Jump to content

Recommended Posts

I was infected with something pretty nasty recently. Some hacker had remote adminstration to my computer, the reason I know this is because he contacted me in a little white box randomly when I was trying to scan and disinfect with mbam/webroot security.

Can I PLEASE have help looking at my system and be advised depending on what you find.

Im afraid my computer is insecure now!

P.S. MBAM found 3 trojans in my official game files that I like to play in. It is a real large and public company for gaming. Here is a thread about the possible/potential trojans or "false positives"

http://woi-forum.perfectworld.com/showthread.php?t=512881

Are they being serious about this? Are they a threat or a cover up?

Malwarebytes Anti-Malware (Trial) 1.60.1.1000

www.malwarebytes.org

Database version: v2012.02.02.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Dustin Bechtel :: CHANGED [administrator]

Protection: Disabled

2/2/2012 1:57:17 PM

mbam-log-2012-01-22 (17-59-36).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 321003

Time elapsed: 32 minute(s), 26 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 3

C:\Perfect World Entertainment\War of the Immortals\Bin\PerfectProtector.sys (Trojan.Phobiq) -> No action taken.

C:\Perfect World Entertainment\War of the Immortals\Bin\pp\perfectprotector-x64.sys (Trojan.Agent) -> No action taken.

C:\Perfect World Entertainment\War of the Immortals\Bin\pp\perfectprotector.sys (Trojan.Phobiq) -> No action taken.

(end)

And back to my original point. if you want my dds and attach please ask.

These posted as requested

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Dustin Bechtel at 15:10:44 on 2012-02-02

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8169.5391 [GMT -5:00]

.

AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}

AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}

SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files\Webroot\WRSA.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files\Trend Micro\Titanium\TiMiniService.exe

C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Intel\TurboBoost\TurboBoost.exe

C:\ExpressGateUtil\VAWinService.exe

C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Webroot\WRSA.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files\P4G\BatteryLife.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

C:\Windows\SysWOW64\ACEngSvr.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Asus\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\Asus\Wireless Console 3\wcourier.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\Asus\Wireless Console 3\WimaxConsole.exe

C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe

C:\ExpressGateUtil\VAWinAgent.exe

C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_ActiveX.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\explorer.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.ca/

uDefault_Page_URL = hxxp://asus.msn.com

mStart Page = hxxp://asus.msn.com

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe,

BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: {A8864317-E18B-4292-99D9-E6E65AB905D3} - No File

uRun: [iSUSPM] "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler

mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"

mRun: [ATKMEDIA] "C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"

mRun: [HControlUser] "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"

mRun: [Wireless Console 3] "C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"

mRun: [ASUS Screen Saver Protector] "C:\Windows\AsScrPro.exe"

mRun: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r

mRun: [updReg] "C:\Windows\UpdReg.EXE"

mRun: [CPMonitor] "C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe"

mRun: [sessionLogon] C:\ExpressGateUtil\SessionLogon.exe

mRun: [VAWinAgent] "C:\ExpressGateUtil\VAWinAgent.exe"

mRun: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{4C7D2343-883F-4BB3-B69F-C9C31C7C2651} : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{4C7D2343-883F-4BB3-B69F-C9C31C7C2651}\442547 : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{4C7D2343-883F-4BB3-B69F-C9C31C7C2651}\4626573747 : DhcpNameServer = 10.0.0.1

TCP: Interfaces\{4C7D2343-883F-4BB3-B69F-C9C31C7C2651}\462657374723 : DhcpNameServer = 10.0.0.1

TCP: Interfaces\{4C7D2343-883F-4BB3-B69F-C9C31C7C2651}\771627C6F627463363 : DhcpNameServer = 68.87.75.198 68.87.64.150

TCP: Interfaces\{4C7D2343-883F-4BB3-B69F-C9C31C7C2651}\E4544574541425D22343D274 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{4C7D2343-883F-4BB3-B69F-C9C31C7C2651}\F646E696B65673 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{97A60928-7EB4-4C21-A7BE-6581D121CA88} : DhcpNameServer = 10.0.0.1

Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll

BHO-X64: Trend Micro NSC BHO - No File

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

BHO-X64: TmBpIeBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: {A8864317-E18B-4292-99D9-E6E65AB905D3} - No File

mRun-x64: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

mRun-x64: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

mRun-x64: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"

mRun-x64: [ATKMEDIA] "C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"

mRun-x64: [HControlUser] "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"

mRun-x64: [Wireless Console 3] "C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"

mRun-x64: [ASUS Screen Saver Protector] "C:\Windows\AsScrPro.exe"

mRun-x64: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r

mRun-x64: [updReg] "C:\Windows\UpdReg.EXE"

mRun-x64: [CPMonitor] "C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe"

mRun-x64: [sessionLogon] C:\ExpressGateUtil\SessionLogon.exe

mRun-x64: [VAWinAgent] "C:\ExpressGateUtil\VAWinAgent.exe"

mRun-x64: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R0 WRkrn;WRkrn;C:\Windows\system32\drivers\WRkrn.sys --> C:\Windows\system32\drivers\WRkrn.sys [?]

R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\Asus\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\Asus\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]

R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-9-1 408576]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-2 652360]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-6-28 2214504]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-5-20 378472]

R2 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-10-26 241488]

R2 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]

R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-4 2655768]

R2 VideAceWindowsService;VideAceWindowsService;C:\ExpressGateUtil\VAWinService.exe [2010-8-20 77312]

R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2010-9-1 911872]

R2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2012-1-19 648656]

R3 bpenum;bpenum;C:\Windows\system32\DRIVERS\bpenum.sys --> C:\Windows\system32\DRIVERS\bpenum.sys [?]

R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\system32\DRIVERS\bpmp.sys --> C:\Windows\system32\DRIVERS\bpmp.sys [?]

R3 bpusb;bpusb;C:\Windows\system32\Drivers\bpusb.sys --> C:\Windows\system32\Drivers\bpusb.sys [?]

R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\system32\DRIVERS\FLxHCIc.sys --> C:\Windows\system32\DRIVERS\FLxHCIc.sys [?]

R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\system32\DRIVERS\FLxHCIh.sys --> C:\Windows\system32\DRIVERS\FLxHCIh.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?]

R3 MEIx64;Intel® Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-5-4 267480]

S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-5-4 79360]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-5-4 79360]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUVStor.sys --> C:\Windows\system32\Drivers\RtsUVStor.sys [?]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-02-02 19:11:13 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{67E049FC-24C3-4407-AD16-33699D4CDD42}\offreg.dll

2012-02-02 17:56:14 709968 ----a-w- C:\Windows\isRS-000.tmp

2012-02-02 17:51:56 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{6AE49D26-8F6F-4041-B0E2-E57D7B2CAF56}

2012-02-02 17:51:45 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{C67097D0-9CDC-41A7-8DA8-E7E2BE4CEC09}

2012-02-01 17:19:17 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{05BDD988-EAEB-4E2A-A08D-7446FF267929}

2012-02-01 17:19:07 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{903ED5C2-897F-44D8-8D0D-F823EAB315E3}

2012-02-01 00:51:26 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{67E049FC-24C3-4407-AD16-33699D4CDD42}\mpengine.dll

2012-01-25 22:22:32 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{71050A47-C8D5-4909-BC3E-CB2E428094C7}

2012-01-25 22:22:21 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{8CE314BF-3DA0-49AE-91D5-C7782FB9F8B2}

2012-01-25 10:22:09 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{8532C253-30AE-4D7A-AB4A-271835B95794}

2012-01-24 18:07:39 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{CD76267D-3E4A-4A6C-B0F9-077F2A5BBF37}

2012-01-24 01:28:50 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{B32136EF-9E1D-4E41-B813-B957A657D357}

2012-01-23 13:28:24 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{35057F3F-A546-492C-B99B-1DAFB35CA158}

2012-01-23 13:28:13 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{30C72BBA-4760-49A6-8664-3959533CFC6C}

2012-01-23 10:21:05 -------- d-----w- C:\PWRD

2012-01-23 10:21:04 -------- d-----w- C:\ProgramData\PWD

2012-01-23 10:14:44 -------- d-----w- C:\Perfect World Entertainment

2012-01-21 14:46:25 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{0A2C3DCC-E1F5-4A2D-9C9E-7460696040F4}

2012-01-21 14:46:13 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{F2E50155-2DAA-4B32-B0C2-1A2E8F4BBA4F}

