}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{B2BDA7DF-EEF9-4B03-B6A1-BBC9FC3A505C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B3D89D3F-BA64-4F11-8E89-94C51C79F987}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\x3 terran conflict\x3ap.exe |
"{BCFCF4DF-569F-47B5-BB87-A954008E78C9}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\fleet command\steamrun.exe |
"{E105DE0D-8A80-489D-A07F-8B5A05CFC38E}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\x3 terran conflict\x3ap.exe |
"{EAF0A8BB-43C6-41B9-A406-E396B634B605}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\lunar flight\lunarflight.exe |
"{EC1B46F3-8746-49EC-A7FF-2A842D92816F}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\dangerous waters\steamrun.exe |
"TCP Query User{2489CD40-4583-46AF-9E45-8B61888B46FE}D:\games\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe |
"TCP Query User{403C4A99-2D5A-4A81-98EB-E4AC41A7B807}D:\games\wolfenstein - enemy territory\et.exe" = protocol=6 | dir=in | app=d:\games\wolfenstein - enemy territory\et.exe |
"TCP Query User{44AAB325-6763-4A31-96C9-3D4BCB9D48AC}D:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"TCP Query User{7ABE7EAB-829C-43FD-A3F7-9C7A2C79CA47}D:\games\steam\steamapps\ccan@houston.rr.com\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=d:\games\steam\steamapps\ccan@houston.rr.com\team fortress 2\hl2.exe |
"TCP Query User{8A5260DD-1817-4E71-B93F-5026C3313A51}D:\applications\directv\directv\directv\directv2pc™.exe" = protocol=6 | dir=in | app=d:\applications\directv\directv\directv\directv2pc™.exe |
"TCP Query User{ABBE79E4-6767-4188-8F2E-9D6CA8D5C50D}D:\games\btrl\demo\fs2_open_3_6_9.exe" = protocol=6 | dir=in | app=d:\games\btrl\demo\fs2_open_3_6_9.exe |
"TCP Query User{EBD778A1-1E7B-45FD-B5BB-0261D3135E3F}D:\games\six projects\six updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=d:\games\six projects\six updater\tools\bin\rsync.exe |
"UDP Query User{00F973B3-3160-400A-B4E2-46078EE6E813}D:\applications\directv\directv\directv\directv2pc™.exe" = protocol=17 | dir=in | app=d:\applications\directv\directv\directv\directv2pc™.exe |
"UDP Query User{4C94F7DE-5F78-44D3-858D-C7076593552C}D:\games\steam\steamapps\ccan@houston.rr.com\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=d:\games\steam\steamapps\ccan@houston.rr.com\team fortress 2\hl2.exe |
"UDP Query User{8E398A3A-6B3E-4063-94FC-B9111DA6821E}D:\games\wolfenstein - enemy territory\et.exe" = protocol=17 | dir=in | app=d:\games\wolfenstein - enemy territory\et.exe |
"UDP Query User{8FE2349A-9201-4C55-A101-D4A8B777FB92}D:\games\six projects\six updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=d:\games\six projects\six updater\tools\bin\rsync.exe |
"UDP Query User{9AA0AEC3-3121-4321-97CF-2B61C6BBD08F}D:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"UDP Query User{9C17986E-DBDD-4C68-83D9-27307B9327CA}D:\games\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe |
"UDP Query User{DB539E65-5836-4FCF-BE22-613289994A41}D:\games\btrl\demo\fs2_open_3_6_9.exe" = protocol=17 | dir=in | app=d:\games\btrl\demo\fs2_open_3_6_9.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}" = Netflix in Windows Media Center
"{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor Allied Assault
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{32AE6FE5-83E7-43D7-9A3C-7C2B7883EF32}" = GEEK SQUAD POWER MANAGEMENT
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D4D4CBF-79F3-4E38-A1DC-30646F030443}" = Microsoft LifeChat
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D27CE85-F519-42C1-B4AB-C0BD976FB0BA}" = Orbiter 2010-P1
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{6DCADD87-C43D-43F1-B1E6-5D37A6E66DA3}" = Voice Activated Commands
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7C9E6E52-EB11-44DB-A761-82D5D873A8D9}" = Symantec AntiVirus
"{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93FF055C-7E0B-4E26-AAFB-2C4333E2D7D0}" = Logitech Gaming Software
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DE4CF159-4AD2-4754-BDA0-5FB088C8B58B}" = Razer Diamondback
"{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}" = Windows Media Center Add-in for Flash
"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E9B10AA5-E5F6-4DEF-A435-FB20704AF1E8}" = DIRECTV2PC™
"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3CA05B7-B4C0-4C9B-AAA6-16B868B35DF2}" = TrackIR5
"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset
"{FC47C7A5-BE63-11D5-B7C9-005004566E4D}" = ViewSonic Windows Vista Signed Files
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"A2BAF Data cache removal" = ARMA 2: British Armed Forces - Data cache removal
"A2PMC Data cache removal" = ARMA 2: Private Military Company - Data cache removal
"AcMgrDDL" = DDL and DTS Connect License Activation
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALchemy" = Creative ALchemy
"AudioCS" = Creative Audio Control Panel
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"Beyond the Red Line 1.0" = Beyond the Red Line
"Console Launcher" = Creative Console Launcher
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.55
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties" = Creative Sound Blaster Properties
"DCS A-10C_is1" = DCS A-10C
"DivX Setup" = DivX Setup
"Dolby Digital Live Pack" = Dolby Digital Live Pack
"DTS Connect Pack" = DTS Connect Pack
"Flight Simulator 8.0" = Microsoft Flight Simulator 2002
"Game Commander 2" = Game Commander 2
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"InstallShield_{E9B10AA5-E5F6-4DEF-A435-FB20704AF1E8}" = DIRECTV2PC™
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Logitech Gaming Software" = Logitech Gaming Software 8.30
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mir-2 space station_is1" = Mir-2 space station, release 1.1
"Mozilla Thunderbird (3.1.3)" = Mozilla Thunderbird (3.1.3)
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PDF Reading" = PDF Reading 0.1
"PrecisionX" = EVGA Precision X 3.0.3
"PunkBusterSvc" = PunkBuster Services
"SFBM" = SoundFont Bank Manager
"Smart Recorder" = Creative Smart Recorder
"Space Tugs_is1" = Space Tugs, release 4
"SpaceShuttleMission2007Demo_is1" = SpaceShuttleMission2007 v5.30 Demo
"Steam App 11250" = Pacific Storm
"Steam App 1600" = Dangerous Waters
"Steam App 1670" = Iron Warriors: T-72 Tank Command
"Steam App 200050" = Naval War: Arctic Circle
"Steam App 201310" = X3: Albion Prelude
"Steam App 208600" = Lunar Flight
"Steam App 24980" = Mass Effect 2
"Steam App 2820" = X3: Terran Conflict
"Steam App 2910" = Fleet Command
"Steam App 33900" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 39000" = Moonbase Alpha
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"Steam App 65700" = ARMA 2: British Armed Forces
"Steam App 65720" = ARMA 2: Private Military Company
"Steam App 9200" = RAGE
"TBP - Earth-Minbari War" = TBP - Earth-Minbari War 2.0
"TBP - Mission Pack 1" = TBP - Mission Pack 1 1.0
"The Babylon Project v3.4b" = The Babylon Project v3.4b
"The KMPlayer" = The KMPlayer (remove only)
"TurboTax 2010" = TurboTax 2010
"TurboTax 2011" = TurboTax 2011
"VLC media player" = VLC media player 1.1.10
"WaveStudio 7" = Creative WaveStudio 7
"WinISO_is1" = WinISO 5.3
"WinRAR archiver" = WinRAR archiver
"wxLauncher" = wxLauncher
"X3 Logitech G15 LCD Applet" = X3 Logitech G15 LCD Applet 1.40
"X-Universe Plugin Manager" = X-Universe Plugin Manager V1.30 by Cycrow
"X-Universe Plugin Manager_is1" = X-Universe Plugin Manager 1.40

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3154289940-1777885061-1526483830-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Mozilla Thunderbird 14.0 (x86 en-US)" = Mozilla Thunderbird 14.0 (x86 en-US)
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/4/2011 8:35:07 AM | Computer Name = Gamer | Source = Application Error | ID = 1000
Description = Faulting application name: sm.exe, version: 0.0.0.0, time stamp: 0x47134334
Faulting
module name: sm.exe, version: 0.0.0.0, time stamp: 0x47134334 Exception code: 0xc0000005
Fault
offset: 0x00110e96 Faulting process id: 0xa18 Faulting application start time: 0x01ccb27229d02d1b
Faulting
application path: d:\Games\Steam\steamapps\common\pacific storm\bin\sm.exe Faulting
module path: d:\Games\Steam\steamapps\common\pacific storm\bin\sm.exe Report Id:
65b4c05e-1e74-11e1-8023-001e8c2e25c3

Error - 12/4/2011 8:35:11 AM | Computer Name = Gamer | Source = Application Error | ID = 1000
Description = Faulting application name: sm.exe, version: 0.0.0.0, time stamp: 0x47134334
Faulting
module name: OgreMain.dll, version: 0.0.0.0, time stamp: 0x471312fc Exception code:
0xc0000005 Fault offset: 0x0011f4ee Faulting process id: 0xa18 Faulting application
start time: 0x01ccb27229d02d1b Faulting application path: d:\Games\Steam\steamapps\common\pacific
storm\bin\sm.exe Faulting module path: d:\Games\Steam\steamapps\common\pacific storm\bin\OgreMain.dll
Report
Id: 679b13ad-1e74-11e1-8023-001e8c2e25c3

Error - 12/4/2011 9:39:23 AM | Computer Name = Gamer | Source = Application Error | ID = 1000
Description = Faulting application name: hl2.exe, version: 0.0.0.0, time stamp:
0x4ea78f27 Faulting module name: filesystem_steam.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4ed4096c Exception code: 0xc0000005 Fault offset: 0x6eb8f0f9 Faulting
process id: 0xc58 Faulting application start time: 0x01ccb2814c4cbc88 Faulting application
path: d:\games\steam\steamapps\ccan@houston.rr.com\team fortress 2\hl2.exe Faulting
module path: filesystem_steam.dll Report Id: 60116b96-1e7d-11e1-8023-001e8c2e25c3

Error - 12/4/2011 10:19:05 AM | Computer Name = Gamer | Source = Application Error | ID = 1000
Description = Faulting application name: sm.exe, version: 0.0.0.0, time stamp: 0x47134334
Faulting
module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000096
Fault
offset: 0x034a801f Faulting process id: 0x14c0 Faulting application start time: 0x01ccb28f7db19c4b
Faulting
application path: d:\Games\Steam\steamapps\common\pacific storm\bin\sm.exe Faulting
module path: unknown Report Id: eb88055e-1e82-11e1-8023-001e8c2e25c3

Error - 12/4/2011 10:19:05 AM | Computer Name = Gamer | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program sm.exe because of this error. Program: sm.exe File: The error
value is listed in the Additional Data section. User Action 1. Open the file again.
This
situation might be a temporary problem that corrects itself when the program runs
again. 2. If the file still cannot be accessed and - It is on the network, your network
administrator should verify that there is not a problem with the network and that
the server can be contacted. - It is on a removable disk, for example, a floppy
disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check
and repair the file system by running CHKDSK. To run CHKDSK, click Start, click
Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then
press ENTER. 4. If the problem persists, restore the file from a backup copy. 5.
Determine whether other files on the same disk can be opened. If not, the disk might
be damaged. If it is a hard disk, contact your administrator or computer hardware
vendor for further assistance. Additional Data Error value: 00000000 Disk type: 0

Error - 12/4/2011 10:19:07 AM | Computer Name = Gamer | Source = Application Error | ID = 1000
Description = Faulting application name: sm.exe, version: 0.0.0.0, time stamp: 0x47134334
Faulting
module name: OgreMain.dll, version: 0.0.0.0, time stamp: 0x471312fc Exception code:
0xc0000005 Fault offset: 0x0011f4ee Faulting process id: 0x14c0 Faulting application
start time: 0x01ccb28f7db19c4b Faulting application path: d:\Games\Steam\steamapps\common\pacific
storm\bin\sm.exe Faulting module path: d:\Games\Steam\steamapps\common\pacific storm\bin\OgreMain.dll
Report
Id: ece2df82-1e82-11e1-8023-001e8c2e25c3

Error - 12/4/2011 10:25:49 AM | Computer Name = Gamer | Source = Application Error | ID = 1000
Description = Faulting application name: sm.exe, version: 0.0.0.0, time stamp: 0x47134334
Faulting
module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005
Fault
offset: 0x8d5b7c08 Faulting process id: 0x12ac Faulting application start time: 0x01ccb28fb17fef6c
Faulting
application path: d:\Games\Steam\steamapps\common\pacific storm\bin\sm.exe Faulting
module path: unknown Report Id: dc55b2a1-1e83-11e1-8023-001e8c2e25c3

Error - 12/4/2011 10:26:05 AM | Computer Name = Gamer | Source = Application Error | ID = 1000
Description = Faulting application name: sm.exe, version: 0.0.0.0, time stamp: 0x47134334
Faulting
module name: OgreMain.dll, version: 0.0.0.0, time stamp: 0x471312fc Exception code:
0xc0000005 Fault offset: 0x0011f4ee Faulting process id: 0x12ac Faulting application
start time: 0x01ccb28fb17fef6c Faulting application path: d:\Games\Steam\steamapps\common\pacific
storm\bin\sm.exe Faulting module path: d:\Games\Steam\steamapps\common\pacific storm\bin\OgreMain.dll
Report
Id: e5f5fb07-1e83-11e1-8023-001e8c2e25c3

Error - 12/4/2011 1:54:33 PM | Computer Name = Gamer | Source = Application Error | ID = 1000
Description = Faulting application name: sm.exe, version: 0.0.0.0, time stamp: 0x47134334
Faulting
module name: sm.exe, version: 0.0.0.0, time stamp: 0x47134334 Exception code: 0xc0000005
Fault
offset: 0x00374e85 Faulting process id: 0xf64 Faulting application start time: 0x01ccb290ea19dff1
Faulting
application path: d:\Games\Steam\steamapps\common\pacific storm\bin\sm.exe Faulting
module path: d:\Games\Steam\steamapps\common\pacific storm\bin\sm.exe Report Id:
05781f96-1ea1-11e1-8023-001e8c2e25c3

Error - 12/4/2011 1:54:36 PM | Computer Name = Gamer | Source = Application Error | ID = 1000
Description = Faulting application name: sm.exe, version: 0.0.0.0, time stamp: 0x47134334
Faulting
module name: OgreMain.dll, version: 0.0.0.0, time stamp: 0x471312fc Exception code:
0xc0000005 Fault offset: 0x0011f4ee Faulting process id: 0xf64 Faulting application
start time: 0x01ccb290ea19dff1 Faulting application path: d:\Games\Steam\steamapps\common\pacific
storm\bin\sm.exe Faulting module path: d:\Games\Steam\steamapps\common\pacific storm\bin\OgreMain.dll
Report
Id: 06deb9b7-1ea1-11e1-8023-001e8c2e25c3

[ Media Center Events ]
Error - 11/2/2011 5:26:29 PM | Computer Name = Gamer | Source = MCUpdate | ID = 0
Description = 4:26:29 PM - Error connecting to the internet. 4:26:29 PM - Unable
to contact server..

Error - 11/2/2011 6:26:45 PM | Computer Name = Gamer | Source = MCUpdate | ID = 0
Description = 5:26:45 PM - Error connecting to the internet. 5:26:45 PM - Unable
to contact server..

Error - 11/2/2011 7:27:01 PM | Computer Name = Gamer | Source = MCUpdate | ID = 0
Description = 6:27:01 PM - Error connecting to the internet. 6:27:01 PM - Unable
to contact server..

Error - 11/2/2011 8:27:28 PM | Computer Name = Gamer | Source = MCUpdate | ID = 0
Description = 7:27:27 PM - Error connecting to the internet. 7:27:27 PM - Unable
to contact server..

Error - 6/3/2012 1:52:10 PM | Computer Name = Gamer | Source = MCUpdate | ID = 0
Description = 12:52:09 PM - Error connecting to the internet. 12:52:09 PM - Unable
to contact server..

Error - 6/3/2012 2:52:52 PM | Computer Name = Gamer | Source = MCUpdate | ID = 0
Description = 1:52:51 PM - Error connecting to the internet. 1:52:52 PM - Unable
to contact server..

Error - 6/3/2012 3:53:24 PM | Computer Name = Gamer | Source = MCUpdate | ID = 0
Description = 2:53:24 PM - Error connecting to the internet. 2:53:24 PM - Unable
to contact server..

Error - 6/3/2012 4:54:52 PM | Computer Name = Gamer | Source = MCUpdate | ID = 0
Description = 3:54:52 PM - Error connecting to the internet. 3:54:52 PM - Unable
to contact server..

Error - 7/16/2012 4:03:28 AM | Computer Name = Gamer | Source = MCUpdate | ID = 0
Description = 3:03:28 AM - Error connecting to the internet. 3:03:28 AM - Unable
to contact server..

Error - 7/16/2012 5:04:17 AM | Computer Name = Gamer | Source = MCUpdate | ID = 0
Description = 4:04:17 AM - Error connecting to the internet. 4:04:17 AM - Unable
to contact server..

