Jump to content

ja2913

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I believe both of these files are false positives and belong to a program for my Asus motherboard.PE_Rom.dll it detects every time at startup. PE_File.dll it detected with a quick scan. It only started this today and I had built the computer in August. Malwarebytes Anti-Malware (PRO) 1.75.0.1300www.malwarebytes.org Database version: v2013.11.13.13 Windows 8 x64 NTFSInternet Explorer 10.0.9200.16736airso_000 :: JACOB [administrator] Protection: Enabled 11/13/2013 7:56:27 PMMBAM-log-2013-11-13 (19-59-17).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 207415Time elapsed: 1 minute(s), 40 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 3C:\Users\airso_000\Documents\False Positives.zip (Trojan.Agent.HMGen) -> No action taken. [7f92e217f6769e98302e0150a75ad828]C:\Windows\PE_File.dll (Trojan.Agent.HMGen) -> No action taken. [a66b50a96c00a98db4aa97ba11f08779]C:\Windows\PE_Rom.dll (Trojan.Agent.HMGen) -> No action taken. [b55c15e42745053197c7133eb849966a] (end)False Positives.zip
  2. Computer seems to be fine now, do you still want me to send the file? thanks
  3. Computer seems to be acting a little strange now believe it or not, it almost feels a little sluggish (started last night), also that file still is in my pc, should I manually delete it. Also I'm curious as to what virus caused that file?
  4. Thanks again here is the log All processes killed ========== FILES ========== C:\WINDOWS\SysWow64\netjr32.dll moved successfully. < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\airso_000\Desktop\cmd.bat deleted successfully. C:\Users\airso_000\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: airso_000 ->Temp folder emptied: 1351924181 bytes ->Temporary Internet Files folder emptied: 218717569 bytes ->Google Chrome cache emptied: 33195519 bytes ->Flash cache emptied: 3631 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 200704 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 34232652 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 280994 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 1,563.00 mb Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 03052013_075351 Files\Folders moved on Reboot... C:\Users\airso_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...
  5. I just noticed mbam wasn't running, I disabled it before when I went to run combofix, however it must have not restarted the protection module when I restarted the pc. Here is the other log OTL Extras logfile created on: 3/3/2013 5:54:41 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\airso_000\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16484) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 15.83 Gb Total Physical Memory | 13.77 Gb Available Physical Memory | 87.02% Memory free 31.83 Gb Paging File | 29.57 Gb Available in Paging File | 92.92% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 238.37 Gb Total Space | 67.18 Gb Free Space | 28.18% Space Free | Partition Type: NTFS Drive D: | 447.13 Gb Total Space | 48.16 Gb Free Space | 10.77% Space Free | Partition Type: NTFS Computer Name: JACOB | User Name: airso_000 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2300135977-2110550730-3846344849-1001\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.) Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.) Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.) Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.) Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{014713BB-B8DC-4FF9-9328-E134DB512629}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{164F1C69-7343-4888-B010-C2B4C9CDBB84}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{360CB297-0C45-4531-A442-23AEEDAA0786}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{4F9C6706-A546-461D-B234-F8B70AAB3281}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{501EB75B-7853-4B55-A01F-C6C98D27A921}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{526A6FFA-A633-406A-B380-65912CE2D594}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{567852DC-5655-4AFC-AF7A-F9A5E6C43599}" = lport=445 | protocol=6 | dir=in | app=system | "{6FC6C90C-8317-43C6-B483-500668F4577D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7907244F-8485-4DF3-A0DD-DA966FDD0251}" = lport=138 | protocol=17 | dir=in | app=system | "{8CD06A8E-1737-4CCC-9CD3-A07732D651EE}" = lport=137 | protocol=17 | dir=in | app=system | "{9690BB0B-EF52-4A01-981D-5836E87114C8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{99436F12-F301-41C4-8C54-1B242233CF89}" = rport=139 | protocol=6 | dir=out | app=system | "{9B61B91E-EA69-40EB-9A41-868655B838F7}" = lport=2869 | protocol=6 | dir=in | app=system | "{A0EAFA52-50C0-4A73-8E34-BB7DAED097E7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A2CE23BE-D36C-4812-8213-5C4FEB94501C}" = lport=10243 | protocol=6 | dir=in | app=system | "{BE6C83F0-9E34-4F29-BF50-0F94453CC2BC}" = rport=10243 | protocol=6 | dir=out | app=system | "{C5A69E4D-597E-45F9-A5B7-5B8F53633CE2}" = lport=139 | protocol=6 | dir=in | app=system | "{DBF9C5AC-7159-47F8-8158-C32FC8B4FD5C}" = rport=137 | protocol=17 | dir=out | app=system | "{E907E55B-FBA4-43F8-AA25-03AA3F32CB26}" = rport=445 | protocol=6 | dir=out | app=system | "{F87580F1-BD55-4874-8292-5A81644E91D8}" = rport=138 | protocol=17 | dir=out | app=system | "{F8FF2FED-133A-4D98-B1D2-12F45FD224B2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00ECADB8-B611-497A-A6D5-7F997A81053B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\grand theft auto vice city\gta-vc.exe | "{0409D1F0-3CC1-4526-9C7A-A1E29B2052A9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe | "{057E1070-AF07-49E7-8A7A-43343FEBD6EA}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{05AF649C-659F-4FB0-819D-F7649CDD4A27}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty black ops ii\t6sp.exe | "{07720575-F1D7-44ED-8FCA-93B62173E983}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{0A1B549C-A9DF-40EC-9AED-DA6267C74037}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | "{0E343BB4-E7E9-4123-B4A8-D399951EAEFF}" = protocol=17 | dir=in | app=d:\steam\steam.exe | "{0F6E7594-8B5E-4DEE-AD4A-3CE6224DDCE6}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe | "{0FFCD7A7-7836-4F79-A817-B0040480C33F}" = dir=out | name=netflix | "{10CAC544-B17B-4684-8C0D-ECF799420D0C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\metro 2033\metro2033.exe | "{122D3BCF-FE27-4CF2-B09F-AD6A2ED8BC97}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe | "{140EE0AD-C3F6-4E8A-93D9-4B90DC3E8393}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{15D57799-363D-4D95-AAF7-7C99E6DB6A01}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{16B52004-E043-4C39-897C-293DA37216D2}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe | "{176ACCAC-BFC2-4F7B-9263-68A8E6AC45EB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{18C5DF40-38E9-4531-B32D-8F7B504E9214}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe | "{196F8793-1DB9-4164-9610-BFF6E5C6B574}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\grand theft auto vice city\gta-vc.exe | "{1A4D7B0C-89B4-4547-9352-CDA970C8084B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{1A53AC98-2EFC-4B2A-9284-4AD62DE12698}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1EB7F433-A8A9-4894-B77C-9A6C82F9504C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\mass effect\binaries\masseffect.exe | "{209702E4-961E-49A9-A861-1D6B618FA104}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | "{219F16EA-7371-4892-BBF2-BF042192E529}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\just cause 2\justcause2.exe | "{224F8708-D65A-488E-8D7A-A08034437C31}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty world at war\codwaw.exe | "{23208220-145B-4322-9E7B-A5CB83A33ACA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dead island\deadislandgame.exe | "{2537ACA1-65D7-45ED-9BA6-0A78A8A43B98}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty black ops ii\t6zm.exe | "{2620CA60-0A97-4D0B-A0FE-289FC0608E6B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty black ops ii\t6sp.exe | "{262614BF-1A52-482D-8378-1618D03CD198}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sniper elite\sniperelite.exe | "{28691890-7B94-46B7-A787-6F5F6231CE5C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{28CC1569-E44C-45B3-A19A-6BD790C6BADE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe | "{2B1FD5B2-94E0-4E38-8881-9C67DCDA5F0C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe | "{2CE2A104-0BB1-4503-9493-B82801EB5BA2}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe | "{2DC34C77-9FC7-422E-A63C-5EF79D60904D}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{2FF8D77C-ABB7-47AC-8E71-75651C9C7D20}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe | "{30C3A7D6-7D3B-460A-95B0-EC8C19574B77}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{31ACC498-BEE6-46C3-89D9-E91CEC4F5CAB}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\mass effect\binaries\masseffect.exe | "{32CA9011-F34B-4097-B568-37B342E41ABF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{36DF582C-8094-4E5D-8F97-9170E30CA5FA}" = dir=out | name=youtube player | "{38CBB009-548B-414E-86A1-0993793DE855}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{397280FC-24CF-4C41-96C9-E11E8086151C}" = protocol=6 | dir=in | app=d:\origin download\fifa 13\game\fifa13.exe | "{3A326284-F840-4094-B767-19597E13E686}" = protocol=6 | dir=out | app=system | "{3A8CD769-DFE7-4B93-AE92-4A77B425B9A1}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe | "{3B874AE5-7BE0-4D5F-952B-A42DBF6874B4}" = dir=in | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} | "{3CCCFF4E-64B4-4E13-B948-2F52464DA115}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\knights of the old republic ii\swkotor2.exe | "{3EB81B10-641D-4B0E-8BED-023E7846828D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe | "{3FFB49DA-0AE9-409B-A697-9BD90F4AA366}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{404FCDFE-FC04-4894-8735-276FCA2C8BC2}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\hitman absolution\hma.exe | "{43DFAD85-E1B6-4E14-B21C-57DFE787E498}" = protocol=17 | dir=in | app=d:\origin download\fifa 13\game\fifa13.exe | "{4526B0AA-3F38-4AC0-BF1F-C438C823C35A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{4764E14D-05FA-4D15-9593-65A57BF7D265}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe | "{4BDF32BA-8D71-4C9F-A1EA-CE9A939BA4DD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\assassin's creed 3\ac3sp.exe | "{4BF9BA37-86EC-43D5-B180-AA1A27C6751E}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | "{4EA6EEB3-DCD9-4C3D-8523-958D740C411C}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{4F137511-8322-4C44-B6AE-2E232492C22E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe | "{5176DF8A-970B-4EC5-A149-255DFBEE3CCE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm | "{5A7D0DC6-9765-4B02-BA5B-0268BDC6F2CA}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\batman arkham city goty\runlauncher.bat | "{5B1DDC43-ABAA-4660-BF31-CDE90D6E0740}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\knights of the old republic ii\swkotor2.exe | "{5B596978-8574-4A96-A79C-80D7704CD187}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\3dmark 11\3dmarklauncher.exe | "{5D4FCD18-D7AE-43F3-90DC-F2ED08DA9231}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sid meier's civilization v\launcher.exe | "{5DEF0C08-4C1D-4BA0-8F03-8FAFDA65C59B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe | "{5E751E27-3DF6-4566-A60B-538C149A4296}" = dir=out | name=google search | "{61A3F8B5-CCCC-4C60-B31E-E876AE5C951A}" = dir=out | name=microsoft solitaire collection | "{62FFECF4-0356-4C9D-9E60-3970054BB55B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\crysis wars\bin32\crysis.exe | "{6339A451-6CC7-463D-8955-C62CADAFFC8C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe | "{634179B4-EE4D-4F56-9087-BA92CCEB3A5C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\hitman absolution\hma.exe | "{66001BBA-5035-4ACC-B669-67E8C86BAD27}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\crysis\bin32\crysis.exe | "{66966081-9026-4206-877D-D0C33EB9445F}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "{6847099E-04D3-4CA8-B9F0-8339F54AD18C}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{6898F4B6-D07E-497B-8010-E7B4CFA67C02}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\shogun2.exe | "{69797DE8-8C8B-4133-B03B-267B0811041B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2\arma2.exe | "{69811C23-755E-49E2-A8AF-141BF173EECC}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\crysis\bin32\crysis.exe | "{6AF69232-A695-4CAC-BFB3-4FEB7A5C78CC}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty world at war\codwawmp.exe | "{6EC0C50A-EFF7-4683-A431-CF07EC7851F9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat | "{6F62F994-D85D-46D8-8EC7-9E08EC3FB7FA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe | "{70604DF4-BE35-452E-99E9-4B37742854AB}" = dir=out | name=tunein radio | "{70DF34D8-C795-4F35-AC8C-21068F87D2FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{72182DE8-DDB8-4F13-810C-FC31E53EE58F}" = dir=out | name=hp printer control | "{72E7980B-109A-435E-99E6-B8B7691CFA75}" = protocol=6 | dir=in | app=d:\steam\steam.exe | "{78552AE4-9586-4D5D-A02C-039C92D40EF3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2editor.exe | "{7D467070-577E-4725-9A66-16CC750E3B42}" = protocol=6 | dir=in | app=d:\games for windows\microsoft games\gears of war\binaries\wargame-g4wlive.exe | "{7D88C497-095D-43F7-A831-E58FA3849B34}" = dir=in | app=c:\program files\hp\hp photosmart 6510 series\bin\devicesetup.exe | "{7DD35858-A025-43A1-B876-51CE0BF1A043}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\metro 2033\metro2033.exe | "{7EB8FFAE-A1CE-4542-9E44-695BEE174905}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{7F82A2AB-2659-4F4B-ADA6-78099C68FF3D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\dlcsetup\baf\datacachepreprocessor.exe | "{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{8199F12B-9A1C-42D4-93D0-69EA9AC67D59}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{8342FF32-CF7B-4357-9911-E4A445AB7101}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe | "{8362EDBF-ACDA-4911-9B67-4EEC4C6BB730}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\farcry2.exe | "{846ACD11-5DF2-4900-8CE0-97E205D42F51}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm | "{8621B56D-4104-4624-AC45-F4F249AC50D6}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the witcher 2\launcher.exe | "{86B3FF01-CD7B-40C6-9482-68B87330C2CD}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | "{88AF3069-1D49-4EB1-9BE4-50CE63A339E8}" = dir=out | name=@{microsoft.bingfinance_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "{88EB37BC-5D3D-4E1C-B8E7-6769DA501438}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dead island\deadislandgame.exe | "{896BFAC7-B935-4A35-B7DB-F22A639E0A8A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\assassin's creed 3\ac3sp.exe | "{8A1BC591-A495-440E-A0C7-A9CBEB6ECE63}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sniper elite\sniperelite.exe | "{8A3B64EB-2C4A-4360-9A69-EE99042BEAFA}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\dlcsetup\pmc\datacachepreprocessor.exe | "{8A80614F-9CC4-42E0-B6CB-1089572A3531}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\dlcsetup\pmc\datacachepreprocessor.exe | "{8DBC72C7-F769-4E10-B653-8C2790586CBA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | "{8E15DFB6-A375-42D5-A1B2-D72AB96D21FE}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe | "{8F322511-0B55-43B7-BB65-2BE12E4D9A39}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{8FCC5056-1954-43C8-9E71-CB9C8018D2B1}" = protocol=17 | dir=in | app=d:\games for windows\microsoft games\gears of war\binaries\wargame-g4wlive.exe | "{91805562-B931-4A89-97FC-3F8A05DF988D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\shogun2.exe | "{92B6AC63-4BEA-4245-A6F3-5FB247DC5782}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty world at war\codwaw.exe | "{9651230D-4375-4D00-B20C-6842EC8E1FB5}" = dir=out | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} | "{96D2536B-E6DE-47F2-872F-061AC2ADDE81}" = dir=in | app=c:\program files\hp\hp photosmart 6510 series\bin\hpnetworkcommunicatorcom.exe | "{988769B8-F4A6-4162-91F4-34A42DFFF240}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\3dmark 11\3dmarklauncher.exe | "{98CDB1A0-A093-4331-B5FA-4DB0FAF57B64}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe | "{9A8667D1-14C2-436C-B42D-A9F75DFDD4E6}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe | "{9B21ED7F-3D9D-42CB-AB0A-9E1BA1380258}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe | "{9C8A9C95-108E-43BB-AAC5-602FBF22BCE6}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\assassin's creed 3\ac3mp.exe | "{9CA27D3B-C51E-4E24-A7B9-D63D61B3C0ED}" = dir=out | name=@{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | "{9D95DB02-52BF-4690-A9C3-7CA972951C65}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | "{A1D23F47-5D9B-43FD-BE90-E75A87D84B0A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\dlcsetup\baf\datacachepreprocessor.exe | "{A227237F-40A3-4CAB-A7D7-E93916017D66}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{A246503E-694D-414C-BA83-AECA2F908011}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | "{A2BCBB34-1A59-4D7E-9425-878AAD170FD0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A4B92D79-8CA5-438B-815B-71B26C10C884}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html | "{A540B702-B7D0-4E15-B70B-107AB6A18B8D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe | "{A7DD5525-AD0B-4D22-AA9F-0F7F8A3D2BAA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A81216C6-460E-4ADB-BB5C-F8074BB01353}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat | "{A9026EFF-9326-4B65-BC2D-F5A801A1F0FC}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\farcry2.exe | "{ABFB2918-CBA6-46E6-97AD-46409A399036}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{AFB67986-6BD8-4B47-8E2F-BD8C28645C23}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | "{B16E63DC-4F8D-42A1-8F3F-495E8658397C}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{B263A69A-B686-48F5-BB41-F5FCE910D352}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\swkotor\swkotor.exe | "{B3BFCF87-2B95-465B-BFFB-FD19F720B2FA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{B45348F0-15C7-40DB-9568-7066A768F6B8}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe | "{B461C791-302F-4D80-83CA-C6115CFE3548}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\assassin's creed 3\ac3mp.exe | "{B5F55834-09D3-4119-A630-5D1AF9243FFB}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\batman arkham city goty\runlauncher.bat | "{B61E0CA8-A82E-4846-9BA7-AC6160374432}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | "{B7F15C31-CC2C-43EA-B489-9A39ED0233F0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html | "{B8693BAB-AA42-4E84-B468-E2070506711F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2\arma2.exe | "{B9EE5E00-EB41-4F57-ACD1-C366F568BBD3}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sid meier's civilization v\launcher.exe | "{BB946B05-7510-42E2-A235-72F29B0DC3FD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{BD376F8D-F847-43B4-8AE2-11BDAA8AC98A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{C06AB90F-A96B-49AF-B59B-B397B4EEB91B}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{C0D320EC-ADF8-46B2-917E-F9542C43C26F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2editor.exe | "{C1601441-3505-4B14-AA11-A2C0578A4C7F}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\swkotor\swkotor.exe | "{C1B9E767-CFF7-4AF4-8FA5-9EC820F636E1}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat | "{C22E78CC-0056-40A1-9E09-BDF57D9B4172}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe | "{C2B777C9-2E87-4745-8FDF-6015520245EC}" = protocol=17 | dir=in | app=d:\origin download\battlefield 3\bf3.exe | "{C2C5B15E-8E41-4E2C-ACA0-0E95260DE560}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | "{C7936311-ABC5-4FCE-A221-A34237E37DD9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the witcher 2\launcher.exe | "{CB9ECB4D-D6F6-4471-A833-A0C20AFECB47}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe | "{CC14B16C-5707-490F-9019-BC0D983C0E60}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\crysis warhead\bin32\crysis.exe | "{D2091D9D-0DE7-42F6-9420-C8CBBC59140E}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe | "{D3853519-2243-4066-A956-C7C00A6196CB}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe | "{D4DBEC46-A8D1-490F-9701-921AFD96D002}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{D52D37E5-B0D0-4779-A5F2-FD033135F9A9}" = dir=out | name=@{microsoft.xboxcompanion_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} | "{D5C9B7FC-EC9B-4E85-87F7-F68E1021CCF8}" = dir=out | name=@{microsoft.bingsports_1.8.0.51_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | "{DED71E20-2B54-4481-A005-7C331B0FAF87}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\crysis wars\bin32\crysis.exe | "{E02B9A14-3F64-4681-8024-0CB302539B97}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty black ops ii\t6zm.exe | "{E062B435-1783-41E4-A502-8BE678134A64}" = protocol=6 | dir=in | app=d:\origin download\battlefield 3\bf3.exe | "{E1D8E5B5-E42E-4A9E-BABB-C3005E5960D6}" = dir=out | name=@{microsoft.bingnews_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{E2518325-F657-46A9-87F4-E60FA1557611}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E5A5944C-0FC0-4F8E-9B19-27248FF9B7A3}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\crysis warhead\bin32\crysis.exe | "{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{E83CDD4B-2902-476F-BF7A-69BCDD9EA91C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe | "{E9861278-CD35-4E5A-BF4D-90ACB1D9197C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe | "{EA3C58BC-C9F0-4ED4-85B3-7933F41FF3A8}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat | "{EAA1F7CA-4090-40DC-84BA-64E30C306AD6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{EB21FA6E-0D0E-4599-88D9-601B6FA50839}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{EEF918B6-A67F-4C83-9845-EAA9D1A01B7A}" = dir=in | name=hp printer control | "{F1878AA7-7831-4E5A-A3F2-4943F5148377}" = dir=out | name=newegg | "{F398D674-B528-470C-BACC-6765D1D46F49}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe | "{F408288E-75BE-443F-AFB5-B1DDD8110365}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{F5D065DF-4CFE-484A-BDF0-54DFDEA75C1D}" = dir=in | app=c:\program files\hp\hp photosmart 6510 series\bin\hpnetworkcommunicator.exe | "{F82A6B9E-C10D-4880-97DC-B6D60C43AD9D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe | "{FA9E1800-33CC-46CD-BADE-CA7BD73BA192}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty world at war\codwawmp.exe | "{FABAC1FB-D599-4A00-8ECB-9B703A701B8E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FC17B737-3E65-41E2-82D7-D2B5A52F9A42}" = dir=in | name=@{microsoft.xboxcompanion_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} | "{FDD5A34E-F714-4151-8E67-9C5FC354D52B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\just cause 2\justcause2.exe | "{FFF17436-B266-47B0-99EC-47616D17CF11}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1952AED6-2908-418F-B9D8-AC359651F92D}" = HP Photosmart 6510 series Basic Device Software "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 314.07 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 314.07 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 314.07 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.0.1 (BETA) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 314.07 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 2.47.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.23.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{D54ADF6B-2164-4394-AF70-2778422E9DD8}" = Intel® Network Connections 17.4.95.0 "{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager "CCleaner" = CCleaner "CPUID CPU-Z G1_is1" = CPUID CPU-Z G1 1.61.3 "HitmanPro37" = HitmanPro 3.7 "PROSetDX" = Intel® Network Connections 17.4.95.0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main "{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin "{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1" = Samsung SSD Magician "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2 "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT "{4343080E-448E-4E2C-B27F-B91000028201}" = Dead Rising 2 "{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.1012.1 "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4D530842-77D5-42F3-BAD3-A2100D0D8400}" = Gears of War for Windows "{4E711815-5F4E-47F2-B1E1-C0B43A8D57F3}" = AIVIA GHOST "{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013 "{5C12B035-6632-431F-93AA-E8CB8421E507}" = Sound Blaster Recon3Di Extras "{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin "{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13 "{A2F95F8C-CDA9-4B08-BAD1-CA9656E4EC14}" = HP Photosmart 6510 series Help "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) "{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo "{BFF68EA7-3873-4753-924C-152C67A3D745}" = Sound Blaster Recon3Di "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3 "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software "{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook "Afterburner" = MSI Afterburner 2.3.0 "Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17 "Battlelog Web Plugins" = Battlelog Web Plugins "BattlEye for A2" = BattlEye Uninstall "ESN Sonar-0.70.4" = ESN Sonar "Fraps" = Fraps (remove only) "GFWL_{4D530842-77D5-42F3-BAD3-A2100D0D8400}" = Gears of War for Windows "Google Chrome" = Google Chrome "InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.1012.1 "InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager "InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013 "Kaspersky Password Manager_is1" = Kaspersky Password Manager 5.0.0.169 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100 "Media Center 18" = Media Center 18 "MediaMonkey_is1" = MediaMonkey 4.0 "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office14.SingleImage" = Microsoft Office Professional 2010 "OpenAL" = OpenAL "Origin" = Origin "PunkBusterSvc" = PunkBuster Services "Steam App 10090" = Call of Duty: World at War "Steam App 108800" = Crysis 2 Maximum Edition "Steam App 12110" = Grand Theft Auto: Vice City "Steam App 12210" = Grand Theft Auto IV "Steam App 12220" = Grand Theft Auto: Episodes from Liberty City "Steam App 17300" = Crysis "Steam App 17330" = Crysis Warhead "Steam App 17340" = Crysis Wars "Steam App 17460" = Mass Effect "Steam App 17470" = Dead Space "Steam App 19900" = Far Cry 2 "Steam App 200260" = Batman: Arkham City GOTY "Steam App 200510" = XCOM: Enemy Unknown "Steam App 202970" = Call of Duty: Black Ops II "Steam App 203140" = Hitman: Absolution "Steam App 204100" = Max Payne 3 "Steam App 205100" = Dishonored "Steam App 205270" = 3DMark 11 "Steam App 207610" = The Walking Dead "Steam App 208480" = Assassin’s Creed® III "Steam App 208580" = Star Wars: Knights of the Old Republic II "Steam App 20920" = The Witcher 2: Assassins of Kings Enhanced Edition "Steam App 212910" = Call of Duty: Black Ops II - Zombies "Steam App 219540" = ARMA 2: Operation Arrowhead Beta "Steam App 22370" = Fallout 3 - Game of the Year Edition "Steam App 22380" = Fallout: New Vegas "Steam App 32370" = Star Wars: Knights of the Old Republic "Steam App 33900" = ARMA 2 "Steam App 33930" = ARMA 2: Operation Arrowhead "Steam App 34330" = Total War: SHOGUN 2 "Steam App 3700" = Sniper Elite "Steam App 43110" = Metro 2033 "Steam App 45740" = Dead Rising 2 "Steam App 47780" = Dead Space 2 "Steam App 49520" = Borderlands 2 "Steam App 63380" = Sniper Elite V2 "Steam App 65700" = ARMA 2: British Armed Forces "Steam App 65720" = ARMA 2: Private Military Company "Steam App 72850" = The Elder Scrolls V: Skyrim "Steam App 730" = Counter-Strike: Global Offensive "Steam App 8190" = Just Cause 2 "Steam App 8930" = Sid Meier's Civilization V "Steam App 91310" = Dead Island "Steam App 9200" = RAGE "TechPowerUp GPU-Z" = TechPowerUp GPU-Z "Uplay" = Uplay ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2300135977-2110550730-3846344849-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "MusicManager" = Music Manager ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 2/25/2013 9:55:29 PM | Computer Name = Jacob | Source = Microsoft-Windows-Immersive-Shell | ID = 5973 Description = Activation of app microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error - 2/25/2013 9:55:45 PM | Computer Name = Jacob | Source = Microsoft-Windows-Immersive-Shell | ID = 2486 Description = App microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos did not launch within its allotted time. Error - 2/25/2013 10:50:52 PM | Computer Name = Jacob | Source = Microsoft-Windows-Immersive-Shell | ID = 5973 Description = Activation of app microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error - 2/25/2013 10:51:08 PM | Computer Name = Jacob | Source = Microsoft-Windows-Immersive-Shell | ID = 2486 Description = App microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos did not launch within its allotted time. Error - 2/26/2013 4:37:01 PM | Computer Name = Jacob | Source = MsiInstaller | ID = 1013 Description = Error - 3/2/2013 8:17:35 AM | Computer Name = Jacob | Source = Microsoft-Windows-Immersive-Shell | ID = 2484 Description = Package windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy was terminated because it took too long to suspend. Error - 3/2/2013 8:17:37 AM | Computer Name = Jacob | Source = Application Hang | ID = 1002 Description = The program SystemSettings.exe version 6.2.9200.16420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 5f60 Start Time: 01ce16d20c56453c Termination Time: 4294967295 Application Path: C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe Report Id: 2a43fbb2-8333-11e2-beb5-902b343e2464 Faulting package full name: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel Error - 3/2/2013 3:48:51 PM | Computer Name = Jacob | Source = MsiInstaller | ID = 1013 Description = Error - 3/2/2013 5:32:47 PM | Computer Name = Jacob | Source = MsiInstaller | ID = 1013 Description = Error - 3/3/2013 5:34:20 PM | Computer Name = Jacob | Source = MsiInstaller | ID = 1013 Description = [ Media Center Events ] Error - 3/1/2013 1:50:35 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0 Description = 12:50:35 PM - Error connecting to the internet. 12:50:35 PM - Unable to contact server.. Error - 3/1/2013 1:50:42 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0 Description = 12:50:40 PM - Error connecting to the internet. 12:50:40 PM - Unable to contact server.. Error - 3/1/2013 2:50:48 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0 Description = 1:50:48 PM - Error connecting to the internet. 1:50:48 PM - Unable to contact server.. Error - 3/1/2013 2:50:53 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0 Description = 1:50:53 PM - Error connecting to the internet. 1:50:53 PM - Unable to contact server.. Error - 3/1/2013 3:50:58 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0 Description = 2:50:58 PM - Error connecting to the internet. 2:50:58 PM - Unable to contact server.. Error - 3/1/2013 3:51:03 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0 Description = 2:51:03 PM - Error connecting to the internet. 2:51:03 PM - Unable to contact server.. Error - 3/1/2013 4:52:04 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0 Description = 3:52:04 PM - Error connecting to the internet. 3:52:04 PM - Unable to contact server.. Error - 3/1/2013 4:52:09 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0 Description = 3:52:09 PM - Error connecting to the internet. 3:52:09 PM - Unable to contact server.. Error - 3/2/2013 1:29:51 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0 Description = 12:29:49 PM - Error connecting to the internet. 12:29:49 PM - Unable to contact server.. Error - 3/2/2013 2:29:57 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0 Description = 1:29:56 PM - Error connecting to the internet. 1:29:56 PM - Unable to contact server.. [ System Events ] Error - 2/23/2013 8:15:41 PM | Computer Name = Jacob | Source = Service Control Manager | ID = 7000 Description = The Steam Client Service service failed to start due to the following error: %%1053 Error - 2/24/2013 5:49:32 PM | Computer Name = Jacob | Source = EventLog | ID = 6008 Description = The previous system shutdown at 4:19:47 PM on ?2/?24/?2013 was unexpected. Error - 2/24/2013 7:38:30 PM | Computer Name = Jacob | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Error - 2/24/2013 7:38:30 PM | Computer Name = Jacob | Source = Service Control Manager | ID = 7000 Description = The Steam Client Service service failed to start due to the following error: %%1053 Error - 2/25/2013 9:54:51 PM | Computer Name = Jacob | Source = DCOM | ID = 10001 Description = Error - 2/25/2013 9:55:27 PM | Computer Name = Jacob | Source = DCOM | ID = 10001 Description = Error - 2/25/2013 9:55:29 PM | Computer Name = Jacob | Source = DCOM | ID = 10001 Description = Error - 2/25/2013 10:50:52 PM | Computer Name = Jacob | Source = DCOM | ID = 10001 Description = Error - 2/26/2013 6:07:26 PM | Computer Name = Jacob | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Error - 2/26/2013 6:07:26 PM | Computer Name = Jacob | Source = Service Control Manager | ID = 7000 Description = The Steam Client Service service failed to start due to the following error: %%1053 < End of report >
  6. Thanks again OTL logfile created on: 3/3/2013 5:54:41 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\airso_000\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16484) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 15.83 Gb Total Physical Memory | 13.77 Gb Available Physical Memory | 87.02% Memory free 31.83 Gb Paging File | 29.57 Gb Available in Paging File | 92.92% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 238.37 Gb Total Space | 67.18 Gb Free Space | 28.18% Space Free | Partition Type: NTFS Drive D: | 447.13 Gb Total Space | 48.16 Gb Free Space | 10.77% Space Free | Partition Type: NTFS Computer Name: JACOB | User Name: airso_000 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/03/03 17:52:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\airso_000\Desktop\OTL.exe PRC - [2013/02/25 07:39:34 | 001,602,984 | ---- | M] (Valve Corporation) -- D:\Steam\steam.exe PRC - [2013/02/25 07:39:32 | 000,543,144 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe PRC - [2013/02/23 19:15:17 | 003,494,992 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe PRC - [2013/02/09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2013/01/18 21:51:31 | 001,129,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe PRC - [2013/01/18 21:50:09 | 002,070,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013/01/14 18:31:30 | 007,437,824 | ---- | M] (Google Inc.) -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\MusicManager.exe PRC - [2012/12/26 17:18:06 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012/12/18 14:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/11/19 03:57:28 | 000,166,968 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe PRC - [2012/11/19 03:57:24 | 000,420,920 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe PRC - [2012/11/15 11:21:58 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe PRC - [2012/09/18 15:41:02 | 000,191,488 | ---- | M] () -- C:\Users\airso_000\My Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe PRC - [2012/09/13 02:38:44 | 000,204,136 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe PRC - [2012/09/13 02:38:20 | 000,264,040 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe PRC - [2012/08/22 22:53:56 | 000,103,424 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CtHdaSvc.exe PRC - [2012/08/22 03:55:04 | 000,964,096 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe PRC - [2012/08/17 15:43:54 | 003,134,232 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe PRC - [2012/07/11 04:16:36 | 002,014,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe PRC - [2011/08/30 15:55:54 | 000,160,256 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe PRC - [2011/08/19 11:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe ========== Modules (No Company Name) ========== MOD - [2013/02/25 07:39:32 | 000,988,584 | ---- | M] () -- D:\Steam\bin\chromehtml.dll MOD - [2013/02/23 19:15:17 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Origin\tufao.dll MOD - [2013/02/19 11:48:10 | 020,340,648 | ---- | M] () -- D:\Steam\bin\libcef.dll MOD - [2013/02/13 17:20:01 | 012,700,160 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\9c95779cc3d65cda80695cabc367476b\System.Windows.Forms.ni.dll MOD - [2013/02/09 22:25:27 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll MOD - [2013/01/14 18:19:36 | 000,344,064 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll MOD - [2013/01/14 18:19:22 | 000,231,936 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll MOD - [2013/01/14 18:18:54 | 000,253,440 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\libid3tag.dll MOD - [2013/01/14 18:18:44 | 000,117,248 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\libaacdec.dll MOD - [2013/01/10 20:49:47 | 007,561,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e1ec8b9a6d4f9af9d6065c4187fb1b5f\System.Xml.ni.dll MOD - [2013/01/10 20:49:45 | 001,880,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\f641b786d36d1cc5a5531a746c96ce1b\System.Xaml.ni.dll MOD - [2013/01/10 20:49:30 | 001,631,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\38638a559066bf7f2325a53ed53629bc\System.Drawing.ni.dll MOD - [2013/01/10 20:49:26 | 018,542,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\8347ac8367f91309fa888d79a54c7450\PresentationFramework.ni.dll MOD - [2013/01/10 20:49:20 | 010,926,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\1c7f4533b2b24c10a628793a8b93e1a7\PresentationCore.ni.dll MOD - [2013/01/10 20:49:16 | 003,910,144 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\15cc4fff434f274c1f6ab56a385dcb54\WindowsBase.ni.dll MOD - [2013/01/10 20:49:12 | 009,937,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\a7811936e59aaee26b1d9d467174d6d4\System.ni.dll MOD - [2013/01/10 20:49:08 | 016,544,768 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\374a0cc6603f58864831897ef723bd4a\mscorlib.ni.dll MOD - [2013/01/10 15:01:44 | 000,026,624 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll MOD - [2013/01/10 15:01:26 | 010,683,392 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll MOD - [2013/01/10 15:01:24 | 001,681,408 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll MOD - [2013/01/10 15:01:22 | 007,741,952 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\QtGui4.dll MOD - [2013/01/10 15:01:20 | 002,248,192 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\QtCore4.dll MOD - [2012/12/18 18:28:50 | 000,647,168 | ---- | M] () -- D:\Steam\sdl.dll MOD - [2012/12/11 09:51:10 | 001,100,800 | ---- | M] () -- D:\Steam\bin\avcodec-53.dll MOD - [2012/12/11 09:51:10 | 000,192,000 | ---- | M] () -- D:\Steam\bin\avformat-53.dll MOD - [2012/12/11 09:51:10 | 000,124,416 | ---- | M] () -- D:\Steam\bin\avutil-51.dll MOD - [2012/11/19 03:57:28 | 000,166,968 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe MOD - [2012/11/19 03:57:24 | 000,420,920 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe MOD - [2012/11/08 08:25:04 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll MOD - [2012/11/08 08:23:26 | 000,339,968 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll MOD - [2012/11/08 08:12:20 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll MOD - [2012/11/08 08:08:28 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll MOD - [2012/11/08 08:06:28 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll MOD - [2012/11/08 07:56:16 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll MOD - [2012/11/08 07:46:16 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTMUI.dll MOD - [2012/11/08 07:24:12 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTUI.dll MOD - [2012/11/08 07:21:52 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTFC.dll MOD - [2012/09/18 15:41:02 | 000,191,488 | ---- | M] () -- C:\Users\airso_000\My Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe MOD - [2012/09/13 02:39:18 | 000,336,232 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll MOD - [2012/09/13 02:38:52 | 007,955,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll MOD - [2012/09/13 02:38:52 | 000,341,352 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll MOD - [2012/09/13 02:38:52 | 000,127,336 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll MOD - [2012/09/13 02:38:52 | 000,028,008 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll MOD - [2012/09/13 02:38:44 | 002,144,104 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll MOD - [2012/09/13 02:38:20 | 000,264,040 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe MOD - [2012/08/17 20:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll MOD - [2011/04/30 10:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll MOD - [2011/04/30 10:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTTSH.dll ========== Services (SafeList) ========== SRV:64bit: - [2013/01/09 18:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2013/01/09 18:22:53 | 000,464,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2013/01/09 18:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2012/12/05 23:23:00 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:64bit: - [2012/12/05 23:22:59 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2012/11/15 12:22:04 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2012/11/05 23:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2012/11/05 23:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2012/09/20 04:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:64bit: - [2012/09/20 01:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2012/09/20 01:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2012/09/06 01:53:46 | 000,170,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel® SRV:64bit: - [2012/08/01 16:11:36 | 000,490,496 | ---- | M] () [Auto | Running] -- C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe -- (Qualcomm Atheros Killer Service) SRV:64bit: - [2012/07/25 22:17:59 | 000,015,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:64bit: - [2012/07/25 22:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2012/07/25 22:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2012/07/25 22:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2012/07/25 22:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2012/07/25 22:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2012/07/25 22:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2012/07/25 22:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2012/07/25 22:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2012/07/25 22:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2012/07/25 22:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2012/07/25 22:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2012/07/25 22:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent) SRV:64bit: - [2012/07/25 22:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV - [2013/03/02 17:59:38 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2013/03/02 17:59:36 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service) SRV - [2013/02/25 07:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013/02/09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013/01/18 21:50:09 | 002,070,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013/01/03 15:47:43 | 000,488,704 | ---- | M] (JRiver, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\J River\Media Center 18\JRService.exe -- (Media Center 18 Service) SRV - [2012/12/26 17:18:06 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012/12/18 14:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012/11/15 11:21:58 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP) SRV - [2012/11/05 23:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2012/10/10 02:22:26 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012/08/22 22:53:56 | 000,103,424 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Windows\SysWOW64\CtHdaSvc.exe -- (CtHdaSvc) SRV - [2012/08/10 12:42:54 | 000,150,464 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2012/07/25 22:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2011/08/30 15:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) SRV - [2011/08/19 11:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/02/25 23:56:58 | 000,050,088 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\klwfp.sys -- (klwfp) DRV:64bit: - [2013/01/09 20:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2013/01/09 20:39:29 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2012/12/19 00:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/12/05 07:03:59 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\klkbdflt.sys -- (klkbdflt) DRV:64bit: - [2012/11/26 22:56:29 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2012/11/26 22:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2012/11/19 23:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2012/11/15 13:13:32 | 011,270,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012/11/15 11:57:48 | 000,546,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012/11/15 11:22:26 | 000,612,696 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\klif.sys -- (KLIF) DRV:64bit: - [2012/11/06 02:52:07 | 000,445,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2012/11/06 02:36:23 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc) DRV:64bit: - [2012/11/05 22:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM) DRV:64bit: - [2012/10/26 15:42:22 | 004,758,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lvuvc64.sys -- (LVUVC64) DRV:64bit: - [2012/10/26 15:42:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lvrs64.sys -- (LVRS64) DRV:64bit: - [2012/10/26 09:11:57 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\klmouflt.sys -- (klmouflt) DRV:64bit: - [2012/10/12 03:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/10/11 02:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2012/10/11 02:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam) DRV:64bit: - [2012/10/10 22:51:49 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\serscan.sys -- (StillCam) DRV:64bit: - [2012/10/10 02:22:28 | 005,343,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2012/09/20 02:55:33 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2012/09/20 02:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000) DRV:64bit: - [2012/09/20 02:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2012/09/20 02:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2012/09/20 02:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2012/09/20 02:03:08 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM) DRV:64bit: - [2012/08/22 22:58:48 | 001,044,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\cthda.sys -- (cthda) DRV:64bit: - [2012/08/21 11:56:38 | 000,091,648 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService) DRV:64bit: - [2012/08/13 15:49:40 | 000,178,008 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\kneps.sys -- (kneps) DRV:64bit: - [2012/08/10 02:40:54 | 000,452,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\e1c63x64.sys -- (e1cexpress) DRV:64bit: - [2012/08/02 14:09:32 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\klim6.sys -- (KLIM6) DRV:64bit: - [2012/08/01 16:12:40 | 000,164,720 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\e22w8x64.sys -- (Ke2200) DRV:64bit: - [2012/08/01 16:12:40 | 000,073,072 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\bwcW8x64.sys -- (BfLwf) DRV:64bit: - [2012/07/27 17:38:24 | 000,029,616 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\klelam.sys -- (klelam) DRV:64bit: - [2012/07/26 00:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/07/26 00:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv) DRV:64bit: - [2012/07/26 00:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2012/07/26 00:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2012/07/26 00:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2012/07/26 00:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2012/07/26 00:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2012/07/26 00:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci) DRV:64bit: - [2012/07/26 00:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2012/07/26 00:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2012/07/26 00:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2012/07/26 00:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2012/07/26 00:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2012/07/26 00:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2012/07/26 00:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2012/07/26 00:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2012/07/26 00:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware) DRV:64bit: - [2012/07/26 00:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2012/07/26 00:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2012/07/25 23:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS) DRV:64bit: - [2012/07/25 23:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2012/07/25 23:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci) DRV:64bit: - [2012/07/25 23:44:30 | 000,258,288 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2012/07/25 23:36:15 | 000,034,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2012/07/25 22:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2012/07/25 21:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2012/07/25 21:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2012/07/25 21:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2012/07/25 21:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo) DRV:64bit: - [2012/07/25 21:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2012/07/25 21:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2012/07/25 21:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2012/07/25 21:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2012/07/25 21:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2012/07/25 21:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2012/07/25 21:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2012/07/25 21:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2012/07/25 21:26:57 | 000,089,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\xusb22.sys -- (xusb22) DRV:64bit: - [2012/07/25 21:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2012/07/25 21:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2012/07/25 21:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012/07/25 21:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2012/07/25 21:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2012/07/25 21:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/07/25 21:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid) DRV:64bit: - [2012/07/25 21:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp) DRV:64bit: - [2012/07/25 21:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr) DRV:64bit: - [2012/07/25 21:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr) DRV:64bit: - [2012/07/25 21:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp) DRV:64bit: - [2012/07/25 21:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2012/07/25 21:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2012/07/25 21:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2012/07/17 17:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2012/06/19 16:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\kl1.sys -- (kl1) DRV:64bit: - [2012/06/02 09:31:38 | 000,333,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1i63x64.sys -- (e1iexpress) DRV - [2013/01/06 10:32:20 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2013/01/06 10:32:12 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2012/11/19 03:57:24 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64) DRV - [2012/11/11 23:32:57 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/ IE - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US IE - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C1 23 6D A4 47 11 CE 01 [binary data] IE - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@kaspersky.com/Password Manager: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\npkpmAutofill.dll (Kaspersky Lab) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\airso_000\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\airso_000\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012/12/20 17:43:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012/12/20 17:43:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012/12/20 17:43:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012/12/20 17:43:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012/12/20 17:43:12 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\pdf.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\plugin/npUrlAdvisor.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\plugin/online_banking_npapi.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\plugin/npVKPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\plugin/npABPlugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - Extension: YouTube = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Google Search = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Kaspersky URL Advisor = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\ CHR - Extension: Password Manager Autofill Engine = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddagfbbgmdhmolnjoaghlapikdcahbbl\5.0.0.169\ CHR - Extension: Safe Money = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\ CHR - Extension: Virtual Keyboard = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\ CHR - Extension: Gmail = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ CHR - Extension: Anti-Banner = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\ O1 HOSTS File: ([2012/07/26 00:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [ghost] C:\Users\airso_000\My Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe () O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [sound Blaster Recon3Di Control Panel] C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe (Creative Technology Ltd) O4 - HKLM..