2012-01-21 05:45:09 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Roaming\BigHugeEngine

2012-01-21 05:45:00 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll

2012-01-21 05:45:00 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll

2012-01-21 05:45:00 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll

2012-01-21 05:45:00 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll

2012-01-20 22:10:03 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-01-20 21:59:52 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{DED13555-D97B-42F8-9BF9-896493F2C8EA}

2012-01-20 21:59:40 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{9C478EE0-CA28-448D-BCC6-FB9458CAD15C}

2012-01-20 00:41:21 97136 ----a-w- C:\Windows\System32\WRusr.dll

2012-01-20 00:41:20 145528 ----a-w- C:\Windows\SysWow64\WRusr.dll

2012-01-20 00:41:19 111592 ----a-w- C:\Windows\System32\drivers\WRkrn.sys

2012-01-20 00:41:14 -------- d-----w- C:\Program Files\Webroot

2012-01-20 00:40:54 -------- d-----w- C:\ProgramData\WRData

2012-01-19 06:26:03 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Roaming\Malwarebytes

2012-01-19 06:25:51 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-01-19 06:25:51 -------- d-----w- C:\ProgramData\Malwarebytes

2012-01-19 06:25:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-01-19 04:03:03 279096 ------w- C:\Windows\System32\MpSigStub.exe

2012-01-18 20:56:32 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{8FE65F55-7B50-4EF5-A097-0286322B8A0B}

2012-01-18 20:56:21 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{1E622D3F-6030-4338-A603-67D6A2EDF07F}

2012-01-18 08:06:54 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{DD338B4D-7ECB-4484-A617-87D75D77FE2F}

2012-01-17 20:06:29 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{DC099166-FA94-44E2-A5D0-1CEC061636FD}

2012-01-17 20:06:17 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{579C4399-0863-4566-869A-7DBCDC15CEDC}

2012-01-16 19:29:36 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{43CD0D9E-FCD3-4434-ADFA-4AB3498FA7E6}

2012-01-16 19:29:25 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{EE2FA067-75A3-4914-ACAB-89DBD0240FD6}

2012-01-13 18:12:56 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{E3124284-1044-4249-9030-269B0CE5C811}

2012-01-13 18:12:45 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{F21F5EF3-5DC3-494B-AC8B-4CEBF9ADFC70}

2012-01-11 01:27:22 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2012-01-11 01:27:22 366592 ----a-w- C:\Windows\System32\qdvd.dll

2012-01-11 01:27:22 1572864 ----a-w- C:\Windows\System32\quartz.dll

2012-01-11 01:27:22 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll

2012-01-11 01:27:21 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll

2012-01-11 01:27:20 77312 ----a-w- C:\Windows\System32\packager.dll

2012-01-11 01:27:20 67072 ----a-w- C:\Windows\SysWow64\packager.dll

2012-01-11 01:27:20 1731920 ----a-w- C:\Windows\System32\ntdll.dll

2012-01-09 18:28:39 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{31675FBD-A1A3-4557-9359-6641EA53589C}

2012-01-09 18:28:28 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{49A04A97-3721-4D62-89AC-33E335BDF751}

2012-01-07 18:38:07 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\ElevatedDiagnostics

2012-01-06 20:21:02 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{B90C9C0D-56E9-4BCA-ABB1-63C080A2848E}

2012-01-06 20:20:51 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{A32DCAE5-8CEE-4870-8467-64AA29376981}

2012-01-05 16:54:52 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{8AA74E7E-638F-429D-B592-C57F3CCD91DC}

2012-01-04 17:37:26 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{388F4AFE-4808-4FC4-A196-AAC4544EE933}

2012-01-04 17:37:15 -------- d-----w- C:\Users\Dustin Bechtel\AppData\Local\{ED420EB5-8379-4FD8-A505-A4749457FFD0}

.

==================== Find3M ====================

.

2012-02-02 18:56:29 45056 ----a-w- C:\Windows\System32\acovcnt.exe

2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys

2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys

2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll

2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll

2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll

2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll

2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll

2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll

2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe

2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll

2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll

2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2011-11-10 10:54:13 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-11-05 05:32:50 2048 ----a-w- C:\Windows\System32\tzres.dll

2011-11-05 04:26:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

.