[ System Events ]
Error - 8/3/2012 7:12:34 PM | Computer Name = Gamer | Source = Service Control Manager | ID = 7000
Description = The WinRing0_1_2_0 service failed to start due to the following error:
%%3

Error - 8/3/2012 7:12:38 PM | Computer Name = Gamer | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PxHelp20

Error - 8/3/2012 7:27:49 PM | Computer Name = Gamer | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 8/3/2012 7:28:08 PM | Computer Name = Gamer | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 8/3/2012 7:28:25 PM | Computer Name = Gamer | Source = Service Control Manager | ID = 7000
Description = The WinRing0_1_2_0 service failed to start due to the following error:
%%3

Error - 8/3/2012 7:28:27 PM | Computer Name = Gamer | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PxHelp20

Error - 8/4/2012 5:07:18 AM | Computer Name = Gamer | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 8/4/2012 5:08:18 AM | Computer Name = Gamer | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 8/4/2012 5:08:59 AM | Computer Name = Gamer | Source = Service Control Manager | ID = 7000
Description = The WinRing0_1_2_0 service failed to start due to the following error:
%%3

Error - 8/4/2012 5:09:16 AM | Computer Name = Gamer | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PxHelp20


< End of report >




15:06:57.0080 5308 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
15:06:57.0871 5308 ============================================================
15:06:57.0871 5308 Current date / time: 2012/08/08 15:06:57.0871
15:06:57.0871 5308 SystemInfo:
15:06:57.0871 5308
15:06:57.0871 5308 OS Version: 6.1.7601 ServicePack: 1.0
15:06:57.0871 5308 Product type: Workstation
15:06:57.0872 5308 ComputerName: GAMER
15:06:57.0872 5308 UserName: Chris
15:06:57.0872 5308 Windows directory: C:\Windows
15:06:57.0872 5308 System windows directory: C:\Windows
15:06:57.0872 5308 Processor architecture: Intel x86
15:06:57.0872 5308 Number of processors: 2
15:06:57.0872 5308 Page size: 0x1000
15:06:57.0872 5308 Boot type: Normal boot
15:06:57.0872 5308 ============================================================
15:06:58.0509 5308 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x23DC4, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
15:06:58.0522 5308 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:06:58.0543 5308 Drive \Device\Harddisk2\DR2 - Size: 0x45DD71DE00 (279.46 Gb), SectorSize: 0x200, Cylinders: 0x8E81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:06:58.0807 5308 ============================================================
15:06:58.0807 5308 \Device\Harddisk0\DR0:
15:06:58.0807 5308 MBR partitions:
15:06:58.0807 5308 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:06:58.0807 5308 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
15:06:58.0807 5308 \Device\Harddisk1\DR1:
15:06:58.0807 5308 MBR partitions:
15:06:58.0807 5308 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
15:06:58.0807 5308 \Device\Harddisk2\DR2:
15:06:58.0807 5308 MBR partitions:
15:06:58.0807 5308 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x22EEA640
15:06:58.0807 5308 ============================================================
15:06:58.0850 5308 C: <-> \Device\Harddisk0\DR0\Partition1
15:06:58.0863 5308 D: <-> \Device\Harddisk1\DR1\Partition0
15:06:58.0879 5308 E: <-> \Device\Harddisk2\DR2\Partition0
15:06:58.0879 5308 ============================================================
15:06:58.0879 5308 Initialize success
15:06:58.0879 5308 ============================================================
15:07:09.0644 5368 ============================================================
15:07:09.0645 5368 Scan started
15:07:09.0645 5368 Mode: Manual;
15:07:09.0645 5368 ============================================================
15:07:11.0907 5368 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
15:07:11.0908 5368 1394ohci - ok
15:07:11.0958 5368 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
15:07:11.0969 5368 ACPI - ok
15:07:12.0002 5368 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
15:07:12.0003 5368 AcpiPmi - ok
15:07:12.0028 5368 ADIHdAudAddService - ok
15:07:12.0623 5368 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:07:12.0623 5368 AdobeARMservice - ok
15:07:12.0677 5368 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
15:07:12.0700 5368 adp94xx - ok
15:07:12.0719 5368 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
15:07:12.0731 5368 adpahci - ok
15:07:12.0744 5368 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
15:07:12.0745 5368 adpu320 - ok
15:07:12.0770 5368 AEAudio - ok
15:07:12.0795 5368 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
15:07:12.0796 5368 AeLookupSvc - ok
15:07:12.0848 5368 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
15:07:12.0850 5368 AFD - ok
15:07:13.0125 5368 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
15:07:13.0125 5368 agp440 - ok
15:07:13.0169 5368 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
15:07:13.0169 5368 aic78xx - ok
15:07:13.0193 5368 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
15:07:13.0194 5368 ALG - ok
15:07:13.0219 5368 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
15:07:13.0220 5368 aliide - ok
15:07:13.0237 5368 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
15:07:13.0238 5368 amdagp - ok
15:07:13.0256 5368 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
15:07:13.0256 5368 amdide - ok
15:07:13.0266 5368 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
15:07:13.0267 5368 AmdK8 - ok
15:07:13.0293 5368 AmdLLD - ok
15:07:13.0441 5368 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
15:07:13.0442 5368 AmdPPM - ok
15:07:13.0475 5368 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
15:07:13.0476 5368 amdsata - ok
15:07:13.0495 5368 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
15:07:13.0496 5368 amdsbs - ok
15:07:13.0510 5368 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
15:07:13.0510 5368 amdxata - ok
15:07:13.0539 5368 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
15:07:13.0540 5368 AppID - ok
15:07:13.0586 5368 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
15:07:13.0586 5368 AppIDSvc - ok
15:07:13.0620 5368 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
15:07:13.0621 5368 Appinfo - ok
15:07:13.0644 5368 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
15:07:13.0645 5368 arc - ok
15:07:13.0659 5368 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
15:07:13.0660 5368 arcsas - ok
15:07:13.0695 5368 AsIO (9d8cb58b9a9e177ddd599791a58a654d) C:\Windows\system32\drivers\AsIO.sys
15:07:13.0695 5368 AsIO - ok
15:07:13.0707 5368 AsUpIO (e67493490466b5f04b58c22d2590e8ca) C:\Windows\system32\drivers\AsUpIO.sys
15:07:13.0707 5368 AsUpIO - ok
15:07:13.0726 5368 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
15:07:13.0726 5368 AsyncMac - ok
15:07:13.0762 5368 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
15:07:13.0763 5368 atapi - ok
15:07:13.0822 5368 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
15:07:13.0828 5368 AudioEndpointBuilder - ok
15:07:13.0833 5368 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
15:07:13.0836 5368 Audiosrv - ok
15:07:13.0863 5368 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
15:07:13.0864 5368 AxInstSV - ok
15:07:13.0898 5368 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
15:07:13.0907 5368 b06bdrv - ok
15:07:13.0932 5368 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
15:07:13.0944 5368 b57nd60x - ok
15:07:13.0977 5368 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
15:07:13.0978 5368 BDESVC - ok
15:07:13.0986 5368 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
15:07:13.0987 5368 Beep - ok
15:07:14.0016 5368 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
15:07:14.0030 5368 BFE - ok
15:07:14.0084 5368 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
15:07:14.0097 5368 BITS - ok
15:07:14.0102 5368 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
15:07:14.0102 5368 blbdrive - ok
15:07:14.0285 5368 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
15:07:14.0285 5368 bowser - ok
15:07:14.0303 5368 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:07:14.0303 5368 BrFiltLo - ok
15:07:14.0332 5368 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:07:14.0332 5368 BrFiltUp - ok
15:07:14.0575 5368 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
15:07:14.0577 5368 Browser - ok
15:07:15.0485 5368 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
15:07:15.0487 5368 Brserid - ok
15:07:15.0512 5368 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
15:07:15.0513 5368 BrSerWdm - ok
15:07:15.0519 5368 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:07:15.0520 5368 BrUsbMdm - ok
15:07:15.0523 5368 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
15:07:15.0523 5368 BrUsbSer - ok
15:07:15.0562 5368 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
15:07:15.0563 5368 BTHMODEM - ok
15:07:15.0596 5368 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
15:07:15.0596 5368 bthserv - ok
15:07:15.0805 5368 catchme - ok
15:07:15.0887 5368 ccEvtMgr (47312a6af7d84f99ea9eb7b0de5440bc) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
15:07:15.0888 5368 ccEvtMgr - ok
15:07:15.0891 5368 ccSetMgr (47312a6af7d84f99ea9eb7b0de5440bc) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
15:07:15.0892 5368 ccSetMgr - ok
15:07:15.0927 5368 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
15:07:15.0928 5368 cdfs - ok
15:07:15.0965 5368 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
15:07:15.0966 5368 cdrom - ok
15:07:16.0003 5368 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
15:07:16.0004 5368 CertPropSvc - ok
15:07:16.0027 5368 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
15:07:16.0028 5368 circlass - ok
15:07:16.0142 5368 CLDTVHNService (6c99de57c87d6f3ee85998a7e49f7bf9) d:\Applications\DirecTV\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe
15:07:16.0143 5368 CLDTVHNService - ok
15:07:16.0225 5368 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
15:07:16.0227 5368 CLFS - ok
15:07:16.0285 5368 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:07:16.0286 5368 clr_optimization_v2.0.50727_32 - ok
15:07:16.0337 5368 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:07:16.0338 5368 clr_optimization_v4.0.30319_32 - ok
15:07:16.0349 5368 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
15:07:16.0350 5368 CmBatt - ok
15:07:16.0372 5368 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
15:07:16.0372 5368 cmdide - ok
15:07:16.0482 5368 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
15:07:16.0493 5368 CNG - ok
15:07:16.0518 5368 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
15:07:16.0519 5368 Compbatt - ok
15:07:16.0558 5368 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
15:07:16.0559 5368 CompositeBus - ok
15:07:16.0566 5368 COMSysApp - ok
15:07:16.0613 5368 cpuz134 (75fa19142531cbf490770c2988a7db64) C:\Windows\system32\drivers\cpuz134_x32.sys
15:07:16.0614 5368 cpuz134 - ok
15:07:16.0626 5368 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
15:07:16.0627 5368 crcdisk - ok
15:07:16.0901 5368 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
15:07:16.0902 5368 Creative ALchemy AL6 Licensing Service - ok
15:07:16.0931 5368 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
15:07:16.0932 5368 Creative Audio Engine Licensing Service - ok
15:07:16.0973 5368 Creative Dolby Digital Live Pack Licensing Service (80f3d3a4c202cda7ca886d126f9a39d9) C:\Program Files\Common Files\Creative Labs Shared\Service\DDLLicensing.exe
15:07:16.0974 5368 Creative Dolby Digital Live Pack Licensing Service - ok
15:07:17.0017 5368 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
15:07:17.0018 5368 CryptSvc - ok
15:07:17.0118 5368 CT20XUT (b9106942eb5dd0e034ab40a9d48d056e) C:\Windows\system32\drivers\CT20XUT.SYS
15:07:17.0119 5368 CT20XUT - ok
15:07:17.0126 5368 CT20XUT.SYS (b9106942eb5dd0e034ab40a9d48d056e) C:\Windows\System32\drivers\CT20XUT.SYS
15:07:17.0128 5368 CT20XUT.SYS - ok
15:07:17.0175 5368 ctac32k (f2b1d0a3d21bd0d9f46457cbcec1a0e9) C:\Windows\system32\drivers\ctac32k.sys
15:07:17.0178 5368 ctac32k - ok
15:07:17.0221 5368 ctaud2k (44f60a5e3c3a8a6bba4c280948ea6095) C:\Windows\system32\drivers\ctaud2k.sys
15:07:17.0224 5368 ctaud2k - ok
15:07:17.0319 5368 CTAudSvcService (5ce3d0e1d1b3832ee052cfc442eee0fa) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
15:07:17.0323 5368 CTAudSvcService - ok
15:07:17.0357 5368 ctdvda2k (8cbe82d6bbf206e144f22cb33fab1f2c) C:\Windows\system32\drivers\ctdvda2k.sys
15:07:17.0366 5368 ctdvda2k - ok
15:07:17.0428 5368 CTEXFIFX (4ae083d16ac9fc9bdf98498f93426226) C:\Windows\system32\drivers\CTEXFIFX.SYS
15:07:17.0436 5368 CTEXFIFX - ok
15:07:17.0620 5368 CTEXFIFX.SYS (4ae083d16ac9fc9bdf98498f93426226) C:\Windows\System32\drivers\CTEXFIFX.SYS
15:07:17.0627 5368 CTEXFIFX.SYS - ok
15:07:18.0257 5368 CTHWIUT (b610bfe02f9fc0cb0b1cde3ec4c13ffa) C:\Windows\system32\drivers\CTHWIUT.SYS
15:07:18.0257 5368 CTHWIUT - ok
15:07:18.0260 5368 CTHWIUT.SYS (b610bfe02f9fc0cb0b1cde3ec4c13ffa) C:\Windows\System32\drivers\CTHWIUT.SYS
15:07:18.0261 5368 CTHWIUT.SYS - ok
15:07:18.0301 5368 ctprxy2k (f0f19a13c948e5289601e354b08e0941) C:\Windows\system32\drivers\ctprxy2k.sys
15:07:18.0301 5368 ctprxy2k - ok
15:07:18.0611 5368 ctsfm2k (c7b2c36a6203a5f3d0a378fd78c5ddd6) C:\Windows\system32\drivers\ctsfm2k.sys
15:07:18.0612 5368 ctsfm2k - ok
15:07:18.0973 5368 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
15:07:18.0992 5368 DcomLaunch - ok
15:07:19.0023 5368 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
15:07:19.0025 5368 defragsvc - ok
15:07:19.0073 5368 DefWatch (fb937277e87f8468603f4e2d8cf9db4a) D:\applications\Symantec AntiVirus\DefWatch.exe
15:07:19.0074 5368 DefWatch - ok
15:07:19.0147 5368 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
15:07:19.0147 5368 DfsC - ok
15:07:19.0200 5368 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
15:07:19.0213 5368 Dhcp - ok
15:07:19.0234 5368 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
15:07:19.0235 5368 discache - ok
15:07:19.0264 5368 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
15:07:19.0265 5368 Disk - ok
15:07:19.0297 5368 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
15:07:19.0299 5368 Dnscache - ok
15:07:19.0486 5368 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
15:07:19.0488 5368 dot3svc - ok
15:07:19.0517 5368 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
15:07:19.0519 5368 DPS - ok
15:07:19.0558 5368 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
15:07:19.0559 5368 drmkaud - ok
15:07:19.0614 5368 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
15:07:19.0618 5368 DXGKrnl - ok
15:07:19.0896 5368 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
15:07:19.0897 5368 EapHost - ok
15:07:21.0511 5368 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
15:07:21.0571 5368 ebdrv - ok
15:07:21.0771 5368 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
15:07:21.0773 5368 eeCtrl - ok
15:07:23.0552 5368 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
15:07:23.0554 5368 EFS - ok
15:07:24.0473 5368 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
15:07:24.0486 5368 ehRecvr - ok
15:07:24.0507 5368 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
15:07:24.0508 5368 ehSched - ok
15:07:24.0825 5368 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
15:07:24.0853 5368 elxstor - ok
15:07:24.0993 5368 emupia (fb2d6d4d14ae801f5267b0368fc0cb0c) C:\Windows\system32\drivers\emupia2k.sys
15:07:24.0994 5368 emupia - ok
15:07:25.0447 5368 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
15:07:25.0448 5368 EraserUtilRebootDrv - ok
15:07:25.0473 5368 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
15:07:25.0474 5368 ErrDev - ok
15:07:25.0519 5368 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
15:07:25.0521 5368 EventSystem - ok
15:07:25.0547 5368 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
15:07:25.0548 5368 exfat - ok
15:07:25.0561 5368 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
15:07:25.0562 5368 fastfat - ok
15:07:25.0610 5368 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
15:07:25.0625 5368 Fax - ok
15:07:25.0638 5368 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
15:07:25.0639 5368 fdc - ok
15:07:25.0651 5368 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
15:07:25.0652 5368 fdPHost - ok
15:07:25.0659 5368 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
15:07:25.0660 5368 FDResPub - ok
15:07:25.0701 5368 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
15:07:25.0702 5368 FileInfo - ok
15:07:25.0711 5368 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
15:07:25.0712 5368 Filetrace - ok
15:07:25.0719 5368 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
15:07:25.0719 5368 flpydisk - ok
15:07:25.0744 5368 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
15:07:25.0746 5368 FltMgr - ok
15:07:26.0139 5368 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
15:07:26.0155 5368 FontCache - ok
15:07:26.0281 5368 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:07:26.0281 5368 FontCache3.0.0.0 - ok
15:07:26.0323 5368 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
15:07:26.0323 5368 FsDepends - ok
15:07:26.0371 5368 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
15:07:26.0371 5368 Fs_Rec - ok
15:07:26.0414 5368 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
15:07:26.0415 5368 fvevol - ok
15:07:26.0441 5368 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:07:26.0442 5368 gagp30kx - ok
15:07:26.0487 5368 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
15:07:26.0499 5368 gpsvc - ok
15:07:26.0563 5368 ha20x2k (7ff1ced1201c169a783b0e81cc561fba) C:\Windows\system32\drivers\ha20x2k.sys
15:07:26.0569 5368 ha20x2k - ok
15:07:26.0714 5368 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
15:07:26.0714 5368 hcw85cir - ok
15:07:26.0761 5368 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
15:07:26.0772 5368 HdAudAddService - ok
15:07:26.0800 5368 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
15:07:26.0801 5368 HDAudBus - ok
15:07:26.0809 5368 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
15:07:26.0810 5368 HidBatt - ok
15:07:26.0825 5368 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
15:07:26.0825 5368 HidBth - ok
15:07:26.0850 5368 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
15:07:26.0851 5368 HidIr - ok
15:07:26.0875 5368 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
15:07:26.0876 5368 hidserv - ok
15:07:26.0925 5368 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
15:07:26.0925 5368 HidUsb - ok
15:07:26.0970 5368 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
15:07:26.0971 5368 hkmsvc - ok
15:07:26.0996 5368 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
15:07:26.0999 5368 HomeGroupListener - ok
15:07:27.0191 5368 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
15:07:27.0193 5368 HomeGroupProvider - ok
15:07:27.0238 5368 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
15:07:27.0239 5368 HpSAMD - ok
15:07:27.0484 5368 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
15:07:27.0493 5368 HTTP - ok
15:07:27.0512 5368 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
15:07:27.0513 5368 hwpolicy - ok
15:07:27.0567 5368 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
15:07:27.0568 5368 i8042prt - ok
15:07:27.0684 5368 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:07:27.0694 5368 IAANTMON - ok
15:07:27.0726 5368 iaStor (d483687eace0c065ee772481a96e05f5) C:\Windows\system32\DRIVERS\iaStor.sys
15:07:27.0728 5368 iaStor - ok
15:07:27.0766 5368 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
15:07:27.0778 5368 iaStorV - ok
15:07:27.0875 5368 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:07:27.0925 5368 idsvc - ok
15:07:28.0022 5368 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
15:07:28.0022 5368 iirsp - ok
15:07:28.0547 5368 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
15:07:28.0562 5368 IKEEXT - ok
15:07:28.0582 5368 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
15:07:28.0582 5368 intelide - ok
15:07:28.0619 5368 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
15:07:28.0619 5368 intelppm - ok
15:07:28.0737 5368 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
15:07:28.0738 5368 IntuitUpdateService - ok
15:07:28.0807 5368 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
15:07:28.0807 5368 IntuitUpdateServiceV4 - ok
15:07:28.0825 5368 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
15:07:28.0826 5368 IPBusEnum - ok
15:07:28.0841 5368 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:07:28.0842 5368 IpFilterDriver - ok
15:07:28.0896 5368 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
15:07:28.0911 5368 iphlpsvc - ok
15:07:28.0938 5368 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
15:07:28.0938 5368 IPMIDRV - ok
15:07:29.0070 5368 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
15:07:29.0070 5368 IPNAT - ok
15:07:29.0087 5368 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
15:07:29.0087 5368 IRENUM - ok
15:07:29.0094 5368 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
15:07:29.0095 5368 isapnp - ok
15:07:29.0163 5368 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
15:07:29.0169 5368 iScsiPrt - ok
15:07:29.0200 5368 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:07:29.0200 5368 kbdclass - ok
15:07:29.0217 5368 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
15:07:29.0217 5368 kbdhid - ok
15:07:29.0237 5368 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:07:29.0238 5368 KeyIso - ok
15:07:29.0320 5368 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
15:07:29.0321 5368 KSecDD - ok
15:07:29.0403 5368 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
15:07:29.0404 5368 KSecPkg - ok
15:07:29.0473 5368 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
15:07:29.0487 5368 KtmRm - ok
15:07:29.0524 5368 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
15:07:29.0527 5368 LanmanServer - ok
15:07:29.0550 5368 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
15:07:29.0553 5368 LanmanWorkstation - ok
15:07:29.0573 5368 Lavasoft Kernexplorer - ok
15:07:29.0597 5368 LGBusEnum (170e7093a77ad586f3a012a3db651d94) C:\Windows\system32\drivers\LGBusEnum.sys
15:07:29.0598 5368 LGBusEnum - ok
15:07:29.0611 5368 LGVirHid (d2dd04d1c8df65eecd1f2c7fb947d43e) C:\Windows\system32\drivers\LGVirHid.sys
15:07:29.0611 5368 LGVirHid - ok
15:07:30.0663 5368 LiveUpdate (3c7fcbbc35e0a52ce9b12e9cc4f5b991) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
15:07:30.0713 5368 LiveUpdate - ok
15:07:30.0895 5368 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
15:07:30.0896 5368 lltdio - ok
15:07:31.0112 5368 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
15:07:31.0115 5368 lltdsvc - ok
15:07:31.0134 5368 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
15:07:31.0136 5368 lmhosts - ok
15:07:31.0155 5368 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:07:31.0156 5368 LSI_FC - ok
15:07:31.0165 5368 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:07:31.0166 5368 LSI_SAS - ok
15:07:31.0190 5368 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:07:31.0190 5368 LSI_SAS2 - ok
15:07:31.0199 5368 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:07:31.0200 5368 LSI_SCSI - ok
15:07:31.0226 5368 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
15:07:31.0227 5368 luafv - ok
15:07:31.0310 5368 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
15:07:31.0311 5368 Mcx2Svc - ok
15:07:31.0357 5368 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
15:07:31.0357 5368 megasas - ok
15:07:31.0381 5368 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
15:07:31.0385 5368 MegaSR - ok
15:07:31.0411 5368 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:07:31.0412 5368 MMCSS - ok
15:07:31.0425 5368 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
15:07:31.0426 5368 Modem - ok
15:07:31.0458 5368 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
15:07:31.0459 5368 monitor - ok
15:07:31.0484 5368 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
15:07:31.0484 5368 mouclass - ok
15:07:31.0503 5368 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
15:07:31.0504 5368 mouhid - ok
15:07:31.0528 5368 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
15:07:31.0529 5368 mountmgr - ok
15:07:31.0559 5368 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
15:07:31.0560 5368 mpio - ok
15:07:31.0570 5368 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
15:07:31.0571 5368 mpsdrv - ok
15:07:31.0780 5368 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
15:07:31.0885 5368 MpsSvc - ok
15:07:31.0927 5368 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
15:07:31.0928 5368 MRxDAV - ok
15:07:31.0958 5368 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:07:31.0959 5368 mrxsmb - ok
15:07:31.0996 5368 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:07:31.0999 5368 mrxsmb10 - ok
15:07:32.0009 5368 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:07:32.0009 5368 mrxsmb20 - ok
15:07:32.0037 5368 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
15:07:32.0038 5368 msahci - ok
15:07:32.0059 5368 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
15:07:32.0060 5368 msdsm - ok
15:07:32.0082 5368 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
15:07:32.0084 5368 MSDTC - ok
15:07:32.0125 5368 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
15:07:32.0126 5368 Msfs - ok
15:07:32.0140 5368 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
15:07:32.0140 5368 mshidkmdf - ok
15:07:32.0167 5368 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
15:07:32.0168 5368 msisadrv - ok
15:07:32.0206 5368 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
15:07:32.0208 5368 MSiSCSI - ok
15:07:32.0211 5368 msiserver - ok
15:07:32.0238 5368 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
15:07:32.0239 5368 MSKSSRV - ok
15:07:32.0248 5368 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
15:07:32.0248 5368 MSPCLOCK - ok
15:07:32.0262 5368 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
15:07:32.0262 5368 MSPQM - ok
15:07:32.0278 5368 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