\Run: [updReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.) O4 - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) O4 - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001..\Run: [HP Photosmart 6510 series (NET)] C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.) O4 - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001..\Run: [KasperskyPasswordManager] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe (Kaspersky Lab) O4 - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001..\Run: [MusicManager] C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.) O4 - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001..\Run: [steam] D:\Steam\steam.exe (Valve Corporation) O4 - Startup: C:\Users\airso_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk = C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab (Creative Software AutoUpdate) O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A7939EEC-125A-4D78-9471-DF5ABD644C2D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5F6885D-1307-4019-B255-6D2284AAA4F4}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL) - File not found O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll) - File not found O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/03/03 17:52:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\airso_000\Desktop\OTL.exe [2013/03/03 11:32:58 | 005,036,301 | ---- | C] (Swearware) -- C:\Users\airso_000\Desktop\ComboFix.exe [2013/03/02 17:59:37 | 002,906,590 | ---- | C] (Creative) -- C:\WINDOWS\SysWow64\Sens_oal.dll [2013/03/02 17:59:37 | 001,944,064 | ---- | C] (Creative) -- C:\WINDOWS\SysNative\Sens_oal.dll [2013/03/02 17:59:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared [2013/03/02 17:59:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative [2013/03/02 15:26:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro [2013/03/02 15:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro [2013/03/02 15:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2013/02/25 12:11:33 | 000,000,000 | ---D | C] -- C:\Users\airso_000\Documents\JRiver [2013/02/24 21:26:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JRiver Media Center 18 [2013/02/24 21:25:54 | 000,585,728 | ---- | C] (Audible Inc.) -- C:\WINDOWS\SysWow64\AReadyLB.dll [2013/02/24 21:25:54 | 000,585,728 | ---- | C] (Audible Inc.) -- C:\WINDOWS\SysNative\AReadyLB.dll [2013/02/24 21:25:54 | 000,521,472 | ---- | C] (JRiver, Inc.) -- C:\WINDOWS\SysWow64\MC18.exe [2013/02/24 21:25:54 | 000,521,472 | ---- | C] (JRiver, Inc.) -- C:\WINDOWS\SysNative\MC18.exe [2013/02/24 21:25:54 | 000,229,376 | ---- | C] (Audible Inc.) -- C:\WINDOWS\SysWow64\AudDevicePlugin.dll [2013/02/24 21:25:54 | 000,229,376 | ---- | C] (Audible Inc.) -- C:\WINDOWS\SysNative\AudDevicePlugin.dll [2013/02/24 21:25:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\J River [2013/02/24 21:25:31 | 000,000,000 | ---D | C] -- C:\Users\airso_000\AppData\Roaming\J River [2013/02/24 16:40:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps [2013/02/24 16:40:15 | 000,000,000 | ---D | C] -- C:\Fraps [2013/02/23 01:08:51 | 000,000,000 | ---D | C] -- C:\Users\airso_000\AppData\Roaming\NVIDIA [2013/02/19 19:12:03 | 000,000,000 | ---D | C] -- C:\Users\airso_000\Documents\GIGABYTE [2013/02/19 18:55:35 | 000,000,000 | ---D | C] -- C:\Users\airso_000\Documents\New folder [2013/02/18 21:10:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\NV [2013/02/18 21:10:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\NV [2013/02/18 21:09:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Users\airso_000\Documents\*.tmp files -> C:\Users\airso_000\Documents\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/03/03 17:52:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\airso_000\Desktop\OTL.exe [2013/03/03 17:40:00 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013/03/03 17:09:00 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2300135977-2110550730-3846344849-1001UA.job [2013/03/03 15:51:06 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013/03/03 15:44:06 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/03/03 11:33:04 | 005,036,301 | ---- | M] (Swearware) -- C:\Users\airso_000\Desktop\ComboFix.exe [2013/03/02 21:09:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2300135977-2110550730-3846344849-1001Core.job [2013/03/02 18:04:55 | 000,848,230 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2013/03/02 18:04:55 | 000,718,176 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2013/03/02 18:04:55 | 000,132,542 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2013/03/02 18:00:41 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013/03/02 18:00:38 | 710,094,845 | -HS- | M] () -- C:\hiberfil.sys [2013/03/02 17:59:39 | 000,466,520 | ---- | M] (Creative Labs) -- C:\WINDOWS\SysNative\wrap_oal.dll [2013/03/02 17:59:39 | 000,445,016 | ---- | M] (Creative Labs) -- C:\WINDOWS\SysWow64\wrap_oal.dll [2013/03/02 17:59:22 | 000,000,078 | RH-- | M] () -- C:\WINDOWS\ctfile.rfc [2013/02/27 19:00:21 | 000,608,386 | ---- | M] () -- C:\Users\airso_000\Desktop\Puppy.png [2013/02/25 23:56:58 | 000,050,088 | ---- | M] (Kaspersky Lab ZAO) -- C:\WINDOWS\SysNative\drivers\klwfp.sys [2013/02/25 21:00:54 | 000,871,124 | ---- | M] () -- C:\Users\airso_000\Documents\Scan.tif [2013/02/25 20:54:45 | 000,101,276 | ---- | M] () -- C:\Users\airso_000\Documents\Scan0001.jpg [2013/02/24 21:25:54 | 000,000,076 | ---- | M] () -- C:\WINDOWS\SysWow64\netjr32.dll [2013/02/24 16:40:15 | 000,000,562 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk [2013/02/19 19:12:03 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\AIVIA Ghost.lnk [2013/02/18 21:10:31 | 000,002,137 | ---- | M] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk [2013/02/18 17:07:40 | 000,430,736 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2013/02/18 17:07:35 | 2044,614,785 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2013/02/09 22:25:27 | 000,017,738 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb [2013/02/09 08:25:36 | 003,035,306 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Users\airso_000\Documents\*.tmp files -> C:\Users\airso_000\Documents\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/02/27 19:00:21 | 000,608,386 | ---- | C] () -- C:\Users\airso_000\Desktop\Puppy.png [2013/02/25 21:00:53 | 000,871,124 | ---- | C] () -- C:\Users\airso_000\Documents\Scan.tif [2013/02/25 20:54:45 | 000,101,276 | ---- | C] () -- C:\Users\airso_000\Documents\Scan0001.jpg [2013/02/24 21:25:54 | 000,183,129 | ---- | C] () -- C:\WINDOWS\SysWow64\AM Install1.INF [2013/02/24 21:25:54 | 000,183,129 | ---- | C] () -- C:\WINDOWS\SysNative\AM Install1.INF [2013/02/24 21:25:54 | 000,000,076 | ---- | C] () -- C:\WINDOWS\SysWow64\netjr32.dll [2013/02/24 16:40:15 | 000,000,562 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk [2013/02/19 19:12:03 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\AIVIA Ghost.lnk [2013/02/18 21:10:31 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk [2013/02/18 21:10:05 | 003,035,306 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin [2013/02/18 17:07:38 | 000,430,736 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2013/02/12 18:45:44 | 000,386,577 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml [2012/12/04 18:25:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2012/11/20 21:02:40 | 002,250,024 | ---- | C] () -- C:\WINDOWS\SysWow64\pbsvc.exe [2012/11/17 17:56:13 | 000,200,704 | ---- | C] () -- C:\WINDOWS\SysWow64\HsMgr.exe [2012/11/15 12:17:54 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat [2012/11/15 12:17:54 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat [2012/11/11 23:31:24 | 000,030,528 | ---- | C] () -- C:\WINDOWS\GVTDrv64.sys [2012/11/07 22:48:44 | 000,281,688 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe [2012/11/07 22:48:44 | 000,076,888 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe [2012/11/02 17:44:27 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2012/10/26 15:42:24 | 000,336,232 | ---- | C] () -- C:\WINDOWS\SysWow64\DevManagerCore.dll [2012/10/26 15:42:22 | 010,919,784 | ---- | C] () -- C:\WINDOWS\SysWow64\LogiDPP.dll [2012/10/26 15:42:22 | 000,103,272 | ---- | C] () -- C:\WINDOWS\SysWow64\LogiDPPApp.exe [2012/10/26 06:53:06 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2012/10/10 02:22:34 | 000,064,512 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll [2012/10/10 02:22:32 | 000,598,780 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin [2012/10/10 02:22:16 | 000,755,048 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin [2012/09/28 10:45:06 | 000,247,296 | ---- | C] () -- C:\WINDOWS\SysWow64\rtvcvfw32.dll [2012/07/26 03:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2012/07/26 03:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2012/07/26 02:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012/07/25 21:20:08 | 000,018,109 | ---- | C] () -- C:\WINDOWS\SysWow64\netpmm32.dll [2012/07/25 20:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2012/07/25 15:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2012/07/25 15:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2012/06/02 09:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2011/09/28 16:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\SysWow64\xlive.dll.cat [2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2012/10/27 16:38:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/01/09 18:23:07 | 019,791,360 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/01/09 18:26:23 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 22:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 22:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 22:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012/11/12 07:10:00 | 000,000,000 | ---D | M] -- C:\Users\airso_000\AppData\Roaming\Amazon [2013/02/24 21:25:31 | 000,000,000 | ---D | M] -- C:\Users\airso_000\AppData\Roaming\J River [2012/10/26 19:38:38 | 000,000,000 | ---D | M] -- C:\Users\airso_000\AppData\Roaming\Leadertech [2013/03/03 16:29:31 | 000,000,000 | ---D | M] -- C:\Users\airso_000\AppData\Roaming\MediaMonkey [2012/12/02 10:39:06 | 000,000,000 | ---D | M] -- C:\Users\airso_000\AppData\Roaming\Origin ========== Purity Check ========== < End of report >
  7. I cannot run combofix because I am running windows 8 pro 64bit, I tried to run it however it will not let me
  8. Error message can be seen by looking at profile pic
  9. Thanks for your help, no threats were found, however when I first started (started it twice, it came back it came up with this error message Malwarebytes Anti-Rootkit BETA 1.01.0.1021 www.malwarebytes.org Database version: v2013.03.02.11 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16484 airso_000 :: JACOB [administrator] 3/2/2013 2:24:54 PM mbar-log-2013-03-02 (14-24-54).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 34566 Time elapsed: 5 minute(s), 49 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.01.0.1021 © Malwarebytes Corporation 2011-2012 OS version: 6.2.9200 Windows 8 x64 Account is Administrative Internet Explorer version: 10.0.9200.16484 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 3.501000 GHz Memory total: 16993746944, free: 11810353152 ------------ Kernel report ------------ 03/02/2013 07:13:18 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\System32\Drivers\WppRecorder.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\system32\drivers\tpm.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\DRIVERS\kl1.sys \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\storahci.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\DRIVERS\wfplwfs.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\drivers\cdrom.sys \SystemRoot\system32\DRIVERS\klif.sys \SystemRoot\system32\DRIVERS\klflt.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\BasicRender.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\System32\drivers\BasicDisplay.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\system32\DRIVERS\klwfp.sys \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\system32\drivers\ws2ifsl.sys \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\klim6.sys \SystemRoot\system32\DRIVERS\bwcW8x64.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\csc.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \SystemRoot\system32\DRIVERS\kneps.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\System32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\serscan.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\DRIVERS\kdnic.sys \SystemRoot\System32\drivers\umbus.sys \SystemRoot\system32\DRIVERS\nvlddmkm.sys \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\USBXHCI.SYS \SystemRoot\System32\drivers\ucx01000.sys \SystemRoot\System32\drivers\HECIx64.sys \SystemRoot\system32\DRIVERS\e1c63x64.sys \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\System32\drivers\1394ohci.sys \SystemRoot\system32\DRIVERS\e22w8x64.sys \SystemRoot\System32\drivers\wmiacpi.sys \SystemRoot\System32\drivers\intelppm.