twistid
-
Posts
9 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by twistid
-
-
I've just uninstalled Utorrent by the way.
-
OTL Extras logfile created on: 6/17/2012 5:28:44 PM - Run 1
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\napdizzle\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 1.23 Gb Available Physical Memory | 30.76% Memory free
8.00 Gb Paging File | 5.12 Gb Available in Paging File | 63.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698.54 Gb Total Space | 109.41 Gb Free Space | 15.66% Space Free | Partition Type: NTFS
Drive D: | 83.16 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 465.65 Gb Total Space | 3.47 Gb Free Space | 0.75% Space Free | Partition Type: FAT32
Computer Name: NAPDIZZLE-PC | User Name: napdizzle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\Users\napdizzle\AppData\Local\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\Users\napdizzle\AppData\Local\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0C818871-6337-17AC-CA8C-A3942F15D92A}" = AMD Accelerated Video Transcoding
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2C4E2E4E-A7C9-4CCB-BF03-FE6EBD5D4AB7}" = Windows Mobile Device Updater Component
"{353D1262-B2D2-AD87-EB5E-6B1395AF9FAE}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503640E5-B2ED-3173-D109-D4D03153471A}" = AMD Drag and Drop Transcoding
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{54FFD5AC-7350-52B9-FB8F-1A8A6CF1FB5B}" = AMD Media Foundation Decoders
"{551F4187-F029-4240-DEF9-836B5E43CB29}" = AMD Fuel
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{7006ED29-58F2-40C3-AE87-039287AD20B6}" = Zune
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{883B114D-BD3E-498F-9DAD-5E4A8E1C43BA}" = HP Deskjet 1000 J110 series Basic Device Software
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{D6DDB606-CD15-98C7-AA65-6B617EE8CDA5}" = ccc-utility64
"{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}" = AMD Steady Video Plug-In
"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.54
"Microsoft Security Client" = Microsoft Security Essentials
"WinRAR archiver" = WinRAR archiver
"Zune" = Zune
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{030C0401-52A9-BE86-D8A7-52C0DA203275}" = CCC Help Swedish
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{1146E8F3-4057-4F46-B39C-D18AB4BB1523}_is1" = Deus Ex - Human Revolution version 1.0
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2602B4DC-7F39-4116-941F-7BFCC60D703F}" = PDG Gold for NCOs - 2009
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java 7 Update 4
"{283153BB-CEE6-EE9C-81E8-4350D73354BA}" = CCC Help Turkish
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{39445575-7D3A-52AA-152B-7F9423D1AE69}" = CCC Help German
"{3C9A3282-9DAE-F492-13F4-6D4D664AC15F}" = CCC Help Spanish
"{45C8D17D-B5E0-4e93-8370-4329AB16D2A0}" = Battlefield 3™ Open Beta
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5236FA8C-4B70-E30E-93EF-F7D3A5E468C7}" = CCC Help Greek
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{586F0E27-0BC5-34DE-AA0B-96D14397910E}" = CCC Help Russian
"{5AF7EA0B-F009-CC00-E446-C2286AF80471}" = CCC Help Czech
"{5FC116F2-4508-A6FC-15FB-C64F05AB0F26}" = CCC Help Chinese Traditional
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{685ACA56-004C-4F80-2BC0-951BF278C03F}" = CCC Help Chinese Standard
"{6D1AFFC2-AC60-BC3B-2DC9-0D80A1E9CB16}" = CCC Help Thai
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{79CFDE3C-4602-85B2-ACF6-83D897B8B33A}" = CCC Help Korean
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed Hot Pursuit
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8972B1C8-B899-0AA0-8596-BFC9AE3311F1}" = CCC Help Finnish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab
"{92BE4E1B-AEFD-DA72-B805-948290A4BB13}" = CCC Help Hungarian
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9526B61A-1C35-96D1-531B-C8DB1D36C336}" = CCC Help Danish
"{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}" = Dead Space™ 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A295F81-04C8-FB18-2D1C-A33AA8A442CA}" = CCC Help French
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A64479BE-7DB6-4B07-87B9-70AD85B7EAD2}" = Medal of Honor™ MP Beta
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B3C8C8EF-77E0-1C0D-1CFA-A39E2E898311}" = CCC Help Italian
"{B5AD9952-F716-9862-7ED7-734E0328CF7C}" = AMD VISION Engine Control Center
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C0E69600-E8D1-784D-829C-788D91D65051}" = CCC Help Polish
"{C37B1C57-DD9B-D1E0-B933-8EA8D56E2222}" = CCC Help Norwegian
"{CA3A3F20-566B-ABB1-A541-3D93C0D09EE5}" = CCC Help Japanese
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4C4485B-16EB-31A8-C2DE-D778E8E4628B}" = Catalyst Control Center Localization All
"{D6C95F4B-86BF-4D75-B1A1-72C650CAC79B}" = Ez_Flash
"{DAF650C8-AFE5-3460-E1C4-B9716D2DA5D2}" = Catalyst Control Center InstallProxy
"{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}" = HP Deskjet 1000 J110 series Help
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0C6F271-FE15-B2D5-FF42-BCA40700DC51}" = CCC Help English
"{E1D0A4DC-97BD-CE37-3E89-87D3337E55CA}" = CCC Help Dutch
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6FA341F-8840-6B18-5BCE-C7CCEBDFE516}" = Catalyst Control Center Graphics Previews Common
"{ED15763E-A6ED-56D2-B0B5-C7D22D4CE248}" = CCC Help Portuguese
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"ArcaniA" = ArcaniA - Gothic 4
"AudioCS" = Creative Audio Control Panel
"Battlelog Web Plugins" = Battlelog Web Plugins
"Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"Cities XL 2011" = Cities XL 2011
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"DDA23392-9C73-4909-A221-BC12C6D2664D" = GmoteServer
"DFX for Windows Media Player" = DFX for Windows Media Player
"Download Manager" = Download Manager 2.3.10
"DriverCleanerDotNET" = Driver Cleaner.NET
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"ESN Sonar-0.70.0" = ESN Sonar
"Fallout New Vegas_is1" = Fallout New Vegas
"HotspotShield" = Hotspot Shield 2.53
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"Origin" = Origin
"PFPortChecker" = PFPortChecker 1.0.32
"Postal 2_is1" = Portal 2
"PunkBusterSvc" = PunkBuster Services
"Steam App 240" = Counter-Strike: Source
"Steam App 24960" = Battlefield: Bad Company 2
"Steam App 400" = Portal
"Steam App 41300" = Altitude
"Steam App 440" = Team Fortress 2
"Steam App 630" = Alien Swarm
"TVersity Codec Pack" = TVersity Codec Pack 1.4
"TVersity Media Server" = TVersity Media Server 1.9.2
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.4
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"Wireshark" = Wireshark 1.2.6
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4061514787-1851555340-1822992461-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"FoxTab FLV Player" = FoxTab FLV Player
"Google Chrome" = Google Chrome
"SOE-DC Universe Online Beta" = DC Universe Online Beta
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6/17/2012 4:34:20 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .
Error - 6/17/2012 4:39:31 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .
Error - 6/17/2012 4:54:22 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .
Error - 6/17/2012 5:04:25 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .
Error - 6/17/2012 5:06:33 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .
Error - 6/17/2012 5:07:21 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .
Error - 6/17/2012 5:08:00 PM | Computer Name = napdizzle-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Users\napdizzle\Downloads\esetsmartinstaller_enu.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Error - 6/17/2012 5:15:28 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .
Error - 6/17/2012 5:19:26 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .
Error - 6/17/2012 5:20:03 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .
Error - 6/17/2012 5:22:17 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .
[ System Events ]
Error - 6/16/2012 2:35:19 AM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7000
Description = The NTPort Library Driver service failed to start due to the following
error: %%1275
Error - 6/17/2012 4:40:10 PM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7034
Description = The TVersityMediaServer service terminated unexpectedly. It has done
this 1 time(s).
Error - 6/17/2012 4:43:33 PM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7000
Description = The AODDriver4.1 service failed to start due to the following error:
%%2
Error - 6/17/2012 4:43:33 PM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7003
Description = The IKE and AuthIP IPsec Keying Modules service depends the following
service: BFE. This service might not be installed.
Error - 6/17/2012 4:43:33 PM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7003
Description = The IPsec Policy Agent service depends the following service: BFE.
This service might not be installed.
Error - 6/17/2012 4:43:34 PM | Computer Name = napdizzle-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\System32\drivers\zntport.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.
Error - 6/17/2012 4:43:34 PM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7000
Description = The NTPort Library Driver service failed to start due to the following
error: %%1275
Error - 6/17/2012 4:43:36 PM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7000
Description = The AODDriver4.1 service failed to start due to the following error:
%%2
Error - 6/17/2012 4:43:36 PM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060
Error - 6/17/2012 4:48:23 PM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7034
Description = The TVersityMediaServer service terminated unexpectedly. It has done
this 1 time(s).
< End of report >
-
OTL logfile created on: 6/17/2012 5:28:44 PM - Run 1
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\napdizzle\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 1.23 Gb Available Physical Memory | 30.76% Memory free
8.00 Gb Paging File | 5.12 Gb Available in Paging File | 63.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698.54 Gb Total Space | 109.41 Gb Free Space | 15.66% Space Free | Partition Type: NTFS
Drive D: | 83.16 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 465.65 Gb Total Space | 3.47 Gb Free Space | 0.75% Space Free | Partition Type: FAT32
Computer Name: NAPDIZZLE-PC | User Name: napdizzle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/06/17 17:27:53 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\napdizzle\Desktop\OTL.exe
PRC - [2012/04/10 18:59:14 | 000,542,552 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/04/02 13:46:58 | 000,329,544 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2011/11/15 13:26:48 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2011/09/29 21:59:22 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/07/28 03:34:02 | 000,569,752 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2010/07/28 03:33:58 | 006,995,864 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2010/07/28 03:33:58 | 001,485,208 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2010/04/01 04:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/02/17 05:30:48 | 005,244,216 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2009/07/13 20:14:28 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PING.EXE
PRC - [2009/02/22 21:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
========== Modules (No Company Name) ==========
MOD - [2010/07/28 03:34:04 | 000,022,424 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
MOD - [2010/07/28 03:02:58 | 000,658,432 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
MOD - [2010/06/23 04:12:28 | 007,187,456 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2010/06/23 04:11:52 | 000,325,632 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2010/06/23 04:11:48 | 001,954,304 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2010/06/23 04:11:48 | 000,847,360 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2010/06/23 03:38:18 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
MOD - [2010/02/17 05:30:46 | 000,929,792 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2009/07/13 20:15:51 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012/02/14 22:16:40 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/02/14 22:13:00 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/11/11 00:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010/09/23 23:17:16 | 000,467,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2010/09/23 23:17:16 | 000,306,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2010/09/23 23:17:10 | 008,251,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2010/05/20 01:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/06/17 12:48:04 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/10 19:06:10 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2012/04/10 18:59:14 | 000,542,552 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/04/02 13:46:58 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2011/11/15 13:26:48 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011/09/29 21:59:22 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/07/01 16:55:08 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/06/26 01:45:56 | 000,256,000 | ---- | M] () [Auto | Stopped] -- C:\32788R22FWJFW\pev.3XE -- (PEVSystemStart)
SRV - [2011/01/31 18:55:19 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/07/28 03:34:02 | 000,569,752 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2010/07/25 01:26:02 | 000,884,736 | ---- | M] () [Auto | Stopped] -- C:\Users\napdizzle\AppData\Local\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2009/10/20 13:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/22 21:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/02/14 22:48:32 | 010,856,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/02/14 21:13:12 | 000,327,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/01/03 22:22:54 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012/01/03 22:22:54 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011/12/05 14:47:30 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/10/24 07:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/05/20 01:26:28 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010/04/03 10:40:33 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/03/30 09:35:04 | 000,020,968 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz133_x64.sys -- (cpuz133)
DRV:64bit: - [2010/02/17 19:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/01/28 09:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/01/08 18:42:40 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2009/10/20 13:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2009/06/10 15:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 05:49:58 | 001,561,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2009/06/04 05:49:42 | 000,118,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2009/06/04 05:49:34 | 000,213,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2009/06/04 05:49:26 | 000,015,896 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2009/06/04 05:49:18 | 000,179,224 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2009/06/04 05:49:08 | 000,684,312 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:64bit: - [2009/06/04 05:49:00 | 000,580,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2009/06/04 05:48:50 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2009/06/04 05:48:50 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2009/06/04 05:48:38 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2009/06/04 05:48:38 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2009/06/04 05:48:30 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2009/06/04 05:48:30 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2008/01/19 09:36:12 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\irsir.sys -- (irsir)
DRV:64bit: - [2007/12/22 18:41:38 | 000,012,344 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\zntport.sys -- (zntport)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/12/22 18:41:38 | 000,012,344 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\ZNTPORT.SYS -- (zntport)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2F 47 6D 55 6D C7 CC 01 [binary data]
IE - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://findgala.com/?&uid=3127&q={searchTerms}
IE - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/|www.gmail.com"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@fileplanet.com/fpdlm: C:\Program Files (x86)\Download Manager\npfpdlm.dll (IGN Entertainment)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\napdizzle\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\napdizzle\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\napdizzle\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/17 12:48:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/11 19:34:34 | 000,000,000 | ---D | M]
[2010/03/08 19:55:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\napdizzle\AppData\Roaming\Mozilla\Extensions
[2012/05/22 18:48:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\napdizzle\AppData\Roaming\Mozilla\Firefox\Profiles\8dpkf5f0.default\extensions
[2012/05/22 18:48:42 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\napdizzle\AppData\Roaming\Mozilla\Firefox\Profiles\8dpkf5f0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012/05/21 23:49:20 | 000,001,210 | ---- | M] () -- C:\Users\napdizzle\AppData\Roaming\Mozilla\Firefox\Profiles\8dpkf5f0.default\searchplugins\search.xml
[2012/01/01 02:40:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/12/30 00:32:38 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/08/26 15:10:10 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
[2012/06/17 12:48:04 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/17 12:48:03 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/17 12:48:03 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\napdizzle\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\napdizzle\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\napdizzle\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
CHR - plugin: IGN Download Manager Plug-in (Enabled) = C:\Program Files (x86)\Download Manager\npfpdlm.dll
CHR - plugin: Google Update (Enabled) = C:\Users\napdizzle\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\napdizzle\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\hssie\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\hssie\HssIE.dll (AnchorFree Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [instaLAN] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000..\Run: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe (IGN Entertainment)
O4 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000..\Run: [steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{249BD807-FFCF-443B-90E5-952C3A29DE0F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67986829-03FE-4B19-B19C-30F44ABEFE5B}: DhcpNameServer = 10.36.16.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/11 11:09:30 | 000,000,037 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2007/10/13 04:00:32 | 000,000,000 | ---D | M] - F:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2007/05/18 10:37:12 | 000,000,069 | RH-- | M] () - F:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{3a8a2dca-2b06-11df-8dd8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3a8a2dca-2b06-11df-8dd8-806e6f6e6963}\Shell\AutoRun\command - "" = D:\PhotoApp.exe -- [2010/03/11 11:09:30 | 004,965,304 | R--- | M] ()