============= FINISH: 15:11:04.28 ===============

AND

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 6/11/2011 9:09:37 PM

System Uptime: 2/2/2012 1:55:37 PM (2 hours ago)

.

Motherboard: ASUSTeK Computer Inc. | | G73Sw

Processor: Intel® Core i7-2630QM CPU @ 2.00GHz | CPU 1 | 2001/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 677 GiB total, 546.717 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP84: 1/21/2012 12:43:06 AM - Installed DirectX

RP85: 1/24/2012 1:17:37 PM - Windows Update

RP86: 1/25/2012 8:00:14 AM - Windows Backup

RP87: 1/27/2012 6:36:04 PM - Windows Update

RP88: 1/31/2012 7:50:23 PM - Windows Update

RP89: 1/31/2012 7:52:38 PM - Windows Update

.

==== Installed Programs ======================

.

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

ASUS AI Recovery

ASUS Live Update

ASUS SmartLogon

ASUS Splendid Video Enhancement Technology

ASUS Virtual Camera

Asus_G73_Screensaver

AsusVibe2.0

ATK Package

Best Buy pc app

CyberLink LabelPrint

CyberLink Power2Go

D3DX10

DirectX 9 Runtime

Divinity II - The Dragon Knight Saga

DriverFinder

ExpressGate Cloud

Fable III

Intel® Control Center

Intel® Management Engine Components

Java Auto Updater

Java 6 Update 30

Junk Mail filter update

Kingdoms of Amalur: Reckoning Demo

Malwarebytes Anti-Malware version 1.60.1.1000

Mesh Runtime

Messenger Companion

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP3 Parser (KB973685)

Nexon Game Manager

Nuance PDF Reader

NVIDIA 3D Vision Controller Driver

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

Pando Media Booster

Realtek Ethernet Controller Driver For Windows 7

Realtek High Definition Audio Driver

Realtek USB 2.0 Reader Driver

RIFT

Roxio AACS Certificate

Roxio Activation Module

Roxio CinePlayer

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Star Wars: The Old Republic

Steam

System Requirements Lab

THX TruStudio

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Ventrilo Client

War of the Immortals

Webroot SecureAnywhere

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinFlash

Wireless Console 3

World of Warcraft

.

==== Event Viewer Messages From Past Week ========

.

2/2/2012 1:53:53 PM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107.

2/2/2012 1:53:53 PM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

2/1/2012 4:56:22 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} and APPID {000C101C-0000-0000-C000-000000000046} to the user DustinBechtel\Dustin Bechtel SID (S-1-5-21-1637223077-1823268894-3705665849-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

2/1/2012 12:06:59 PM, Error: cdrom [15] - The device, \Device\CdRom0, is not ready for access yet.

2/1/2012 11:02:34 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom

.

==== End Of File ===========================

Link to post
Share on other sites

Welcome to the forum.

Those files appear to be "False Positives":

The files is one of our own, and part of the game files. It is there to protect your account from keyloggers, but the virus scans do not necessarily differentiate between good and bad detection programs.

http://boi-forum.per...ad.php?t=210581

You could upload them for a free scan at one of these sites:

http://www.virustotal.com/

http://virusscan.jotti.org/en

If they're clean......

I would just add them to MB ignore list.

MrC

Link to post
Share on other sites

https://www.virustotal.com/file/ff7fbe9602337eb8bca5439655967352ddd26621f46b9c4ff9b23a818898023e/analysis/

I hope that be clicked on and viewed right. Im not sure what exactly to make out if its safe or not. I seen detection ratio 1/43 (what does this mean?) Apparently something in there is pretty scary to somebody.

And about the originial point of my topic, is my system secure?

Link to post
Share on other sites

I scanned it alot sooner, I just saw the same "last" anaylsis somebody got instead of generating a new one.

Besides these trojans in the game files. I was hijacked by some remote admin program. The person got in through a java program I allowed. This is my main worry, im not sure if my system is clean anymore even though I supposedly removed the malware through mbam.

Link to post
Share on other sites

Well we have to start from the beginning and run some scans to ensure your system is clean:

---------------------

Please remove any usb or external drives from the computer before you run these scan!

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update

    [*]Press "Scan".

    [*]It will create a log (FSS.txt) in the same directory the tool is run.