15:07:32.0279 5368 MsRPC - ok
15:07:32.0306 5368 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
15:07:32.0307 5368 mssmbios - ok
15:07:32.0319 5368 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
15:07:32.0320 5368 MSTEE - ok
15:07:32.0327 5368 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
15:07:32.0327 5368 MTConfig - ok
15:07:32.0365 5368 MTsensor (0f24624106d8042e7f27882d9d6ff5c0) C:\Windows\system32\DRIVERS\ASACPI.sys
15:07:32.0366 5368 MTsensor - ok
15:07:32.0376 5368 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
15:07:32.0377 5368 Mup - ok
15:07:32.0398 5368 mvvideodemo - ok
15:07:32.0437 5368 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
15:07:32.0447 5368 napagent - ok
15:07:32.0481 5368 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
15:07:32.0491 5368 NativeWifiP - ok
15:07:32.0812 5368 NAVENG (f11033730b38260b6892e837c457fb4b) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120803.004\NAVENG.SYS
15:07:32.0813 5368 NAVENG - ok
15:07:33.0513 5368 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120803.004\NAVEX15.SYS
15:07:33.0521 5368 NAVEX15 - ok
15:07:35.0491 5368 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
15:07:35.0521 5368 NDIS - ok
15:07:35.0555 5368 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
15:07:35.0556 5368 NdisCap - ok
15:07:35.0574 5368 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
15:07:35.0574 5368 NdisTapi - ok
15:07:35.0598 5368 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
15:07:35.0598 5368 Ndisuio - ok
15:07:35.0839 5368 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
15:07:35.0840 5368 NdisWan - ok
15:07:35.0998 5368 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
15:07:35.0999 5368 NDProxy - ok
15:07:36.0022 5368 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
15:07:36.0022 5368 NetBIOS - ok
15:07:36.0049 5368 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
15:07:36.0050 5368 NetBT - ok
15:07:36.0067 5368 NetFlixDownloadManager - ok
15:07:36.0090 5368 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:07:36.0092 5368 Netlogon - ok
15:07:36.0133 5368 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
15:07:36.0145 5368 Netman - ok
15:07:36.0168 5368 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
15:07:36.0171 5368 netprofm - ok
15:07:36.0706 5368 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:07:36.0707 5368 NetTcpPortSharing - ok
15:07:36.0748 5368 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
15:07:36.0749 5368 nfrd960 - ok
15:07:36.0798 5368 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
15:07:36.0801 5368 NlaSvc - ok
15:07:36.0809 5368 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
15:07:36.0810 5368 Npfs - ok
15:07:36.0845 5368 npusbio (494fdca436c1ab7a983e7778d34678e1) C:\Windows\system32\Drivers\npusbio.sys
15:07:36.0846 5368 npusbio - ok
15:07:36.0867 5368 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
15:07:36.0869 5368 nsi - ok
15:07:36.0872 5368 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
15:07:36.0872 5368 nsiproxy - ok
15:07:37.0017 5368 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
15:07:37.0036 5368 Ntfs - ok
15:07:37.0111 5368 ntk_dtv (8ad12622c7fa674cb9979e3448ab89c6) d:\Applications\DirecTV\DirecTV\DirecTV\Kernel\DMP\ntk_dtv.sys
15:07:37.0111 5368 ntk_dtv - ok
15:07:37.0442 5368 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
15:07:37.0442 5368 Null - ok
15:07:42.0560 5368 nvlddmkm (afb33a823aabc112fc7bd62afbcdb0cd) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:07:42.0618 5368 nvlddmkm - ok
15:07:43.0655 5368 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
15:07:43.0655 5368 nvraid - ok
15:07:43.0685 5368 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
15:07:43.0686 5368 nvstor - ok
15:07:43.0785 5368 nvsvc (782945716ad010ac3d41758e8e52c735) C:\Windows\system32\nvvsvc.exe
15:07:43.0800 5368 nvsvc - ok
15:07:45.0491 5368 nvUpdatusService (a974e5c310b9b00894070ceb055d467f) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:07:45.0498 5368 nvUpdatusService - ok
15:07:47.0228 5368 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
15:07:47.0229 5368 nv_agp - ok
15:07:47.0243 5368 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
15:07:47.0244 5368 ohci1394 - ok
15:07:47.0488 5368 ossrv (ac5bf1a610effaae9cfc48cb53483f08) C:\Windows\system32\drivers\ctoss2k.sys
15:07:47.0489 5368 ossrv - ok
15:07:47.0933 5368 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:07:47.0946 5368 p2pimsvc - ok
15:07:48.0240 5368 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
15:07:48.0261 5368 p2psvc - ok
15:07:48.0327 5368 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
15:07:48.0329 5368 Parport - ok
15:07:48.0367 5368 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
15:07:48.0368 5368 partmgr - ok
15:07:48.0403 5368 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
15:07:48.0403 5368 Parvdm - ok
15:07:48.0617 5368 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
15:07:48.0620 5368 PcaSvc - ok
15:07:48.0659 5368 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
15:07:48.0660 5368 pci - ok
15:07:48.0678 5368 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
15:07:48.0678 5368 pciide - ok
15:07:48.0802 5368 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
15:07:48.0812 5368 pcmcia - ok
15:07:48.0824 5368 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
15:07:48.0824 5368 pcw - ok
15:07:48.0853 5368 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
15:07:48.0882 5368 PEAUTH - ok
15:07:49.0444 5368 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
15:07:49.0501 5368 pla - ok
15:07:51.0096 5368 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
15:07:51.0100 5368 PlugPlay - ok
15:07:51.0152 5368 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe
15:07:51.0154 5368 PnkBstrA - ok
15:07:51.0205 5368 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
15:07:51.0207 5368 PNRPAutoReg - ok
15:07:51.0437 5368 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:07:51.0440 5368 PNRPsvc - ok
15:07:51.0482 5368 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
15:07:51.0500 5368 PolicyAgent - ok
15:07:51.0534 5368 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
15:07:51.0538 5368 Power - ok
15:07:51.0610 5368 ppped (92b0964779867c6d8e8e0afa2548bea5) D:\applications\GEEK SQUAD POWER MANAGEMENT\ppped.exe
15:07:51.0626 5368 ppped - ok
15:07:51.0735 5368 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
15:07:51.0736 5368 PptpMiniport - ok
15:07:51.0751 5368 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
15:07:51.0752 5368 Processor - ok
15:07:51.0790 5368 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
15:07:51.0793 5368 ProfSvc - ok
15:07:51.0819 5368 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:07:51.0821 5368 ProtectedStorage - ok
15:07:51.0843 5368 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
15:07:51.0844 5368 Psched - ok
15:07:51.0854 5368 PTHDRBUS - ok
15:07:51.0859 5368 PTHDRMDM - ok
15:07:51.0864 5368 PTHDRVSP - ok
15:07:51.0906 5368 PxHelp20 - ok
15:07:52.0111 5368 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
15:07:52.0150 5368 ql2300 - ok
15:07:52.0328 5368 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
15:07:52.0329 5368 ql40xx - ok
15:07:52.0541 5368 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
15:07:52.0544 5368 QWAVE - ok
15:07:52.0600 5368 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
15:07:52.0601 5368 QWAVEdrv - ok
15:07:52.0663 5368 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
15:07:52.0664 5368 RapiMgr - ok
15:07:52.0670 5368 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
15:07:52.0671 5368 RasAcd - ok
15:07:52.0707 5368 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:07:52.0708 5368 RasAgileVpn - ok
15:07:52.0734 5368 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
15:07:52.0737 5368 RasAuto - ok
15:07:52.0756 5368 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:07:52.0756 5368 Rasl2tp - ok
15:07:52.0793 5368 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
15:07:52.0804 5368 RasMan - ok
15:07:52.0813 5368 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
15:07:52.0814 5368 RasPppoe - ok
15:07:52.0826 5368 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
15:07:52.0827 5368 RasSstp - ok
15:07:52.0859 5368 Razerlow (116c340acf37602d12cac6de6b8107cd) C:\Windows\system32\Drivers\Razerlow.sys
15:07:52.0859 5368 Razerlow - ok
15:07:52.0894 5368 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
15:07:52.0896 5368 rdbss - ok
15:07:52.0908 5368 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
15:07:52.0909 5368 rdpbus - ok
15:07:52.0935 5368 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:07:52.0935 5368 RDPCDD - ok
15:07:52.0958 5368 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
15:07:52.0958 5368 RDPENCDD - ok
15:07:52.0964 5368 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
15:07:52.0965 5368 RDPREFMP - ok
15:07:52.0994 5368 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
15:07:52.0999 5368 RDPWD - ok
15:07:53.0032 5368 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
15:07:53.0033 5368 rdyboost - ok
15:07:53.0052 5368 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
15:07:53.0053 5368 RemoteAccess - ok
15:07:53.0077 5368 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
15:07:53.0080 5368 RemoteRegistry - ok
15:07:53.0102 5368 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
15:07:53.0105 5368 RpcEptMapper - ok
15:07:53.0115 5368 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
15:07:53.0117 5368 RpcLocator - ok
15:07:53.0394 5368 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
15:07:53.0398 5368 RpcSs - ok
15:07:53.0433 5368 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
15:07:53.0434 5368 rspndr - ok
15:07:53.0484 5368 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:07:53.0486 5368 SamSs - ok
15:07:53.0730 5368 SavRoam (3d6ab454353a7834a0919e4cdc77b566) D:\applications\Symantec AntiVirus\SavRoam.exe
15:07:53.0731 5368 SavRoam - ok
15:07:53.0758 5368 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
15:07:53.0759 5368 sbp2port - ok
15:07:53.0778 5368 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
15:07:53.0781 5368 SCardSvr - ok
15:07:53.0841 5368 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
15:07:53.0842 5368 scfilter - ok
15:07:54.0541 5368 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
15:07:54.0567 5368 Schedule - ok
15:07:54.0612 5368 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
15:07:54.0613 5368 SCPolicySvc - ok
15:07:54.0780 5368 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
15:07:54.0783 5368 SDRSVC - ok
15:07:54.0813 5368 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:07:54.0814 5368 secdrv - ok
15:07:54.0843 5368 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
15:07:54.0845 5368 seclogon - ok
15:07:54.0861 5368 SenFiltService - ok
15:07:54.0885 5368 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
15:07:54.0887 5368 SENS - ok
15:07:54.0918 5368 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
15:07:54.0920 5368 SensrSvc - ok
15:07:54.0929 5368 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
15:07:54.0929 5368 Serenum - ok
15:07:54.0952 5368 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
15:07:54.0953 5368 Serial - ok
15:07:54.0998 5368 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
15:07:54.0998 5368 sermouse - ok
15:07:55.0156 5368 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
15:07:55.0159 5368 SessionEnv - ok
15:07:55.0190 5368 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
15:07:55.0191 5368 sffdisk - ok
15:07:55.0210 5368 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
15:07:55.0210 5368 sffp_mmc - ok
15:07:55.0230 5368 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
15:07:55.0231 5368 sffp_sd - ok
15:07:55.0273 5368 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
15:07:55.0274 5368 sfloppy - ok
15:07:55.0491 5368 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
15:07:55.0494 5368 SharedAccess - ok
15:07:55.0534 5368 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
15:07:55.0544 5368 ShellHWDetection - ok
15:07:55.0565 5368 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
15:07:55.0566 5368 sisagp - ok
15:07:55.0595 5368 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:07:55.0596 5368 SiSRaid2 - ok
15:07:55.0609 5368 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
15:07:55.0610 5368 SiSRaid4 - ok
15:07:55.0636 5368 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
15:07:55.0636 5368 Smb - ok
15:07:55.0675 5368 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
15:07:55.0677 5368 SNMPTRAP - ok
15:07:55.0810 5368 SPBBCDrv (905782bcf15b6e5af9905b77923c7fa2) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
15:07:55.0812 5368 SPBBCDrv - ok
15:07:55.0859 5368 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
15:07:55.0860 5368 spldr - ok
15:07:56.0140 5368 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
15:07:56.0144 5368 Spooler - ok
15:07:57.0499 5368 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
15:07:57.0517 5368 sppsvc - ok
15:07:57.0680 5368 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
15:07:57.0682 5368 sppuinotify - ok
15:07:57.0698 5368 sptd - ok
15:07:58.0169 5368 SRTSP (1b2a1c6bc76e1ebe8bc2f4a4f3d43e23) C:\Windows\system32\Drivers\SRTSP.SYS
15:07:58.0170 5368 SRTSP - ok
15:07:58.0402 5368 SRTSPL (f01a7f6e60e95fe83345cf92728a32d4) C:\Windows\system32\Drivers\SRTSPL.SYS
15:07:58.0404 5368 SRTSPL - ok
15:07:58.0427 5368 SRTSPX (d02812f89e18c6fb32f901be1e10bc17) C:\Windows\system32\Drivers\SRTSPX.SYS
15:07:58.0428 5368 SRTSPX - ok
15:07:58.0599 5368 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
15:07:58.0601 5368 srv - ok
15:07:58.0774 5368 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
15:07:58.0786 5368 srv2 - ok
15:07:58.0818 5368 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
15:07:58.0819 5368 srvnet - ok
15:07:58.0908 5368 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
15:07:58.0912 5368 SSDPSRV - ok
15:07:58.0934 5368 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
15:07:58.0937 5368 SstpSvc - ok
15:07:58.0993 5368 Steam Client Service - ok
15:07:59.0162 5368 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:07:59.0168 5368 Stereo Service - ok
15:07:59.0190 5368 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
15:07:59.0190 5368 stexstor - ok
15:07:59.0238 5368 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
15:07:59.0247 5368 StiSvc - ok
15:07:59.0268 5368 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
15:07:59.0269 5368 swenum - ok
15:07:59.0296 5368 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
15:07:59.0307 5368 swprv - ok
15:08:04.0736 5368 Symantec AntiVirus (a548acf535d81a96e1b38f76a2de658f) D:\applications\Symantec AntiVirus\Rtvscan.exe
15:08:04.0746 5368 Symantec AntiVirus - ok
15:08:04.0788 5368 SymEvent (9d98270b5f10a4c84e8da417c30756e1) C:\Windows\system32\Drivers\SYMEVENT.SYS
15:08:04.0789 5368 SymEvent - ok
15:08:04.0809 5368 SYMREDRV (7f4011a719bf30e3dbd84d3a0a45c91c) C:\Windows\System32\Drivers\SYMREDRV.SYS
15:08:04.0809 5368 SYMREDRV - ok
15:08:04.0823 5368 SYMTDI (2f03cbdb0f22278d05d5d616c993ab58) C:\Windows\System32\Drivers\SYMTDI.SYS
15:08:04.0824 5368 SYMTDI - ok
15:08:04.0885 5368 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
15:08:04.0908 5368 SysMain - ok
15:08:04.0934 5368 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
15:08:04.0936 5368 TabletInputService - ok
15:08:04.0970 5368 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
15:08:04.0982 5368 TapiSrv - ok
15:08:05.0007 5368 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
15:08:05.0010 5368 TBS - ok
15:08:05.0105 5368 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
15:08:05.0132 5368 Tcpip - ok
15:08:05.0255 5368 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
15:08:05.0261 5368 TCPIP6 - ok
15:08:05.0339 5368 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
15:08:05.0340 5368 tcpipreg - ok
15:08:05.0359 5368 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
15:08:05.0360 5368 TDPIPE - ok
15:08:05.0376 5368 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
15:08:05.0376 5368 TDTCP - ok
15:08:05.0398 5368 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
15:08:05.0403 5368 tdx - ok
15:08:05.0434 5368 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
15:08:05.0434 5368 TermDD - ok
15:08:05.0478 5368 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
15:08:05.0507 5368 TermService - ok
15:08:05.0521 5368 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
15:08:05.0523 5368 Themes - ok
15:08:05.0538 5368 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:08:05.0540 5368 THREADORDER - ok
15:08:05.0561 5368 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
15:08:05.0563 5368 TrkWks - ok
15:08:05.0610 5368 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
15:08:05.0611 5368 TrustedInstaller - ok
15:08:05.0627 5368 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:08:05.0628 5368 tssecsrv - ok
15:08:05.0663 5368 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
15:08:05.0663 5368 TsUsbFlt - ok
15:08:05.0703 5368 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
15:08:05.0704 5368 tunnel - ok
15:08:05.0727 5368 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
15:08:05.0728 5368 uagp35 - ok
15:08:05.0755 5368 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
15:08:05.0767 5368 udfs - ok
15:08:05.0796 5368 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
15:08:05.0800 5368 UI0Detect - ok
15:08:05.0834 5368 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
15:08:05.0834 5368 uliagpkx - ok
15:08:05.0853 5368 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
15:08:05.0854 5368 umbus - ok
15:08:05.0860 5368 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
15:08:05.0860 5368 UmPass - ok
15:08:05.0882 5368 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
15:08:05.0892 5368 upnphost - ok
15:08:05.0918 5368 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
15:08:05.0919 5368 usbaudio - ok
15:08:05.0941 5368 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
15:08:05.0942 5368 usbccgp - ok
15:08:05.0952 5368 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
15:08:05.0953 5368 usbcir - ok
15:08:05.0977 5368 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
15:08:05.0977 5368 usbehci - ok
15:08:06.0009 5368 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
15:08:06.0020 5368 usbhub - ok
15:08:06.0033 5368 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
15:08:06.0034 5368 usbohci - ok
15:08:06.0051 5368 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
15:08:06.0051 5368 usbprint - ok
15:08:06.0073 5368 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:08:06.0074 5368 USBSTOR - ok
15:08:06.0088 5368 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
15:08:06.0089 5368 usbuhci - ok
15:08:06.0112 5368 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
15:08:06.0115 5368 UxSms - ok
15:08:06.0138 5368 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:08:06.0140 5368 VaultSvc - ok
15:08:06.0182 5368 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
15:08:06.0182 5368 vdrvroot - ok
15:08:06.0215 5368 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
15:08:06.0232 5368 vds - ok
15:08:06.0250 5368 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
15:08:06.0250 5368 vga - ok
15:08:06.0260 5368 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
15:08:06.0260 5368 VgaSave - ok
15:08:06.0275 5368 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
15:08:06.0276 5368 vhdmp - ok
15:08:06.0296 5368 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
15:08:06.0297 5368 viaagp - ok
15:08:06.0310 5368 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
15:08:06.0311 5368 ViaC7 - ok
15:08:06.0320 5368 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
15:08:06.0321 5368 viaide - ok
15:08:06.0328 5368 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
15:08:06.0329 5368 volmgr - ok
15:08:06.0347 5368 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
15:08:06.0358 5368 volmgrx - ok
15:08:06.0378 5368 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
15:08:06.0380 5368 volsnap - ok
15:08:06.0408 5368 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
15:08:06.0409 5368 vsmraid - ok
15:08:06.0460 5368 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
15:08:06.0483 5368 VSS - ok
15:08:06.0538 5368 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
15:08:06.0538 5368 vwifibus - ok
15:08:06.0573 5368 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
15:08:06.0576 5368 W32Time - ok
15:08:06.0589 5368 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
15:08:06.0589 5368 WacomPen - ok
15:08:06.0618 5368 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
15:08:06.0619 5368 WANARP - ok
15:08:06.0621 5368 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
15:08:06.0622 5368 Wanarpv6 - ok
15:08:06.0703 5368 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
15:08:06.0733 5368 WatAdminSvc - ok
15:08:06.0839 5368 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
15:08:06.0867 5368 wbengine - ok
15:08:06.0889 5368 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
15:08:06.0892 5368 WbioSrvc - ok
15:08:06.0963 5368 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
15:08:06.0972 5368 WcesComm - ok
15:08:07.0005 5368 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
15:08:07.0016 5368 wcncsvc - ok
15:08:07.0026 5368 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
15:08:07.0051 5368 WcsPlugInService - ok
15:08:07.0094 5368 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
15:08:07.0095 5368 Wd - ok
15:08:07.0136 5368 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
15:08:07.0137 5368 WDC_SAM - ok
15:08:07.0164 5368 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
15:08:07.0168 5368 Wdf01000 - ok
15:08:07.0188 5368 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:08:07.0191 5368 WdiServiceHost - ok
15:08:07.0194 5368 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:08:07.0197 5368 WdiSystemHost - ok
15:08:07.0224 5368 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
15:08:07.0227 5368 WebClient - ok
15:08:07.0242 5368 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
15:08:07.0245 5368 Wecsvc - ok
15:08:07.0258 5368 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
15:08:07.0261 5368 wercplsupport - ok
15:08:07.0281 5368 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
15:08:07.0284 5368 WerSvc - ok
15:08:07.0309 5368 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
15:08:07.0310 5368 WfpLwf - ok
15:08:07.0319 5368 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
15:08:07.0319 5368 WIMMount - ok
15:08:07.0404 5368 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
15:08:07.0416 5368 WinDefend - ok
15:08:07.0421 5368 WinHttpAutoProxySvc - ok
15:08:07.0470 5368 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
15:08:07.0471 5368 Winmgmt - ok
15:08:07.0550 5368 WinRing0_1_2_0 - ok
15:08:07.0613 5368 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
15:08:07.0645 5368 WinRM - ok
15:08:07.0691 5368 WINUSB (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUSB.SYS
15:08:07.0692 5368 WINUSB - ok
15:08:07.0746 5368 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
15:08:07.0780 5368 Wlansvc - ok
15:08:07.0794 5368 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
15:08:07.0794 5368 WmiAcpi - ok
15:08:07.0838 5368 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
15:08:07.0839 5368 wmiApSrv - ok
15:08:07.0932 5368 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:08:07.0940 5368 WMPNetworkSvc - ok
15:08:08.0003 5368 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
15:08:08.0006 5368 WPCSvc - ok
15:08:08.0028 5368 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
15:08:08.0031 5368 WPDBusEnum - ok
15:08:08.0076 5368 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
15:08:08.0076 5368 ws2ifsl - ok
15:08:08.0086 5368 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
15:08:08.0089 5368 wscsvc - ok
15:08:08.0092 5368 WSearch - ok
15:08:08.0188 5368 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
15:08:08.0237 5368 wuauserv - ok
15:08:08.0300 5368 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
15:08:08.0301 5368 WudfPf - ok
15:08:08.0329 5368 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:08:08.0330 5368 WUDFRd - ok
15:08:08.0369 5368 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
15:08:08.0372 5368 wudfsvc - ok
15:08:08.0405 5368 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
15:08:08.0412 5368 WwanSvc - ok
15:08:08.0453 5368 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\Windows\system32\DRIVERS\yk62x86.sys
15:08:08.0464 5368 yukonw7 - ok
15:08:08.0481 5368 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:08:08.0615 5368 \Device\Harddisk0\DR0 - ok
15:08:08.0633 5368 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
15:08:08.0910 5368 \Device\Harddisk1\DR1 - ok
15:08:08.0922 5368 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
15:08:09.0195 5368 \Device\Harddisk2\DR2 - ok
15:08:09.0198 5368 Boot (0x1200) (65253735f806f4502425e63a6acbc801) \Device\Harddisk0\DR0\Partition0
15:08:09.0199 5368 \Device\Harddisk0\DR0\Partition0 - ok
15:08:09.0209 5368 Boot (0x1200) (b2856e2da9d68b4868b2c64baf403934) \Device\Harddisk0\DR0\Partition1
15:08:09.0211 5368 \Device\Harddisk0\DR0\Partition1 - ok
15:08:09.0214 5368 Boot (0x1200) (5a013cc5f1b4c48f1f0e1c48e5194c2f) \Device\Harddisk1\DR1\Partition0
15:08:09.0215 5368 \Device\Harddisk1\DR1\Partition0 - ok
15:08:09.0220 5368 Boot (0x1200) (064d0dc1dc55e87ff03a68c5f43ba1d0) \Device\Harddisk2\DR2\Partition0
15:08:09.0221 5368 \Device\Harddisk2\DR2\Partition0 - ok
15:08:09.0221 5368 ============================================================
15:08:09.0222 5368 Scan finished
15:08:09.0222 5368 ============================================================
15:08:09.0232 5356 Detected object count: 0
15:08:09.0232 5356 Actual detected object count: 0