O33 - MountPoints2\{3a8a2deb-2b06-11df-8dd8-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{3a8a2deb-2b06-11df-8dd8-806e6f6e6963}\Shell\phone\command - "" = F:\autorun.exe
O33 - MountPoints2\{7cc6650c-3f37-11df-bee5-000129a79902}\Shell - "" = AutoRun
O33 - MountPoints2\{7cc6650c-3f37-11df-bee5-000129a79902}\Shell\AutoRun\command - "" = G:\INSTALL.EXE
O33 - MountPoints2\{de43be15-2ca4-11e1-806b-000129a79902}\Shell - "" = AutoRun
O33 - MountPoints2\{de43be15-2ca4-11e1-806b-000129a79902}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{f9d0803b-336b-11e1-9006-000129a79902}\Shell - "" = AutoRun
O33 - MountPoints2\{f9d0803b-336b-11e1-9006-000129a79902}\Shell\AutoRun\command - "" = K:\setup.exe -a
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\F\Shell\phone\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/06/17 17:27:51 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\napdizzle\Desktop\OTL.exe
[2012/06/17 16:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/06/17 15:44:36 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{CE85CE9E-B705-41A9-A4EE-3BA45ADB3D9A}
[2012/06/16 01:37:17 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{00121ED0-6BA3-4EB4-8901-ED00E2FE8D61}
[2012/06/12 21:10:10 | 000,000,000 | ---D | C] -- C:\update
[2012/06/12 21:10:10 | 000,000,000 | ---D | C] -- C:\hsswd
[2012/06/12 21:10:10 | 000,000,000 | ---D | C] -- C:\hssff
[2012/06/12 21:10:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Hotspot Shield
[2012/06/11 21:03:59 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\Skyrim
[2012/06/11 20:26:51 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{417C1B19-9E0F-4373-85A1-530EF725C547}
[2012/06/11 20:06:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2012/06/11 20:06:19 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012/06/11 20:06:19 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012/06/11 20:06:19 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012/06/11 20:06:19 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012/06/11 20:06:18 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012/06/11 20:06:18 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012/06/11 20:06:18 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012/06/11 20:06:18 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012/06/11 20:01:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Elder Scrolls V Skyrim
[2012/06/11 19:43:43 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/06/11 19:36:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/06/11 19:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/06/11 19:34:34 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/06/11 08:26:26 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{06E32F9D-600F-46A4-A06C-13207BEB2174}
[2012/06/11 08:26:15 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{64AF2943-7B43-4284-A562-3D3E352A2DF3}
[2012/06/10 20:34:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/06/10 20:34:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/06/10 20:34:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/06/10 20:34:26 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/06/10 20:34:25 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/06/10 20:34:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/10 20:34:03 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/06/10 20:25:49 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{89CF3D2F-66E1-4867-8E2D-CD5698DD685C}
[2012/06/10 20:25:34 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{F355C043-FEBE-439F-91E5-C4B0D130E74F}
[2012/06/10 20:24:37 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/06/10 20:15:52 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{220F9A20-E422-49BA-885B-DF5509174EE4}
[2012/06/10 20:15:39 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{9BFAD569-CCF0-4D7A-8BCB-E0C4F119BDDE}
[2012/06/10 19:32:35 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/06/10 18:36:31 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/06/10 16:33:14 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\Desktop\skyrim
[2012/05/30 15:53:02 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{ACECDD50-E09F-46BB-A07B-2D9A43BD8579}
[2012/05/30 15:52:34 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{E0918699-3109-45AA-B4B9-8FD1DE156650}
[2012/05/29 09:22:17 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\Desktop\investment
[2012/05/23 09:13:39 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{EAC9A3A3-B853-48B6-B69D-D48B58F97D9E}
[2012/05/23 09:13:25 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{7F0A22DD-F753-4759-88F2-68F5E1F805A1}
[2012/05/21 23:34:14 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{4C1A56FE-673C-4191-89C1-00F7A71804CD}
[2012/05/21 23:33:52 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{FEA777D8-6B8F-4C32-B2AB-15AA29387CC6}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/06/17 17:27:53 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\napdizzle\Desktop\OTL.exe
[2012/06/17 16:42:08 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4061514787-1851555340-1822992461-1000UA.job
[2012/06/17 16:09:42 | 000,000,512 | ---- | M] () -- C:\Users\napdizzle\Desktop\MBR.dat
[2012/06/17 15:48:34 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/17 15:48:34 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/17 15:48:00 | 000,717,324 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/17 15:48:00 | 000,617,222 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/17 15:48:00 | 000,104,496 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/17 15:43:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/17 15:43:09 | 3220,824,064 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/17 15:40:19 | 000,061,160 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx
[2012/06/17 15:40:19 | 000,061,160 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx
[2012/06/17 15:40:19 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx
[2012/06/16 23:42:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4061514787-1851555340-1822992461-1000Core.job
[2012/06/16 01:32:31 | 002,329,218 | ---- | M] () -- C:\Users\napdizzle\Desktop\boat.xps
[2012/06/11 19:34:25 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/06/11 19:34:25 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/06/10 19:32:35 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/06/10 19:32:35 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/06/05 22:32:36 | 193,474,269 | ---- | M] () -- C:\Users\napdizzle\Desktop\01-nicolas_jaar_-_essential_mix-sat-05-19-2012-talion.mp3
[2012/06/05 22:32:14 | 000,011,760 | -HS- | M] () -- C:\Users\napdizzle\Desktop\Folder.jpg
[2012/06/05 22:32:14 | 000,011,760 | -HS- | M] () -- C:\Users\napdizzle\Desktop\AlbumArt_{D8F020C2-866C-4DCE-B014-A4742941E853}_Large.jpg
[2012/06/05 22:32:14 | 000,002,401 | -HS- | M] () -- C:\Users\napdizzle\Desktop\AlbumArtSmall.jpg
[2012/06/05 22:32:14 | 000,002,401 | -HS- | M] () -- C:\Users\napdizzle\Desktop\AlbumArt_{D8F020C2-866C-4DCE-B014-A4742941E853}_Small.jpg
[2012/05/28 09:52:03 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012/05/22 23:43:50 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/21 23:49:20 | 000,001,731 | ---- | M] () -- C:\Users\napdizzle\Desktop\Computer.lnk
[2012/05/21 23:49:20 | 000,000,288 | ---- | M] () -- C:\Users\napdizzle\AppData\Roaming\9F513D51.reg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/06/17 16:56:43 | 000,232,960 | ---- | C] () -- C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\00000008.@
[2012/06/17 16:56:41 | 000,093,696 | ---- | C] () -- C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000032.@
[2012/06/17 16:56:40 | 000,076,800 | ---- | C] () -- C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000064.@
[2012/06/17 16:56:40 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000000.@
[2012/06/17 16:09:42 | 000,000,512 | ---- | C] () -- C:\Users\napdizzle\Desktop\MBR.dat
[2012/06/17 16:09:27 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\00000004.@
[2012/06/17 16:09:27 | 000,001,584 | ---- | C] () -- C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\000000cb.@
[2012/06/17 16:09:27 | 000,000,773 | ---- | C] () -- C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\L\00000004.@
[2012/06/16 01:32:30 | 002,329,218 | ---- | C] () -- C:\Users\napdizzle\Desktop\boat.xps
[2012/06/10 20:35:16 | 000,001,584 | ---- | C] () -- C:\Users\napdizzle\AppData\Local\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\000000cb.@
[2012/06/10 20:35:16 | 000,001,536 | ---- | C] () -- C:\Users\napdizzle\AppData\Local\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\00000004.@
[2012/06/10 20:35:16 | 000,000,740 | ---- | C] () -- C:\Users\napdizzle\AppData\Local\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\L\00000004.@
[2012/06/10 20:34:31 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/06/10 20:34:31 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/06/10 20:34:31 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/06/10 20:34:31 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/06/10 20:34:31 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/06/05 22:32:14 | 000,011,760 | -HS- | C] () -- C:\Users\napdizzle\Desktop\AlbumArt_{D8F020C2-866C-4DCE-B014-A4742941E853}_Large.jpg
[2012/06/05 22:32:14 | 000,002,401 | -HS- | C] () -- C:\Users\napdizzle\Desktop\AlbumArt_{D8F020C2-866C-4DCE-B014-A4742941E853}_Small.jpg
[2012/05/22 21:33:01 | 000,090,439 | ---- | C] () -- C:\Users\napdizzle\Desktop\2012-05-22_20-31-52_370.jpg
[2012/05/22 19:00:02 | 193,474,269 | ---- | C] () -- C:\Users\napdizzle\Desktop\01-nicolas_jaar_-_essential_mix-sat-05-19-2012-talion.mp3
[2012/05/21 23:49:20 | 000,001,731 | ---- | C] () -- C:\Users\napdizzle\Desktop\Computer.lnk
[2012/05/21 23:49:20 | 000,000,288 | ---- | C] () -- C:\Users\napdizzle\AppData\Roaming\9F513D51.reg
[2012/02/14 22:05:16 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012/02/14 21:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/02/14 21:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/01/31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011/12/30 22:17:33 | 000,011,946 | -HS- | C] () -- C:\Users\napdizzle\AppData\Local\121ttv68j532vb67d2pmg2e107012j02r3742
[2011/12/30 22:17:33 | 000,011,946 | -HS- | C] () -- C:\ProgramData\121ttv68j532vb67d2pmg2e107012j02r3742
[2011/09/25 05:00:11 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/02/23 04:37:37 | 000,730,638 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/01 00:55:35 | 000,000,110 | ---- | C] () -- C:\ProgramData\{2602B4DC-7F39-4116-941F-7BFCC60D703F}_WiseFW.ini
[2010/07/08 09:43:57 | 000,007,680 | ---- | C] () -- C:\Users\napdizzle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/13 18:22:13 | 000,002,048 | -HS- | C] () -- C:\Users\napdizzle\AppData\Local\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\@
< End of report >
-
I happend to run ESET I found in another thread...
C:\Program Files (x86)\FoxTabFLVPlayer\FLVPlayer.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\ubiorbitapi_r2.dll a variant of Win32/Packed.VMProtect.AAA trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\n.vir Win64/Sirefef.W trojan cleaned by deleting (after the next restart) - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\00000008.@.vir Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000000.@.vir Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000032.@.vir probably a variant of Win32/Sirefef.EU trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000064.@.vir Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Users\napdizzle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIU8YK9B\8[1].exe Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\napdizzle\AppData\Local\Mozilla\Firefox\Profiles\8dpkf5f0.default\Cache\5\31\CEE37d01 HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\napdizzle\AppData\Local\Mozilla\Firefox\Profiles\8dpkf5f0.default\Cache\8\68\F56D7d01 HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\napdizzle\AppData\Local\Temp\B55A.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\napdizzle\AppData\Local\Temp\Main.class a variant of Java/Exploit.CVE-2011-3544.BK trojan cleaned by deleting - quarantined
C:\Users\napdizzle\AppData\Local\Temp\NOD7338.tmp Win64/Sirefef.W trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\napdizzle\AppData\Local\Temp\is1438683437\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\napdizzle\AppData\Local\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\n Win64/Sirefef.W trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\napdizzle\AppData\Local\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Users\napdizzle\AppData\Local\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000032.@ probably a variant of Win32/Sirefef.EU trojan cleaned by deleting - quarantined
C:\Users\napdizzle\AppData\Local\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000064.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Users\napdizzle\Downloads\driverperformer_849.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\napdizzle\Downloads\HSS-1.37-install-anchorfree-76-conduit.exe a variant of Win32/HotSpotShield application cleaned by deleting - quarantined
C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000032.@ probably a variant of Win32/Sirefef.EU trojan cleaned by deleting - quarantined
C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000064.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
Operating memory a variant of Win32/Sirefef.EZ trojan
I'll start on OTL
-
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-17 16:08:57
-----------------------------
16:08:57.585 OS Version: Windows x64 6.1.7600
16:08:57.585 Number of processors: 4 586 0x403
16:08:57.586 ComputerName: NAPDIZZLE-PC UserName: napdizzle
16:09:02.107 Initialize success
16:09:14.077 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:09:14.079 Disk 0 Vendor: WDC_WD7501AALS-00E8B0 05.00K05 Size: 715404MB BusType: 3
16:09:14.086 Disk 0 MBR read successfully
16:09:14.088 Disk 0 MBR scan
16:09:14.089 Disk 0 Windows 7 default MBR code
16:09:14.096 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:09:14.102 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 715302 MB offset 206848
16:09:14.105 Disk 0 scanning C:\Windows\system32\drivers
16:09:17.935 Service scanning
16:09:25.568 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
16:09:29.249 Modules scanning
16:09:29.253 Disk 0 trace - called modules:
16:09:29.261 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80047042c0]<<spry.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
16:09:29.264 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004b00060]
16:09:29.590 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa800484d520]
16:09:29.593 5 ACPI.sys[fffff88000c0b781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800484f060]
16:09:29.596 \Driver\atapi[0xfffffa8004836360] -> IRP_MJ_CREATE -> 0xfffffa80047042c0
16:09:29.599 Scan finished successfully
16:09:42.055 Disk 0 MBR has been saved successfully to "C:\Users\napdizzle\Desktop\MBR.dat"
16:09:42.058 The log file has been saved successfully to "C:\Users\napdizzle\Desktop\aswMBR.txt"
-
15:35:01.0502 5044 b06bdrv - ok
15:35:01.0519 5044 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:35:01.0528 5044 b57nd60a - ok
15:35:01.0556 5044 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:35:01.0563 5044 BDESVC - ok
15:35:01.0568 5044 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:35:01.0589 5044 Beep - ok
15:35:01.0654 5044 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
15:35:01.0695 5044 BITS - ok
15:35:01.0702 5044 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:35:01.0708 5044 blbdrive - ok
15:35:01.0718 5044 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
15:35:01.0740 5044 bowser - ok
15:35:01.0751 5044 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:35:01.0759 5044 BrFiltLo - ok
15:35:01.0771 5044 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:35:01.0778 5044 BrFiltUp - ok
15:35:01.0794 5044 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:35:01.0816 5044 BridgeMP - ok
15:35:01.0835 5044 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
15:35:01.0857 5044 Browser - ok
15:35:01.0875 5044 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:35:01.0885 5044 Brserid - ok
15:35:01.0895 5044 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:35:01.0904 5044 BrSerWdm - ok
15:35:01.0906 5044 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:35:01.0914 5044 BrUsbMdm - ok
15:35:01.0916 5044 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:35:01.0922 5044 BrUsbSer - ok
15:35:01.0934 5044 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:35:01.0942 5044 BTHMODEM - ok
15:35:01.0949 5044 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:35:01.0971 5044 bthserv - ok
15:35:01.0980 5044 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:35:02.0002 5044 cdfs - ok
15:35:02.0015 5044 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
15:35:02.0023 5044 cdrom - ok
15:35:02.0032 5044 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
15:35:02.0054 5044 CertPropSvc - ok
15:35:02.0057 5044 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:35:02.0065 5044 circlass - ok
15:35:02.0090 5044 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:35:02.0099 5044 CLFS - ok
15:35:02.0146 5044 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:35:02.0150 5044 clr_optimization_v2.0.50727_32 - ok
15:35:02.0214 5044 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:35:02.0218 5044 clr_optimization_v2.0.50727_64 - ok
15:35:02.0221 5044 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:35:02.0227 5044 CmBatt - ok
15:35:02.0229 5044 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
15:35:02.0234 5044 cmdide - ok
15:35:02.0265 5044 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
15:35:02.0286 5044 CNG - ok
15:35:02.0298 5044 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:35:02.0303 5044 Compbatt - ok
15:35:02.0310 5044 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:35:02.0318 5044 CompositeBus - ok
15:35:02.0320 5044 COMSysApp - ok
15:35:02.0355 5044 cpuz133 (641243746597fbd650e5000d95811ea3) C:\Windows\system32\drivers\cpuz133_x64.sys
15:35:02.0359 5044 cpuz133 - ok
15:35:02.0370 5044 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:35:02.0374 5044 crcdisk - ok
15:35:02.0427 5044 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
15:35:02.0430 5044 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
15:35:02.0430 5044 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
15:35:02.0447 5044 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
15:35:02.0470 5044 CryptSvc - ok
15:35:02.0496 5044 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
15:35:02.0523 5044 CSC - ok
15:35:02.0561 5044 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
15:35:02.0581 5044 CscService - ok
15:35:02.0610 5044 CT20XUT (b3b541b3b25adb02d793c51953b22491) C:\Windows\system32\drivers\CT20XUT.SYS
15:35:02.0616 5044 CT20XUT - ok
15:35:02.0619 5044 CT20XUT.SYS (b3b541b3b25adb02d793c51953b22491) C:\Windows\System32\drivers\CT20XUT.SYS
15:35:02.0624 5044 CT20XUT.SYS - ok
15:35:02.0653 5044 ctac32k (f2e098f140b769ae62803e89230f11a9) C:\Windows\system32\drivers\ctac32k.sys
15:35:02.0665 5044 ctac32k - ok
15:35:02.0710 5044 ctaud2k (5c315e9dabf63d9d12973585a6113066) C:\Windows\system32\drivers\ctaud2k.sys
15:35:02.0729 5044 ctaud2k - ok
15:35:02.0784 5044 CTAudSvcService (07ba6d17e66879018b30b6c3f976ebed) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
15:35:02.0789 5044 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
15:35:02.0789 5044 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