    [*]Please copy and paste the log to your reply.

-------------

Next..........

Please download and run RogueKiller.

Click Scan to scan the system (don't run any other options)

Post back the report.

-------------------------

Last.......

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com (<---renamed version)

Save it to your desktop.

Double click on the icon on your desktop.

Click the Scan All Users checkbox.

Push the Quick Scan button.

The scan will take about 10 minutes...depends on your hard drive size.

Two reports will open, copy and paste them in a reply here: (or attach them as .txt files)

OTL.txt <-- Will be opened

Extra.txt <-- Will be minimized

MrC

Link to post
Share on other sites

Farbar Service Scanner Version: 05-02-2012

Ran by Dustin Bechtel (administrator) on 05-02-2012 at 14:09:28

Running from "C:\Users\Dustin Bechtel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ATIJUZV5"

Microsoft Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Yahoo IP is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Security Center:

============

Windows Update:

===========

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

RogueKiller V7.0.2 [01/30/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: Dustin Bechtel [Admin rights]

Mode: Scan -- Date : 02/05/2012 14:10:40

¤¤¤ Bad processes: 1 ¤¤¤

[sUSP PATH] FSS.exe -- C:\Users\Dustin Bechtel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ATIJUZV5\FSS.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 2 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9750420AS +++++

--- User ---

[MBR] 4f4bd665ff46c263e84119abadf61f5d

[bSP] 6fe1c81a55733c3ca19f8cc11417786a : Windows 7 MBR Code

Partition table:

0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 22003 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 45062325 | Size: 693400 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

Finished : << RKreport[1].txt >>

RKreport[1].txt

OTL logfile created on: 2/5/2012 2:13:55 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Dustin Bechtel\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.98 Gb Total Physical Memory | 6.19 Gb Available Physical Memory | 77.64% Memory free

15.95 Gb Paging File | 13.78 Gb Available in Paging File | 86.39% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 677.15 Gb Total Space | 546.70 Gb Free Space | 80.74% Space Free | Partition Type: NTFS

Computer Name: DUSTINBECHTEL | User Name: Dustin Bechtel | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/05 14:13:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Dustin Bechtel\Downloads\OTL.com

PRC - [2012/02/02 13:25:00 | 000,648,656 | ---- | M] (Webroot) -- C:\Program Files\Webroot\WRSA.exe

PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012/01/05 15:26:24 | 000,505,736 | ---- | M] (完美时空) -- C:\Perfect World Entertainment\War of the Immortals\Launcher.exe

PRC - [2011/08/31 15:33:32 | 001,545,856 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\Asus\ASUS Live Update\LiveUpdate.exe

PRC - [2011/07/12 11:27:38 | 000,240,288 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_ActiveX.exe

PRC - [2011/05/21 01:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2011/05/20 21:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2011/05/04 07:30:30 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe

PRC - [2010/10/15 03:24:38 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe

PRC - [2010/10/07 16:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATK Media\DMedia.exe

PRC - [2010/10/07 11:43:00 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\HControl.exe

PRC - [2010/10/05 23:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2010/10/05 23:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2010/09/23 18:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\Asus\Wireless Console 3\wcourier.exe

PRC - [2010/09/14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2010/09/14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2010/08/20 20:47:58 | 000,077,312 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe

PRC - [2010/08/17 16:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATKOSD2\ATKOSD2.exe

PRC - [2010/08/12 19:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe

PRC - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATKGFNEX\GFNEXSrv.exe

PRC - [2009/11/02 16:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

PRC - [2009/06/19 12:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\HControlUser.exe

PRC - [2009/06/19 12:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\ATKOSD.exe

PRC - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\AsLdrSrv.exe

PRC - [2009/05/05 18:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

PRC - [2008/12/22 19:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\WDC.exe

PRC - [2008/08/13 23:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\KBFiltr.exe

========== Modules (No Company Name) ==========

MOD - [2011/10/12 16:13:22 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll

MOD - [2011/10/12 16:12:59 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll

MOD - [2011/10/12 16:12:47 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll

MOD - [2011/10/12 16:12:41 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll

MOD - [2011/10/12 16:12:39 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll

MOD - [2011/10/12 16:12:31 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll