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\System32\drivers\swenum.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\System32\drivers\USBD.SYS \SystemRoot\system32\drivers\nvhda64v.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\System32\drivers\UsbHub3.sys \SystemRoot\system32\drivers\cthda.sys \SystemRoot\system32\drivers\HdAudio.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\Drivers\dump_storahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\drivers\usbccgp.sys \SystemRoot\System32\drivers\hidusb.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\drivers\kbdhid.sys \SystemRoot\system32\DRIVERS\klkbdflt.sys \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\System32\drivers\mouhid.sys \SystemRoot\system32\DRIVERS\klmouflt.sys \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\system32\drivers\usbaudio.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\luafv.sys \??\C:\WINDOWS\system32\drivers\mbam.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\drivers\Ndu.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\System32\drivers\condrv.sys \SystemRoot\system32\DRIVERS\mslldp.sys \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\drivers\qwavedrv.sys \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys ----------- End ----------- <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xfffffa800da38060 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\0000003c\ Lower Device Object: 0xfffffa800d8507f0 Lower Device Driver Name: \Driver\storahci\ Driver name found: storahci Initialization returned 0x0 Port sub-driver loaded: \??\C:\Windows\System32\Drivers\storport.sys (0x0) Load Function returned 0x0 <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa800da39060 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\0000003b\ Lower Device Object: 0xfffffa800d7827f0 Lower Device Driver Name: \Driver\storahci\ Driver name found: storahci Downloaded database version: v2013.03.02.05 Initializing... Done! <<<2>>> Device number: 1, partition: 2 Physical Sector Size: 512 Drive: 1, DevicePointer: 0xfffffa800da38060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800da38b10, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800da38060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ DevicePointer: 0xfffffa800d84f7e0, DeviceName: Unknown, DriverName: \Driver\ACPI\ DevicePointer: 0xfffffa800d8507f0, DeviceName: \Device\0000003c\, DriverName: \Driver\storahci\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ Upper DeviceData: 0xfffff8a01e94fed0, 0xfffffa800da38060, 0xfffffa807863b740 Lower DeviceData: 0xfffff8a02aed38a0, 0xfffffa800d8507f0, 0xfffffa8077f65310 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning directory: C:\WINDOWS\system32\drivers... <<<2>>> Device number: 1, partition: 2 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa800da39060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800da39b10, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800da39060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ DevicePointer: 0xfffffa800d84f9e0, DeviceName: Unknown, DriverName: \Driver\ACPI\ DevicePointer: 0xfffffa800d7827f0, DeviceName: \Device\0000003b\, DriverName: \Driver\storahci\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ Upper DeviceData: 0xfffff8a024c8ddb0, 0xfffffa800da39060, 0xfffffa807861a740 Lower DeviceData: 0xfffff8a000c93ea0, 0xfffffa800d7827f0, 0xfffffa8075b853e0 Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 3CE1CBFD Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 937697280 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 480103981056 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-937683088-937703088)... Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: E630913E Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 204800 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 206848 Numsec = 499908608 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 256060514304 bytes Sector size: 512 bytes Done! Performing system, memory and registry scan... Done! Scan finished ======================================= DDs Logs DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16482 Run by airso_000 at 14:27:33 on 2013-03-02 Microsoft Windows 8 Pro with Media Center 6.2.9200.0.1252.1.1033.18.16206.11583 [GMT -5:00] . AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\system32\atiesrxx.exe C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\dwm.exe C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\atieclxx.exe C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\WINDOWS\system32\nvvsvc.exe C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe C:\WINDOWS\sysWow64\CtHdaSvc.exe C:\WINDOWS\system32\IProsetMonitor.exe C:\WINDOWS\system32\dashost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\WINDOWS\SysWOW64\PnkBstrA.exe C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\taskhostex.exe C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe C:\Windows\System32\WWAHost.exe C:\Windows\System32\RuntimeBroker.exe C:\WINDOWS\WinStore\WSHost.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\MusicManager.exe C:\Program Files (x86)\Origin\Origin.exe C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Users\airso_000\Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe D:\Steam\steam.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\WINDOWS\system32\wwahost.exe C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe\LiveComm.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll uRun: [steam] "D:\Steam\steam.exe" -silent uRun: [KasperskyPasswordManager] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe uRun: [Google Update] "C:\Users\airso_000\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [MusicManager] "C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart uRun: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN278521PD05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1 mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe" mRun: [sound Blaster Recon3Di Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe" /r mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [ghost] C:\Users\airso_000\Documents\GIGABYTE\AIVIA GHOST\ghostopen.exe mRunOnce: [Z1] cmd /c "C:\Users\airso_000\Downloads\mbar-1.01.0.1021\mbar\mbar.exe" /cleanup /s StartupFolder: C:\Users\AIRSO_~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SAMSUN~1.LNK - C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\QUALCO~1.LNK - C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll LSP: %SYSTEMROOT%\system32\BfLLR.dll DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{A7939EEC-125A-4D78-9471-DF5ABD644C2D} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{C5F6885D-1307-4019-B255-6D2284AAA4F4} : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll,C:\WINDOWS\SysWOW64\nvinit.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll x64-Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" -f "C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat" x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R1 BfLwf;Qualcomm Atheros Bandwidth Control;C:\WINDOWS\System32\Drivers\bwcW8x64.sys [2012-8-1 73072] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\WINDOWS\System32\Drivers\klim6.sys [2012-8-2 28504] R1 klwfp;klwfp;C:\WINDOWS\System32\Drivers\klwfp.sys [2012-8-3 50088] R1 kneps;kneps;C:\WINDOWS\System32\Drivers\kneps.sys [2012-8-13 178008] R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2012-11-15 240640] R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-8-17 356376] R2 CtHdaSvc;SB Recon3D Service;C:\Windows\SysWOW64\CtHdaSvc.exe [2012-8-22 103424] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\WINDOWS\System32\IPROSetMonitor.exe [2012-9-6 170824] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-30 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-30 682344] R2 Qualcomm Atheros Killer Service;Qualcomm Atheros Killer Service;C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [2012-8-1 490496] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-2-9 383264] R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848] R3 cthda;SB Recon3D HDAudio;C:\WINDOWS\System32\Drivers\cthda.sys [2012-8-22 1044320] R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2012-11-11 160256] R3 Ke2200;NDIS Miniport Driver for the Killer e2200 Gigabit Ethernet Controller;C:\WINDOWS\System32\Drivers\e22w8x64.sys [2012-8-1 164720] R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\WINDOWS\System32\Drivers\klkbdflt.sys [2012-5-25 29016] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\WINDOWS\System32\Drivers\klmouflt.sys [2012-7-25 29528] R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\Drivers\mbam.sys [2012-11-30 24176] R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2012-11-19 13368] S0 klelam;klelam;C:\WINDOWS\System32\Drivers\klelam.sys [2012-7-27 29616] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\Drivers\AtihdW86.sys [2012-8-21 91648] S3 etdrv;etdrv;C:\Windows\etdrv.sys [2012-11-11 25640] S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-12-9 150464] S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2012-11-11 30528] S3 LVRS64;Logitech RightSound Filter Driver;C:\WINDOWS\System32\Drivers\lvrs64.sys [2012-10-26 351520] S3 LVUVC64;@oem13.inf,%PID_082D_DD%(UVC);Logitech HD Pro Webcam C920(UVC);C:\WINDOWS\System32\Drivers\lvuvc64.sys [2012-10-26 4758176] S3 Media Center 18 Service;Media Center 18 Service;C:\Program Files (x86)\J River\Media Center 18\JRService.exe [2013-2-24 488704] S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-25 117248] S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\Drivers\WUDFRd.sys [2012-7-25 198656] S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\WINDOWS\System32\Drivers\xusb22.sys [2012-7-25 89088] . =============== Created Last 30 ================ . 2013-03-01 23:12:44 443392 ----a-w- C:\WINDOWS\System32\ReAgent.dll 2013-03-01 23:12:44 375808 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll 2013-03-01 23:12:44 1010688 ----a-w- C:\WINDOWS\System32\reseteng.dll 2013-02-25 02:25:54 76 ----a-w- C:\WINDOWS\SysWow64\netjr32.dll 2013-02-25 02:25:54 585728 ------w- C:\WINDOWS\SysWow64\AReadyLB.dll 2013-02-25 02:25:54 585728 ------w- C:\WINDOWS\System32\AReadyLB.dll 2013-02-25 02:25:54 521472 ------w- C:\WINDOWS\SysWow64\MC18.exe 2013-02-25 02:25:54 521472 ------w- C:\WINDOWS\System32\MC18.exe 2013-02-25 02:25:54 229376 ------w- C:\WINDOWS\SysWow64\AudDevicePlugin.dll 2013-02-25 02:25:54 229376 ------w- C:\WINDOWS\System32\AudDevicePlugin.dll 2013-02-25 02:25:54 -------- d-----w- C:\Program Files (x86)\J River 2013-02-25 02:25:31 -------- d-----w- C:\Users\airso_000\AppData\Roaming\J River 2013-02-24 21:40:15 -------- d-----w- C:\Fraps 2013-02-23 06:08:51 -------- d-----w- C:\Users\airso_000\AppData\Roaming\NVIDIA 2013-02-19 02:10:07 -------- d-----w- C:\WINDOWS\SysWow64\NV 2013-02-19 02:10:07 -------- d-----w- C:\WINDOWS\System32\NV 2013-02-19 02:10:05 877856 ----a-w- C:\WINDOWS\System32\nvvsvc.exe 2013-02-19 02:10:05 6393120 ----a-w- C:\WINDOWS\System32\nvcpl.dll 2013-02-19 02:10:05 63776 ----a-w- C:\WINDOWS\System32\nvshext.dll 2013-02-19 02:10:05 3472672 ----a-w- C:\WINDOWS\System32\nvsvc64.dll 2013-02-19 02:10:05 3035306 ----a-w- C:\WINDOWS\System32\nvcoproc.bin 2013-02-19 02:10:05 237856 ----a-w- C:\WINDOWS\System32\nvmctray.dll 2013-02-19 02:09:55 -------- d-----w- C:\ProgramData\NVIDIA Corporation 2013-02-19 02:09:37 31672 ----a-w- C:\WINDOWS\System32\nvhdap64.dll 2013-02-19 02:09:37 194488 ----a-w- C:\WINDOWS\System32\drivers\nvhda64v.sys 2013-02-19 02:09:37 1807136 ----a-w- C:\WINDOWS\System32\nvdispco6420294.dll 2013-02-19 02:09:37 1510328 ----a-w- C:\WINDOWS\System32\nvhdagenco6420103.dll 2013-02-19 02:09:37 1510176 ----a-w- C:\WINDOWS\System32\nvdispgenco6420162.dll 2013-02-12 23:44:04 4055552 ----a-w- C:\WINDOWS\System32\win32k.sys 2013-02-09 23:43:52 555808 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe 2013-02-05 05:28:00 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll . ==================== Find3M ==================== . 