15:35:02.0866 5044 CTEXFIFX (59d681564c6d5cd72890082925501be9) C:\Windows\system32\drivers\CTEXFIFX.SYS
15:35:02.0895 5044 CTEXFIFX - ok
15:35:03.0058 5044 CTEXFIFX.SYS (59d681564c6d5cd72890082925501be9) C:\Windows\System32\drivers\CTEXFIFX.SYS
15:35:03.0075 5044 CTEXFIFX.SYS - ok
15:35:03.0120 5044 CTHWIUT (d0ebcff35fe9a4f9d3ca2fd6a38bee56) C:\Windows\system32\drivers\CTHWIUT.SYS
15:35:03.0125 5044 CTHWIUT - ok
15:35:03.0127 5044 CTHWIUT.SYS (d0ebcff35fe9a4f9d3ca2fd6a38bee56) C:\Windows\System32\drivers\CTHWIUT.SYS
15:35:03.0131 5044 CTHWIUT.SYS - ok
15:35:03.0136 5044 ctprxy2k (ef305cab6295b8a250a77a7fd5f9f113) C:\Windows\system32\drivers\ctprxy2k.sys
15:35:03.0140 5044 ctprxy2k - ok
15:35:03.0154 5044 ctsfm2k (01323c189318b92bb7781b911de9d62b) C:\Windows\system32\drivers\ctsfm2k.sys
15:35:03.0161 5044 ctsfm2k - ok
15:35:03.0193 5044 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
15:35:03.0218 5044 DcomLaunch - ok
15:35:03.0238 5044 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:35:03.0263 5044 defragsvc - ok
15:35:03.0301 5044 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
15:35:03.0324 5044 DfsC - ok
15:35:03.0344 5044 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
15:35:03.0357 5044 Dhcp - ok
15:35:03.0364 5044 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:35:03.0386 5044 discache - ok
15:35:03.0395 5044 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:35:03.0400 5044 Disk - ok
15:35:03.0419 5044 Dnscache (676108c4e3aa6f6b34633748bd0bebd9) C:\Windows\System32\dnsrslvr.dll
15:35:03.0442 5044 Dnscache - ok
15:35:03.0462 5044 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
15:35:03.0486 5044 dot3svc - ok
15:35:03.0501 5044 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
15:35:03.0524 5044 DPS - ok
15:35:03.0544 5044 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:35:03.0551 5044 drmkaud - ok
15:35:03.0653 5044 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
15:35:03.0678 5044 DXGKrnl - ok
15:35:03.0691 5044 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:35:03.0714 5044 EapHost - ok
15:35:03.0851 5044 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:35:03.0902 5044 ebdrv - ok
15:35:03.0999 5044 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
15:35:04.0006 5044 EFS - ok
15:35:04.0078 5044 ehRecvr (3d69fae60ede442e004611a4ee4db44c) C:\Windows\ehome\ehRecvr.exe
15:35:04.0105 5044 ehRecvr - ok
15:35:04.0137 5044 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:35:04.0144 5044 ehSched - ok
15:35:04.0186 5044 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:35:04.0198 5044 elxstor - ok
15:35:04.0225 5044 emupia (1b68c7ddd39811df63fc04af937be91a) C:\Windows\system32\drivers\emupia2k.sys
15:35:04.0230 5044 emupia - ok
15:35:04.0241 5044 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
15:35:04.0247 5044 ErrDev - ok
15:35:04.0279 5044 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:35:04.0305 5044 EventSystem - ok
15:35:04.0318 5044 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:35:04.0341 5044 exfat - ok
15:35:04.0354 5044 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:35:04.0377 5044 fastfat - ok
15:35:04.0413 5044 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
15:35:04.0437 5044 Fax - ok
15:35:04.0440 5044 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:35:04.0446 5044 fdc - ok
15:35:04.0457 5044 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:35:04.0479 5044 fdPHost - ok
15:35:04.0490 5044 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:35:04.0511 5044 FDResPub - ok
15:35:04.0519 5044 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:35:04.0525 5044 FileInfo - ok
15:35:04.0528 5044 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:35:04.0549 5044 Filetrace - ok
15:35:04.0555 5044 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:35:04.0562 5044 flpydisk - ok
15:35:04.0582 5044 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
15:35:04.0590 5044 FltMgr - ok
15:35:04.0638 5044 FontCache (8ac4cb4ea61e41009fae9ae7b2b5da3a) C:\Windows\system32\FntCache.dll
15:35:04.0680 5044 FontCache - ok
15:35:04.0803 5044 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:35:04.0807 5044 FontCache3.0.0.0 - ok
15:35:04.0926 5044 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:35:04.0932 5044 FsDepends - ok
15:35:04.0934 5044 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:35:04.0939 5044 Fs_Rec - ok
15:35:04.0967 5044 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:35:04.0975 5044 fvevol - ok
15:35:05.0003 5044 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:35:05.0008 5044 gagp30kx - ok
15:35:05.0043 5044 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
15:35:05.0064 5044 gpsvc - ok
15:35:05.0145 5044 ha20x2k (c1c61e83f44b105a4a131cb0c583174c) C:\Windows\system32\drivers\ha20x2k.sys
15:35:05.0173 5044 ha20x2k - ok
15:35:05.0265 5044 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:35:05.0272 5044 hcw85cir - ok
15:35:05.0308 5044 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
15:35:05.0318 5044 HdAudAddService - ok
15:35:05.0329 5044 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:35:05.0337 5044 HDAudBus - ok
15:35:05.0350 5044 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:35:05.0356 5044 HidBatt - ok
15:35:05.0371 5044 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:35:05.0380 5044 HidBth - ok
15:35:05.0388 5044 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:35:05.0396 5044 HidIr - ok
15:35:05.0409 5044 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
15:35:05.0431 5044 hidserv - ok
15:35:05.0442 5044 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
15:35:05.0448 5044 HidUsb - ok
15:35:05.0462 5044 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
15:35:05.0484 5044 hkmsvc - ok
15:35:05.0498 5044 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
15:35:05.0507 5044 HomeGroupListener - ok
15:35:05.0522 5044 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
15:35:05.0531 5044 HomeGroupProvider - ok
15:35:05.0540 5044 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
15:35:05.0546 5044 HpSAMD - ok
15:35:05.0647 5044 hshld (b7cfe93627e7796624004687125a729f) C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
15:35:05.0656 5044 hshld - ok
15:35:05.0707 5044 HssSrv (2cfea9c337b699aca38487e8a7438f35) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
15:35:05.0714 5044 HssSrv - ok
15:35:05.0732 5044 HssTrayService (b3c6eeeff5c5ea3235b7d84317c1fb3f) C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
15:35:05.0736 5044 HssTrayService - ok
15:35:05.0738 5044 HssWd - ok
15:35:05.0778 5044 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
15:35:05.0813 5044 HTTP - ok
15:35:05.0819 5044 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
15:35:05.0824 5044 hwpolicy - ok
15:35:05.0835 5044 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
15:35:05.0842 5044 i8042prt - ok
15:35:05.0870 5044 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
15:35:05.0880 5044 iaStorV - ok
15:35:06.0016 5044 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:35:06.0041 5044 idsvc - ok
15:35:06.0056 5044 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:35:06.0061 5044 iirsp - ok
15:35:06.0103 5044 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
15:35:06.0143 5044 IKEEXT - ok
15:35:06.0152 5044 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
15:35:06.0157 5044 intelide - ok
15:35:06.0165 5044 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:35:06.0172 5044 intelppm - ok
15:35:06.0180 5044 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:35:06.0203 5044 IPBusEnum - ok
15:35:06.0211 5044 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:35:06.0233 5044 IpFilterDriver - ok
15:35:06.0245 5044 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:35:06.0252 5044 IPMIDRV - ok
15:35:06.0269 5044 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:35:06.0291 5044 IPNAT - ok
15:35:06.0306 5044 irda (05360b1ea5a2abf620d1d96ebd8bd8f1) C:\Windows\system32\DRIVERS\irda.sys
15:35:06.0316 5044 irda - ok
15:35:06.0324 5044 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:35:06.0333 5044 IRENUM - ok
15:35:06.0338 5044 Irmon (3848384ab383f0a8f506c4370635c1f9) C:\Windows\System32\irmon.dll
15:35:06.0348 5044 Irmon - ok
15:35:06.0371 5044 irsir (d2ca12736624ba636f8357dc3ef0757e) C:\Windows\system32\DRIVERS\irsir.sys
15:35:06.0376 5044 irsir - ok
15:35:06.0383 5044 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
15:35:06.0388 5044 isapnp - ok
15:35:06.0425 5044 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
15:35:06.0433 5044 iScsiPrt - ok
15:35:06.0444 5044 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:35:06.0449 5044 kbdclass - ok
15:35:06.0454 5044 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
15:35:06.0460 5044 kbdhid - ok
15:35:06.0465 5044 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:35:06.0473 5044 KeyIso - ok
15:35:06.0478 5044 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
15:35:06.0484 5044 KSecDD - ok
15:35:06.0506 5044 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
15:35:06.0513 5044 KSecPkg - ok
15:35:06.0519 5044 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:35:06.0540 5044 ksthunk - ok
15:35:06.0562 5044 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:35:06.0588 5044 KtmRm - ok
15:35:06.0610 5044 LanmanServer (c926920b8978de6acfe9e15c709e9b57) C:\Windows\System32\srvsvc.dll
15:35:06.0635 5044 LanmanServer - ok
15:35:06.0669 5044 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
15:35:06.0693 5044 LanmanWorkstation - ok
15:35:06.0725 5044 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:35:06.0748 5044 lltdio - ok
15:35:06.0767 5044 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:35:06.0792 5044 lltdsvc - ok
15:35:06.0798 5044 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:35:06.0820 5044 lmhosts - ok
15:35:06.0835 5044 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:35:06.0841 5044 LSI_FC - ok
15:35:06.0857 5044 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:35:06.0863 5044 LSI_SAS - ok
15:35:06.0871 5044 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:35:06.0876 5044 LSI_SAS2 - ok
15:35:06.0887 5044 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:35:06.0894 5044 LSI_SCSI - ok
15:35:06.0903 5044 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:35:06.0925 5044 luafv - ok
15:35:06.0951 5044 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
15:35:06.0955 5044 MBAMProtector - ok
15:35:07.0034 5044 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:35:07.0043 5044 MBAMService - ok
15:35:07.0059 5044 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
15:35:07.0066 5044 Mcx2Svc - ok
15:35:07.0078 5044 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:35:07.0083 5044 megasas - ok
15:35:07.0101 5044 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:35:07.0110 5044 MegaSR - ok
15:35:07.0147 5044 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:35:07.0152 5044 Microsoft Office Groove Audit Service - ok
15:35:07.0167 5044 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:35:07.0189 5044 MMCSS - ok
15:35:07.0195 5044 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:35:07.0217 5044 Modem - ok
15:35:07.0234 5044 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:35:07.0242 5044 monitor - ok
15:35:07.0255 5044 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:35:07.0259 5044 mouclass - ok
15:35:07.0272 5044 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:35:07.0278 5044 mouhid - ok
15:35:07.0291 5044 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
15:35:07.0296 5044 mountmgr - ok
15:35:07.0350 5044 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:35:07.0355 5044 MozillaMaintenance - ok
15:35:07.0393 5044 MpFilter (e6ba8e5a4a871899e23d64573ef58ee9) C:\Windows\system32\DRIVERS\MpFilter.sys
15:35:07.0400 5044 MpFilter - ok
15:35:07.0418 5044 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
15:35:07.0425 5044 mpio - ok
15:35:07.0437 5044 MpNWMon (98b09a4f2c462441030b83a80a3f6fb3) C:\Windows\system32\DRIVERS\MpNWMon.sys
15:35:07.0441 5044 MpNWMon - ok
15:35:07.0475 5044 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:35:07.0497 5044 mpsdrv - ok
15:35:07.0507 5044 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
15:35:07.0518 5044 MRxDAV - ok
15:35:07.0535 5044 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:35:07.0553 5044 mrxsmb - ok
15:35:07.0592 5044 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:35:07.0602 5044 mrxsmb10 - ok
15:35:07.0616 5044 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:35:07.0623 5044 mrxsmb20 - ok
15:35:07.0630 5044 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
15:35:07.0635 5044 msahci - ok
15:35:07.0692 5044 MSCamSvc (a592a054d78750b4d73abaa4c94decdf) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
15:35:07.0698 5044 MSCamSvc - ok
15:35:07.0713 5044 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
15:35:07.0720 5044 msdsm - ok
15:35:07.0750 5044 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:35:07.0758 5044 MSDTC - ok
15:35:07.0766 5044 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:35:07.0789 5044 Msfs - ok
15:35:07.0792 5044 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:35:07.0814 5044 mshidkmdf - ok
15:35:07.0826 5044 MSHUSBVideo (55218f924e55fd2786ed40edf4ed79c3) C:\Windows\system32\Drivers\nx6000.sys
15:35:07.0831 5044 MSHUSBVideo - ok
15:35:07.0833 5044 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
15:35:07.0838 5044 msisadrv - ok
15:35:07.0864 5044 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:35:07.0888 5044 MSiSCSI - ok
15:35:07.0891 5044 msiserver - ok
15:35:07.0894 5044 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:35:07.0916 5044 MSKSSRV - ok
15:35:07.0922 5044 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:35:07.0944 5044 MSPCLOCK - ok
15:35:07.0947 5044 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:35:07.0969 5044 MSPQM - ok
15:35:07.0994 5044 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
15:35:08.0004 5044 MsRPC - ok
15:35:08.0016 5044 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
15:35:08.0021 5044 mssmbios - ok
15:35:08.0023 5044 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:35:08.0046 5044 MSTEE - ok
15:35:08.0052 5044 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:35:08.0058 5044 MTConfig - ok
15:35:08.0064 5044 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:35:08.0070 5044 Mup - ok
15:35:08.0118 5044 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
15:35:08.0152 5044 napagent - ok
15:35:08.0177 5044 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:35:08.0190 5044 NativeWifiP - ok
15:35:08.0236 5044 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
15:35:08.0260 5044 NDIS - ok
15:35:08.0272 5044 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:35:08.0295 5044 NdisCap - ok
15:35:08.0305 5044 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:35:08.0327 5044 NdisTapi - ok
15:35:08.0342 5044 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
15:35:08.0365 5044 Ndisuio - ok
15:35:08.0377 5044 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:35:08.0401 5044 NdisWan - ok
15:35:08.0414 5044 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
15:35:08.0438 5044 NDProxy - ok
15:35:08.0444 5044 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:35:08.0467 5044 NetBIOS - ok
15:35:08.0488 5044 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
15:35:08.0514 5044 NetBT - ok
15:35:08.0540 5044 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:35:08.0547 5044 Netlogon - ok
15:35:08.0588 5044 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:35:08.0615 5044 Netman - ok
15:35:08.0642 5044 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:35:08.0676 5044 netprofm - ok
15:35:08.0777 5044 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:35:08.0782 5044 NetTcpPortSharing - ok
15:35:08.0789 5044 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:35:08.0794 5044 nfrd960 - ok
15:35:08.0823 5044 NisDrv (3713e8452b88d3e0be095e06b6fbc776) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:35:08.0828 5044 NisDrv - ok
15:35:08.0902 5044 NisSrv (c67e39d2968400b38f54a10822e6eacf) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
15:35:08.0911 5044 NisSrv - ok
15:35:08.0933 5044 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
15:35:08.0959 5044 NlaSvc - ok
15:35:09.0000 5044 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\drivers\npf.sys
15:35:09.0004 5044 NPF - ok
15:35:09.0017 5044 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:35:09.0039 5044 Npfs - ok
15:35:09.0065 5044 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:35:09.0088 5044 nsi - ok
15:35:09.0099 5044 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:35:09.0121 5044 nsiproxy - ok
15:35:09.0189 5044 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
15:35:09.0225 5044 Ntfs - ok
15:35:09.0344 5044 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:35:09.0365 5044 Null - ok
15:35:09.0383 5044 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
15:35:09.0390 5044 nvraid - ok
15:35:09.0408 5044 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
15:35:09.0415 5044 nvstor - ok
15:35:09.0424 5044 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
15:35:09.0430 5044 nv_agp - ok
15:35:09.0520 5044 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:35:09.0530 5044 odserv - ok
15:35:09.0539 5044 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
15:35:09.0546 5044 ohci1394 - ok
15:35:09.0560 5044 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:35:09.0566 5044 ose - ok
15:35:09.0592 5044 ossrv (eb8724534cee0977eac4878812682f6b) C:\Windows\system32\drivers\ctoss2k.sys
15:35:09.0598 5044 ossrv - ok
15:35:09.0642 5044 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:35:09.0661 5044 p2pimsvc - ok
15:35:09.0684 5044 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:35:09.0695 5044 p2psvc - ok
15:35:09.0711 5044 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:35:09.0718 5044 Parport - ok
15:35:09.0728 5044 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
15:35:09.0734 5044 partmgr - ok
15:35:09.0753 5044 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:35:09.0764 5044 PcaSvc - ok
15:35:09.0797 5044 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
15:35:09.0803 5044 pci - ok
15:35:09.0808 5044 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
15:35:09.0812 5044 pciide - ok
15:35:09.0822 5044 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:35:09.0830 5044 pcmcia - ok
15:35:09.0843 5044 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:35:09.0848 5044 pcw - ok
15:35:09.0891 5044 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:35:09.0929 5044 PEAUTH - ok
15:35:10.0005 5044 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
15:35:10.0038 5044 PeerDistSvc - ok
15:35:10.0138 5044 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:35:10.0145 5044 PerfHost - ok
15:35:10.0226 5044 PEVSystemStart - ok
15:35:10.0337 5044 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
15:35:10.0383 5044 pla - ok
15:35:10.0422 5044 PlugPlay (23157d583244400e1d7fbaee2e4b31b7) C:\Windows\system32\umpnpmgr.dll
15:35:10.0449 5044 PlugPlay - ok
15:35:10.0451 5044 PnkBstrA - ok
15:35:10.0462 5044 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:35:10.0468 5044 PNRPAutoReg - ok
15:35:10.0509 5044 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:35:10.0517 5044 PNRPsvc - ok
15:35:10.0562 5044 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
15:35:10.0593 5044 PolicyAgent - ok