#4 Larusso

Larusso

    Raggamuffin


  • Malware Response Team
  • 305 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austria
  • Local time:08:39 PM

Posted 10 August 2012 - 12:22 PM

Hy there and sorry for the delay. Was overfilled with work.


This is not the OTL Custom Scan I gave you. Do you get help on another forum ? If so, please provide a link to this topic.
regards,
Daniel

Bread for the world instead Bombs and Bangers


I'll always help for free but if you want to support me in my fight against malware, please btn_donate_SM.gif

#5 CCPC

CCPC
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:39 PM

Posted 10 August 2012 - 02:18 PM

I am so sorry. I think it was an earlier scan done on my own. i am not getting any other help. here is the correct logs.


OTL logfile created on: 8/8/2012 3:01:26 PM - Run 2
OTL by OldTimer - Version 3.2.56.0 Folder = E:\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 55.25% Memory free
6.50 Gb Paging File | 5.09 Gb Available in Paging File | 78.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297.99 Gb Total Space | 257.66 Gb Free Space | 86.47% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 59.71 Gb Free Space | 20.03% Space Free | Partition Type: NTFS
Drive E: | 279.46 Gb Total Space | 210.22 Gb Free Space | 75.22% Space Free | Partition Type: NTFS

Computer Name: GAMER | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/08 15:00:51 | 000,596,480 | ---- | M] (OldTimer Tools) -- E:\Downloads\OTL.exe
PRC - [2012/05/21 10:11:12 | 000,661,304 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
PRC - [2012/05/21 10:11:00 | 000,676,664 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
PRC - [2012/05/21 10:10:48 | 005,092,152 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\LCore.exe
PRC - [2012/05/15 05:26:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/05/15 04:28:16 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012/05/15 04:27:34 | 000,857,920 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/03/17 18:40:28 | 007,953,960 | ---- | M] (NaturalPoint, Inc.) -- D:\Applications\NaturalPoint\TrackIR5\TrackIR5.exe
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 07:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/09/17 21:28:36 | 000,622,080 | ---- | M] () -- C:\Program Files\ASUS\AASP\1.00.95\aaCenter.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/05/05 19:56:42 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\Ctxfihlp.exe
PRC - [2010/05/05 19:51:56 | 001,212,928 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\CTxfispi.exe
PRC - [2010/02/12 10:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2009/10/09 20:11:38 | 000,226,816 | ---- | M] () -- D:\Applications\Razer\Diamondback\Razer\Diamondback\razerhid.exe
PRC - [2009/09/28 12:48:08 | 000,264,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeChat\LifeChat.exe
PRC - [2009/09/17 18:40:44 | 000,075,048 | ---- | M] () -- d:\Applications\DirecTV\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe
PRC - [2009/07/01 20:23:52 | 001,435,136 | ---- | M] () -- D:\Applications\ASUS\AI Suite\AiNap\AiNap.exe
PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/01/22 20:43:54 | 001,352,704 | ---- | M] () -- d:\Applications\ASUS\AI Suite\EnergySaving\PwSave.exe
PRC - [2008/01/09 10:17:18 | 000,627,200 | ---- | M] () -- D:\Applications\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe
PRC - [2007/11/30 20:03:28 | 000,881,152 | ---- | M] () -- D:\Applications\ASUS\AI Suite\CpuLevelUpHelp.exe
PRC - [2007/10/16 14:48:50 | 000,319,488 | ---- | M] (ASUS) -- d:\Applications\ASUS\AI Suite\CpuLevelUpHook32.exe
PRC - [2007/10/11 17:09:50 | 000,582,656 | ---- | M] () -- d:\Applications\ASUS\AI Suite\CpuLevelUpHookLaunch.exe
PRC - [2007/02/14 11:11:18 | 000,163,840 | ---- | M] (Razer Inc.) -- D:\Applications\Razer\Diamondback\Razer\Diamondback\razerofa.exe
PRC - [2007/02/07 16:00:02 | 000,131,072 | ---- | M] () -- D:\Applications\Razer\Diamondback\Razer\Diamondback\razertra.exe
PRC - [2006/11/28 06:34:38 | 000,134,808 | ---- | M] (Symantec Corporation) -- D:\Applications\Symantec AntiVirus\VPTray.exe
PRC - [2006/11/28 06:34:18 | 001,962,136 | ---- | M] (Symantec Corporation) -- D:\Applications\Symantec AntiVirus\Rtvscan.exe
PRC - [2006/11/28 06:34:00 | 000,030,872 | ---- | M] (Symantec Corporation) -- D:\Applications\Symantec AntiVirus\DefWatch.exe
PRC - [2006/11/22 17:12:36 | 000,107,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2006/11/22 17:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2005/09/21 15:05:32 | 000,270,336 | ---- | M] () -- D:\Applications\GEEK SQUAD POWER MANAGEMENT\pppeuser.exe
PRC - [2005/09/20 17:49:36 | 000,487,424 | ---- | M] () -- D:\Applications\GEEK SQUAD POWER MANAGEMENT\ppped.exe