2013-02-26 04:56:58 50088 ----a-w- C:\WINDOWS\System32\drivers\klwfp.sys 2013-02-21 07:29:31 78168 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl 2013-02-21 07:29:30 692568 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe 2013-01-31 03:29:52 2226408 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys 2013-01-16 00:35:49 44032 ----a-w- C:\WINDOWS\SysWow64\UXInit.dll 2013-01-16 00:31:26 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll 2013-01-16 00:25:17 1437696 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll 2013-01-16 00:23:19 1690624 ----a-w- C:\WINDOWS\System32\GdiPlus.dll 2013-01-14 03:56:14 6967016 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe 2013-01-10 01:53:32 28904 ----a-w- C:\WINDOWS\System32\drivers\msgpiowin32.sys 2013-01-10 01:40:39 1448168 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys 2013-01-10 01:40:38 303848 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys 2013-01-10 01:39:29 194280 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys 2013-01-10 01:39:22 124648 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys 2013-01-10 01:29:56 91880 ----a-w- C:\WINDOWS\System32\drivers\partmgr.sys 2013-01-10 01:29:54 1934056 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys 2013-01-10 01:29:21 785504 ----a-w- C:\WINDOWS\System32\drivers\Wdf01000.sys 2013-01-09 23:26:53 83968 ----a-w- C:\WINDOWS\SysWow64\wiaacmgr.exe 2013-01-09 23:26:46 1611776 ----a-w- C:\WINDOWS\SysWow64\mmc.exe 2013-01-09 23:26:35 410624 ----a-w- C:\WINDOWS\SysWow64\Windows.Networking.dll 2013-01-09 23:26:35 261120 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll 2013-01-09 23:26:25 278528 ----a-w- C:\WINDOWS\SysWow64\srm.dll 2013-01-09 23:26:25 202752 ----a-w- C:\WINDOWS\SysWow64\srmstormod.dll 2013-01-09 23:26:23 1752064 ----a-w- C:\WINDOWS\SysWow64\setupapi.dll 2013-01-09 23:26:20 67584 ----a-w- C:\WINDOWS\SysWow64\samlib.dll 2013-01-09 23:26:08 115712 ----a-w- C:\WINDOWS\SysWow64\netprofm.dll 2013-01-09 23:26:04 890880 ----a-w- C:\WINDOWS\SysWow64\msctf.dll 2013-01-09 23:26:03 436736 ----a-w- C:\WINDOWS\SysWow64\MP4SDECD.DLL 2013-01-09 23:25:55 582144 ----a-w- C:\WINDOWS\SysWow64\gpprefcl.dll 2013-01-09 23:23:32 95232 ----a-w- C:\WINDOWS\System32\wiaacmgr.exe 2013-01-09 23:23:25 2094592 ----a-w- C:\WINDOWS\System32\mmc.exe 2013-01-09 23:23:18 256000 ----a-w- C:\WINDOWS\System32\WSDMon.dll 2013-01-09 23:23:16 1964544 ----a-w- C:\WINDOWS\System32\wlidsvc.dll 2013-01-09 23:23:14 594944 ----a-w- C:\WINDOWS\System32\Windows.Networking.dll 2013-01-09 23:23:14 406016 ----a-w- C:\WINDOWS\System32\Windows.Media.dll 2013-01-09 23:23:09 274432 ----a-w- C:\WINDOWS\System32\srmstormod.dll 2013-01-09 23:23:08 279040 ----a-w- C:\WINDOWS\System32\srm.dll 2013-01-09 23:23:07 1886208 ----a-w- C:\WINDOWS\System32\setupapi.dll 2013-01-09 23:23:05 728064 ----a-w- C:\WINDOWS\System32\samsrv.dll 2013-01-09 23:22:53 464384 ----a-w- C:\WINDOWS\System32\netprofmsvc.dll 2013-01-09 23:22:53 151040 ----a-w- C:\WINDOWS\System32\netprofm.dll 2013-01-09 23:22:43 1120768 ----a-w- C:\WINDOWS\System32\msctf.dll 2013-01-09 23:22:41 666112 ----a-w- C:\WINDOWS\System32\MP4SDECD.DLL 2013-01-09 23:22:35 438272 ----a-w- C:\WINDOWS\System32\lsm.dll 2013-01-09 23:22:29 894464 ----a-w- C:\WINDOWS\System32\iphlpsvc.dll 2013-01-09 23:22:29 159232 ----a-w- C:\WINDOWS\System32\inetpp.dll 2013-01-09 23:22:26 49152 ----a-w- C:\WINDOWS\System32\drivers\UMDF\HidBthLE.dll 2013-01-09 23:22:25 820736 ----a-w- C:\WINDOWS\System32\gpprefcl.dll 2013-01-09 23:22:05 1918464 ----a-w- C:\WINDOWS\System32\wbem\cimwin32.dll 2013-01-09 03:59:47 341504 ----a-w- C:\WINDOWS\System32\drivers\HdAudio.sys 2013-01-06 15:32:20 30528 ----a-w- C:\WINDOWS\GVTDrv64.sys 2013-01-06 15:32:12 25640 ----a-w- C:\WINDOWS\gdrv.sys 2013-01-04 05:32:36 2706432 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb 2013-01-04 04:19:53 2706432 ----a-w- C:\WINDOWS\System32\mshtml.tlb 2012-12-26 22:18:06 76888 ----a-w- C:\WINDOWS\SysWow64\PnkBstrA.exe 2012-12-26 22:16:35 281688 ----a-w- C:\WINDOWS\SysWow64\PnkBstrB.exe 2012-12-20 00:37:37 1775616 ----a-w- C:\WINDOWS\SysWow64\wininet.dll 2012-12-20 00:37:04 2881536 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll 2012-12-20 00:37:02 61440 ----a-w- C:\WINDOWS\SysWow64\iesetup.dll 2012-12-20 00:37:02 109056 ----a-w- C:\WINDOWS\SysWow64\iesysprep.dll 2012-12-20 00:36:50 431616 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll 2012-12-20 00:29:16 2246656 ----a-w- C:\WINDOWS\System32\wininet.dll 2012-12-20 00:29:11 907776 ----a-w- C:\WINDOWS\System32\uxtheme.dll 2012-12-20 00:28:29 3966464 ----a-w- C:\WINDOWS\System32\jscript9.dll 2012-12-20 00:28:26 136704 ----a-w- C:\WINDOWS\System32\iesysprep.dll 2012-12-20 00:28:04 39936 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll 2012-12-19 11:34:48 2250024 ----a-w- C:\WINDOWS\SysWow64\pbsvc.exe 2012-12-19 01:27:13 281688 ----a-w- C:\WINDOWS\SysWow64\PnkBstrB.xtr 2012-12-19 01:20:07 281688 ----a-w- C:\WINDOWS\SysWow64\PnkBstrB.ex0 2012-12-18 01:56:27 534528 ----a-w- C:\WINDOWS\SysWow64\uxtheme.dll 2012-12-16 08:28:20 46080 ----a-w- C:\WINDOWS\System32\atmlib.dll 2012-12-16 08:20:01 35328 ----a-w- C:\WINDOWS\SysWow64\atmlib.dll 2012-12-16 08:08:33 362496 ----a-w- C:\WINDOWS\System32\atmfd.dll 2012-12-16 07:57:09 300032 ----a-w- C:\WINDOWS\SysWow64\atmfd.dll 2012-12-14 21:49:28 24176 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys 2012-12-06 04:23:00 170496 ----a-w- C:\WINDOWS\System32\TimeBrokerServer.dll 2012-12-06 04:22:59 178176 ----a-w- C:\WINDOWS\System32\SystemEventsBrokerServer.dll 2012-12-05 12:03:59 29016 ----a-w- C:\WINDOWS\System32\drivers\klkbdflt.sys 2012-12-04 23:25:44 0 ----a-w- C:\WINDOWS\ativpsrm.bin 2012-12-04 04:21:42 368640 ----a-w- C:\WINDOWS\System32\sppwinob.dll . ============= FINISH: 14:27:50.92 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 8 Pro with Media Center Boot Device: \Device\HarddiskVolume2 Install Date: 10/26/2012 7:47:48 AM System Uptime: 2/24/2013 4:49:31 PM (142 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. | | G1.Sniper 3 Processor: Intel® Core™ i5-3570K CPU @ 3.40GHz | Intel® Core™ i5-3570K CPU @ 3.40GHz | 4201/103mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 238 GiB total, 67.232 GiB free. D: is FIXED (NTFS) - 447 GiB total, 48.159 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP30: 2/12/2013 6:45:51 PM - Windows Update RP31: 2/19/2013 7:11:50 PM - Installed AIVIA GHOST. RP32: 2/27/2013 3:01:09 AM - Scheduled Checkpoint . ==== Installed Programs ====================== . @BIOS 3DMark 11 Adobe Reader XI (11.0.02) AIVIA GHOST Amazon MP3 Downloader 1.0.17 ARMA 2 ARMA 2: British Armed Forces ARMA 2: Operation Arrowhead ARMA 2: Operation Arrowhead Beta ARMA 2: Private Military Company Assassin’s Creed® III Batman: Arkham City GOTY Battlefield 3™ Battlefield: Bad Company™ 2 Battlelog Web Plugins BattlEye Uninstall Borderlands 2 Call of Duty: Black Ops II Call of Duty: Black Ops II - Zombies Call of Duty: World at War CameraHelperMsi CCleaner Counter-Strike: Global Offensive CPUID CPU-Z G1 1.61.3 Crysis Crysis 2 Maximum Edition Crysis Warhead Crysis Wars Dead Island Dead Rising 2 Dead Space Dead Space 2 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dishonored Easy Tune 6 B12.1012.1 erLT ESN Sonar Fallout 3 - Game of the Year Edition Fallout: New Vegas Far Cry 2 Far Cry 3 FIFA 13 Fraps (remove only) Futuremark SystemInfo Gears of War for Windows Google Chrome Google Update Helper Grand Theft Auto IV Grand Theft Auto: Episodes from Liberty City Grand Theft Auto: Vice City Hitman: Absolution HP Photosmart 6510 series Basic Device Software HP Photosmart 6510 series Help HP Update Intel® Network Connections 17.4.95.0 Intel® Processor Graphics Just Cause 2 Kaspersky Internet Security 2013 Kaspersky Password Manager 5.0.0.169 Logitech Webcam Software LWS Facebook LWS Gallery LWS Help_main LWS Launcher LWS Motion Detection LWS Pictures And Video LWS Twitter LWS Webcam Software LWS WLM Plugin LWS YouTube Plugin Malwarebytes Anti-Malware version 1.70.0.1100 Mass Effect Max Payne 3 Media Center 18 MediaMonkey 4.0 Metro 2033 Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MSI Afterburner 2.3.0 Music Manager NVIDIA 3D Vision Controller Driver 314.07 NVIDIA 3D Vision Driver 314.07 NVIDIA Control Panel 314.07 NVIDIA GeForce Experience 1.0.1 (BETA) NVIDIA Graphics Driver 314.07 NVIDIA HD Audio Driver 1.3.23.1 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.12.1031 NVIDIA Stereoscopic 3D Driver NVIDIA Update 2.47.62 NVIDIA Update Components OpenAL Origin PunkBuster Services Qualcomm Atheros Killer Network Manager RAGE Samsung SSD Magician Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Sid Meier's Civilization V Sniper Elite Sniper Elite V2 Sound Blaster Recon3Di Star Wars: Knights of the Old Republic Star Wars: Knights of the Old Republic II Steam TechPowerUp GPU-Z The Elder Scrolls V: Skyrim The Sims™ 3 The Walking Dead The Witcher 2: Assassins of Kings Enhanced Edition Total War: SHOGUN 2 Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Uplay XCOM: Enemy Unknown . ==== Event Viewer Messages From Past Week ======== . 2/26/2013 5:07:26 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. 2/26/2013 5:07:26 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/25/2013 9:50:52 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: Microsoft.WindowsLive.ModernPhotos.AppXsjk229593yvkhw8w13eans3t0eh9strp.wwa as Unavailable/Unavailable. The error: "5" Happened while starting this command: "C:\WINDOWS\system32\wwahost.exe" -ServerName:Microsoft.WindowsLive.ModernPhotos.wwa 2/25/2013 8:55:29 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: Microsoft.WindowsLive.ModernPhotos.wwa as Unavailable/Unavailable. The error: "5" Happened while starting this command: "C:\WINDOWS\system32\wwahost.exe" -ServerName:Microsoft.WindowsLive.ModernPhotos.wwa 2/23/2013 7:15:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Qualcomm Atheros Killer Service service. . ==== End Of File ===========================</orphaned></orphaned>
  10. What's going on so my computer seems fine, fast as always however today while just browsing the web, visiting the same sites I do every single day, I went to amazon.com and I got a random download in chrome, all it had for a name was download, so I immediately canceled it before it could finish (I'm not even sure if it was able to start). If I go into chromes download manager it tells me I can retry the download.From what I have been able to find online about this it seems like it has happened to quite a few people with chrome(amazon isn't the source of this problem I believe) but with earlier versions of chrome. Well here are my two logs and thanks DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16482 Run by airso_000 at 17:12:18 on 2013-03-01 Microsoft Windows 8 Pro with Media Center 6.2.9200.0.1252.1.1033.18.16206.11104 [GMT -5:00] . AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\system32\atiesrxx.exe C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\dwm.exe C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\atieclxx.exe C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\WINDOWS\system32\nvvsvc.exe C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe C:\WINDOWS\sysWow64\CtHdaSvc.exe C:\WINDOWS\system32\IProsetMonitor.exe C:\WINDOWS\system32\dashost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\WINDOWS\SysWOW64\PnkBstrA.exe C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\taskhostex.exe C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe C:\Windows\System32\WWAHost.exe C:\Windows\System32\RuntimeBroker.exe C:\WINDOWS\WinStore\WSHost.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\MusicManager.exe C:\Program Files (x86)\Origin\Origin.exe C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Users\airso_000\Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe C:\Program Files\HP\HP Photosmart 6510 series\Bin\HP Photosmart 6510 series.exe C:\Windows\SysWOW64\mshta.exe C:\Program Files (x86)\HP\HP Photosmart 6510 series\bin\HPScan.exe D:\Steam\steam.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\WINDOWS\system32\wwahost.exe C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe\LiveComm.exe C:\WINDOWS\system32\mspaint.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\taskeng.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchFilterHost.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll uRun: [steam] "D:\Steam\steam.exe" -silent uRun: [KasperskyPasswordManager] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe uRun: [Google Update] "C:\Users\airso_000\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [MusicManager] "C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart uRun: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN278521PD05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1 mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe" mRun: [sound Blaster Recon3Di Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe" /r mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [ghost] C:\Users\airso_000\Documents\GIGABYTE\AIVIA GHOST\ghostopen.exe StartupFolder: C:\Users\AIRSO_~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SAMSUN~1.LNK - C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\QUALCO~1.LNK - C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll LSP: %SYSTEMROOT%\system32\BfLLR.dll DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{A7939EEC-125A-4D78-9471-DF5ABD644C2D} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{C5F6885D-1307-4019-B255-6D2284AAA4F4} : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll,C:\WINDOWS\SysWOW64\nvinit.