15:35:10.0614 5044 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:35:10.0638 5044 Power - ok
15:35:10.0694 5044 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
15:35:10.0717 5044 PptpMiniport - ok
15:35:10.0744 5044 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:35:10.0751 5044 Processor - ok
15:35:10.0768 5044 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
15:35:10.0792 5044 ProfSvc - ok
15:35:10.0832 5044 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:35:10.0839 5044 ProtectedStorage - ok
15:35:10.0870 5044 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
15:35:10.0893 5044 Psched - ok
15:35:10.0975 5044 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:35:11.0023 5044 ql2300 - ok
15:35:11.0116 5044 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:35:11.0122 5044 ql40xx - ok
15:35:11.0146 5044 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:35:11.0158 5044 QWAVE - ok
15:35:11.0168 5044 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:35:11.0177 5044 QWAVEdrv - ok
15:35:11.0188 5044 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:35:11.0209 5044 RasAcd - ok
15:35:11.0237 5044 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:35:11.0259 5044 RasAgileVpn - ok
15:35:11.0278 5044 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:35:11.0301 5044 RasAuto - ok
15:35:11.0322 5044 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:35:11.0345 5044 Rasl2tp - ok
15:35:11.0364 5044 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
15:35:11.0390 5044 RasMan - ok
15:35:11.0403 5044 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:35:11.0426 5044 RasPppoe - ok
15:35:11.0460 5044 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:35:11.0482 5044 RasSstp - ok
15:35:11.0501 5044 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
15:35:11.0526 5044 rdbss - ok
15:35:11.0556 5044 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:35:11.0564 5044 rdpbus - ok
15:35:11.0570 5044 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:35:11.0591 5044 RDPCDD - ok
15:35:11.0607 5044 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
15:35:11.0617 5044 RDPDR - ok
15:35:11.0626 5044 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:35:11.0648 5044 RDPENCDD - ok
15:35:11.0653 5044 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:35:11.0675 5044 RDPREFMP - ok
15:35:11.0690 5044 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
15:35:11.0714 5044 RDPWD - ok
15:35:11.0731 5044 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
15:35:11.0739 5044 rdyboost - ok
15:35:11.0766 5044 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:35:11.0789 5044 RemoteAccess - ok
15:35:11.0805 5044 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:35:11.0829 5044 RemoteRegistry - ok
15:35:11.0891 5044 rpcapd (a780d3eaa74582ea1deb6bd9c7a3d9c9) C:\Program Files (x86)\WinPcap\rpcapd.exe
15:35:11.0896 5044 rpcapd - ok
15:35:11.0907 5044 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:35:11.0930 5044 RpcEptMapper - ok
15:35:11.0943 5044 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:35:11.0950 5044 RpcLocator - ok
15:35:11.0986 5044 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
15:35:12.0011 5044 RpcSs - ok
15:35:12.0022 5044 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:35:12.0045 5044 rspndr - ok
15:35:12.0073 5044 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
15:35:12.0079 5044 s3cap - ok
15:35:12.0091 5044 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:35:12.0098 5044 SamSs - ok
15:35:12.0112 5044 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
15:35:12.0118 5044 sbp2port - ok
15:35:12.0137 5044 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:35:12.0162 5044 SCardSvr - ok
15:35:12.0172 5044 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
15:35:12.0194 5044 scfilter - ok
15:35:12.0241 5044 Schedule (ec56b171f85c7e855e7b0588ac503eea) C:\Windows\system32\schedsvc.dll
15:35:12.0284 5044 Schedule - ok
15:35:12.0315 5044 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
15:35:12.0337 5044 SCPolicySvc - ok
15:35:12.0351 5044 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
15:35:12.0369 5044 SDRSVC - ok
15:35:12.0394 5044 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:35:12.0416 5044 secdrv - ok
15:35:12.0419 5044 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
15:35:12.0441 5044 seclogon - ok
15:35:12.0452 5044 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:35:12.0474 5044 SENS - ok
15:35:12.0477 5044 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:35:12.0488 5044 SensrSvc - ok
15:35:12.0491 5044 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:35:12.0497 5044 Serenum - ok
15:35:12.0509 5044 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:35:12.0515 5044 Serial - ok
15:35:12.0521 5044 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:35:12.0527 5044 sermouse - ok
15:35:12.0539 5044 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
15:35:12.0562 5044 SessionEnv - ok
15:35:12.0579 5044 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
15:35:12.0585 5044 sffdisk - ok
15:35:12.0595 5044 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:35:12.0601 5044 sffp_mmc - ok
15:35:12.0610 5044 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
15:35:12.0616 5044 sffp_sd - ok
15:35:12.0625 5044 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:35:12.0632 5044 sfloppy - ok
15:35:12.0654 5044 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
15:35:12.0669 5044 ShellHWDetection - ok
15:35:12.0676 5044 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:35:12.0681 5044 SiSRaid2 - ok
15:35:12.0693 5044 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:35:12.0699 5044 SiSRaid4 - ok
15:35:12.0714 5044 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:35:12.0737 5044 Smb - ok
15:35:12.0742 5044 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:35:12.0750 5044 SNMPTRAP - ok
15:35:12.0757 5044 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:35:12.0762 5044 spldr - ok
15:35:12.0791 5044 Spooler (89e8550c5862999fcf482ea562b0e98e) C:\Windows\System32\spoolsv.exe
15:35:12.0806 5044 Spooler - ok
15:35:12.0951 5044 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
15:35:13.0015 5044 sppsvc - ok
15:35:13.0123 5044 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:35:13.0145 5044 sppuinotify - ok
15:35:13.0231 5044 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
15:35:13.0231 5044 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
15:35:13.0232 5044 sptd ( LockedFile.Multi.Generic ) - warning
15:35:13.0232 5044 sptd - detected LockedFile.Multi.Generic (1)
15:35:13.0276 5044 srv (37c3abc2338010e110d2a6a3930f3149) C:\Windows\system32\DRIVERS\srv.sys
15:35:13.0297 5044 srv - ok
15:35:13.0324 5044 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys
15:35:13.0350 5044 srv2 - ok
15:35:13.0383 5044 srvnet (cce32bb223e9ff55d241099a858fa889) C:\Windows\system32\DRIVERS\srvnet.sys
15:35:13.0391 5044 srvnet - ok
15:35:13.0408 5044 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:35:13.0432 5044 SSDPSRV - ok
15:35:13.0442 5044 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:35:13.0464 5044 SstpSvc - ok
15:35:13.0520 5044 Steam Client Service - ok
15:35:13.0528 5044 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:35:13.0534 5044 stexstor - ok
15:35:13.0569 5044 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
15:35:13.0594 5044 stisvc - ok
15:35:13.0623 5044 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
15:35:13.0628 5044 storflt - ok
15:35:13.0639 5044 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
15:35:13.0644 5044 storvsc - ok
15:35:13.0648 5044 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
15:35:13.0653 5044 swenum - ok
15:35:13.0686 5044 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:35:13.0717 5044 swprv - ok
15:35:13.0793 5044 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
15:35:13.0824 5044 SysMain - ok
15:35:13.0925 5044 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
15:35:13.0935 5044 TabletInputService - ok
15:35:13.0981 5044 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
15:35:13.0986 5044 taphss - ok
15:35:14.0006 5044 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
15:35:14.0031 5044 TapiSrv - ok
15:35:14.0046 5044 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:35:14.0075 5044 TBS - ok
15:35:14.0163 5044 Tcpip (7fc877a25796d8adf539e64703fca7e1) C:\Windows\system32\drivers\tcpip.sys
15:35:14.0203 5044 Tcpip - ok
15:35:14.0297 5044 TCPIP6 (7fc877a25796d8adf539e64703fca7e1) C:\Windows\system32\DRIVERS\tcpip.sys
15:35:14.0320 5044 TCPIP6 - ok
15:35:14.0357 5044 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
15:35:14.0379 5044 tcpipreg - ok
15:35:14.0393 5044 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:35:14.0414 5044 TDPIPE - ok
15:35:14.0425 5044 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:35:14.0447 5044 TDTCP - ok
15:35:14.0458 5044 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
15:35:14.0480 5044 tdx - ok
15:35:14.0494 5044 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
15:35:14.0499 5044 TermDD - ok
15:35:14.0534 5044 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
15:35:14.0561 5044 TermService - ok
15:35:14.0568 5044 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:35:14.0578 5044 Themes - ok
15:35:14.0609 5044 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:35:14.0631 5044 THREADORDER - ok
15:35:14.0637 5044 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:35:14.0660 5044 TrkWks - ok
15:35:14.0722 5044 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
15:35:14.0731 5044 TrustedInstaller - ok
15:35:14.0736 5044 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:35:14.0758 5044 tssecsrv - ok
15:35:14.0768 5044 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
15:35:14.0791 5044 tunnel - ok
15:35:14.0934 5044 TVersityMediaServer (685a80878bab2e587b07053793c47bc4) C:\Users\napdizzle\AppData\Local\TVersity\Media Server\MediaServer.exe
15:35:14.0956 5044 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - warning
15:35:14.0956 5044 TVersityMediaServer - detected UnsignedFile.Multi.Generic (1)
15:35:15.0014 5044 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:35:15.0027 5044 uagp35 - ok
15:35:15.0097 5044 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
15:35:15.0122 5044 udfs - ok
15:35:15.0137 5044 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:35:15.0145 5044 UI0Detect - ok
15:35:15.0156 5044 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
15:35:15.0161 5044 uliagpkx - ok
15:35:15.0171 5044 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
15:35:15.0177 5044 umbus - ok
15:35:15.0183 5044 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:35:15.0189 5044 UmPass - ok
15:35:15.0202 5044 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
15:35:15.0211 5044 UmRdpService - ok
15:35:15.0225 5044 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:35:15.0251 5044 upnphost - ok
15:35:15.0288 5044 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
15:35:15.0296 5044 usbaudio - ok
15:35:15.0305 5044 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
15:35:15.0312 5044 usbccgp - ok
15:35:15.0323 5044 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
15:35:15.0332 5044 usbcir - ok
15:35:15.0350 5044 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
15:35:15.0356 5044 usbehci - ok
15:35:15.0380 5044 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
15:35:15.0389 5044 usbhub - ok
15:35:15.0401 5044 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
15:35:15.0407 5044 usbohci - ok
15:35:15.0419 5044 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:35:15.0426 5044 usbprint - ok
15:35:15.0457 5044 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:35:15.0465 5044 usbscan - ok
15:35:15.0474 5044 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:35:15.0480 5044 USBSTOR - ok
15:35:15.0483 5044 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
15:35:15.0489 5044 usbuhci - ok
15:35:15.0515 5044 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
15:35:15.0524 5044 usbvideo - ok
15:35:15.0537 5044 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:35:15.0559 5044 UxSms - ok
15:35:15.0607 5044 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:35:15.0614 5044 VaultSvc - ok
15:35:15.0622 5044 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
15:35:15.0627 5044 vdrvroot - ok
15:35:15.0654 5044 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
15:35:15.0671 5044 vds - ok
15:35:15.0682 5044 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:35:15.0690 5044 vga - ok
15:35:15.0695 5044 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:35:15.0717 5044 VgaSave - ok
15:35:15.0730 5044 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
15:35:15.0738 5044 vhdmp - ok
15:35:15.0743 5044 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
15:35:15.0748 5044 viaide - ok
15:35:15.0761 5044 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
15:35:15.0769 5044 vmbus - ok
15:35:15.0777 5044 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
15:35:15.0783 5044 VMBusHID - ok
15:35:15.0790 5044 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
15:35:15.0795 5044 volmgr - ok
15:35:15.0815 5044 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
15:35:15.0825 5044 volmgrx - ok
15:35:15.0844 5044 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
15:35:15.0851 5044 volsnap - ok
15:35:15.0865 5044 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:35:15.0872 5044 vsmraid - ok
15:35:15.0941 5044 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
15:35:15.0968 5044 VSS - ok
15:35:16.0083 5044 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:35:16.0091 5044 vwifibus - ok
15:35:16.0111 5044 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:35:16.0138 5044 W32Time - ok
15:35:16.0149 5044 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:35:16.0155 5044 WacomPen - ok
15:35:16.0167 5044 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:35:16.0190 5044 WANARP - ok
15:35:16.0192 5044 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:35:16.0213 5044 Wanarpv6 - ok
15:35:16.0277 5044 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
15:35:16.0311 5044 wbengine - ok
15:35:16.0355 5044 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:35:16.0367 5044 WbioSrvc - ok
15:35:16.0388 5044 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll
15:35:16.0402 5044 wcncsvc - ok
15:35:16.0408 5044 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:35:16.0423 5044 WcsPlugInService - ok
15:35:16.0432 5044 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:35:16.0437 5044 Wd - ok
15:35:16.0474 5044 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:35:16.0495 5044 Wdf01000 - ok
15:35:16.0509 5044 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:35:16.0519 5044 WdiServiceHost - ok
15:35:16.0522 5044 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:35:16.0532 5044 WdiSystemHost - ok
15:35:16.0550 5044 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll
15:35:16.0563 5044 WebClient - ok
15:35:16.0579 5044 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:35:16.0604 5044 Wecsvc - ok
15:35:16.0614 5044 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:35:16.0637 5044 wercplsupport - ok
15:35:16.0646 5044 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:35:16.0668 5044 WerSvc - ok
15:35:16.0677 5044 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:35:16.0698 5044 WfpLwf - ok
15:35:16.0718 5044 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:35:16.0723 5044 WIMMount - ok
15:35:16.0726 5044 WinHttpAutoProxySvc - ok
15:35:16.0791 5044 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:35:16.0815 5044 Winmgmt - ok
15:35:16.0913 5044 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
15:35:16.0988 5044 WinRM - ok
15:35:17.0094 5044 WinUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.sys
15:35:17.0102 5044 WinUSB - ok
15:35:17.0143 5044 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:35:17.0171 5044 Wlansvc - ok
15:35:17.0329 5044 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:35:17.0371 5044 wlidsvc - ok
15:35:17.0420 5044 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:35:17.0426 5044 WmiAcpi - ok
15:35:17.0463 5044 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:35:17.0472 5044 wmiApSrv - ok
15:35:17.0520 5044 WMPNetworkSvc - ok
15:35:17.0567 5044 WMZuneComm (45de51db0950a4b8595520ef0bafcff1) c:\Program Files\Zune\WMZuneComm.exe
15:35:17.0576 5044 WMZuneComm - ok
15:35:17.0579 5044 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:35:17.0596 5044 WPCSvc - ok
15:35:17.0610 5044 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
15:35:17.0619 5044 WPDBusEnum - ok
15:35:17.0621 5044 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:35:17.0643 5044 ws2ifsl - ok
15:35:17.0645 5044 WSearch - ok
15:35:17.0747 5044 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
15:35:17.0805 5044 wuauserv - ok
15:35:17.0866 5044 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
15:35:17.0890 5044 WudfPf - ok
15:35:17.0904 5044 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:35:17.0927 5044 WUDFRd - ok
15:35:17.0938 5044 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
15:35:17.0961 5044 wudfsvc - ok
15:35:17.0979 5044 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:35:17.0991 5044 WwanSvc - ok
15:35:18.0081 5044 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
15:35:18.0102 5044 YahooAUService - ok
15:35:18.0146 5044 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
15:35:18.0157 5044 yukonw7 - ok
15:35:18.0183 5044 zntport (518b04e0ebeab273135b4408b8ed97e6) C:\Windows\System32\drivers\zntport.sys
15:35:18.0188 5044 zntport - ok
15:35:18.0546 5044 ZuneNetworkSvc (b79c2ce5340a5eca38ca1f74aa445d2b) c:\Program Files\Zune\ZuneNss.exe
15:35:18.0698 5044 ZuneNetworkSvc - ok
15:35:18.0810 5044 ZuneWlanCfgSvc (e2859aea054422fe40517179ae867c2d) c:\Windows\system32\ZuneWlanCfgSvc.exe
15:35:18.0819 5044 ZuneWlanCfgSvc - ok
15:35:18.0851 5044 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:35:19.0013 5044 \Device\Harddisk0\DR0 - ok
15:35:19.0020 5044 MBR (0x1B8) (8ff255184f078c9c04e6a2ce66117c5c) \Device\Harddisk3\DR3
15:35:19.0163 5044 \Device\Harddisk3\DR3 - ok
15:35:19.0165 5044 Boot (0x1200) (df95e5de16c96b5e1b88fb0a95af43f8) \Device\Harddisk0\DR0\Partition0
15:35:19.0166 5044 \Device\Harddisk0\DR0\Partition0 - ok
15:35:19.0183 5044 Boot (0x1200) (bdf0ccfb93bf6c62250ee1a0bef32d50) \Device\Harddisk0\DR0\Partition1
15:35:19.0184 5044 \Device\Harddisk0\DR0\Partition1 - ok
15:35:19.0187 5044 Boot (0x1200) (e0a169b83be2ad6ab453a54b87aab61d) \Device\Harddisk3\DR3\Partition0
15:35:19.0189 5044 \Device\Harddisk3\DR3\Partition0 - ok
15:35:19.0189 5044 ============================================================
15:35:19.0189 5044 Scan finished
15:35:19.0189 5044 ============================================================
15:35:19.0194 4932 Detected object count: 4
15:35:19.0194 4932 Actual detected object count: 4
15:35:32.0918 4932 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:35:32.0918 4932 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:35:32.0919 4932 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
15:35:32.0919 4932 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:35:32.0920 4932 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:35:32.0920 4932 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
15:35:32.0921 4932 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - skipped by user
15:35:32.0921 4932 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Rkill was run on 06/10/2012 at 20:33:24.