MOD - [2011/10/12 16:12:27 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll

MOD - [2011/10/12 16:12:24 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll

MOD - [2011/10/12 16:12:24 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll

MOD - [2011/10/12 16:12:20 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll

MOD - [2011/08/31 15:33:32 | 000,208,384 | ---- | M] () -- C:\Program Files (x86)\Asus\ASUS Live Update\alvupdt.dll

MOD - [2010/10/15 03:24:38 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe

MOD - [2010/09/23 18:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\Asus\Wireless Console 3\wcourier.exe

MOD - [2010/08/12 19:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe

MOD - [2009/11/02 16:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

MOD - [2009/11/02 16:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/02/02 13:25:00 | 000,648,656 | ---- | M] (Webroot) [Auto | Running] -- C:\Program Files\Webroot\WRSA.exe -- (WRSVC)

SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2010/09/17 03:52:26 | 000,267,480 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)

SRV:64bit: - [2010/09/17 03:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)

SRV:64bit: - [2010/09/01 14:00:06 | 000,911,872 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)

SRV:64bit: - [2010/09/01 13:54:22 | 000,408,576 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)

SRV:64bit: - [2010/04/16 18:07:42 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)

SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2012/01/22 17:59:56 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011/05/21 01:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2011/05/20 21:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2011/05/04 07:30:50 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2011/05/04 07:30:46 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)

SRV - [2010/10/05 23:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®

SRV - [2010/10/05 23:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®

SRV - [2010/09/14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2010/09/14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2010/08/20 20:47:58 | 000,077,312 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\Asus\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)

SRV - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)

SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/02 13:25:01 | 000,111,592 | ---- | M] (Webroot) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WRkrn.sys -- (WRkrn)

DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2011/05/10 04:41:27 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/19 15:25:40 | 000,210,944 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) Fresco Logic xHCI (USB3)

DRV:64bit: - [2010/11/19 15:25:40 | 000,049,664 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh) Fresco Logic xHCI (USB3)

DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®

DRV:64bit: - [2010/10/08 05:32:27 | 001,395,248 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010/09/23 02:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2010/09/17 03:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)

DRV:64bit: - [2010/09/17 03:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)

DRV:64bit: - [2010/09/17 03:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)

DRV:64bit: - [2010/09/17 03:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)

DRV:64bit: - [2010/09/14 04:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2010/09/14 04:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2010/09/14 04:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2010/09/14 04:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2010/09/13 05:24:25 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010/08/08 22:02:33 | 007,821,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel®

DRV:64bit: - [2010/08/03 05:43:13 | 000,290,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)

DRV:64bit: - [2010/06/22 20:31:11 | 000,333,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2010/05/16 19:28:36 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp) Intel® Centrino®

DRV:64bit: - [2010/05/16 19:28:28 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)

DRV:64bit: - [2010/05/16 19:28:26 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)

DRV:64bit: - [2010/04/16 18:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)

DRV:64bit: - [2010/03/19 05:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2009/11/18 06:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)

DRV:64bit: - [2009/07/20 04:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)

DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/19 21:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2009/06/10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)

DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2008/05/23 19:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2010/07/26 15:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\Asus\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)

DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2009/07/02 19:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\Asus\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com

IE - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/

IE - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - No CLSID value found

IE - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com

IE - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - No CLSID value found

IE - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011/05/04 06:57:06 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2012/01/19 19:39:08 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)

O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)

O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found.

O3 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found.

O3 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found.

O4:64bit: - HKLM..\Run: [intelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [setwallpaper] c:\programdata\SetWallpaper.cmd File not found

O4:64bit: - HKLM..\Run: [synAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)

O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)

O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)

O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)

O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe ()

O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows ® Win 7 DDK provider)

O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [sessionLogon] C:\ExpressGateUtil\SessionLogon.exe File not found

O4 - HKLM..\Run: [THX TruStudio NB Settings] C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [updateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updReg] C:\Windows\UpdReg.EXE (Creative Technology Ltd.)