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll x64-Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" -f "C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat" x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R1 BfLwf;Qualcomm Atheros Bandwidth Control;C:\WINDOWS\System32\Drivers\bwcW8x64.sys [2012-8-1 73072] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\WINDOWS\System32\Drivers\klim6.sys [2012-8-2 28504] R1 klwfp;klwfp;C:\WINDOWS\System32\Drivers\klwfp.sys [2012-8-3 50088] R1 kneps;kneps;C:\WINDOWS\System32\Drivers\kneps.sys [2012-8-13 178008] R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2012-11-15 240640] R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-8-17 356376] R2 CtHdaSvc;SB Recon3D Service;C:\Windows\SysWOW64\CtHdaSvc.exe [2012-8-22 103424] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\WINDOWS\System32\IPROSetMonitor.exe [2012-9-6 170824] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-30 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-30 682344] R2 Qualcomm Atheros Killer Service;Qualcomm Atheros Killer Service;C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [2012-8-1 490496] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-2-9 383264] R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848] R3 cthda;SB Recon3D HDAudio;C:\WINDOWS\System32\Drivers\cthda.sys [2012-8-22 1044320] R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2012-11-11 160256] R3 Ke2200;NDIS Miniport Driver for the Killer e2200 Gigabit Ethernet Controller;C:\WINDOWS\System32\Drivers\e22w8x64.sys [2012-8-1 164720] R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\WINDOWS\System32\Drivers\klkbdflt.sys [2012-5-25 29016] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\WINDOWS\System32\Drivers\klmouflt.sys [2012-7-25 29528] R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\Drivers\mbam.sys [2012-11-30 24176] R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2012-11-19 13368] S0 klelam;klelam;C:\WINDOWS\System32\Drivers\klelam.sys [2012-7-27 29616] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\Drivers\AtihdW86.sys [2012-8-21 91648] S3 etdrv;etdrv;C:\Windows\etdrv.sys [2012-11-11 25640] S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-12-9 150464] S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2012-11-11 30528] S3 LVRS64;Logitech RightSound Filter Driver;C:\WINDOWS\System32\Drivers\lvrs64.sys [2012-10-26 351520] S3 LVUVC64;@oem13.inf,%PID_082D_DD%(UVC);Logitech HD Pro Webcam C920(UVC);C:\WINDOWS\System32\Drivers\lvuvc64.sys [2012-10-26 4758176] S3 Media Center 18 Service;Media Center 18 Service;C:\Program Files (x86)\J River\Media Center 18\JRService.exe [2013-2-24 488704] S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-25 117248] S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\Drivers\WUDFRd.sys [2012-7-25 198656] S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\WINDOWS\System32\Drivers\xusb22.sys [2012-7-25 89088] . =============== Created Last 30 ================ . 2013-02-25 02:25:54 76 ----a-w- C:\WINDOWS\SysWow64\netjr32.dll 2013-02-25 02:25:54 585728 ------w- C:\WINDOWS\SysWow64\AReadyLB.dll 2013-02-25 02:25:54 585728 ------w- C:\WINDOWS\System32\AReadyLB.dll 2013-02-25 02:25:54 521472 ------w- C:\WINDOWS\SysWow64\MC18.exe 2013-02-25 02:25:54 521472 ------w- C:\WINDOWS\System32\MC18.exe 2013-02-25 02:25:54 229376 ------w- C:\WINDOWS\SysWow64\AudDevicePlugin.dll 2013-02-25 02:25:54 229376 ------w- C:\WINDOWS\System32\AudDevicePlugin.dll 2013-02-25 02:25:54 -------- d-----w- C:\Program Files (x86)\J River 2013-02-25 02:25:31 -------- d-----w- C:\Users\airso_000\AppData\Roaming\J River 2013-02-24 21:40:15 -------- d-----w- C:\Fraps 2013-02-23 06:08:51 -------- d-----w- C:\Users\airso_000\AppData\Roaming\NVIDIA 2013-02-19 02:10:07 -------- d-----w- C:\WINDOWS\SysWow64\NV 2013-02-19 02:10:07 -------- d-----w- C:\WINDOWS\System32\NV 2013-02-19 02:10:05 877856 ----a-w- C:\WINDOWS\System32\nvvsvc.exe 2013-02-19 02:10:05 6393120 ----a-w- C:\WINDOWS\System32\nvcpl.dll 2013-02-19 02:10:05 63776 ----a-w- C:\WINDOWS\System32\nvshext.dll 2013-02-19 02:10:05 3472672 ----a-w- C:\WINDOWS\System32\nvsvc64.dll 2013-02-19 02:10:05 3035306 ----a-w- C:\WINDOWS\System32\nvcoproc.bin 2013-02-19 02:10:05 237856 ----a-w- C:\WINDOWS\System32\nvmctray.dll 2013-02-19 02:09:55 -------- d-----w- C:\ProgramData\NVIDIA Corporation 2013-02-19 02:09:37 31672 ----a-w- C:\WINDOWS\System32\nvhdap64.dll 2013-02-19 02:09:37 194488 ----a-w- C:\WINDOWS\System32\drivers\nvhda64v.sys 2013-02-19 02:09:37 1807136 ----a-w- C:\WINDOWS\System32\nvdispco6420294.dll 2013-02-19 02:09:37 1510328 ----a-w- C:\WINDOWS\System32\nvhdagenco6420103.dll 2013-02-19 02:09:37 1510176 ----a-w- C:\WINDOWS\System32\nvdispgenco6420162.dll 2013-02-12 23:44:04 4055552 ----a-w- C:\WINDOWS\System32\win32k.sys 2013-02-09 23:43:52 555808 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe 2013-02-05 05:28:00 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll . ==================== Find3M ==================== . 2013-02-26 04:56:58 50088 ----a-w- C:\WINDOWS\System32\drivers\klwfp.sys 2013-02-06 23:06:14 78176 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl 2013-02-06 23:06:14 692576 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe 2013-01-31 03:29:52 2226408 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys 2013-01-16 00:35:49 44032 ----a-w- C:\WINDOWS\SysWow64\UXInit.dll 2013-01-16 00:31:26 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll 2013-01-16 00:25:17 1437696 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll 2013-01-16 00:23:19 1690624 ----a-w- C:\WINDOWS\System32\GdiPlus.dll 2013-01-14 03:56:14 6967016 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe 2013-01-10 01:53:32 28904 ----a-w- C:\WINDOWS\System32\drivers\msgpiowin32.sys 2013-01-10 01:40:39 1448168 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys 2013-01-10 01:40:38 303848 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys 2013-01-10 01:39:29 194280 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys 2013-01-10 01:39:22 124648 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys 2013-01-10 01:29:56 91880 ----a-w- C:\WINDOWS\System32\drivers\partmgr.sys 2013-01-10 01:29:54 1934056 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys 2013-01-10 01:29:21 785504 ----a-w- C:\WINDOWS\System32\drivers\Wdf01000.sys 2013-01-09 23:26:53 83968 ----a-w- C:\WINDOWS\SysWow64\wiaacmgr.exe 2013-01-09 23:26:46 1611776 ----a-w- C:\WINDOWS\SysWow64\mmc.exe 2013-01-09 23:26:35 410624 ----a-w- C:\WINDOWS\SysWow64\Windows.Networking.dll 2013-01-09 23:26:35 261120 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll 2013-01-09 23:26:25 278528 ----a-w- C:\WINDOWS\SysWow64\srm.dll 2013-01-09 23:26:25 202752 ----a-w- C:\WINDOWS\SysWow64\srmstormod.dll 2013-01-09 23:26:23 1752064 ----a-w- C:\WINDOWS\SysWow64\setupapi.dll 2013-01-09 23:26:20 67584 ----a-w- C:\WINDOWS\SysWow64\samlib.dll 2013-01-09 23:26:08 115712 ----a-w- C:\WINDOWS\SysWow64\netprofm.dll 2013-01-09 23:26:04 890880 ----a-w- C:\WINDOWS\SysWow64\msctf.dll 2013-01-09 23:26:03 436736 ----a-w- C:\WINDOWS\SysWow64\MP4SDECD.DLL 2013-01-09 23:25:55 582144 ----a-w- C:\WINDOWS\SysWow64\gpprefcl.dll 2013-01-09 23:23:32 95232 ----a-w- C:\WINDOWS\System32\wiaacmgr.exe 2013-01-09 23:23:25 2094592 ----a-w- C:\WINDOWS\System32\mmc.exe 2013-01-09 23:23:18 256000 ----a-w- C:\WINDOWS\System32\WSDMon.dll 2013-01-09 23:23:16 1964544 ----a-w- C:\WINDOWS\System32\wlidsvc.dll 2013-01-09 23:23:14 594944 ----a-w- C:\WINDOWS\System32\Windows.Networking.dll 2013-01-09 23:23:14 406016 ----a-w- C:\WINDOWS\System32\Windows.Media.dll 2013-01-09 23:23:09 274432 ----a-w- C:\WINDOWS\System32\srmstormod.dll 2013-01-09 23:23:08 279040 ----a-w- C:\WINDOWS\System32\srm.dll 2013-01-09 23:23:07 1886208 ----a-w- C:\WINDOWS\System32\setupapi.dll 2013-01-09 23:23:05 728064 ----a-w- C:\WINDOWS\System32\samsrv.dll 2013-01-09 23:22:53 464384 ----a-w- C:\WINDOWS\System32\netprofmsvc.dll 2013-01-09 23:22:53 151040 ----a-w- C:\WINDOWS\System32\netprofm.dll 2013-01-09 23:22:43 1120768 ----a-w- C:\WINDOWS\System32\msctf.dll 2013-01-09 23:22:41 666112 ----a-w- C:\WINDOWS\System32\MP4SDECD.DLL 2013-01-09 23:22:35 438272 ----a-w- C:\WINDOWS\System32\lsm.dll 2013-01-09 23:22:29 894464 ----a-w- C:\WINDOWS\System32\iphlpsvc.dll 2013-01-09 23:22:29 159232 ----a-w- C:\WINDOWS\System32\inetpp.dll 2013-01-09 23:22:26 49152 ----a-w- C:\WINDOWS\System32\drivers\UMDF\HidBthLE.dll 2013-01-09 23:22:25 820736 ----a-w- C:\WINDOWS\System32\gpprefcl.dll 2013-01-09 23:22:05 1918464 ----a-w- C:\WINDOWS\System32\wbem\cimwin32.dll 2013-01-09 03:59:47 341504 ----a-w- C:\WINDOWS\System32\drivers\HdAudio.sys 2013-01-06 15:32:20 30528 ----a-w- C:\WINDOWS\GVTDrv64.sys 2013-01-06 15:32:12 25640 ----a-w- C:\WINDOWS\gdrv.sys 2013-01-04 05:32:36 2706432 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb 2013-01-04 04:19:53 2706432 ----a-w- C:\WINDOWS\System32\mshtml.tlb 2012-12-26 22:18:06 76888 ----a-w- C:\WINDOWS\SysWow64\PnkBstrA.exe 2012-12-26 22:16:35 281688 ----a-w- C:\WINDOWS\SysWow64\PnkBstrB.exe 2012-12-20 00:37:37 1775616 ----a-w- C:\WINDOWS\SysWow64\wininet.dll 2012-12-20 00:37:04 2881536 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll 2012-12-20 00:37:02 61440 ----a-w- C:\WINDOWS\SysWow64\iesetup.dll 2012-12-20 00:37:02 109056 ----a-w- C:\WINDOWS\SysWow64\iesysprep.dll 2012-12-20 00:36:50 431616 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll 2012-12-20 00:29:16 2246656 ----a-w- C:\WINDOWS\System32\wininet.dll 2012-12-20 00:29:11 907776 ----a-w- C:\WINDOWS\System32\uxtheme.dll 2012-12-20 00:28:29 3966464 ----a-w- C:\WINDOWS\System32\jscript9.dll 2012-12-20 00:28:26 136704 ----a-w- C:\WINDOWS\System32\iesysprep.dll 2012-12-20 00:28:04 39936 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll 2012-12-19 11:34:48 2250024 ----a-w- C:\WINDOWS\SysWow64\pbsvc.exe 2012-12-19 01:27:13 281688 ----a-w- C:\WINDOWS\SysWow64\PnkBstrB.xtr 2012-12-19 01:20:07 281688 ----a-w- C:\WINDOWS\SysWow64\PnkBstrB.ex0 2012-12-18 01:56:27 534528 ----a-w- C:\WINDOWS\SysWow64\uxtheme.dll 2012-12-16 08:28:20 46080 ----a-w- C:\WINDOWS\System32\atmlib.dll 2012-12-16 08:20:01 35328 ----a-w- C:\WINDOWS\SysWow64\atmlib.dll 2012-12-16 08:08:33 362496 ----a-w- C:\WINDOWS\System32\atmfd.dll 2012-12-16 07:57:09 300032 ----a-w- C:\WINDOWS\SysWow64\atmfd.dll 2012-12-14 21:49:28 24176 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys 2012-12-06 04:23:00 170496 ----a-w- C:\WINDOWS\System32\TimeBrokerServer.dll 2012-12-06 04:22:59 178176 ----a-w- C:\WINDOWS\System32\SystemEventsBrokerServer.dll 2012-12-05 12:03:59 29016 ----a-w- C:\WINDOWS\System32\drivers\klkbdflt.sys 2012-12-04 23:25:44 0 ----a-w- C:\WINDOWS\ativpsrm.bin 2012-12-04 04:21:42 368640 ----a-w- C:\WINDOWS\System32\sppwinob.dll . ============= FINISH: 17:12:36.68 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 8 Pro with Media Center Boot Device: \Device\HarddiskVolume2 Install Date: 10/26/2012 7:47:48 AM System Uptime: 2/24/2013 4:49:31 PM (121 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. | | G1.Sniper 3 Processor: Intel® Core i5-3570K CPU @ 3.40GHz | Intel® Core i5-3570K CPU @ 3.40GHz | 4201/103mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 238 GiB total, 67.447 GiB free. D: is FIXED (NTFS) - 447 GiB total, 48.159 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP30: 2/12/2013 6:45:51 PM - Windows Update RP31: 2/19/2013 7:11:50 PM - Installed AIVIA GHOST. RP32: 2/27/2013 3:01:09 AM - Scheduled Checkpoint . ==== Installed Programs ====================== . @BIOS 3DMark 11 Adobe Reader XI (11.0.02) AIVIA GHOST Amazon MP3 Downloader 1.0.17 ARMA 2 ARMA 2: British Armed Forces ARMA 2: Operation Arrowhead ARMA 2: Operation Arrowhead Beta ARMA 2: Private Military Company Assassin’s Creed® III Batman: Arkham City GOTY Battlefield 3™ Battlefield: Bad Company™ 2 Battlelog Web Plugins BattlEye Uninstall Borderlands 2 Call of Duty: Black Ops II Call of Duty: Black Ops II - Zombies Call of Duty: World at War CameraHelperMsi CCleaner Counter-Strike: Global Offensive CPUID CPU-Z G1 1.61.3 Crysis Crysis 2 Maximum Edition Crysis Warhead Crysis Wars Dead Island Dead Rising 2 Dead Space Dead Space 2 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dishonored Easy Tune 6 B12.1012.1 erLT ESN Sonar Fallout 3 - Game of the Year Edition Fallout: New Vegas Far Cry 2 Far Cry 3 FIFA 13 Fraps (remove only) Futuremark SystemInfo Gears of War for Windows Google Chrome Google Update Helper Grand Theft Auto IV Grand Theft Auto: Episodes from Liberty City Grand Theft Auto: Vice City Hitman: Absolution HP Photosmart 6510 series Basic Device Software HP Photosmart 6510 series Help HP Update Intel® Network Connections 17.4.95.0 Intel® Processor Graphics Just Cause 2 Kaspersky Internet Security 2013 Kaspersky Password Manager 5.0.0.169 Logitech Webcam Software LWS Facebook LWS Gallery LWS Help_main LWS Launcher LWS Motion Detection LWS Pictures And Video LWS Twitter LWS Webcam Software LWS WLM Plugin LWS YouTube Plugin Malwarebytes Anti-Malware version 1.70.0.1100 Mass Effect Max Payne 3 Media Center 18 MediaMonkey 4.0 Metro 2033 Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MSI Afterburner 2.3.0 Music Manager NVIDIA 3D Vision Controller Driver 314.07 NVIDIA 3D Vision Driver 314.07 NVIDIA Control Panel 314.07 NVIDIA GeForce Experience 1.0.1 (BETA) NVIDIA Graphics Driver 314.07 NVIDIA HD Audio Driver 1.3.23.1 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.12.1031 NVIDIA Stereoscopic 3D Driver NVIDIA Update 2.47.62 NVIDIA Update Components OpenAL Origin PunkBuster Services Qualcomm Atheros Killer Network Manager RAGE Samsung SSD Magician Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Sid Meier's Civilization V Sniper Elite Sniper Elite V2 Sound Blaster Recon3Di Star Wars: Knights of the Old Republic Star Wars: Knights of the Old Republic II Steam TechPowerUp GPU-Z The Elder Scrolls V: Skyrim The Sims™ 3 The Walking Dead The Witcher 2: Assassins of Kings Enhanced Edition Total War: SHOGUN 2 Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Uplay XCOM: Enemy Unknown . ==== Event Viewer Messages From Past Week ======== . 2/26/2013 5:07:26 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. 2/26/2013 5:07:26 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/25/2013 9:50:52 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: Microsoft.WindowsLive.ModernPhotos.AppXsjk229593yvkhw8w13eans3t0eh9strp.wwa as Unavailable/Unavailable. The error: "5" Happened while starting this command: "C:\WINDOWS\system32\wwahost.exe" -ServerName:Microsoft.WindowsLive.ModernPhotos.wwa 2/25/2013 8:55:29 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: Microsoft.WindowsLive.ModernPhotos.wwa as Unavailable/Unavailable. The error: "5" Happened while starting this command: "C:\WINDOWS\system32\wwahost.exe" -ServerName:Microsoft.WindowsLive.ModernPhotos.wwa 2/23/2013 7:15:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Qualcomm Atheros Killer Service service. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.