Operating System: Windows 7 Ultimate
Processes terminated by Rkill or while it was running:
Rkill completed on 06/10/2012 at 20:33:29.
-
15:26:43.0817 4548 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
15:26:44.0183 4548 ============================================================
15:26:44.0183 4548 Current date / time: 2012/06/17 15:26:44.0183
15:26:44.0183 4548 SystemInfo:
15:26:44.0184 4548
15:26:44.0184 4548 OS Version: 6.1.7600 ServicePack: 0.0
15:26:44.0184 4548 Product type: Workstation
15:26:44.0184 4548 ComputerName: NAPDIZZLE-PC
15:26:44.0184 4548 UserName: napdizzle
15:26:44.0184 4548 Windows directory: C:\Windows
15:26:44.0184 4548 System windows directory: C:\Windows
15:26:44.0184 4548 Running under WOW64
15:26:44.0184 4548 Processor architecture: Intel x64
15:26:44.0184 4548 Number of processors: 4
15:26:44.0184 4548 Page size: 0x1000
15:26:44.0184 4548 Boot type: Normal boot
15:26:44.0184 4548 ============================================================
15:26:44.0954 4548 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x17A85, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
15:26:44.0959 4548 Drive \Device\Harddisk3\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:26:50.0376 4548 ============================================================
15:26:50.0376 4548 \Device\Harddisk0\DR0:
15:26:50.0377 4548 MBR partitions:
15:26:50.0377 4548 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:26:50.0377 4548 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x57513000
15:26:50.0377 4548 \Device\Harddisk3\DR3:
15:26:50.0378 4548 MBR partitions:
15:26:50.0378 4548 \Device\Harddisk3\DR3\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A384C02
15:26:50.0378 4548 ============================================================
15:26:50.0390 4548 C: <-> \Device\Harddisk0\DR0\Partition1
15:26:50.0391 4548 F: <-> \Device\Harddisk3\DR3\Partition0
15:26:50.0391 4548 ============================================================
15:26:50.0391 4548 Initialize success
15:26:50.0391 4548 ============================================================
15:27:08.0254 4832 ============================================================
15:27:08.0254 4832 Scan started
15:27:08.0254 4832 Mode: Manual; SigCheck; TDLFS;
15:27:08.0254 4832 ============================================================
15:27:10.0872 4832 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
15:27:10.0925 4832 1394ohci - ok
15:27:10.0957 4832 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
15:27:10.0967 4832 ACPI - ok
15:27:10.0996 4832 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
15:27:11.0022 4832 AcpiPmi - ok
15:27:11.0072 4832 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:27:11.0088 4832 adp94xx - ok
15:27:11.0135 4832 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:27:11.0145 4832 adpahci - ok
15:27:11.0159 4832 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:27:11.0167 4832 adpu320 - ok
15:27:11.0201 4832 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:27:11.0236 4832 AeLookupSvc - ok
15:27:11.0283 4832 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
15:27:11.0335 4832 AFD - ok
15:27:11.0439 4832 AffinegyService (7e077309910ce334c3b2b7b8665a55c4) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
15:27:11.0448 4832 AffinegyService - ok
15:27:11.0456 4832 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
15:27:11.0461 4832 agp440 - ok
15:27:11.0475 4832 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:27:11.0483 4832 ALG - ok
15:27:11.0485 4832 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
15:27:11.0490 4832 aliide - ok
15:27:11.0617 4832 ALSysIO - ok
15:27:11.0659 4832 AMD External Events Utility (962227630779043b5c1d4cd157abb912) C:\Windows\system32\atiesrxx.exe
15:27:11.0672 4832 AMD External Events Utility - ok
15:27:11.0741 4832 AMD FUEL Service - ok
15:27:11.0745 4832 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
15:27:11.0750 4832 amdide - ok
15:27:11.0758 4832 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
15:27:11.0770 4832 amdiox64 - ok
15:27:11.0792 4832 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:27:11.0818 4832 AmdK8 - ok
15:27:12.0367 4832 amdkmdag (56d6631761ec37745f0df16bcdc4caf4) C:\Windows\system32\DRIVERS\atikmdag.sys
15:27:12.0556 4832 amdkmdag - ok
15:27:12.0727 4832 amdkmdap (2d9005ea0bfd25c740e53c8dd3c069e0) C:\Windows\system32\DRIVERS\atikmpag.sys
15:27:12.0766 4832 amdkmdap - ok
15:27:12.0793 4832 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:27:12.0822 4832 AmdPPM - ok
15:27:12.0849 4832 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
15:27:12.0855 4832 amdsata - ok
15:27:12.0875 4832 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:27:12.0882 4832 amdsbs - ok
15:27:12.0894 4832 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
15:27:12.0900 4832 amdxata - ok
15:27:12.0979 4832 AODDriver4.01 (0e2ba6dc63e9cf3bf275856735a3e3be) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:27:12.0983 4832 AODDriver4.01 - ok
15:27:12.0988 4832 AODDriver4.1 (0e2ba6dc63e9cf3bf275856735a3e3be) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:27:12.0992 4832 AODDriver4.1 - ok
15:27:13.0012 4832 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
15:27:13.0051 4832 AppID - ok
15:27:13.0077 4832 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:27:13.0111 4832 AppIDSvc - ok
15:27:13.0137 4832 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
15:27:13.0160 4832 Appinfo - ok
15:27:13.0192 4832 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
15:27:13.0200 4832 AppMgmt - ok
15:27:13.0219 4832 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:27:13.0225 4832 arc - ok
15:27:13.0240 4832 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:27:13.0247 4832 arcsas - ok
15:27:13.0270 4832 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:27:13.0311 4832 AsyncMac - ok
15:27:13.0331 4832 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
15:27:13.0336 4832 atapi - ok
15:27:13.0369 4832 AtiHDAudioService (2b3b05c0a7768bf033217eb8f33f9c35) C:\Windows\system32\drivers\AtihdW76.sys
15:27:13.0374 4832 AtiHDAudioService - ok
15:27:13.0406 4832 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
15:27:13.0436 4832 AtiHdmiService - ok
15:27:13.0481 4832 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
15:27:13.0533 4832 AudioEndpointBuilder - ok
15:27:13.0538 4832 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
15:27:13.0563 4832 AudioSrv - ok
15:27:13.0582 4832 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
15:27:13.0609 4832 AxInstSV - ok
15:27:13.0651 4832 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:27:13.0685 4832 b06bdrv - ok
15:27:13.0730 4832 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:27:13.0753 4832 b57nd60a - ok
15:27:13.0784 4832 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:27:13.0807 4832 BDESVC - ok
15:27:13.0829 4832 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:27:13.0864 4832 Beep - ok
15:27:13.0925 4832 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
15:27:13.0976 4832 BITS - ok
15:27:13.0997 4832 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:27:14.0004 4832 blbdrive - ok
15:27:14.0013 4832 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
15:27:14.0047 4832 bowser - ok
15:27:14.0063 4832 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:27:14.0071 4832 BrFiltLo - ok
15:27:14.0082 4832 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:27:14.0090 4832 BrFiltUp - ok
15:27:14.0105 4832 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:27:14.0143 4832 BridgeMP - ok
15:27:14.0163 4832 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
15:27:14.0204 4832 Browser - ok
15:27:14.0237 4832 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:27:14.0264 4832 Brserid - ok
15:27:14.0282 4832 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:27:14.0291 4832 BrSerWdm - ok
15:27:14.0293 4832 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:27:14.0302 4832 BrUsbMdm - ok
15:27:14.0305 4832 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:27:14.0312 4832 BrUsbSer - ok
15:27:14.0321 4832 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:27:14.0330 4832 BTHMODEM - ok
15:27:14.0337 4832 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:27:14.0379 4832 bthserv - ok
15:27:14.0408 4832 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:27:14.0447 4832 cdfs - ok
15:27:14.0485 4832 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
15:27:14.0508 4832 cdrom - ok
15:27:14.0551 4832 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
15:27:14.0574 4832 CertPropSvc - ok
15:27:14.0578 4832 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:27:14.0605 4832 circlass - ok
15:27:14.0619 4832 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:27:14.0629 4832 CLFS - ok
15:27:14.0682 4832 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:27:14.0688 4832 clr_optimization_v2.0.50727_32 - ok
15:27:14.0750 4832 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:27:14.0756 4832 clr_optimization_v2.0.50727_64 - ok
15:27:14.0764 4832 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:27:14.0770 4832 CmBatt - ok
15:27:14.0773 4832 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
15:27:14.0778 4832 cmdide - ok
15:27:14.0819 4832 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
15:27:14.0839 4832 CNG - ok
15:27:14.0868 4832 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:27:14.0873 4832 Compbatt - ok
15:27:14.0888 4832 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:27:14.0915 4832 CompositeBus - ok
15:27:14.0917 4832 COMSysApp - ok
15:27:14.0958 4832 cpuz133 (641243746597fbd650e5000d95811ea3) C:\Windows\system32\drivers\cpuz133_x64.sys
15:27:14.0962 4832 cpuz133 - ok
15:27:14.0973 4832 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:27:14.0978 4832 crcdisk - ok
15:27:15.0039 4832 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
15:27:15.0042 4832 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
15:27:15.0042 4832 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
15:27:15.0092 4832 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
15:27:15.0129 4832 CryptSvc - ok
15:27:15.0166 4832 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
15:27:15.0182 4832 CSC - ok
15:27:15.0215 4832 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
15:27:15.0246 4832 CscService - ok
15:27:15.0279 4832 CT20XUT (b3b541b3b25adb02d793c51953b22491) C:\Windows\system32\drivers\CT20XUT.SYS
15:27:15.0286 4832 CT20XUT - ok
15:27:15.0292 4832 CT20XUT.SYS (b3b541b3b25adb02d793c51953b22491) C:\Windows\System32\drivers\CT20XUT.SYS
15:27:15.0297 4832 CT20XUT.SYS - ok
15:27:15.0332 4832 ctac32k (f2e098f140b769ae62803e89230f11a9) C:\Windows\system32\drivers\ctac32k.sys
15:27:15.0343 4832 ctac32k - ok
15:27:15.0388 4832 ctaud2k (5c315e9dabf63d9d12973585a6113066) C:\Windows\system32\drivers\ctaud2k.sys
15:27:15.0407 4832 ctaud2k - ok
15:27:15.0462 4832 CTAudSvcService (07ba6d17e66879018b30b6c3f976ebed) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
15:27:15.0483 4832 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
15:27:15.0483 4832 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
15:27:15.0553 4832 CTEXFIFX (59d681564c6d5cd72890082925501be9) C:\Windows\system32\drivers\CTEXFIFX.SYS
15:27:15.0582 4832 CTEXFIFX - ok
15:27:15.0738 4832 CTEXFIFX.SYS (59d681564c6d5cd72890082925501be9) C:\Windows\System32\drivers\CTEXFIFX.SYS
15:27:15.0756 4832 CTEXFIFX.SYS - ok
15:27:15.0807 4832 CTHWIUT (d0ebcff35fe9a4f9d3ca2fd6a38bee56) C:\Windows\system32\drivers\CTHWIUT.SYS
15:27:15.0812 4832 CTHWIUT - ok
15:27:15.0814 4832 CTHWIUT.SYS (d0ebcff35fe9a4f9d3ca2fd6a38bee56) C:\Windows\System32\drivers\CTHWIUT.SYS
15:27:15.0818 4832 CTHWIUT.SYS - ok
15:27:15.0831 4832 ctprxy2k (ef305cab6295b8a250a77a7fd5f9f113) C:\Windows\system32\drivers\ctprxy2k.sys
15:27:15.0834 4832 ctprxy2k - ok
15:27:15.0849 4832 ctsfm2k (01323c189318b92bb7781b911de9d62b) C:\Windows\system32\drivers\ctsfm2k.sys
15:27:15.0856 4832 ctsfm2k - ok
15:27:15.0914 4832 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
15:27:15.0956 4832 DcomLaunch - ok
15:27:16.0016 4832 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:27:16.0127 4832 defragsvc - ok
15:27:16.0179 4832 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
15:27:16.0243 4832 DfsC - ok
15:27:16.0273 4832 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
15:27:16.0287 4832 Dhcp - ok
15:27:16.0300 4832 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:27:16.0337 4832 discache - ok
15:27:16.0365 4832 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:27:16.0371 4832 Disk - ok
15:27:16.0391 4832 Dnscache (676108c4e3aa6f6b34633748bd0bebd9) C:\Windows\System32\dnsrslvr.dll
15:27:16.0429 4832 Dnscache - ok
15:27:16.0462 4832 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
15:27:16.0498 4832 dot3svc - ok
15:27:16.0529 4832 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
15:27:16.0553 4832 DPS - ok
15:27:16.0589 4832 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:27:16.0597 4832 drmkaud - ok
15:27:16.0667 4832 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
15:27:16.0706 4832 DXGKrnl - ok
15:27:16.0728 4832 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:27:16.0766 4832 EapHost - ok
15:27:16.0913 4832 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:27:16.0992 4832 ebdrv - ok
15:27:17.0110 4832 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
15:27:17.0118 4832 EFS - ok
15:27:17.0190 4832 ehRecvr (3d69fae60ede442e004611a4ee4db44c) C:\Windows\ehome\ehRecvr.exe
15:27:17.0211 4832 ehRecvr - ok
15:27:17.0343 4832 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:27:17.0351 4832 ehSched - ok
15:27:17.0392 4832 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:27:17.0405 4832 elxstor - ok
15:27:17.0437 4832 emupia (1b68c7ddd39811df63fc04af937be91a) C:\Windows\system32\drivers\emupia2k.sys
15:27:17.0441 4832 emupia - ok
15:27:17.0452 4832 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
15:27:17.0477 4832 ErrDev - ok
15:27:17.0516 4832 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:27:17.0553 4832 EventSystem - ok
15:27:17.0579 4832 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:27:17.0604 4832 exfat - ok
15:27:17.0615 4832 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:27:17.0650 4832 fastfat - ok
15:27:17.0725 4832 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
15:27:17.0756 4832 Fax - ok
15:27:17.0777 4832 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:27:17.0795 4832 fdc - ok
15:27:17.0818 4832 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:27:17.0842 4832 fdPHost - ok
15:27:17.0851 4832 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:27:17.0874 4832 FDResPub - ok
15:27:17.0889 4832 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:27:17.0895 4832 FileInfo - ok
15:27:17.0899 4832 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:27:17.0922 4832 Filetrace - ok
15:27:17.0933 4832 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:27:17.0940 4832 flpydisk - ok
15:27:17.0960 4832 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
15:27:17.0969 4832 FltMgr - ok
15:27:18.0025 4832 FontCache (8ac4cb4ea61e41009fae9ae7b2b5da3a) C:\Windows\system32\FntCache.dll
15:27:18.0083 4832 FontCache - ok
15:27:18.0160 4832 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:27:18.0164 4832 FontCache3.0.0.0 - ok
15:27:18.0196 4832 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:27:18.0202 4832 FsDepends - ok
15:27:18.0205 4832 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:27:18.0210 4832 Fs_Rec - ok
15:27:18.0245 4832 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:27:18.0256 4832 fvevol - ok
15:27:18.0281 4832 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:27:18.0287 4832 gagp30kx - ok
15:27:18.0346 4832 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
15:27:18.0384 4832 gpsvc - ok
15:27:18.0465 4832 ha20x2k (c1c61e83f44b105a4a131cb0c583174c) C:\Windows\system32\drivers\ha20x2k.sys
15:27:18.0501 4832 ha20x2k - ok
15:27:18.0595 4832 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:27:18.0617 4832 hcw85cir - ok
15:27:18.0653 4832 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
15:27:18.0675 4832 HdAudAddService - ok
15:27:18.0707 4832 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:27:18.0734 4832 HDAudBus - ok
15:27:18.0752 4832 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:27:18.0776 4832 HidBatt - ok
15:27:18.0799 4832 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:27:18.0822 4832 HidBth - ok
15:27:18.0841 4832 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:27:18.0868 4832 HidIr - ok
15:27:18.0887 4832 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
15:27:18.0921 4832 hidserv - ok
15:27:18.0961 4832 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
15:27:18.0968 4832 HidUsb - ok