========== Modules (No Company Name) ==========

MOD - [2010/09/17 21:28:39 | 000,204,851 | ---- | M] () -- C:\Program Files\ASUS\AASP\1.00.95\PowerDll.dll
MOD - [2010/09/17 21:28:39 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\AASP\1.00.95\cpuutil.dll
MOD - [2010/09/17 21:28:38 | 000,188,928 | ---- | M] () -- C:\Program Files\ASUS\AASP\1.00.95\aasp.dll
MOD - [2010/09/17 21:28:36 | 000,622,080 | ---- | M] () -- C:\Program Files\ASUS\AASP\1.00.95\aaCenter.exe
MOD - [2010/09/17 21:18:40 | 000,024,576 | ---- | M] () -- C:\Windows\System32\AsIO.dll
MOD - [2010/05/05 19:56:46 | 000,002,560 | ---- | M] () -- C:\Windows\CTXFIRES.DLL
MOD - [2009/11/25 23:23:08 | 000,492,544 | ---- | M] () -- D:\Applications\NaturalPoint\TrackIR5\Styles\TrackIR.cjstyles
MOD - [2009/10/09 20:11:38 | 000,226,816 | ---- | M] () -- D:\Applications\Razer\Diamondback\Razer\Diamondback\razerhid.exe
MOD - [2009/07/01 20:23:52 | 001,435,136 | ---- | M] () -- D:\Applications\ASUS\AI Suite\AiNap\AiNap.exe
MOD - [2009/03/26 14:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\System32\APOMngr.DLL
MOD - [2009/01/22 20:43:54 | 001,352,704 | ---- | M] () -- d:\Applications\ASUS\AI Suite\EnergySaving\PwSave.exe
MOD - [2009/01/22 20:43:54 | 000,409,088 | ---- | M] () -- d:\Applications\ASUS\AI Suite\EnergySaving\AnimationView.dll
MOD - [2008/02/25 15:08:54 | 000,208,896 | ---- | M] () -- D:\Applications\ASUS\AI Suite\AiNap\AiNap.dll
MOD - [2008/01/09 10:17:18 | 000,627,200 | ---- | M] () -- D:\Applications\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe
MOD - [2007/11/30 20:03:28 | 000,881,152 | ---- | M] () -- D:\Applications\ASUS\AI Suite\CpuLevelUpHelp.exe
MOD - [2007/10/11 17:09:50 | 000,582,656 | ---- | M] () -- d:\Applications\ASUS\AI Suite\CpuLevelUpHookLaunch.exe
MOD - [2007/10/11 14:51:00 | 000,053,248 | ---- | M] () -- d:\Applications\ASUS\AI Suite\HookKey32.dll
MOD - [2007/02/07 16:00:02 | 000,131,072 | ---- | M] () -- D:\Applications\Razer\Diamondback\Razer\Diamondback\razertra.exe
MOD - [2007/01/03 22:25:56 | 000,008,704 | ---- | M] () -- D:\Applications\ASUS\AI Suite\AiNap\vvc.dll
MOD - [2005/09/21 15:05:32 | 000,270,336 | ---- | M] () -- D:\Applications\GEEK SQUAD POWER MANAGEMENT\pppeuser.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- D:\applications\Luttmann\vmcNetFlix\NetFlixDownloadManager.exe -- (NetFlixDownloadManager)
SRV - [2012/08/01 20:31:21 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/15 05:26:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/01/26 20:21:22 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\DDLLicensing.exe -- (Creative Dolby Digital Live Pack Licensing Service)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2010/09/18 23:08:02 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/09/18 22:57:17 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/09/13 23:58:43 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/02/12 10:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009/09/17 18:40:44 | 000,075,048 | ---- | M] () [Auto | Running] -- d:\Applications\DirecTV\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe -- (CLDTVHNService)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/11/28 06:34:26 | 000,122,008 | ---- | M] (symantec) [On_Demand | Stopped] -- D:\Applications\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2006/11/28 06:34:18 | 001,962,136 | ---- | M] (Symantec Corporation) [Auto | Running] -- D:\Applications\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2006/11/28 06:34:00 | 000,030,872 | ---- | M] (Symantec Corporation) [Auto | Running] -- D:\Applications\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2006/11/22 17:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2006/11/22 17:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2006/10/31 10:32:09 | 002,541,248 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2005/09/20 17:49:36 | 000,487,424 | ---- | M] () [Auto | Running] -- D:\Applications\GEEK SQUAD POWER MANAGEMENT\ppped.exe -- (ppped)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- C:\Users\Chris\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24[1].gadget\WinRing0.sys -- (WinRing0_1_2_0)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\\SystemRoot\System32\Drivers\sptd.sys -- (sptd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\Senfilt.sys -- (SenFiltService)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTHDRVSP.sys -- (PTHDRVSP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTHDRMDM.sys -- (PTHDRMDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTHDRBUS.sys -- (PTHDRBUS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mvvideodemo.sys -- (mvvideodemo)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Applications\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Chris\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AmdLLD.sys -- (AmdLLD)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\AEAudio.sys -- (AEAudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2012/05/16 03:00:00 | 001,589,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120803.004\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/05/16 03:00:00 | 000,087,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120803.004\NAVENG.SYS -- (NAVENG)
DRV - [2012/05/15 23:15:56 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/05/15 23:15:51 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/05/15 05:26:00 | 011,354,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010/09/17 21:28:35 | 000,006,504 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2010/09/17 21:18:41 | 000,011,448 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2010/09/17 21:18:41 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2010/09/12 17:17:53 | 000,109,744 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/07/09 13:18:54 | 000,020,328 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz134_x32.sys -- (cpuz134)
DRV - [2010/05/05 21:29:18 | 001,178,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2010/05/05 21:29:10 | 000,095,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2010/05/05 21:29:02 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2010/05/05 21:28:54 | 000,014,424 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2010/05/05 21:24:44 | 000,130,136 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2010/05/05 21:24:34 | 000,347,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2010/05/05 21:24:24 | 000,526,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2010/05/05 21:24:14 | 000,511,064 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2010/05/05 21:24:04 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV - [2010/05/05 21:24:04 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2010/05/05 21:23:52 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV - [2010/05/05 21:23:52 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2010/05/05 21:23:46 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV - [2010/05/05 21:23:46 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2009/12/17 17:49:02 | 000,037,408 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\npusbio.sys -- (npusbio)
DRV - [2009/11/23 17:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid)
DRV - [2009/11/23 17:37:08 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV - [2009/09/28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/09/17 18:40:52 | 000,119,792 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- d:\Applications\DirecTV\DirecTV\DirecTV\Kernel\DMP\ntk_dtv.sys -- (ntk_dtv)
DRV - [2008/04/16 08:27:04 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2006/11/22 16:17:06 | 000,274,328 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2006/11/22 16:17:06 | 000,247,144 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2006/11/22 16:17:06 | 000,025,448 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2006/10/26 12:01:34 | 000,185,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2006/10/26 12:01:34 | 000,026,384 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2006/10/06 14:26:16 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2005/04/24 22:43:58 | 000,013,225 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Razerlow.sys -- (Razerlow)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {e2fda1a4-762b-4020-b5ad-a41df1933103}:1.0b2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Components: d:\applications\Mozilla Thunderbird\components [2012/06/27 17:05:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Plugins: d:\applications\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: D:\Applications\Mozilla Thunderbird\components [2012/06/27 17:05:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: D:\Applications\Mozilla Thunderbird\plugins

[2010/09/12 17:31:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions
[2010/09/12 17:31:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/08/04 18:51:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\extensions
[2012/08/04 18:51:44 | 000,000,000 | ---D | M] (uTorrentControl2) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012/07/25 18:34:55 | 000,000,000 | ---D | M] (Lightning) -- C:\USERS\CHRIS\APPDATA\ROAMING\THUNDERBIRD\PROFILES\TZU9SSDR.DEFAULT\EXTENSIONS\{E2FDA1A4-762B-4020-B5AD-A41DF1933103}
[2012/05/15 20:13:35 | 000,564,732 | ---- | M] () (No name found) -- C:\USERS\CHRIS\APPDATA\ROAMING\THUNDERBIRD\PROFILES\TZU9SSDR.DEFAULT\EXTENSIONS\TBTESTPILOT@LABS.MOZILLA.COM.XPI

========== Chrome ==========

CHR - homepage: http://www.bing.com/
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTerms}&AF=100486&tt=090212_ctrl&babsrc=SP_ss&mntrId=32a4cb2b000000000000001e8c2e25c3
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.bing.com/
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Chris\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Late Night = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0_0\
CHR - Extension: Gmail = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2010/10/24 11:05:37 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Ai Nap] d:\applications\ASUS\AI Suite\AiNap\AiNap.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Cpu Level Up help] d:\applications\ASUS\AI Suite\CpuLevelUpHelp.exe ()
O4 - HKLM..\Run: [CPU Power Monitor] d:\applications\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe ()
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Diamondback] d:\Applications\Razer\Diamondback\Razer\Diamondback\razerhid.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [LifeChat] C:\Program Files\Microsoft LifeChat\LifeChat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [QFan Help] d:\applications\ASUS\AI Suite\QFan3\QFanHelp.exe ()
O4 - HKLM..\Run: [vptray] D:\Applications\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKCU..\Run: [NaturalPoint] D:\Applications\NaturalPoint\TrackIR5\TrackIR5.exe (NaturalPoint, Inc.)
O4 - HKCU..\Run: [PowerPanel Personal Edition User Interaction] D:\applications\GEEK SQUAD POWER MANAGEMENT\pppeuser.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2ADC9A12-2D52-4FD3-989B-54777B7B1A5C}: DhcpNameServer = 68.94.156.1 68.94.157.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB95A658-4D04-48D0-86A5-A806625511E5}: DhcpNameServer = 192.168.0.1
O20 - AppInit_DLLs: ({DLL_Str}) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/12 23:08:43 | 000,000,052 | ---- | M] () - C:\AUTOEXEC.001 -- [ NTFS ]
O32 - AutoRun File - [2011/02/13 00:52:04 | 000,000,052 | ---- | M] () - C:\AUTOEXEC.002 -- [ NTFS ]
O32 - AutoRun File - [2011/02/13 01:52:24 | 000,000,052 | ---- | M] () - C:\AUTOEXEC.003 -- [ NTFS ]
O32 - AutoRun File - [2011/02/15 12:25:22 | 000,000,052 | ---- | M] () - C:\AUTOEXEC.004 -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\AUTOEXEC.BAK -- [ NTFS ]
O32 - AutoRun File - [2011/02/15 14:46:10 | 000,000,052 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1078921C-90F1-5A4C-B702-321A6E642222} - Internet Explorer
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6667E4D4-942F-BD77-0E90-6D744001489F} - Internet Explorer
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - State: "bootini" - 2
MsConfig - State: "startup" - 0
MsConfig - State: "services" - 0

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/06 18:12:43 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\DayZCommander
[2012/08/05 09:49:51 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\LockHunter
[2012/08/05 09:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LockHunter
[2012/08/05 09:49:29 | 000,000,000 | ---D | C] -- C:\Program Files\LockHunter
[2012/08/05 09:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\MSECACHE
[2012/08/05 09:00:12 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\DCS
[2012/08/04 18:51:36 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrentControl2
[2012/08/04 18:51:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012/08/04 18:51:09 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012/08/04 18:50:24 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\uTorrent
[2012/08/04 04:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012/08/04 04:28:16 | 000,000,000 | ---D | C] -- C:\rsit
[2012/08/01 20:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrackIR v5
[2012/08/01 17:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/07/29 09:50:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/07/25 22:08:09 | 000,000,000 | ---D | C] -- C:\ViewSonic
[2012/07/25 21:49:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/07/25 21:48:37 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2012/07/25 19:30:17 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/07/15 08:26:51 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\Nas
[2012/07/14 18:46:06 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\ArmA 2 Other Profiles
[2012/07/14 18:09:54 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\SIX_Projects
[2012/07/14 17:55:31 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\six-zsync
[2012/07/14 17:55:31 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\six-updater
[2012/07/14 17:54:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Six Projects
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\Chris\AppData\Local\*.tmp files -> C:\Users\Chris\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/08 15:05:45 | 000,019,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/08 15:05:45 | 000,019,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/08 14:58:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/08 14:58:02 | 2616,545,280 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/08 01:24:41 | 000,054,832 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000005-00000000-00000001-00001102-00000005-002C1102}.rfx
[2012/08/08 01:24:41 | 000,054,832 | ---- | M] () -- C:\Windows\System32\BMXState-{00000005-00000000-00000001-00001102-00000005-002C1102}.rfx
[2012/08/08 01:24:41 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000005-00000000-00000001-00001102-00000005-002C1102}.rfx
[2012/08/08 00:37:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3154289940-1777885061-1526483830-1001UA.job
[2012/08/07 21:30:15 | 000,000,455 | ---- | M] () -- C:\Users\Chris\Desktop\DayZ Map - DayZDB.website
[2012/08/06 18:12:29 | 000,001,006 | ---- | M] () -- C:\Users\Public\Desktop\DayZ Commander.lnk
[2012/08/05 22:50:02 | 000,002,064 | ---- | M] () -- C:\Windows\System32\settingsbkup.sfm
[2012/08/05 22:50:02 | 000,002,064 | ---- | M] () -- C:\Windows\System32\settings.sfm
[2012/08/05 07:18:14 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\ DCS World Multiplayer.lnk
[2012/08/05 07:18:14 | 000,000,956 | ---- | M] () -- C:\Users\Public\Desktop\ DCS World.lnk
[2012/08/05 04:37:01 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3154289940-1777885061-1526483830-1001Core.job
[2012/08/04 19:35:06 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\ DCS A-10C Multiplayer.lnk
[2012/08/04 19:35:05 | 000,000,970 | ---- | M] () -- C:\Users\Public\Desktop\ DCS A-10C.lnk
[2012/08/04 18:51:20 | 000,000,941 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/08/04 18:51:20 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/08/04 05:13:02 | 000,000,020 | ---- | M] () -- C:\Users\Chris\defogger_reenable
[2012/08/03 18:16:04 | 000,623,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/08/03 18:16:04 | 000,106,316 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/02 21:46:38 | 000,007,651 | ---- | M] () -- C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
[2012/08/01 20:10:28 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\TrackIR v5.lnk
[2012/08/01 17:41:37 | 000,002,450 | ---- | M] () -- C:\Users\Chris\Desktop\Google Chrome.lnk
[2012/07/29 10:07:33 | 000,000,732 | ---- | M] () -- C:\Users\Chris\Desktop\EVGA Precision X.lnk
[2012/07/27 16:25:30 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Six Updater.lnk
[2012/07/27 16:25:30 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Six Launcher.lnk
[2012/07/26 22:29:41 | 000,012,741 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\PStrip.ini
[2012/07/26 21:57:36 | 181,993,864 | ---- | M] () -- C:\07262012.reg
[2012/07/26 21:37:51 | 000,012,407 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\PStrip.bak
[2012/07/25 22:25:37 | 000,012,157 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\PStrip.bk!
[2012/07/25 21:52:43 | 000,009,134 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\PStrip.bko
[2012/07/23 22:33:52 | 000,000,898 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2012/07/15 10:15:30 | 000,000,207 | ---- | M] () -- C:\Users\Chris\Desktop\Dayz.url
[2012/07/10 22:19:18 | 000,403,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/09 18:18:14 | 000,001,151 | ---- | M] () -- C:\Users\Chris\Desktop\Complex 8.2.3.lnk
[2012/07/09 18:17:32 | 000,001,237 | ---- | M] () -- C:\Users\Chris\Desktop\Homeworld 2 Complex simpleMod.lnk
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\Chris\AppData\Local\*.tmp files -> C:\Users\Chris\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/06 18:12:29 | 000,001,006 | ---- | C] () -- C:\Users\Public\Desktop\DayZ Commander.lnk
[2012/08/05 07:18:14 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\ DCS World Multiplayer.lnk
[2012/08/05 07:18:14 | 000,000,956 | ---- | C] () -- C:\Users\Public\Desktop\ DCS World.lnk
[2012/08/04 18:51:20 | 000,000,941 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/08/04 18:51:20 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/08/04 05:12:51 | 000,000,020 | ---- | C] () -- C:\Users\Chris\defogger_reenable
[2012/08/01 20:10:28 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\TrackIR v5.lnk
[2012/08/01 20:09:49 | 000,037,408 | ---- | C] () -- C:\Windows\System32\drivers\npusbio.sys
[2012/07/26 21:57:28 | 181,993,864 | ---- | C] () -- C:\07262012.reg
[2012/07/25 21:43:39 | 000,011,190 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2012/07/25 21:42:08 | 000,012,157 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\PStrip.bk!
[2012/07/25 21:42:04 | 000,009,134 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\PStrip.bko
[2012/07/25 21:34:46 | 000,012,407 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\PStrip.bak
[2012/07/25 20:37:57 | 000,012,741 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\PStrip.ini
[2012/07/16 23:05:07 | 000,000,455 | ---- | C] () -- C:\Users\Chris\Desktop\DayZ Map - DayZDB.website
[2012/07/15 10:15:30 | 000,000,207 | ---- | C] () -- C:\Users\Chris\Desktop\Dayz.url
[2012/07/14 17:54:11 | 000,002,573 | ---- | C] () -- C:\Users\Public\Desktop\Six Updater.lnk
[2012/07/14 17:54:11 | 000,002,573 | ---- | C] () -- C:\Users\Public\Desktop\Six Launcher.lnk
[2012/07/09 15:59:30 | 000,001,151 | ---- | C] () -- C:\Users\Chris\Desktop\Complex 8.2.3.lnk
[2012/05/15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012/02/15 16:02:03 | 003,566,434 | ---- | C] () -- C:\Windows\System32\fun_avcodec.dll
[2012/02/15 16:02:03 | 000,827,392 | ---- | C] () -- C:\Windows\System32\Mpeg4System.dll
[2012/02/15 16:02:03 | 000,241,664 | ---- | C] () -- C:\Windows\System32\AMR.dll
[2012/02/15 16:02:03 | 000,167,936 | ---- | C] () -- C:\Windows\System32\Mpeg4Tools.dll
[2012/02/15 16:02:03 | 000,122,880 | ---- | C] () -- C:\Windows\System32\Mpeg4DSF.dll
[2012/02/15 16:02:03 | 000,057,344 | ---- | C] () -- C:\Windows\System32\EvrcDecDll.dll
[2012/02/15 16:02:03 | 000,057,344 | ---- | C] () -- C:\Windows\System32\AMRDSF.dll
[2012/02/15 16:02:03 | 000,042,108 | ---- | C] () -- C:\Windows\System32\fun_avutil.dll
[2012/02/15 15:51:43 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2012/02/06 18:28:55 | 000,000,307 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/01/29 10:05:42 | 000,000,080 | ---- | C] () -- C:\Users\Chris\AppData\Local\X-Plane Installer.prf
[2011/09/07 01:08:39 | 000,000,346 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011/08/24 18:26:44 | 000,000,100 | ---- | C] () -- C:\Windows\Sfc3ng.ini
[2011/08/22 11:52:26 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/08/20 08:39:06 | 000,003,248 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\glide_wrapper.zbag.ini
[2011/07/19 21:21:25 | 000,000,000 | ---- | C] () -- C:\Windows\EAREMOVE.INI
[2011/07/19 21:21:21 | 000,000,048 | ---- | C] () -- C:\Windows\WININIT.INI
[2011/07/06 16:24:41 | 000,006,144 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/31 19:11:12 | 000,000,208 | ---- | C] () -- C:\Windows\Ulead32.ini
[2011/03/02 06:43:44 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/02/15 15:03:26 | 000,061,440 | ---- | C] () -- C:\Windows\System32\VDDLoader.dll
[2011/02/13 12:41:58 | 000,000,210 | ---- | C] () -- C:\Windows\PowerReg.dat
[2011/02/12 23:57:05 | 000,000,023 | ---- | C] () -- C:\Windows\System32\vesa768.dll
[2011/02/12 20:49:15 | 000,000,632 | ---- | C] () -- C:\Windows\EF2.INI
[2011/01/29 23:00:12 | 000,024,576 | ---- | C] () -- C:\Windows\System32\ealtest.exe
[2011/01/28 20:31:04 | 000,000,001 | ---- | C] () -- C:\Windows\System32\OutN64proc64.dll
[2011/01/28 20:31:04 | 000,000,001 | ---- | C] () -- C:\Windows\System32\InN64proc64.dll
[2011/01/27 20:53:02 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/12/26 06:20:52 | 000,081,920 | ---- | C] () -- C:\Windows\asr32311.dll
[2010/10/24 10:59:44 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/10/24 10:59:43 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/10/24 10:59:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/10/24 10:59:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/10/24 10:59:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/10/05 17:39:41 | 002,601,752 | ---- | C] () -- C:\Windows\System32\pbsvc_moh.exe
[2010/09/23 00:14:09 | 000,000,351 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\GPU Monitor_Settings.ini
[2010/09/20 19:32:44 | 000,000,073 | ---- | C] () -- C:\Windows\System32\everest_cpl.ini
[2010/09/18 22:56:26 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2010/09/18 22:56:26 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2010/09/18 09:17:54 | 000,007,651 | ---- | C] () -- C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
[2010/09/17 21:59:36 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2010/09/17 21:59:36 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2010/09/17 21:19:52 | 000,011,448 | ---- | C] () -- C:\Windows\System32\drivers\AsUpIO.sys
[2010/09/17 21:19:50 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2010/09/17 21:19:50 | 000,011,296 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2010/09/14 00:18:28 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010/09/12 22:25:43 | 000,138,608 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/09/12 22:25:43 | 000,138,056 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\PnkBstrK.sys
[2010/09/12 22:25:08 | 000,234,576 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/09/12 22:25:07 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010/09/12 22:25:07 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe

========== LOP Check ==========

[2010/11/10 20:24:00 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\.minecraft
[2012/06/19 21:10:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\ArmA II Launcher
[2012/02/15 15:51:36 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Babylon
[2010/11/01 20:14:52 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\CheckPoint
[2011/01/31 21:24:56 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\DAEMON Tools Lite
[2012/04/12 00:28:36 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FSW2
[2012/05/05 22:01:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\GetRightToGo
[2010/12/08 18:32:37 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Hi-Rez Studios
[2011/01/31 21:18:25 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\InfraRecorder
[2012/01/07 19:17:04 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\KillerogDownloader
[2012/06/23 20:43:48 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Leadertech
[2012/08/05 09:49:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\LockHunter
[2012/08/07 21:08:42 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Mumble
[2012/07/25 18:34:54 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Notepad++
[2011/03/08 23:51:20 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\OpenOffice.org
[2010/10/21 07:08:25 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PDF Reading
[2011/09/23 22:04:12 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PowerCinema
[2012/07/14 19:09:21 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\six-updater
[2012/07/14 17:55:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\six-zsync
[2010/09/12 17:31:37 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Thunderbird
[2011/05/31 19:18:27 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Ulead Systems
[2012/08/05 15:07:39 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\uTorrent
[2010/12/25 18:36:57 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\wxlauncher
[2011/05/07 10:43:08 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\XRay Engine
[2012/07/25 19:20:00 | 000,032,568 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*. >
[2012/07/26 18:53:48 | 000,000,000 | ---D | M] -- C:\$RECYCLE.BIN
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010/09/17 21:22:09 | 000,000,000 | ---D | M] -- C:\Intel
[2012/03/12 18:08:08 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2011/02/01 21:57:43 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012/08/05 09:49:29 | 000,000,000 | R--D | M] -- C:\Program Files
[2012/08/04 18:51:13 | 000,000,000 | ---D | M] -- C:\ProgramData
[2010/10/24 11:07:16 | 000,000,000 | ---D | M] -- C:\Qoobox
[2010/09/12 14:40:29 | 000,000,000 | ---D | M] -- C:\Recovery
[2012/08/04 04:28:49 | 000,000,000 | ---D | M] -- C:\rsit
[2012/08/08 15:04:15 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012/08/08 15:00:40 | 000,000,000 | R--D | M] -- C:\Users
[2012/07/07 10:44:39 | 000,000,000 | ---D | M] -- C:\Vac backup
[2012/07/25 22:08:12 | 000,000,000 | ---D | M] -- C:\ViewSonic
[2012/08/02 16:16:49 | 000,000,000 | ---D | M] -- C:\Windows

< %PROGRAMFILES%\*.exe >

< %LOCALAPPDATA%\*.exe >

< %systemroot%\*. /mp /s >

< %windir%\installer\*. /5 >
[2012/08/06 18:12:29 | 000,000,000 | ---D | M] -- C:\Windows\installer\{8639BB50-5ECD-4DBC-A33A-0A7929DD25F9}

< %localappdata%\*. /5 >
[2012/08/08 00:29:15 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\ArmA 2 OA
[2012/08/04 18:51:37 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Conduit
[2012/08/04 18:51:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\CRE
[2012/08/06 18:12:43 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\DayZCommander
[2012/08/05 09:00:12 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\DCS
[2012/08/08 15:06:14 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\temp

< MD5 for: SERVICES.EXE >
[2009/07/13 20:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\ERDNT\cache\services.exe
[2009/07/13 20:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/13 20:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: USER32.DLL >
[2009/07/13 20:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\ERDNT\cache\user32.dll
[2009/07/13 20:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010/11/20 07:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010/11/20 07:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll

< End of report >



15:06:57.0080 5308 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
15:06:57.0871 5308 ============================================================
15:06:57.0871 5308 Current date / time: 2012/08/08 15:06:57.0871
15:06:57.0871 5308 SystemInfo:
15:06:57.0871 5308
15:06:57.0871 5308 OS Version: 6.1.7601 ServicePack: 1.0
15:06:57.0871 5308 Product type: Workstation
15:06:57.0872 5308 ComputerName: GAMER
15:06:57.0872 5308 UserName: Chris
15:06:57.0872 5308 Windows directory: C:\Windows
15:06:57.0872 5308 System windows directory: C:\Windows
15:06:57.0872 5308 Processor architecture: Intel x86
15:06:57.0872 5308 Number of processors: 2
15:06:57.0872 5308 Page size: 0x1000
15:06:57.0872 5308 Boot type: Normal boot
15:06:57.0872 5308 ============================================================
15:06:58.0509 5308 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x23DC4, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
15:06:58.0522 5308 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:06:58.0543 5308 Drive \Device\Harddisk2\DR2 - Size: 0x45DD71DE00 (279.46 Gb), SectorSize: 0x200, Cylinders: 0x8E81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:06:58.0807 5308 ============================================================
15:06:58.0807 5308 \Device\Harddisk0\DR0:
15:06:58.0807 5308 MBR partitions:
15:06:58.0807 5308 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:06:58.0807 5308 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
15:06:58.0807 5308 \Device\Harddisk1\DR1:
15:06:58.0807 5308 MBR partitions:
15:06:58.0807 5308 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
15:06:58.0807 5308 \Device\Harddisk2\DR2:
15:06:58.0807 5308 MBR partitions:
15:06:58.0807 5308 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x22EEA640
15:06:58.0807 5308 ============================================================
15:06:58.0850 5308 C: <-> \Device\Harddisk0\DR0\Partition1
15:06:58.0863 5308 D: <-> \Device\Harddisk1\DR1\Partition0
15:06:58.0879 5308 E: <-> \Device\Harddisk2\DR2\Partition0
15:06:58.0879 5308 ============================================================
15:06:58.0879 5308 Initialize success
15:06:58.0879 5308 ============================================================
15:07:09.0644 5368 ============================================================
15:07:09.0645 5368 Scan started
15:07:09.0645 5368 Mode: Manual;
15:07:09.0645 5368 ============================================================
15:07:11.0907 5368 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
15:07:11.0908 5368 1394ohci - ok
15:07:11.0958 5368 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
15:07:11.0969 5368 ACPI - ok
15:07:12.0002 5368 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
15:07:12.0003 5368 AcpiPmi - ok
15:07:12.0028 5368 ADIHdAudAddService - ok
15:07:12.0623 5368 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:07:12.0623 5368 AdobeARMservice - ok
15:07:12.0677 5368 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
15:07:12.0700 5368 adp94xx - ok
15:07:12.0719 5368 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
15:07:12.0731 5368 adpahci - ok
15:07:12.0744 5368 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
15:07:12.0745 5368 adpu320 - ok
15:07:12.0770 5368 AEAudio - ok
15:07:12.0795 5368 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
15:07:12.0796 5368 AeLookupSvc - ok
15:07:12.0848 5368 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
15:07:12.0850 5368 AFD - ok
15:07:13.0125 5368 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
15:07:13.0125 5368 agp440 - ok
15:07:13.0169 5368 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
15:07:13.0169 5368 aic78xx - ok
15:07:13.0193 5368 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
15:07:13.0194 5368 ALG - ok
15:07:13.0219 5368 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
15:07:13.0220 5368 aliide - ok
15:07:13.0237 5368 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
15:07:13.0238 5368 amdagp - ok
15:07:13.0256 5368 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
15:07:13.0256 5368 amdide - ok
15:07:13.0266 5368 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
15:07:13.0267 5368 AmdK8 - ok
15:07:13.0293 5368 AmdLLD - ok
15:07:13.0441 5368 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
15:07:13.0442 5368 AmdPPM - ok
15:07:13.0475 5368 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
15:07:13.0476 5368 amdsata - ok
15:07:13.0495 5368 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
15:07:13.0496 5368 amdsbs - ok
15:07:13.0510 5368 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
15:07:13.0510 5368 amdxata - ok
15:07:13.0539 5368 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
15:07:13.0540 5368 AppID - ok
15:07:13.0586 5368 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
15:07:13.0586 5368 AppIDSvc - ok
15:07:13.0620 5368 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
15:07:13.0621 5368 Appinfo - ok
15:07:13.0644 5368 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
15:07:13.0645 5368 arc - ok
15:07:13.0659 5368 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
15:07:13.0660 5368 arcsas - ok
15:07:13.0695 5368 AsIO (9d8cb58b9a9e177ddd599791a58a654d) C:\Windows\system32\drivers\AsIO.sys
15:07:13.0695 5368 AsIO - ok
15:07:13.0707 5368 AsUpIO (e67493490466b5f04b58c22d2590e8ca) C:\Windows\system32\drivers\AsUpIO.sys
15:07:13.0707 5368 AsUpIO - ok
15:07:13.0726 5368 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
15:07:13.0726 5368 AsyncMac - ok
15:07:13.0762 5368 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
15:07:13.0763 5368 atapi - ok
15:07:13.0822 5368 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
15:07:13.0828 5368 AudioEndpointBuilder - ok
15:07:13.0833 5368 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
15:07:13.0836 5368 Audiosrv - ok
15:07:13.0863 5368 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
15:07:13.0864 5368 AxInstSV - ok
15:07:13.0898 5368 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
15:07:13.0907 5368 b06bdrv - ok
15:07:13.0932 5368 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
15:07:13.0944 5368 b57nd60x - ok
15:07:13.0977 5368 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
15:07:13.0978 5368 BDESVC - ok
15:07:13.0986 5368 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
15:07:13.0987 5368 Beep - ok
15:07:14.0016 5368 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
15:07:14.0030 5368 BFE - ok
15:07:14.0084 5368 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
15:07:14.0097 5368 BITS - ok
15:07:14.0102 5368 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
15:07:14.0102 5368 blbdrive - ok
15:07:14.0285 5368 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
15:07:14.0285 5368 bowser - ok
15:07:14.0303 5368 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:07:14.0303 5368 BrFiltLo - ok
15:07:14.0332 5368 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:07:14.0332 5368 BrFiltUp - ok
15:07:14.0575 5368 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
15:07:14.0577 5368 Browser - ok
15:07:15.0485 5368 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
15:07:15.0487 5368 Brserid - ok
15:07:15.0512 5368 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
15:07:15.0513 5368 BrSerWdm - ok
15:07:15.0519 5368 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:07:15.0520 5368 BrUsbMdm - ok
15:07:15.0523 5368 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
15:07:15.0523 5368 BrUsbSer - ok
15:07:15.0562 5368 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
15:07:15.0563 5368 BTHMODEM - ok
15:07:15.0596 5368 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
15:07:15.0596 5368 bthserv - ok
15:07:15.0805 5368 catchme - ok
15:07:15.0887 5368 ccEvtMgr (47312a6af7d84f99ea9eb7b0de5440bc) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
15:07:15.0888 5368 ccEvtMgr - ok
15:07:15.0891 5368 ccSetMgr (47312a6af7d84f99ea9eb7b0de5440bc) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
15:07:15.0892 5368 ccSetMgr - ok
15:07:15.0927 5368 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
15:07:15.0928 5368 cdfs - ok
15:07:15.0965 5368 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
15:07:15.0966 5368 cdrom - ok
15:07:16.0003 5368 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
15:07:16.0004 5368 CertPropSvc - ok
15:07:16.0027 5368 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
15:07:16.0028 5368 circlass - ok
15:07:16.0142 5368 CLDTVHNService (6c99de57c87d6f3ee85998a7e49f7bf9) d:\Applications\DirecTV\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe
15:07:16.0143 5368 CLDTVHNService - ok
15:07:16.0225 5368 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
15:07:16.0227 5368 CLFS - ok
15:07:16.0285 5368 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:07:16.0286 5368 clr_optimization_v2.0.50727_32 - ok
15:07:16.0337 5368 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:07:16.0338 5368 clr_optimization_v4.0.30319_32 - ok
15:07:16.0349 5368 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
15:07:16.0350 5368 CmBatt - ok
15:07:16.0372 5368 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
15:07:16.0372 5368 cmdide - ok
15:07:16.0482 5368 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
15:07:16.0493 5368 CNG - ok
15:07:16.0518 5368 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
15:07:16.0519 5368 Compbatt - ok
15:07:16.0558 5368 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
15:07:16.0559 5368 CompositeBus - ok
15:07:16.0566 5368 COMSysApp - ok
15:07:16.0613 5368 cpuz134 (75fa19142531cbf490770c2988a7db64) C:\Windows\system32\drivers\cpuz134_x32.sys
15:07:16.0614 5368 cpuz134 - ok
15:07:16.0626 5368 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
15:07:16.0627 5368 crcdisk - ok
15:07:16.0901 5368 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
15:07:16.0902 5368 Creative ALchemy AL6 Licensing Service - ok
15:07:16.0931 5368 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
15:07:16.0932 5368 Creative Audio Engine Licensing Service - ok
15:07:16.0973 5368 Creative Dolby Digital Live Pack Licensing Service (80f3d3a4c202cda7ca886d126f9a39d9) C:\Program Files\Common Files\Creative Labs Shared\Service\DDLLicensing.exe
15:07:16.0974 5368 Creative Dolby Digital Live Pack Licensing Service - ok
15:07:17.0017 5368 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
15:07:17.0018 5368 CryptSvc - ok
15:07:17.0118 5368 CT20XUT (b9106942eb5dd0e034ab40a9d48d056e) C:\Windows\system32\drivers\CT20XUT.SYS
15:07:17.0119 5368 CT20XUT - ok
15:07:17.0126 5368 CT20XUT.SYS (b9106942eb5dd0e034ab40a9d48d056e) C:\Windows\System32\drivers\CT20XUT.SYS
15:07:17.0128 5368 CT20XUT.SYS - ok
15:07:17.0175 5368 ctac32k (f2b1d0a3d21bd0d9f46457cbcec1a0e9) C:\Windows\system32\drivers\ctac32k.sys
15:07:17.0178 5368 ctac32k - ok
15:07:17.0221 5368 ctaud2k (44f60a5e3c3a8a6bba4c280948ea6095) C:\Windows\system32\drivers\ctaud2k.sys
15:07:17.0224 5368 ctaud2k - ok
15:07:17.0319 5368 CTAudSvcService (5ce3d0e1d1b3832ee052cfc442eee0fa) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
15:07:17.0323 5368 CTAudSvcService - ok
15:07:17.0357 5368 ctdvda2k (8cbe82d6bbf206e144f22cb33fab1f2c) C:\Windows\system32\drivers\ctdvda2k.sys
15:07:17.0366 5368 ctdvda2k - ok
15:07:17.0428 5368 CTEXFIFX (4ae083d16ac9fc9bdf98498f93426226) C:\Windows\system32\drivers\CTEXFIFX.SYS
15:07:17.0436 5368 CTEXFIFX - ok
15:07:17.0620 5368 CTEXFIFX.SYS (4ae083d16ac9fc9bdf98498f93426226) C:\Windows\System32\drivers\CTEXFIFX.SYS
15:07:17.0627 5368 CTEXFIFX.SYS - ok
15:07:18.0257 5368 CTHWIUT (b610bfe02f9fc0cb0b1cde3ec4c13ffa) C:\Windows\system32\drivers\CTHWIUT.SYS
15:07:18.0257 5368 CTHWIUT - ok
15:07:18.0260 5368 CTHWIUT.SYS (b610bfe02f9fc0cb0b1cde3ec4c13ffa) C:\Windows\System32\drivers\CTHWIUT.SYS
15:07:18.0261 5368 CTHWIUT.SYS - ok
15:07:18.0301 5368 ctprxy2k (f0f19a13c948e5289601e354b08e0941) C:\Windows\system32\drivers\ctprxy2k.sys
15:07:18.0301 5368 ctprxy2k - ok
15:07:18.0611 5368 ctsfm2k (c7b2c36a6203a5f3d0a378fd78c5ddd6) C:\Windows\system32\drivers\ctsfm2k.sys
15:07:18.0612 5368 ctsfm2k - ok
15:07:18.0973 5368 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
15:07:18.0992 5368 DcomLaunch - ok
15:07:19.0023 5368 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
15:07:19.0025 5368 defragsvc - ok
15:07:19.0073 5368 DefWatch (fb937277e87f8468603f4e2d8cf9db4a) D:\applications\Symantec AntiVirus\DefWatch.exe
15:07:19.0074 5368 DefWatch - ok
15:07:19.0147 5368 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
15:07:19.0147 5368 DfsC - ok
15:07:19.0200 5368 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
15:07:19.0213 5368 Dhcp - ok
15:07:19.0234 5368 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
15:07:19.0235 5368 discache - ok
15:07:19.0264 5368 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
15:07:19.0265 5368 Disk - ok
15:07:19.0297 5368 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
15:07:19.0299 5368 Dnscache - ok
15:07:19.0486 5368 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
15:07:19.0488 5368 dot3svc - ok
15:07:19.0517 5368 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
15:07:19.0519 5368 DPS - ok
15:07:19.0558 5368 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
15:07:19.0559 5368 drmkaud - ok
15:07:19.0614 5368 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
15:07:19.0618 5368 DXGKrnl - ok
15:07:19.0896 5368 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
15:07:19.0897 5368 EapHost - ok
15:07:21.0511 5368 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
15:07:21.0571 5368 ebdrv - ok
15:07:21.0771 5368 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
15:07:21.0773 5368 eeCtrl - ok
15:07:23.0552 5368 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
15:07:23.0554 5368 EFS - ok
15:07:24.0473 5368 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
15:07:24.0486 5368 ehRecvr - ok
15:07:24.0507 5368 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
15:07:24.0508 5368 ehSched - ok
15:07:24.0825 5368 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
15:07:24.0853 5368 elxstor - ok
15:07:24.0993 5368 emupia (fb2d6d4d14ae801f5267b0368fc0cb0c) C:\Windows\system32\drivers\emupia2k.sys
15:07:24.0994 5368 emupia - ok
15:07:25.0447 5368 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
15:07:25.0448 5368 EraserUtilRebootDrv - ok
15:07:25.0473 5368 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
15:07:25.0474 5368 ErrDev - ok
15:07:25.0519 5368 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
15:07:25.0521 5368 EventSystem - ok
15:07:25.0547 5368 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
15:07:25.0548 5368 exfat - ok
15:07:25.0561 5368 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
15:07:25.0562 5368 fastfat - ok
15:07:25.0610 5368 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
15:07:25.0625 5368 Fax - ok
15:07:25.0638 5368 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
15:07:25.0639 5368 fdc - ok
15:07:25.0651 5368 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
15:07:25.0652 5368 fdPHost - ok
15:07:25.0659 5368 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
15:07:25.0660 5368 FDResPub - ok
15:07:25.0701 5368 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
15:07:25.0702 5368 FileInfo - ok
15:07:25.0711 5368 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
15:07:25.0712 5368 Filetrace - ok
15:07:25.0719 5368 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
15:07:25.0719 5368 flpydisk - ok
15:07:25.0744 5368 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
15:07:25.0746 5368 FltMgr - ok
15:07:26.0139 5368 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
15:07:26.0155 5368 FontCache - ok
15:07:26.0281 5368 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:07:26.0281 5368 FontCache3.0.0.0 - ok
15:07:26.0323 5368 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
15:07:26.0323 5368 FsDepends - ok
15:07:26.0371 5368 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
15:07:26.0371 5368 Fs_Rec - ok
15:07:26.0414 5368 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
15:07:26.0415 5368 fvevol - ok
15:07:26.0441 5368 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:07:26.0442 5368 gagp30kx - ok
15:07:26.0487 5368 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
15:07:26.0499 5368 gpsvc - ok
15:07:26.0563 5368 ha20x2k (7ff1ced1201c169a783b0e81cc561fba) C:\Windows\system32\drivers\ha20x2k.sys
15:07:26.0569 5368 ha20x2k - ok
15:07:26.0714 5368 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
15:07:26.0714 5368 hcw85cir - ok
15:07:26.0761 5368 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
15:07:26.0772 5368 HdAudAddService - ok
15:07:26.0800 5368 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
15:07:26.0801 5368 HDAudBus - ok
15:07:26.0809 5368 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
15:07:26.0810 5368 HidBatt - ok
15:07:26.0825 5368 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
15:07:26.0825 5368 HidBth - ok
15:07:26.0850 5368 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
15:07:26.0851 5368 HidIr - ok
15:07:26.0875 5368 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
15:07:26.0876 5368 hidserv - ok
15:07:26.0925 5368 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
15:07:26.0925 5368 HidUsb - ok
15:07:26.0970 5368 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
15:07:26.0971 5368 hkmsvc - ok
15:07:26.0996 5368 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
15:07:26.0999 5368 HomeGroupListener - ok
15:07:27.0191 5368 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
15:07:27.0193 5368 HomeGroupProvider - ok
15:07:27.0238 5368 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
15:07:27.0239 5368 HpSAMD - ok
15:07:27.0484 5368 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
15:07:27.0493 5368 HTTP - ok
15:07:27.0512 5368 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
15:07:27.0513 5368 hwpolicy - ok
15:07:27.0567 5368 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
15:07:27.0568 5368 i8042prt - ok
15:07:27.0684 5368 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:07:27.0694 5368 IAANTMON - ok
15:07:27.0726 5368 iaStor (d483687eace0c065ee772481a96e05f5) C:\Windows\system32\DRIVERS\iaStor.sys
15:07:27.0728 5368 iaStor - ok
15:07:27.0766 5368 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
15:07:27.0778 5368 iaStorV - ok
15:07:27.0875 5368 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:07:27.0925 5368 idsvc - ok
15:07:28.0022 5368 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
15:07:28.0022 5368 iirsp - ok
15:07:28.0547 5368 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
15:07:28.0562 5368 IKEEXT - ok
15:07:28.0582 5368 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
15:07:28.0582 5368 intelide - ok
15:07:28.0619 5368 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
15:07:28.0619 5368 intelppm - ok
15:07:28.0737 5368 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
15:07:28.0738 5368 IntuitUpdateService - ok
15:07:28.0807 5368 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
15:07:28.0807 5368 IntuitUpdateServiceV4 - ok
15:07:28.0825 5368 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
15:07:28.0826 5368 IPBusEnum - ok
15:07:28.0841 5368 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:07:28.0842 5368 IpFilterDriver - ok
15:07:28.0896 5368 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
15:07:28.0911 5368 iphlpsvc - ok
15:07:28.0938 5368 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
15:07:28.0938 5368 IPMIDRV - ok
15:07:29.0070 5368 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
15:07:29.0070 5368 IPNAT - ok
15:07:29.0087 5368 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
15:07:29.0087 5368 IRENUM - ok
15:07:29.0094 5368 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
15:07:29.0095 5368 isapnp - ok
15:07:29.0163 5368 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
15:07:29.0169 5368 iScsiPrt - ok
15:07:29.0200 5368 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:07:29.0200 5368 kbdclass - ok
15:07:29.0217 5368 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
15:07:29.0217 5368 kbdhid - ok
15:07:29.0237 5368 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:07:29.0238 5368 KeyIso - ok
15:07:29.0320 5368 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
15:07:29.0321 5368 KSecDD - ok
15:07:29.0403 5368 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
15:07:29.0404 5368 KSecPkg - ok
15:07:29.0473 5368 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
15:07:29.0487 5368 KtmRm - ok
15:07:29.0524 5368 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
15:07:29.0527 5368 LanmanServer - ok
15:07:29.0550 5368 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
15:07:29.0553 5368 LanmanWorkstation - ok
15:07:29.0573 5368 Lavasoft Kernexplorer - ok
15:07:29.0597 5368 LGBusEnum (170e7093a77ad586f3a012a3db651d94) C:\Windows\system32\drivers\LGBusEnum.sys
15:07:29.0598 5368 LGBusEnum - ok
15:07:29.0611 5368 LGVirHid (d2dd04d1c8df65eecd1f2c7fb947d43e) C:\Windows\system32\drivers\LGVirHid.sys
15:07:29.0611 5368 LGVirHid - ok
15:07:30.0663 5368 LiveUpdate (3c7fcbbc35e0a52ce9b12e9cc4f5b991) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
15:07:30.0713 5368 LiveUpdate - ok
15:07:30.0895 5368 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
15:07:30.0896 5368 lltdio - ok
15:07:31.0112 5368 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
15:07:31.0115 5368 lltdsvc - ok
15:07:31.0134 5368 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
15:07:31.0136 5368 lmhosts - ok
15:07:31.0155 5368 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:07:31.0156 5368 LSI_FC - ok
15:07:31.0165 5368 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:07:31.0166 5368 LSI_SAS - ok
15:07:31.0190 5368 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:07:31.0190 5368 LSI_SAS2 - ok
15:07:31.0199 5368 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:07:31.0200 5368 LSI_SCSI - ok
15:07:31.0226 5368 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
15:07:31.0227 5368 luafv - ok
15:07:31.0310 5368 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
15:07:31.0311 5368 Mcx2Svc - ok
15:07:31.0357 5368 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
15:07:31.0357 5368 megasas - ok
15:07:31.0381 5368 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
15:07:31.0385 5368 MegaSR - ok
15:07:31.0411 5368 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:07:31.0412 5368 MMCSS - ok
15:07:31.0425 5368 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
15:07:31.0426 5368 Modem - ok
15:07:31.0458 5368 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
15:07:31.0459 5368 monitor - ok
15:07:31.0484 5368 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
15:07:31.0484 5368 mouclass - ok
15:07:31.0503 5368 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
15:07:31.0504 5368 mouhid - ok
15:07:31.0528 5368 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
15:07:31.0529 5368 mountmgr - ok
15:07:31.0559 5368 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
15:07:31.0560 5368 mpio - ok
15:07:31.0570 5368 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
15:07:31.0571 5368 mpsdrv - ok
15:07:31.0780 5368 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
15:07:31.0885 5368 MpsSvc - ok
15:07:31.0927 5368 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
15:07:31.0928 5368 MRxDAV - ok
15:07:31.0958 5368 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:07:31.0959 5368 mrxsmb - ok
15:07:31.0996 5368 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:07:31.0999 5368 mrxsmb10 - ok
15:07:32.0009 5368 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:07:32.0009 5368 mrxsmb20 - ok
15:07:32.0037 5368 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
15:07:32.0038 5368 msahci - ok
15:07:32.0059 5368 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
15:07:32.0060 5368 msdsm - ok
15:07:32.0082 5368 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
15:07:32.0084 5368 MSDTC - ok
15:07:32.0125 5368 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
15:07:32.0126 5368 Msfs - ok
15:07:32.0140 5368 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
15:07:32.0140 5368 mshidkmdf - ok
15:07:32.0167 5368 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
15:07:32.0168 5368 msisadrv - ok
15:07:32.0206 5368 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
15:07:32.0208 5368 MSiSCSI - ok
15:07:32.0211 5368 msiserver - ok
15:07:32.0238 5368 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
15:07:32.0239 5368 MSKSSRV - ok
15:07:32.0248 5368 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
15:07:32.0248 5368 MSPCLOCK - ok
15:07:32.0262 5368 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
15:07:32.0262 5368 MSPQM - ok
15:07:32.0278 5368 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
15:07:32.0279 5368 MsRPC - ok
15:07:32.0306 5368 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
15:07:32.0307 5368 mssmbios - ok
15:07:32.0319 5368 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
15:07:32.0320 5368 MSTEE - ok
15:07:32.0327 5368 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
15:07:32.0327 5368 MTConfig - ok
15:07:32.0365 5368 MTsensor (0f24624106d8042e7f27882d9d6ff5c0) C:\Windows\system32\DRIVERS\ASACPI.sys
15:07:32.0366 5368 MTsensor - ok
15:07:32.0376 5368 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
15:07:32.0377 5368 Mup - ok
15:07:32.0398 5368 mvvideodemo - ok
15:07:32.0437 5368 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
15:07:32.0447 5368 napagent - ok
15:07:32.0481 5368 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
15:07:32.0491 5368 NativeWifiP - ok
15:07:32.0812 5368 NAVENG (f11033730b38260b6892e837c457fb4b) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120803.004\NAVENG.SYS
15:07:32.0813 5368 NAVENG - ok
15:07:33.0513 5368 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120803.004\NAVEX15.SYS
15:07:33.0521 5368 NAVEX15 - ok
15:07:35.0491 5368 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
15:07:35.0521 5368 NDIS - ok