15:27:18.0990 4832 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
15:27:19.0029 4832 hkmsvc - ok
15:27:19.0059 4832 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
15:27:19.0069 4832 HomeGroupListener - ok
15:27:19.0109 4832 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
15:27:19.0128 4832 HomeGroupProvider - ok
15:27:19.0151 4832 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
15:27:19.0157 4832 HpSAMD - ok
15:27:19.0259 4832 hshld (b7cfe93627e7796624004687125a729f) C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
15:27:19.0268 4832 hshld - ok
15:27:19.0327 4832 HssSrv (2cfea9c337b699aca38487e8a7438f35) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
15:27:19.0334 4832 HssSrv - ok
15:27:19.0384 4832 HssTrayService (b3c6eeeff5c5ea3235b7d84317c1fb3f) C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
15:27:19.0389 4832 HssTrayService - ok
15:27:19.0405 4832 HssWd - ok
15:27:19.0448 4832 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
15:27:19.0482 4832 HTTP - ok
15:27:19.0488 4832 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
15:27:19.0493 4832 hwpolicy - ok
15:27:19.0513 4832 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
15:27:19.0521 4832 i8042prt - ok
15:27:19.0548 4832 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
15:27:19.0559 4832 iaStorV - ok
15:27:19.0695 4832 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:27:19.0719 4832 idsvc - ok
15:27:19.0734 4832 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:27:19.0740 4832 iirsp - ok
15:27:19.0807 4832 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
15:27:19.0865 4832 IKEEXT - ok
15:27:19.0880 4832 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
15:27:19.0886 4832 intelide - ok
15:27:19.0902 4832 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:27:19.0925 4832 intelppm - ok
15:27:19.0950 4832 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:27:19.0985 4832 IPBusEnum - ok
15:27:20.0005 4832 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:27:20.0028 4832 IpFilterDriver - ok
15:27:20.0040 4832 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:27:20.0047 4832 IPMIDRV - ok
15:27:20.0063 4832 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:27:20.0104 4832 IPNAT - ok
15:27:20.0158 4832 irda (05360b1ea5a2abf620d1d96ebd8bd8f1) C:\Windows\system32\DRIVERS\irda.sys
15:27:20.0182 4832 irda - ok
15:27:20.0210 4832 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:27:20.0219 4832 IRENUM - ok
15:27:20.0233 4832 Irmon (3848384ab383f0a8f506c4370635c1f9) C:\Windows\System32\irmon.dll
15:27:20.0255 4832 Irmon - ok
15:27:20.0291 4832 irsir (d2ca12736624ba636f8357dc3ef0757e) C:\Windows\system32\DRIVERS\irsir.sys
15:27:20.0314 4832 irsir - ok
15:27:20.0328 4832 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
15:27:20.0333 4832 isapnp - ok
15:27:20.0353 4832 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
15:27:20.0361 4832 iScsiPrt - ok
15:27:20.0380 4832 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:27:20.0386 4832 kbdclass - ok
15:27:20.0399 4832 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
15:27:20.0406 4832 kbdhid - ok
15:27:20.0435 4832 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:27:20.0442 4832 KeyIso - ok
15:27:20.0448 4832 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
15:27:20.0454 4832 KSecDD - ok
15:27:20.0476 4832 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
15:27:20.0484 4832 KSecPkg - ok
15:27:20.0497 4832 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:27:20.0530 4832 ksthunk - ok
15:27:20.0574 4832 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:27:20.0601 4832 KtmRm - ok
15:27:20.0638 4832 LanmanServer (c926920b8978de6acfe9e15c709e9b57) C:\Windows\System32\srvsvc.dll
15:27:20.0664 4832 LanmanServer - ok
15:27:20.0708 4832 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
15:27:20.0732 4832 LanmanWorkstation - ok
15:27:20.0770 4832 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:27:20.0793 4832 lltdio - ok
15:27:20.0837 4832 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:27:20.0877 4832 lltdsvc - ok
15:27:20.0892 4832 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:27:20.0914 4832 lmhosts - ok
15:27:20.0955 4832 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:27:20.0961 4832 LSI_FC - ok
15:27:20.0976 4832 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:27:20.0983 4832 LSI_SAS - ok
15:27:20.0990 4832 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:27:20.0996 4832 LSI_SAS2 - ok
15:27:21.0007 4832 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:27:21.0014 4832 LSI_SCSI - ok
15:27:21.0023 4832 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:27:21.0057 4832 luafv - ok
15:27:21.0112 4832 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
15:27:21.0117 4832 MBAMProtector - ok
15:27:21.0196 4832 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:27:21.0216 4832 MBAMService - ok
15:27:21.0245 4832 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
15:27:21.0270 4832 Mcx2Svc - ok
15:27:21.0289 4832 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:27:21.0295 4832 megasas - ok
15:27:21.0313 4832 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:27:21.0323 4832 MegaSR - ok
15:27:21.0366 4832 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:27:21.0372 4832 Microsoft Office Groove Audit Service - ok
15:27:21.0387 4832 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:27:21.0426 4832 MMCSS - ok
15:27:21.0448 4832 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:27:21.0488 4832 Modem - ok
15:27:21.0520 4832 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:27:21.0546 4832 monitor - ok
15:27:21.0574 4832 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:27:21.0579 4832 mouclass - ok
15:27:21.0591 4832 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:27:21.0598 4832 mouhid - ok
15:27:21.0610 4832 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
15:27:21.0616 4832 mountmgr - ok
15:27:21.0686 4832 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:27:21.0692 4832 MozillaMaintenance - ok
15:27:21.0754 4832 MpFilter (e6ba8e5a4a871899e23d64573ef58ee9) C:\Windows\system32\DRIVERS\MpFilter.sys
15:27:21.0762 4832 MpFilter - ok
15:27:21.0779 4832 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
15:27:21.0787 4832 mpio - ok
15:27:21.0798 4832 MpNWMon (98b09a4f2c462441030b83a80a3f6fb3) C:\Windows\system32\DRIVERS\MpNWMon.sys
15:27:21.0802 4832 MpNWMon - ok
15:27:21.0811 4832 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:27:21.0834 4832 mpsdrv - ok
15:27:21.0860 4832 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
15:27:21.0888 4832 MRxDAV - ok
15:27:21.0913 4832 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:27:21.0933 4832 mrxsmb - ok
15:27:21.0959 4832 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:27:21.0986 4832 mrxsmb10 - ok
15:27:22.0019 4832 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:27:22.0026 4832 mrxsmb20 - ok
15:27:22.0033 4832 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
15:27:22.0038 4832 msahci - ok
15:27:22.0103 4832 MSCamSvc (a592a054d78750b4d73abaa4c94decdf) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
15:27:22.0109 4832 MSCamSvc - ok
15:27:22.0125 4832 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
15:27:22.0132 4832 msdsm - ok
15:27:22.0169 4832 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:27:22.0191 4832 MSDTC - ok
15:27:22.0211 4832 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:27:22.0233 4832 Msfs - ok
15:27:22.0253 4832 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:27:22.0275 4832 mshidkmdf - ok
15:27:22.0304 4832 MSHUSBVideo (55218f924e55fd2786ed40edf4ed79c3) C:\Windows\system32\Drivers\nx6000.sys
15:27:22.0308 4832 MSHUSBVideo - ok
15:27:22.0311 4832 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
15:27:22.0316 4832 msisadrv - ok
15:27:22.0344 4832 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:27:22.0394 4832 MSiSCSI - ok
15:27:22.0396 4832 msiserver - ok
15:27:22.0409 4832 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:27:22.0447 4832 MSKSSRV - ok
15:27:22.0475 4832 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:27:22.0497 4832 MSPCLOCK - ok
15:27:22.0499 4832 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:27:22.0531 4832 MSPQM - ok
15:27:22.0564 4832 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
15:27:22.0574 4832 MsRPC - ok
15:27:22.0585 4832 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
15:27:22.0590 4832 mssmbios - ok
15:27:22.0592 4832 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:27:22.0627 4832 MSTEE - ok
15:27:22.0646 4832 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:27:22.0665 4832 MTConfig - ok
15:27:22.0732 4832 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:27:22.0738 4832 Mup - ok
15:27:22.0796 4832 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
15:27:22.0829 4832 napagent - ok
15:27:22.0888 4832 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:27:22.0914 4832 NativeWifiP - ok
15:27:22.0972 4832 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
15:27:22.0996 4832 NDIS - ok
15:27:23.0009 4832 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:27:23.0031 4832 NdisCap - ok
15:27:23.0049 4832 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:27:23.0071 4832 NdisTapi - ok
15:27:23.0086 4832 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
15:27:23.0122 4832 Ndisuio - ok
15:27:23.0146 4832 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:27:23.0169 4832 NdisWan - ok
15:27:23.0184 4832 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
15:27:23.0206 4832 NDProxy - ok
15:27:23.0214 4832 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:27:23.0248 4832 NetBIOS - ok
15:27:23.0274 4832 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
15:27:23.0310 4832 NetBT - ok
15:27:23.0335 4832 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:27:23.0342 4832 Netlogon - ok
15:27:23.0390 4832 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:27:23.0432 4832 Netman - ok
15:27:23.0470 4832 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:27:23.0503 4832 netprofm - ok
15:27:23.0604 4832 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:27:23.0610 4832 NetTcpPortSharing - ok
15:27:23.0618 4832 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:27:23.0624 4832 nfrd960 - ok
15:27:23.0659 4832 NisDrv (3713e8452b88d3e0be095e06b6fbc776) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:27:23.0664 4832 NisDrv - ok
15:27:23.0763 4832 NisSrv (c67e39d2968400b38f54a10822e6eacf) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
15:27:23.0772 4832 NisSrv - ok
15:27:23.0795 4832 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
15:27:23.0834 4832 NlaSvc - ok
15:27:23.0878 4832 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\drivers\npf.sys
15:27:23.0882 4832 NPF - ok
15:27:23.0895 4832 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:27:23.0917 4832 Npfs - ok
15:27:23.0943 4832 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:27:23.0982 4832 nsi - ok
15:27:24.0002 4832 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:27:24.0041 4832 nsiproxy - ok
15:27:24.0120 4832 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
15:27:24.0154 4832 Ntfs - ok
15:27:24.0272 4832 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:27:24.0308 4832 Null - ok
15:27:24.0328 4832 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
15:27:24.0335 4832 nvraid - ok
15:27:24.0353 4832 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
15:27:24.0360 4832 nvstor - ok
15:27:24.0369 4832 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
15:27:24.0375 4832 nv_agp - ok
15:27:24.0465 4832 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:27:24.0481 4832 odserv - ok
15:27:24.0492 4832 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
15:27:24.0499 4832 ohci1394 - ok
15:27:24.0522 4832 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:27:24.0528 4832 ose - ok
15:27:24.0562 4832 ossrv (eb8724534cee0977eac4878812682f6b) C:\Windows\system32\drivers\ctoss2k.sys
15:27:24.0568 4832 ossrv - ok
15:27:24.0612 4832 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:27:24.0634 4832 p2pimsvc - ok
15:27:24.0679 4832 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:27:24.0697 4832 p2psvc - ok
15:27:24.0706 4832 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:27:24.0713 4832 Parport - ok
15:27:24.0723 4832 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
15:27:24.0728 4832 partmgr - ok
15:27:24.0747 4832 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:27:24.0774 4832 PcaSvc - ok
15:27:24.0800 4832 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
15:27:24.0807 4832 pci - ok
15:27:24.0819 4832 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
15:27:24.0824 4832 pciide - ok
15:27:24.0834 4832 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:27:24.0842 4832 pcmcia - ok
15:27:24.0854 4832 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:27:24.0860 4832 pcw - ok
15:27:24.0903 4832 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:27:24.0953 4832 PEAUTH - ok
15:27:25.0018 4832 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
15:27:25.0061 4832 PeerDistSvc - ok
15:27:25.0132 4832 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:27:25.0155 4832 PerfHost - ok
15:27:25.0229 4832 PEVSystemStart - ok
15:27:25.0343 4832 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
15:27:25.0398 4832 pla - ok
15:27:25.0459 4832 PlugPlay (23157d583244400e1d7fbaee2e4b31b7) C:\Windows\system32\umpnpmgr.dll
15:27:25.0485 4832 PlugPlay - ok
15:27:25.0498 4832 PnkBstrA - ok
15:27:25.0506 4832 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:27:25.0532 4832 PNRPAutoReg - ok
15:27:25.0570 4832 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:27:25.0579 4832 PNRPsvc - ok
15:27:25.0624 4832 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
15:27:25.0667 4832 PolicyAgent - ok
15:27:25.0693 4832 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:27:25.0732 4832 Power - ok
15:27:25.0792 4832 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
15:27:25.0830 4832 PptpMiniport - ok
15:27:25.0864 4832 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:27:25.0885 4832 Processor - ok
15:27:25.0912 4832 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
15:27:25.0938 4832 ProfSvc - ok
15:27:25.0968 4832 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:27:25.0976 4832 ProtectedStorage - ok
15:27:26.0015 4832 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
15:27:26.0039 4832 Psched - ok
15:27:26.0113 4832 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:27:26.0143 4832 ql2300 - ok
15:27:26.0244 4832 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:27:26.0250 4832 ql40xx - ok
15:27:26.0274 4832 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:27:26.0286 4832 QWAVE - ok
15:27:26.0296 4832 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:27:26.0322 4832 QWAVEdrv - ok
15:27:26.0341 4832 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:27:26.0374 4832 RasAcd - ok
15:27:26.0415 4832 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:27:26.0437 4832 RasAgileVpn - ok
15:27:26.0471 4832 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:27:26.0495 4832 RasAuto - ok
15:27:26.0508 4832 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:27:26.0532 4832 Rasl2tp - ok
15:27:26.0551 4832 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
15:27:26.0577 4832 RasMan - ok
15:27:26.0589 4832 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:27:26.0612 4832 RasPppoe - ok
15:27:26.0654 4832 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:27:26.0690 4832 RasSstp - ok
15:27:26.0739 4832 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
15:27:26.0782 4832 rdbss - ok
15:27:26.0824 4832 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:27:26.0833 4832 rdpbus - ok
15:27:26.0838 4832 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:27:26.0859 4832 RDPCDD - ok
15:27:26.0884 4832 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
15:27:26.0906 4832 RDPDR - ok
15:27:26.0928 4832 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:27:26.0966 4832 RDPENCDD - ok
15:27:26.0980 4832 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:27:27.0001 4832 RDPREFMP - ok
15:27:27.0047 4832 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
15:27:27.0083 4832 RDPWD - ok
15:27:27.0124 4832 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
15:27:27.0132 4832 rdyboost - ok
15:27:27.0168 4832 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:27:27.0191 4832 RemoteAccess - ok
15:27:27.0240 4832 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:27:27.0279 4832 RemoteRegistry - ok
15:27:27.0351 4832 rpcapd (a780d3eaa74582ea1deb6bd9c7a3d9c9) C:\Program Files (x86)\WinPcap\rpcapd.exe
15:27:27.0356 4832 rpcapd - ok
15:27:27.0367 4832 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:27:27.0401 4832 RpcEptMapper - ok
15:27:27.0430 4832 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:27:27.0485 4832 RpcLocator - ok
15:27:27.0588 4832 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
15:27:27.0617 4832 RpcSs - ok
15:27:27.0632 4832 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:27:27.0673 4832 rspndr - ok
15:27:27.0700 4832 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
15:27:27.0707 4832 s3cap - ok
15:27:27.0718 4832 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:27:27.0725 4832 SamSs - ok
15:27:27.0739 4832 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
15:27:27.0745 4832 sbp2port - ok
15:27:27.0764 4832 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:27:27.0790 4832 SCardSvr - ok
15:27:27.0799 4832 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
15:27:27.0838 4832 scfilter - ok
15:27:27.0911 4832 Schedule (ec56b171f85c7e855e7b0588ac503eea) C:\Windows\system32\schedsvc.dll
15:27:27.0955 4832 Schedule - ok
15:27:27.0984 4832 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
15:27:28.0006 4832 SCPolicySvc - ok
15:27:28.0020 4832 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
15:27:28.0029 4832 SDRSVC - ok
15:27:28.0070 4832 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:27:28.0110 4832 secdrv - ok
15:27:28.0129 4832 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
15:27:28.0169 4832 seclogon - ok
15:27:28.0188 4832 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:27:28.0226 4832 SENS - ok
15:27:28.0242 4832 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:27:28.0261 4832 SensrSvc - ok
15:27:28.0276 4832 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:27:28.0282 4832 Serenum - ok
15:27:28.0294 4832 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:27:28.0301 4832 Serial - ok
15:27:28.0314 4832 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:27:28.0321 4832 sermouse - ok
15:27:28.0341 4832 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
15:27:28.0365 4832 SessionEnv - ok
15:27:28.0381 4832 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
15:27:28.0404 4832 sffdisk - ok
15:27:28.0428 4832 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:27:28.0445 4832 sffp_mmc - ok
15:27:28.0462 4832 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
15:27:28.0469 4832 sffp_sd - ok
15:27:28.0477 4832 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:27:28.0484 4832 sfloppy - ok
15:27:28.0507 4832 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
15:27:28.0535 4832 ShellHWDetection - ok
15:27:28.0553 4832 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:27:28.0558 4832 SiSRaid2 - ok
15:27:28.0570 4832 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:27:28.0575 4832 SiSRaid4 - ok
15:27:28.0599 4832 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:27:28.0622 4832 Smb - ok
15:27:28.0644 4832 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:27:28.0652 4832 SNMPTRAP - ok
15:27:28.0659 4832 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:27:28.0664 4832 spldr - ok
15:27:28.0693 4832 Spooler (89e8550c5862999fcf482ea562b0e98e) C:\Windows\System32\spoolsv.exe
15:27:28.0716 4832 Spooler - ok
15:27:28.0865 4832 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
15:27:28.0930 4832 sppsvc - ok
15:27:29.0024 4832 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:27:29.0048 4832 sppuinotify - ok
15:27:29.0135 4832 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
15:27:29.0135 4832 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
15:27:29.0137 4832 sptd ( LockedFile.Multi.Generic ) - warning
15:27:29.0137 4832 sptd - detected LockedFile.Multi.Generic (1)
15:27:29.0179 4832 srv (37c3abc2338010e110d2a6a3930f3149) C:\Windows\system32\DRIVERS\srv.sys
15:27:29.0195 4832 srv - ok
15:27:29.0243 4832 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys
15:27:29.0270 4832 srv2 - ok
15:27:29.0302 4832 srvnet (cce32bb223e9ff55d241099a858fa889) C:\Windows\system32\DRIVERS\srvnet.sys
15:27:29.0327 4832 srvnet - ok
15:27:29.0377 4832 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:27:29.0420 4832 SSDPSRV - ok
15:27:29.0444 4832 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:27:29.0468 4832 SstpSvc - ok
15:27:29.0530 4832 Steam Client Service - ok
15:27:29.0539 4832 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:27:29.0544 4832 stexstor - ok
15:27:29.0597 4832 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
15:27:29.0638 4832 stisvc - ok
15:27:29.0658 4832 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
15:27:29.0664 4832 storflt - ok
15:27:29.0682 4832 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
15:27:29.0687 4832 storvsc - ok
15:27:29.0692 4832 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
15:27:29.0697 4832 swenum - ok
15:27:29.0730 4832 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:27:29.0761 4832 swprv - ok
15:27:29.0837 4832 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
15:27:29.0877 4832 SysMain - ok
15:27:29.0977 4832 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
15:27:30.0006 4832 TabletInputService - ok
15:27:30.0050 4832 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
15:27:30.0054 4832 taphss - ok
15:27:30.0075 4832 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
15:27:30.0112 4832 TapiSrv - ok
15:27:30.0131 4832 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:27:30.0156 4832 TBS - ok
15:27:30.0252 4832 Tcpip (7fc877a25796d8adf539e64703fca7e1) C:\Windows\system32\drivers\tcpip.sys
15:27:30.0289 4832 Tcpip - ok
15:27:30.0385 4832 TCPIP6 (7fc877a25796d8adf539e64703fca7e1) C:\Windows\system32\DRIVERS\tcpip.sys
15:27:30.0408 4832 TCPIP6 - ok
15:27:30.0442 4832 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
15:27:30.0464 4832 tcpipreg - ok
15:27:30.0469 4832 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:27:30.0492 4832 TDPIPE - ok
15:27:30.0502 4832 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:27:30.0523 4832 TDTCP - ok
15:27:30.0535 4832 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
15:27:30.0570 4832 tdx - ok
15:27:30.0588 4832 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
15:27:30.0593 4832 TermDD - ok
15:27:30.0646 4832 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
15:27:30.0699 4832 TermService - ok
15:27:30.0746 4832 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:27:30.0757 4832 Themes - ok
15:27:30.0786 4832 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:27:30.0809 4832 THREADORDER - ok
15:27:30.0832 4832 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:27:30.0857 4832 TrkWks - ok
15:27:30.0925 4832 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
15:27:30.0935 4832 TrustedInstaller - ok
15:27:30.0941 4832 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:27:30.0965 4832 tssecsrv - ok
15:27:31.0029 4832 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
15:27:31.0069 4832 tunnel - ok
15:27:31.0220 4832 TVersityMediaServer (685a80878bab2e587b07053793c47bc4) C:\Users\napdizzle\AppData\Local\TVersity\Media Server\MediaServer.exe
15:27:31.0241 4832 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - warning
15:27:31.0241 4832 TVersityMediaServer - detected UnsignedFile.Multi.Generic (1)
15:27:31.0249 4832 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:27:31.0255 4832 uagp35 - ok
15:27:31.0276 4832 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
15:27:31.0316 4832 udfs - ok
15:27:31.0339 4832 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:27:31.0347 4832 UI0Detect - ok
15:27:31.0357 4832 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
15:27:31.0363 4832 uliagpkx - ok
15:27:31.0381 4832 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
15:27:31.0388 4832 umbus - ok
15:27:31.0393 4832 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:27:31.0411 4832 UmPass - ok
15:27:31.0503 4832 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
15:27:31.0513 4832 UmRdpService - ok
15:27:31.0537 4832 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:27:31.0563 4832 upnphost - ok
15:27:31.0606 4832 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
15:27:31.0631 4832 usbaudio - ok
15:27:31.0648 4832 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
15:27:31.0668 4832 usbccgp - ok
15:27:31.0699 4832 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
15:27:31.0726 4832 usbcir - ok
15:27:31.0743 4832 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
15:27:31.0750 4832 usbehci - ok
15:27:31.0783 4832 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
15:27:31.0808 4832 usbhub - ok
15:27:31.0828 4832 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
15:27:31.0834 4832 usbohci - ok
15:27:31.0854 4832 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:27:31.0862 4832 usbprint - ok
15:27:31.0900 4832 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:27:31.0909 4832 usbscan - ok
15:27:31.0917 4832 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:27:31.0925 4832 USBSTOR - ok
15:27:31.0928 4832 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
15:27:31.0935 4832 usbuhci - ok
15:27:31.0967 4832 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
15:27:31.0988 4832 usbvideo - ok
15:27:32.0006 4832 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:27:32.0028 4832 UxSms - ok
15:27:32.0059 4832 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:27:32.0066 4832 VaultSvc - ok
15:27:32.0074 4832 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
15:27:32.0079 4832 vdrvroot - ok
15:27:32.0107 4832 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
15:27:32.0131 4832 vds - ok
15:27:32.0142 4832 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:27:32.0150 4832 vga - ok
15:27:32.0155 4832 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:27:32.0189 4832 VgaSave - ok
15:27:32.0216 4832 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
15:27:32.0223 4832 vhdmp - ok
15:27:32.0236 4832 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
15:27:32.0241 4832 viaide - ok
15:27:32.0255 4832 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
15:27:32.0263 4832 vmbus - ok
15:27:32.0270 4832 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
15:27:32.0288 4832 VMBusHID - ok
15:27:32.0308 4832 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
15:27:32.0314 4832 volmgr - ok
15:27:32.0334 4832 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
15:27:32.0344 4832 volmgrx - ok
15:27:32.0363 4832 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
15:27:32.0372 4832 volsnap - ok
15:27:32.0384 4832 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:27:32.0391 4832 vsmraid - ok
15:27:32.0462 4832 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
15:27:32.0514 4832 VSS - ok
15:27:32.0784 4832 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:27:32.0793 4832 vwifibus - ok
15:27:32.0814 4832 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:27:32.0841 4832 W32Time - ok
15:27:32.0851 4832 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:27:32.0858 4832 WacomPen - ok
15:27:32.0877 4832 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:27:32.0900 4832 WANARP - ok
15:27:32.0902 4832 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:27:32.0924 4832 Wanarpv6 - ok
15:27:32.0991 4832 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
15:27:33.0042 4832 wbengine - ok
15:27:33.0091 4832 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:27:33.0104 4832 WbioSrvc - ok
15:27:33.0124 4832 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll
15:27:33.0140 4832 wcncsvc - ok
15:27:33.0152 4832 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:27:33.0170 4832 WcsPlugInService - ok
15:27:33.0192 4832 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:27:33.0197 4832 Wd - ok
15:27:33.0264 4832 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:27:33.0279 4832 Wdf01000 - ok
15:27:33.0294 4832 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:27:33.0317 4832 WdiServiceHost - ok
15:27:33.0319 4832 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:27:33.0329 4832 WdiSystemHost - ok
15:27:33.0361 4832 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll
15:27:33.0384 4832 WebClient - ok
15:27:33.0415 4832 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:27:33.0457 4832 Wecsvc - ok
15:27:33.0474 4832 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:27:33.0517 4832 wercplsupport - ok
15:27:33.0547 4832 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:27:33.0571 4832 WerSvc - ok
15:27:33.0620 4832 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:27:33.0643 4832 WfpLwf - ok
15:27:33.0653 4832 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:27:33.0658 4832 WIMMount - ok
15:27:33.0662 4832 WinHttpAutoProxySvc - ok
15:27:33.0726 4832 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:27:33.0751 4832 Winmgmt - ok
15:27:33.0836 4832 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
15:27:33.0905 4832 WinRM - ok
15:27:34.0037 4832 WinUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.sys
15:27:34.0046 4832 WinUSB - ok
15:27:34.0088 4832 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:27:34.0115 4832 Wlansvc - ok
15:27:34.0290 4832 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:27:34.0332 4832 wlidsvc - ok
15:27:34.0380 4832 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:27:34.0386 4832 WmiAcpi - ok
15:27:34.0448 4832 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:27:34.0474 4832 wmiApSrv - ok
15:27:34.0522 4832 WMPNetworkSvc - ok
15:27:34.0586 4832 WMZuneComm (45de51db0950a4b8595520ef0bafcff1) c:\Program Files\Zune\WMZuneComm.exe
15:27:34.0596 4832 WMZuneComm - ok
15:27:34.0610 4832 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:27:34.0617 4832 WPCSvc - ok
15:27:34.0637 4832 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
15:27:34.0663 4832 WPDBusEnum - ok
15:27:34.0666 4832 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:27:34.0689 4832 ws2ifsl - ok
15:27:34.0691 4832 WSearch - ok
15:27:34.0808 4832 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
15:27:34.0867 4832 wuauserv - ok
15:27:34.0968 4832 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
15:27:34.0992 4832 WudfPf - ok
15:27:35.0014 4832 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:27:35.0038 4832 WUDFRd - ok
15:27:35.0049 4832 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
15:27:35.0090 4832 wudfsvc - ok
15:27:35.0114 4832 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:27:35.0127 4832 WwanSvc - ok
15:27:35.0250 4832 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
15:27:35.0259 4832 YahooAUService - ok
15:27:35.0307 4832 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
15:27:35.0337 4832 yukonw7 - ok
15:27:35.0384 4832 zntport (518b04e0ebeab273135b4408b8ed97e6) C:\Windows\System32\drivers\zntport.sys
15:27:35.0390 4832 zntport - ok
15:27:35.0768 4832 ZuneNetworkSvc (b79c2ce5340a5eca38ca1f74aa445d2b) c:\Program Files\Zune\ZuneNss.exe
15:27:35.0908 4832 ZuneNetworkSvc - ok
15:27:36.0037 4832 ZuneWlanCfgSvc (e2859aea054422fe40517179ae867c2d) c:\Windows\system32\ZuneWlanCfgSvc.exe
15:27:36.0054 4832 ZuneWlanCfgSvc - ok
15:27:36.0077 4832 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:27:36.0240 4832 \Device\Harddisk0\DR0 - ok
15:27:36.0243 4832 MBR (0x1B8) (8ff255184f078c9c04e6a2ce66117c5c) \Device\Harddisk3\DR3
15:27:36.0806 4832 \Device\Harddisk3\DR3 - ok
15:27:36.0811 4832 Boot (0x1200) (df95e5de16c96b5e1b88fb0a95af43f8) \Device\Harddisk0\DR0\Partition0
15:27:36.0812 4832 \Device\Harddisk0\DR0\Partition0 - ok
15:27:36.0818 4832 Boot (0x1200) (bdf0ccfb93bf6c62250ee1a0bef32d50) \Device\Harddisk0\DR0\Partition1
15:27:36.0819 4832 \Device\Harddisk0\DR0\Partition1 - ok
15:27:36.0822 4832 Boot (0x1200) (e0a169b83be2ad6ab453a54b87aab61d) \Device\Harddisk3\DR3\Partition0
15:27:36.0823 4832 \Device\Harddisk3\DR3\Partition0 - ok
15:27:36.0823 4832 ============================================================
15:27:36.0823 4832 Scan finished
15:27:36.0823 4832 ============================================================
15:27:36.0830 0708 Detected object count: 4
15:27:36.0831 0708 Actual detected object count: 4
15:34:37.0302 0708 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:34:37.0302 0708 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:34:37.0303 0708 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
15:34:37.0303 0708 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:34:37.0304 0708 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:34:37.0304 0708 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
15:34:37.0305 0708 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - skipped by user
15:34:37.0305 0708 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:34:57.0881 5044 ============================================================
15:34:57.0881 5044 Scan started
15:34:57.0881 5044 Mode: Manual; SigCheck; TDLFS;