15:07:35.0555 5368 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
15:07:35.0556 5368 NdisCap - ok
15:07:35.0574 5368 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
15:07:35.0574 5368 NdisTapi - ok
15:07:35.0598 5368 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
15:07:35.0598 5368 Ndisuio - ok
15:07:35.0839 5368 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
15:07:35.0840 5368 NdisWan - ok
15:07:35.0998 5368 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
15:07:35.0999 5368 NDProxy - ok
15:07:36.0022 5368 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
15:07:36.0022 5368 NetBIOS - ok
15:07:36.0049 5368 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
15:07:36.0050 5368 NetBT - ok
15:07:36.0067 5368 NetFlixDownloadManager - ok
15:07:36.0090 5368 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:07:36.0092 5368 Netlogon - ok
15:07:36.0133 5368 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
15:07:36.0145 5368 Netman - ok
15:07:36.0168 5368 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
15:07:36.0171 5368 netprofm - ok
15:07:36.0706 5368 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:07:36.0707 5368 NetTcpPortSharing - ok
15:07:36.0748 5368 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
15:07:36.0749 5368 nfrd960 - ok
15:07:36.0798 5368 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
15:07:36.0801 5368 NlaSvc - ok
15:07:36.0809 5368 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
15:07:36.0810 5368 Npfs - ok
15:07:36.0845 5368 npusbio (494fdca436c1ab7a983e7778d34678e1) C:\Windows\system32\Drivers\npusbio.sys
15:07:36.0846 5368 npusbio - ok
15:07:36.0867 5368 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
15:07:36.0869 5368 nsi - ok
15:07:36.0872 5368 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
15:07:36.0872 5368 nsiproxy - ok
15:07:37.0017 5368 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
15:07:37.0036 5368 Ntfs - ok
15:07:37.0111 5368 ntk_dtv (8ad12622c7fa674cb9979e3448ab89c6) d:\Applications\DirecTV\DirecTV\DirecTV\Kernel\DMP\ntk_dtv.sys
15:07:37.0111 5368 ntk_dtv - ok
15:07:37.0442 5368 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
15:07:37.0442 5368 Null - ok
15:07:42.0560 5368 nvlddmkm (afb33a823aabc112fc7bd62afbcdb0cd) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:07:42.0618 5368 nvlddmkm - ok
15:07:43.0655 5368 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
15:07:43.0655 5368 nvraid - ok
15:07:43.0685 5368 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
15:07:43.0686 5368 nvstor - ok
15:07:43.0785 5368 nvsvc (782945716ad010ac3d41758e8e52c735) C:\Windows\system32\nvvsvc.exe
15:07:43.0800 5368 nvsvc - ok
15:07:45.0491 5368 nvUpdatusService (a974e5c310b9b00894070ceb055d467f) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:07:45.0498 5368 nvUpdatusService - ok
15:07:47.0228 5368 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
15:07:47.0229 5368 nv_agp - ok
15:07:47.0243 5368 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
15:07:47.0244 5368 ohci1394 - ok
15:07:47.0488 5368 ossrv (ac5bf1a610effaae9cfc48cb53483f08) C:\Windows\system32\drivers\ctoss2k.sys
15:07:47.0489 5368 ossrv - ok
15:07:47.0933 5368 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:07:47.0946 5368 p2pimsvc - ok
15:07:48.0240 5368 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
15:07:48.0261 5368 p2psvc - ok
15:07:48.0327 5368 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
15:07:48.0329 5368 Parport - ok
15:07:48.0367 5368 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
15:07:48.0368 5368 partmgr - ok
15:07:48.0403 5368 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
15:07:48.0403 5368 Parvdm - ok
15:07:48.0617 5368 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
15:07:48.0620 5368 PcaSvc - ok
15:07:48.0659 5368 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
15:07:48.0660 5368 pci - ok
15:07:48.0678 5368 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
15:07:48.0678 5368 pciide - ok
15:07:48.0802 5368 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
15:07:48.0812 5368 pcmcia - ok
15:07:48.0824 5368 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
15:07:48.0824 5368 pcw - ok
15:07:48.0853 5368 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
15:07:48.0882 5368 PEAUTH - ok
15:07:49.0444 5368 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
15:07:49.0501 5368 pla - ok
15:07:51.0096 5368 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
15:07:51.0100 5368 PlugPlay - ok
15:07:51.0152 5368 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe
15:07:51.0154 5368 PnkBstrA - ok
15:07:51.0205 5368 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
15:07:51.0207 5368 PNRPAutoReg - ok
15:07:51.0437 5368 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:07:51.0440 5368 PNRPsvc - ok
15:07:51.0482 5368 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
15:07:51.0500 5368 PolicyAgent - ok
15:07:51.0534 5368 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
15:07:51.0538 5368 Power - ok
15:07:51.0610 5368 ppped (92b0964779867c6d8e8e0afa2548bea5) D:\applications\GEEK SQUAD POWER MANAGEMENT\ppped.exe
15:07:51.0626 5368 ppped - ok
15:07:51.0735 5368 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
15:07:51.0736 5368 PptpMiniport - ok
15:07:51.0751 5368 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
15:07:51.0752 5368 Processor - ok
15:07:51.0790 5368 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
15:07:51.0793 5368 ProfSvc - ok
15:07:51.0819 5368 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:07:51.0821 5368 ProtectedStorage - ok
15:07:51.0843 5368 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
15:07:51.0844 5368 Psched - ok
15:07:51.0854 5368 PTHDRBUS - ok
15:07:51.0859 5368 PTHDRMDM - ok
15:07:51.0864 5368 PTHDRVSP - ok
15:07:51.0906 5368 PxHelp20 - ok
15:07:52.0111 5368 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
15:07:52.0150 5368 ql2300 - ok
15:07:52.0328 5368 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
15:07:52.0329 5368 ql40xx - ok
15:07:52.0541 5368 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
15:07:52.0544 5368 QWAVE - ok
15:07:52.0600 5368 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
15:07:52.0601 5368 QWAVEdrv - ok
15:07:52.0663 5368 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
15:07:52.0664 5368 RapiMgr - ok
15:07:52.0670 5368 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
15:07:52.0671 5368 RasAcd - ok
15:07:52.0707 5368 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:07:52.0708 5368 RasAgileVpn - ok
15:07:52.0734 5368 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
15:07:52.0737 5368 RasAuto - ok
15:07:52.0756 5368 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:07:52.0756 5368 Rasl2tp - ok
15:07:52.0793 5368 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
15:07:52.0804 5368 RasMan - ok
15:07:52.0813 5368 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
15:07:52.0814 5368 RasPppoe - ok
15:07:52.0826 5368 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
15:07:52.0827 5368 RasSstp - ok
15:07:52.0859 5368 Razerlow (116c340acf37602d12cac6de6b8107cd) C:\Windows\system32\Drivers\Razerlow.sys
15:07:52.0859 5368 Razerlow - ok
15:07:52.0894 5368 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
15:07:52.0896 5368 rdbss - ok
15:07:52.0908 5368 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
15:07:52.0909 5368 rdpbus - ok
15:07:52.0935 5368 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:07:52.0935 5368 RDPCDD - ok
15:07:52.0958 5368 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
15:07:52.0958 5368 RDPENCDD - ok
15:07:52.0964 5368 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
15:07:52.0965 5368 RDPREFMP - ok
15:07:52.0994 5368 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
15:07:52.0999 5368 RDPWD - ok
15:07:53.0032 5368 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
15:07:53.0033 5368 rdyboost - ok
15:07:53.0052 5368 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
15:07:53.0053 5368 RemoteAccess - ok
15:07:53.0077 5368 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
15:07:53.0080 5368 RemoteRegistry - ok
15:07:53.0102 5368 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
15:07:53.0105 5368 RpcEptMapper - ok
15:07:53.0115 5368 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
15:07:53.0117 5368 RpcLocator - ok
15:07:53.0394 5368 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
15:07:53.0398 5368 RpcSs - ok
15:07:53.0433 5368 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
15:07:53.0434 5368 rspndr - ok
15:07:53.0484 5368 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:07:53.0486 5368 SamSs - ok
15:07:53.0730 5368 SavRoam (3d6ab454353a7834a0919e4cdc77b566) D:\applications\Symantec AntiVirus\SavRoam.exe
15:07:53.0731 5368 SavRoam - ok
15:07:53.0758 5368 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
15:07:53.0759 5368 sbp2port - ok
15:07:53.0778 5368 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
15:07:53.0781 5368 SCardSvr - ok
15:07:53.0841 5368 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
15:07:53.0842 5368 scfilter - ok
15:07:54.0541 5368 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
15:07:54.0567 5368 Schedule - ok
15:07:54.0612 5368 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
15:07:54.0613 5368 SCPolicySvc - ok
15:07:54.0780 5368 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
15:07:54.0783 5368 SDRSVC - ok
15:07:54.0813 5368 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:07:54.0814 5368 secdrv - ok
15:07:54.0843 5368 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
15:07:54.0845 5368 seclogon - ok
15:07:54.0861 5368 SenFiltService - ok
15:07:54.0885 5368 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
15:07:54.0887 5368 SENS - ok
15:07:54.0918 5368 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
15:07:54.0920 5368 SensrSvc - ok
15:07:54.0929 5368 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
15:07:54.0929 5368 Serenum - ok
15:07:54.0952 5368 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
15:07:54.0953 5368 Serial - ok
15:07:54.0998 5368 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
15:07:54.0998 5368 sermouse - ok
15:07:55.0156 5368 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
15:07:55.0159 5368 SessionEnv - ok
15:07:55.0190 5368 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
15:07:55.0191 5368 sffdisk - ok
15:07:55.0210 5368 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
15:07:55.0210 5368 sffp_mmc - ok
15:07:55.0230 5368 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
15:07:55.0231 5368 sffp_sd - ok
15:07:55.0273 5368 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
15:07:55.0274 5368 sfloppy - ok
15:07:55.0491 5368 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
15:07:55.0494 5368 SharedAccess - ok
15:07:55.0534 5368 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
15:07:55.0544 5368 ShellHWDetection - ok
15:07:55.0565 5368 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
15:07:55.0566 5368 sisagp - ok
15:07:55.0595 5368 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:07:55.0596 5368 SiSRaid2 - ok
15:07:55.0609 5368 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
15:07:55.0610 5368 SiSRaid4 - ok
15:07:55.0636 5368 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
15:07:55.0636 5368 Smb - ok
15:07:55.0675 5368 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
15:07:55.0677 5368 SNMPTRAP - ok
15:07:55.0810 5368 SPBBCDrv (905782bcf15b6e5af9905b77923c7fa2) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
15:07:55.0812 5368 SPBBCDrv - ok
15:07:55.0859 5368 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
15:07:55.0860 5368 spldr - ok
15:07:56.0140 5368 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
15:07:56.0144 5368 Spooler - ok
15:07:57.0499 5368 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
15:07:57.0517 5368 sppsvc - ok
15:07:57.0680 5368 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
15:07:57.0682 5368 sppuinotify - ok
15:07:57.0698 5368 sptd - ok
15:07:58.0169 5368 SRTSP (1b2a1c6bc76e1ebe8bc2f4a4f3d43e23) C:\Windows\system32\Drivers\SRTSP.SYS
15:07:58.0170 5368 SRTSP - ok
15:07:58.0402 5368 SRTSPL (f01a7f6e60e95fe83345cf92728a32d4) C:\Windows\system32\Drivers\SRTSPL.SYS
15:07:58.0404 5368 SRTSPL - ok
15:07:58.0427 5368 SRTSPX (d02812f89e18c6fb32f901be1e10bc17) C:\Windows\system32\Drivers\SRTSPX.SYS
15:07:58.0428 5368 SRTSPX - ok
15:07:58.0599 5368 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
15:07:58.0601 5368 srv - ok
15:07:58.0774 5368 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
15:07:58.0786 5368 srv2 - ok
15:07:58.0818 5368 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
15:07:58.0819 5368 srvnet - ok
15:07:58.0908 5368 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
15:07:58.0912 5368 SSDPSRV - ok
15:07:58.0934 5368 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
15:07:58.0937 5368 SstpSvc - ok
15:07:58.0993 5368 Steam Client Service - ok
15:07:59.0162 5368 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:07:59.0168 5368 Stereo Service - ok
15:07:59.0190 5368 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
15:07:59.0190 5368 stexstor - ok
15:07:59.0238 5368 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
15:07:59.0247 5368 StiSvc - ok
15:07:59.0268 5368 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
15:07:59.0269 5368 swenum - ok
15:07:59.0296 5368 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
15:07:59.0307 5368 swprv - ok
15:08:04.0736 5368 Symantec AntiVirus (a548acf535d81a96e1b38f76a2de658f) D:\applications\Symantec AntiVirus\Rtvscan.exe
15:08:04.0746 5368 Symantec AntiVirus - ok
15:08:04.0788 5368 SymEvent (9d98270b5f10a4c84e8da417c30756e1) C:\Windows\system32\Drivers\SYMEVENT.SYS
15:08:04.0789 5368 SymEvent - ok
15:08:04.0809 5368 SYMREDRV (7f4011a719bf30e3dbd84d3a0a45c91c) C:\Windows\System32\Drivers\SYMREDRV.SYS
15:08:04.0809 5368 SYMREDRV - ok
15:08:04.0823 5368 SYMTDI (2f03cbdb0f22278d05d5d616c993ab58) C:\Windows\System32\Drivers\SYMTDI.SYS
15:08:04.0824 5368 SYMTDI - ok
15:08:04.0885 5368 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
15:08:04.0908 5368 SysMain - ok
15:08:04.0934 5368 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
15:08:04.0936 5368 TabletInputService - ok
15:08:04.0970 5368 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
15:08:04.0982 5368 TapiSrv - ok
15:08:05.0007 5368 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
15:08:05.0010 5368 TBS - ok
15:08:05.0105 5368 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
15:08:05.0132 5368 Tcpip - ok
15:08:05.0255 5368 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
15:08:05.0261 5368 TCPIP6 - ok
15:08:05.0339 5368 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
15:08:05.0340 5368 tcpipreg - ok
15:08:05.0359 5368 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
15:08:05.0360 5368 TDPIPE - ok
15:08:05.0376 5368 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
15:08:05.0376 5368 TDTCP - ok
15:08:05.0398 5368 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
15:08:05.0403 5368 tdx - ok
15:08:05.0434 5368 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
15:08:05.0434 5368 TermDD - ok
15:08:05.0478 5368 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
15:08:05.0507 5368 TermService - ok
15:08:05.0521 5368 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
15:08:05.0523 5368 Themes - ok
15:08:05.0538 5368 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:08:05.0540 5368 THREADORDER - ok
15:08:05.0561 5368 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
15:08:05.0563 5368 TrkWks - ok
15:08:05.0610 5368 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
15:08:05.0611 5368 TrustedInstaller - ok
15:08:05.0627 5368 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:08:05.0628 5368 tssecsrv - ok
15:08:05.0663 5368 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
15:08:05.0663 5368 TsUsbFlt - ok
15:08:05.0703 5368 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
15:08:05.0704 5368 tunnel - ok
15:08:05.0727 5368 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
15:08:05.0728 5368 uagp35 - ok
15:08:05.0755 5368 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
15:08:05.0767 5368 udfs - ok
15:08:05.0796 5368 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
15:08:05.0800 5368 UI0Detect - ok
15:08:05.0834 5368 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
15:08:05.0834 5368 uliagpkx - ok
15:08:05.0853 5368 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
15:08:05.0854 5368 umbus - ok
15:08:05.0860 5368 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
15:08:05.0860 5368 UmPass - ok
15:08:05.0882 5368 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
15:08:05.0892 5368 upnphost - ok
15:08:05.0918 5368 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
15:08:05.0919 5368 usbaudio - ok
15:08:05.0941 5368 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
15:08:05.0942 5368 usbccgp - ok
15:08:05.0952 5368 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
15:08:05.0953 5368 usbcir - ok
15:08:05.0977 5368 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
15:08:05.0977 5368 usbehci - ok
15:08:06.0009 5368 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
15:08:06.0020 5368 usbhub - ok
15:08:06.0033 5368 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
15:08:06.0034 5368 usbohci - ok
15:08:06.0051 5368 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
15:08:06.0051 5368 usbprint - ok
15:08:06.0073 5368 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:08:06.0074 5368 USBSTOR - ok
15:08:06.0088 5368 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
15:08:06.0089 5368 usbuhci - ok
15:08:06.0112 5368 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
15:08:06.0115 5368 UxSms - ok
15:08:06.0138 5368 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:08:06.0140 5368 VaultSvc - ok
15:08:06.0182 5368 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
15:08:06.0182 5368 vdrvroot - ok
15:08:06.0215 5368 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
15:08:06.0232 5368 vds - ok
15:08:06.0250 5368 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
15:08:06.0250 5368 vga - ok
15:08:06.0260 5368 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
15:08:06.0260 5368 VgaSave - ok
15:08:06.0275 5368 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
15:08:06.0276 5368 vhdmp - ok
15:08:06.0296 5368 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
15:08:06.0297 5368 viaagp - ok
15:08:06.0310 5368 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
15:08:06.0311 5368 ViaC7 - ok
15:08:06.0320 5368 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
15:08:06.0321 5368 viaide - ok
15:08:06.0328 5368 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
15:08:06.0329 5368 volmgr - ok
15:08:06.0347 5368 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
15:08:06.0358 5368 volmgrx - ok
15:08:06.0378 5368 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
15:08:06.0380 5368 volsnap - ok
15:08:06.0408 5368 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
15:08:06.0409 5368 vsmraid - ok
15:08:06.0460 5368 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
15:08:06.0483 5368 VSS - ok
15:08:06.0538 5368 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
15:08:06.0538 5368 vwifibus - ok
15:08:06.0573 5368 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
15:08:06.0576 5368 W32Time - ok
15:08:06.0589 5368 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
15:08:06.0589 5368 WacomPen - ok
15:08:06.0618 5368 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
15:08:06.0619 5368 WANARP - ok
15:08:06.0621 5368 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
15:08:06.0622 5368 Wanarpv6 - ok
15:08:06.0703 5368 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
15:08:06.0733 5368 WatAdminSvc - ok
15:08:06.0839 5368 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
15:08:06.0867 5368 wbengine - ok
15:08:06.0889 5368 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
15:08:06.0892 5368 WbioSrvc - ok
15:08:06.0963 5368 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
15:08:06.0972 5368 WcesComm - ok
15:08:07.0005 5368 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
15:08:07.0016 5368 wcncsvc - ok
15:08:07.0026 5368 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
15:08:07.0051 5368 WcsPlugInService - ok
15:08:07.0094 5368 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
15:08:07.0095 5368 Wd - ok
15:08:07.0136 5368 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
15:08:07.0137 5368 WDC_SAM - ok
15:08:07.0164 5368 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
15:08:07.0168 5368 Wdf01000 - ok
15:08:07.0188 5368 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:08:07.0191 5368 WdiServiceHost - ok
15:08:07.0194 5368 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:08:07.0197 5368 WdiSystemHost - ok
15:08:07.0224 5368 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
15:08:07.0227 5368 WebClient - ok
15:08:07.0242 5368 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
15:08:07.0245 5368 Wecsvc - ok
15:08:07.0258 5368 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
15:08:07.0261 5368 wercplsupport - ok
15:08:07.0281 5368 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
15:08:07.0284 5368 WerSvc - ok
15:08:07.0309 5368 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
15:08:07.0310 5368 WfpLwf - ok
15:08:07.0319 5368 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
15:08:07.0319 5368 WIMMount - ok
15:08:07.0404 5368 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
15:08:07.0416 5368 WinDefend - ok
15:08:07.0421 5368 WinHttpAutoProxySvc - ok
15:08:07.0470 5368 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
15:08:07.0471 5368 Winmgmt - ok
15:08:07.0550 5368 WinRing0_1_2_0 - ok
15:08:07.0613 5368 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
15:08:07.0645 5368 WinRM - ok
15:08:07.0691 5368 WINUSB (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUSB.SYS
15:08:07.0692 5368 WINUSB - ok
15:08:07.0746 5368 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
15:08:07.0780 5368 Wlansvc - ok
15:08:07.0794 5368 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
15:08:07.0794 5368 WmiAcpi - ok
15:08:07.0838 5368 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
15:08:07.0839 5368 wmiApSrv - ok
15:08:07.0932 5368 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:08:07.0940 5368 WMPNetworkSvc - ok
15:08:08.0003 5368 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
15:08:08.0006 5368 WPCSvc - ok
15:08:08.0028 5368 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
15:08:08.0031 5368 WPDBusEnum - ok
15:08:08.0076 5368 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
15:08:08.0076 5368 ws2ifsl - ok
15:08:08.0086 5368 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
15:08:08.0089 5368 wscsvc - ok
15:08:08.0092 5368 WSearch - ok
15:08:08.0188 5368 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
15:08:08.0237 5368 wuauserv - ok
15:08:08.0300 5368 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
15:08:08.0301 5368 WudfPf - ok
15:08:08.0329 5368 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:08:08.0330 5368 WUDFRd - ok
15:08:08.0369 5368 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
15:08:08.0372 5368 wudfsvc - ok
15:08:08.0405 5368 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
15:08:08.0412 5368 WwanSvc - ok
15:08:08.0453 5368 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\Windows\system32\DRIVERS\yk62x86.sys
15:08:08.0464 5368 yukonw7 - ok
15:08:08.0481 5368 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:08:08.0615 5368 \Device\Harddisk0\DR0 - ok
15:08:08.0633 5368 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
15:08:08.0910 5368 \Device\Harddisk1\DR1 - ok
15:08:08.0922 5368 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
15:08:09.0195 5368 \Device\Harddisk2\DR2 - ok
15:08:09.0198 5368 Boot (0x1200) (65253735f806f4502425e63a6acbc801) \Device\Harddisk0\DR0\Partition0
15:08:09.0199 5368 \Device\Harddisk0\DR0\Partition0 - ok
15:08:09.0209 5368 Boot (0x1200) (b2856e2da9d68b4868b2c64baf403934) \Device\Harddisk0\DR0\Partition1
15:08:09.0211 5368 \Device\Harddisk0\DR0\Partition1 - ok
15:08:09.0214 5368 Boot (0x1200) (5a013cc5f1b4c48f1f0e1c48e5194c2f) \Device\Harddisk1\DR1\Partition0
15:08:09.0215 5368 \Device\Harddisk1\DR1\Partition0 - ok
15:08:09.0220 5368 Boot (0x1200) (064d0dc1dc55e87ff03a68c5f43ba1d0) \Device\Harddisk2\DR2\Partition0
15:08:09.0221 5368 \Device\Harddisk2\DR2\Partition0 - ok
15:08:09.0221 5368 ============================================================
15:08:09.0222 5368 Scan finished
15:08:09.0222 5368 ============================================================
15:08:09.0232 5356 Detected object count: 0
15:08:09.0232 5356 Actual detected object count: 0
15:25:53.0367 6128 Deinitialize success

#6 Larusso

Larusso

    Raggamuffin


  • Malware Response Team
  • 305 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austria
  • Local time:08:39 PM

Posted 12 August 2012 - 01:54 AM

No Problem :)

Anyway, log appears clean here.



Download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform Quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Save it to your desktop.
Note: Malwarebytes' Anti-Malware may require a reboot to complete removals. After a reboot, if required, post that saved log in your next reply.
regards,
Daniel

Bread for the world instead Bombs and Bangers


I'll always help for free but if you want to support me in my fight against malware, please btn_donate_SM.gif

#7 Larusso

Larusso

    Raggamuffin


  • Malware Response Team
  • 305 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austria
  • Local time:08:39 PM

Posted 19 August 2012 - 05:24 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
regards,
Daniel

Bread for the world instead Bombs and Bangers


I'll always help for free but if you want to support me in my fight against malware, please btn_donate_SM.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users