15:34:57.0881 5044 ============================================================
15:34:59.0444 5044 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
15:34:59.0455 5044 1394ohci - ok
15:34:59.0478 5044 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
15:34:59.0486 5044 ACPI - ok
15:34:59.0493 5044 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
15:34:59.0501 5044 AcpiPmi - ok
15:34:59.0535 5044 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:34:59.0544 5044 adp94xx - ok
15:34:59.0565 5044 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:34:59.0572 5044 adpahci - ok
15:34:59.0589 5044 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:34:59.0596 5044 adpu320 - ok
15:34:59.0639 5044 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:34:59.0661 5044 AeLookupSvc - ok
15:34:59.0758 5044 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
15:34:59.0783 5044 AFD - ok
15:34:59.0877 5044 AffinegyService (7e077309910ce334c3b2b7b8665a55c4) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
15:34:59.0887 5044 AffinegyService - ok
15:34:59.0895 5044 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
15:34:59.0900 5044 agp440 - ok
15:34:59.0914 5044 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:34:59.0921 5044 ALG - ok
15:34:59.0923 5044 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
15:34:59.0928 5044 aliide - ok
15:35:00.0047 5044 ALSysIO - ok
15:35:00.0081 5044 AMD External Events Utility (962227630779043b5c1d4cd157abb912) C:\Windows\system32\atiesrxx.exe
15:35:00.0092 5044 AMD External Events Utility - ok
15:35:00.0155 5044 AMD FUEL Service - ok
15:35:00.0158 5044 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
15:35:00.0163 5044 amdide - ok
15:35:00.0172 5044 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
15:35:00.0175 5044 amdiox64 - ok
15:35:00.0189 5044 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:35:00.0195 5044 AmdK8 - ok
15:35:00.0627 5044 amdkmdag (56d6631761ec37745f0df16bcdc4caf4) C:\Windows\system32\DRIVERS\atikmdag.sys
15:35:00.0715 5044 amdkmdag - ok
15:35:00.0857 5044 amdkmdap (2d9005ea0bfd25c740e53c8dd3c069e0) C:\Windows\system32\DRIVERS\atikmpag.sys
15:35:00.0870 5044 amdkmdap - ok
15:35:00.0906 5044 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:35:00.0912 5044 AmdPPM - ok
15:35:00.0929 5044 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
15:35:00.0936 5044 amdsata - ok
15:35:00.0955 5044 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:35:00.0962 5044 amdsbs - ok
15:35:00.0975 5044 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
15:35:00.0980 5044 amdxata - ok
15:35:01.0051 5044 AODDriver4.01 (0e2ba6dc63e9cf3bf275856735a3e3be) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:35:01.0055 5044 AODDriver4.01 - ok
15:35:01.0057 5044 AODDriver4.1 (0e2ba6dc63e9cf3bf275856735a3e3be) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:35:01.0060 5044 AODDriver4.1 - ok
15:35:01.0068 5044 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
15:35:01.0078 5044 AppID - ok
15:35:01.0108 5044 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:35:01.0130 5044 AppIDSvc - ok
15:35:01.0142 5044 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
15:35:01.0164 5044 Appinfo - ok
15:35:01.0180 5044 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
15:35:01.0188 5044 AppMgmt - ok
15:35:01.0199 5044 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:35:01.0205 5044 arc - ok
15:35:01.0221 5044 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:35:01.0227 5044 arcsas - ok
15:35:01.0233 5044 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:35:01.0255 5044 AsyncMac - ok
15:35:01.0261 5044 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
15:35:01.0266 5044 atapi - ok
15:35:01.0291 5044 AtiHDAudioService (2b3b05c0a7768bf033217eb8f33f9c35) C:\Windows\system32\drivers\AtihdW76.sys
15:35:01.0296 5044 AtiHDAudioService - ok
15:35:01.0319 5044 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
15:35:01.0334 5044 AtiHdmiService - ok
15:35:01.0369 5044 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
15:35:01.0405 5044 AudioEndpointBuilder - ok
15:35:01.0409 5044 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
15:35:01.0435 5044 AudioSrv - ok
15:35:01.0445 5044 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
15:35:01.0455 5044 AxInstSV - ok
15:35:01.0481 5044 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
-
I've been having this issue ongoing for nearly two weeks... I have followed numerous topics on trying to remove this virus and stop the redirecting/random advertisements playing on my computer. In my processes I have Ping.exe and Malware detects the Bcminer... Attached are logs that I normally see requested when providing assistance. I have gone through numerous different topics and followed all of there instructions to no avail, so hopefully tailored service may help my situation. I would appreciate any assistance Malwarebytes may provide
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.4.1
Run by napdizzle at 15:56:58 on 2012-06-17
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4095.2038 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Outdated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Outdated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [Google Update] "C:\Users\napdizzle\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AMLDEV~1.LNK - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
LSP: mswsock.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{249BD807-FFCF-443B-90E5-952C3A29DE0F} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{67986829-03FE-4B19-B19C-30F44ABEFE5B} : DhcpNameServer = 10.36.16.1
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
BHO-X64: AMD SteadyVideo BHO - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO-X64: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun-x64: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun-x64: [CTxfiHlp] CTXFIHLP.EXE
mRun-x64: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\napdizzle\AppData\Roaming\Mozilla\Firefox\Profiles\8dpkf5f0.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/|www.gmail.com
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Download Manager\npfpdlm.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\napdizzle\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\napdizzle\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-2-14 361984]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-1-3 55936]
R2 cpuz133;cpuz133;\??\C:\Windows\system32\drivers\cpuz133_x64.sys --> C:\Windows\system32\drivers\cpuz133_x64.sys [?]
R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-4-10 542552]
R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -product HSS --> C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -product HSS [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-22 654408]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\system32\Drivers\nx6000.sys --> C:\Windows\system32\Drivers\nx6000.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-1-3 55936]
S2 PEVSystemStart;PEVSystemStart;C:\32788R22FWJFW\pev.3XE [2011-6-26 256000]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-1-31 79360]
S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 113120]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2010-9-23 306416]
.
=============== Created Last 30 ================
.
2012-06-17 20:44:36 -------- d-----w- C:\Users\napdizzle\AppData\Local\{CE85CE9E-B705-41A9-A4EE-3BA45ADB3D9A}
2012-06-17 17:48:03 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-17 17:48:03 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-16 06:37:17 -------- d-----w- C:\Users\napdizzle\AppData\Local\{00121ED0-6BA3-4EB4-8901-ED00E2FE8D61}
2012-06-13 02:10:36 561992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor12.dll
2012-06-13 02:10:10 -------- d-----w- C:\update
2012-06-13 02:10:10 -------- d-----w- C:\hsswd
2012-06-13 02:10:10 -------- d-----w- C:\hssff
2012-06-13 02:10:09 -------- d-----w- C:\ProgramData\Hotspot Shield
2012-06-12 02:03:59 -------- d-----w- C:\Users\napdizzle\AppData\Local\Skyrim
2012-06-12 01:26:51 -------- d-----w- C:\Users\napdizzle\AppData\Local\{417C1B19-9E0F-4373-85A1-530EF725C547}
2012-06-12 01:06:19 78680 ----a-w- C:\Windows\System32\XAPOFX1_4.dll
2012-06-12 01:06:19 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_4.dll
2012-06-12 01:06:19 530776 ----a-w- C:\Windows\System32\XAudio2_6.dll
2012-06-12 01:06:19 528216 ----a-w- C:\Windows\SysWow64\XAudio2_6.dll
2012-06-12 01:06:18 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll
2012-06-12 01:06:18 238936 ----a-w- C:\Windows\SysWow64\xactengine3_6.dll
2012-06-12 01:06:18 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll
2012-06-12 01:06:18 176984 ----a-w- C:\Windows\System32\xactengine3_6.dll
2012-06-12 01:01:38 -------- d-----w- C:\Program Files (x86)\The Elder Scrolls V Skyrim
2012-06-12 00:34:51 -------- d-----w- C:\Program Files (x86)\Oracle
2012-06-12 00:34:34 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-06-11 13:26:26 -------- d-----w- C:\Users\napdizzle\AppData\Local\{06E32F9D-600F-46A4-A06C-13207BEB2174}
2012-06-11 13:26:15 -------- d-----w- C:\Users\napdizzle\AppData\Local\{64AF2943-7B43-4284-A562-3D3E352A2DF3}
2012-06-11 01:34:31 98816 ----a-w- C:\Windows\sed.exe
2012-06-11 01:34:31 518144 ----a-w- C:\Windows\SWREG.exe
2012-06-11 01:34:31 256000 ----a-w- C:\Windows\PEV.exe
2012-06-11 01:34:31 208896 ----a-w- C:\Windows\MBR.exe
2012-06-11 01:34:25 -------- d-s---w- C:\ComboFix
2012-06-11 01:25:49 -------- d-----w- C:\Users\napdizzle\AppData\Local\{89CF3D2F-66E1-4867-8E2D-CD5698DD685C}
2012-06-11 01:25:34 -------- d-----w- C:\Users\napdizzle\AppData\Local\{F355C043-FEBE-439F-91E5-C4B0D130E74F}
2012-06-11 01:24:37 -------- d-----w- C:\Windows\en
2012-06-11 01:19:41 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\46b4e4bc1cd477003\DSETUP.dll
2012-06-11 01:19:41 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\46b4e4bc1cd477003\DXSETUP.exe
2012-06-11 01:19:41 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\46b4e4bc1cd477003\dsetup32.dll
2012-06-11 01:15:52 -------- d-----w- C:\Users\napdizzle\AppData\Local\{220F9A20-E422-49BA-885B-DF5509174EE4}
2012-06-11 01:15:39 -------- d-----w- C:\Users\napdizzle\AppData\Local\{9BFAD569-CCF0-4D7A-8BCB-E0C4F119BDDE}
2012-06-11 00:32:35 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-10 23:36:31 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-06-10 20:55:47 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D9EBB7D1-801F-425F-9DEB-22DEA6D080AF}\mpengine.dll
2012-05-30 20:53:02 -------- d-----w- C:\Users\napdizzle\AppData\Local\{ACECDD50-E09F-46BB-A07B-2D9A43BD8579}
2012-05-30 20:52:34 -------- d-----w- C:\Users\napdizzle\AppData\Local\{E0918699-3109-45AA-B4B9-8FD1DE156650}
2012-05-23 14:13:39 -------- d-----w- C:\Users\napdizzle\AppData\Local\{EAC9A3A3-B853-48B6-B69D-D48B58F97D9E}
2012-05-23 14:13:25 -------- d-----w- C:\Users\napdizzle\AppData\Local\{7F0A22DD-F753-4759-88F2-68F5E1F805A1}
2012-05-22 04:49:20 288 ----a-w- C:\Users\napdizzle\AppData\Roaming\9F513D51.reg
2012-05-22 04:34:14 -------- d-----w- C:\Users\napdizzle\AppData\Local\{4C1A56FE-673C-4191-89C1-00F7A71804CD}
2012-05-22 04:33:52 -------- d-----w- C:\Users\napdizzle\AppData\Local\{FEA777D8-6B8F-4C32-B2AB-15AA29387CC6}
.
==================== Find3M ====================
.
2012-06-11 00:32:35 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-04 23:47:02 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-04-04 20:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
.
============= FINISH: 15:57:51.10 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 3/8/2010 5:53:00 PM
System Uptime: 6/17/2012 3:42:59 PM (0 hours ago)
.
Motherboard: DFI Inc. | | LP DK 790FXB-M3H5
Processor: AMD Phenom™ II X4 965 Processor | Socket AM2 | 3400/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 699 GiB total, 109.915 GiB free.
D: is CDROM (UDF)
F: is FIXED (FAT32) - 466 GiB total, 3.472 GiB free.
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP800: 5/31/2012 3:55:17 PM - Windows Update
RP801: 6/1/2012 3:55:03 PM - Windows Update
RP802: 6/2/2012 3:55:03 PM - Windows Update
RP803: 6/3/2012 2:08:45 AM - Windows Update
RP804: 6/3/2012 3:55:00 PM - Windows Update
RP805: 6/4/2012 3:55:01 PM - Windows Update
RP806: 6/5/2012 3:55:01 PM - Windows Update
RP807: 6/6/2012 3:55:07 PM - Windows Update
RP808: 6/7/2012 3:55:01 PM - Windows Update
RP809: 6/8/2012 3:55:00 PM - Windows Update
RP810: 6/9/2012 3:55:01 PM - Windows Update
RP811: 6/10/2012 2:09:02 AM - Windows Update
RP812: 6/10/2012 3:55:18 PM - Windows Update
RP813: 6/10/2012 8:19:40 PM - Windows Live Essentials
RP814: 6/10/2012 8:21:08 PM - Installed DirectX
RP815: 6/10/2012 8:21:28 PM - Installed DirectX
RP816: 6/10/2012 8:21:55 PM - WLSetup
RP817: 6/11/2012 7:34:09 PM - Installed Java™ 7 Update 4
RP818: 6/11/2012 7:34:36 PM - Installed JavaFX 2.1.0
RP819: 6/11/2012 8:05:01 PM - Installed DirectX
.
==== Installed Programs ======================
.
µTorrent
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader 9.3
Alien Swarm
Altitude
AMD VISION Engine Control Center
ArcaniA - Gothic 4
Assassin's Creed II
ATI Catalyst Registration
Battlefield 3™ Open Beta
Battlefield: Bad Company 2
Battlelog Web Plugins
Belkin Setup and Router Monitor
Call of Duty: Black Ops
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Cities XL 2011
Counter-Strike: Source
Creative Audio Control Panel
Creative Software AutoUpdate
Creative Sound Blaster Properties x64 Edition
D3DX10
DC Universe Online Beta
Dead Space™ 2
Deus Ex - Human Revolution version 1.0
DFX for Windows Media Player
DivX Web Player
Download Manager 2.3.10
Driver Cleaner.NET
ESN Sonar
Ez_Flash
Facebook Plug-In
Fallout New Vegas
FoxTab FLV Player
GmoteServer
Google Chrome
Grand Theft Auto IV
Hotspot Shield 2.53
HP Deskjet 1000 J110 series Help
Java Auto Updater
Java™ 6 Update 26
Java™ 7 Update 4
JavaFX 2.1.0
Mafia II
Malwarebytes Anti-Malware version 1.61.0.1400
Medal of Honor™ MP Beta
Microsoft Corporation
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
Need for Speed™ Hot Pursuit
NVIDIA PhysX
OpenAL
Origin
PDG Gold for NCOs - 2009
PFPortChecker 1.0.32
Portal
Portal 2
PunkBuster Services
Rockstar Games Social Club
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB980376)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Skype Click to Call
Skype™ 5.5
Steam
System Requirements Lab
Team Fortress 2
The Lord of the Rings FREE Trial
Tom Clancy's Splinter Cell Conviction
TVersity Codec Pack 1.4
TVersity Media Server 1.9.2
Ubisoft Game Launcher
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Outlook 2007 Junk Email Filter (kb2202131)
VC80CRTRedist - 8.0.50727.762
VLC media player 1.1.4
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinPcap 4.1.1
Wireshark 1.2.6
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
6/17/2012 3:48:23 PM, Error: Service Control Manager [7034] - The TVersityMediaServer service terminated unexpectedly. It has done this 1 time(s).
6/17/2012 3:43:36 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
6/17/2012 3:43:36 PM, Error: Service Control Manager [7000] - The AODDriver4.1 service failed to start due to the following error: The system cannot find the file specified.
6/17/2012 3:43:34 PM, Error: Service Control Manager [7000] - The NTPort Library Driver service failed to start due to the following error: This driver has been blocked from loading
6/17/2012 3:43:34 PM, Error: Application Popup [1060] - \SystemRoot\System32\drivers\zntport.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
6/17/2012 3:43:33 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
6/17/2012 3:43:33 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
6/12/2012 9:10:12 PM, Error: Service Control Manager [7034] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 1 time(s).
6/12/2012 9:10:10 PM, Error: Service Control Manager [7030] - The Hotspot Shield Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
6/10/2012 8:36:08 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
6/10/2012 8:36:08 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.
6/10/2012 8:35:08 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Application Experience service, but this action failed with the following error: An instance of the service is already running.
6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Secondary Logon service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/10/2012 8:34:05 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
6/10/2012 3:55:56 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
6/10/2012 2:09:37 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
.
==== End Of File ===========================
Ping.exe and Trojan.dropper.bcminer and redirecting internet
in Resolved Malware Removal Logs
Posted
I have deleted Utorrent , yes I would like to try and repair my system if possible. I do infact have a USB drive ...