O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()

O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()

O4 - HKLM..\Run: [WRSVC] C:\Program Files\Webroot\WRSA.exe (Webroot)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)

O4 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)

O4 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007..\RunOnce: [mctadmin] "C:\Windows\System32\mctadmin.exe" File not found

O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

O4 - Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0

O7 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0

O7 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0

O7 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0

O7 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0

O7 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0

O7 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0

O7 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0

O7 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0

O7 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0

O7 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0

O7 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0

O7 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C7D2343-883F-4BB3-B69F-C9C31C7C2651}: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97A60928-7EB4-4C21-A7BE-6581D121CA88}: DhcpNameServer = 10.0.0.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)

O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)

O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O29:64bit: - HKLM SecurityProviders - (msapsspc.dll) - File not found

O29:64bit: - HKLM SecurityProviders - (digest.dll) - File not found

O29:64bit: - HKLM SecurityProviders - (msnsspc.dll) - File not found

O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found

O29 - HKLM SecurityProviders - (digest.dll) - File not found

O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O35 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000..exefile [open] -- "%1" %*

O35 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKU\.DEFAULT\...exe [@ = exefile] -- "%1" %*

O37 - HKU\S-1-5-18\...exe [@ = exefile] -- "%1" %*

O37 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\...exe [@ = exefile] -- "%1" %*

O37 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/05 14:10:09 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\Desktop\RK_Quarantine

[2012/02/05 10:22:30 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{122BB388-8BC1-4919-A85A-6AB6142DCF26}

[2012/02/05 10:22:19 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{9DAD5933-0CFF-4967-BCFB-29E8E620C161}

[2012/02/03 21:48:41 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{A1F93DCF-B6DE-44C4-854B-8BCB52210DE7}

[2012/02/03 21:48:30 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{6D9615E3-CB8A-4788-9D6C-C3CC61CBC193}

[2012/02/03 09:48:05 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{FBA51344-97AD-4D69-8A66-E64EE2B03941}

[2012/02/03 09:47:54 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{6D300265-2882-47D0-9A31-B1847CE1131E}

[2012/02/02 12:51:56 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{6AE49D26-8F6F-4041-B0E2-E57D7B2CAF56}

[2012/02/02 12:51:45 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{C67097D0-9CDC-41A7-8DA8-E7E2BE4CEC09}

[2012/02/01 12:19:17 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{05BDD988-EAEB-4E2A-A08D-7446FF267929}

[2012/02/01 12:19:07 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{903ED5C2-897F-44D8-8D0D-F823EAB315E3}

[2012/01/25 17:22:32 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{71050A47-C8D5-4909-BC3E-CB2E428094C7}

[2012/01/25 17:22:21 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{8CE314BF-3DA0-49AE-91D5-C7782FB9F8B2}

[2012/01/25 05:22:09 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{8532C253-30AE-4D7A-AB4A-271835B95794}

[2012/01/24 13:07:39 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{CD76267D-3E4A-4A6C-B0F9-077F2A5BBF37}

[2012/01/23 20:28:50 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{B32136EF-9E1D-4E41-B813-B957A657D357}

[2012/01/23 08:28:24 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{35057F3F-A546-492C-B99B-1DAFB35CA158}

[2012/01/23 08:28:13 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{30C72BBA-4760-49A6-8664-3959533CFC6C}

[2012/01/23 05:21:05 | 000,000,000 | ---D | C] -- C:\PWRD

[2012/01/23 05:21:04 | 000,000,000 | ---D | C] -- C:\ProgramData\PWD

[2012/01/23 05:14:44 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment

[2012/01/21 09:46:25 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{0A2C3DCC-E1F5-4A2D-9C9E-7460696040F4}

[2012/01/21 09:46:13 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{F2E50155-2DAA-4B32-B0C2-1A2E8F4BBA4F}

[2012/01/21 00:45:09 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\Documents\My Games

[2012/01/21 00:45:09 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Roaming\BigHugeEngine

[2012/01/20 16:59:52 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{DED13555-D97B-42F8-9BF9-896493F2C8EA}

[2012/01/20 16:59:40 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{9C478EE0-CA28-448D-BCC6-FB9458CAD15C}

[2012/01/19 20:13:52 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\Documents\HeroBlade Logs

[2012/01/19 19:41:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere

[2012/01/19 19:41:21 | 000,097,136 | ---- | C] (Webroot) -- C:\Windows\SysNative\WRusr.dll

[2012/01/19 19:41:20 | 000,145,528 | ---- | C] (Webroot) -- C:\Windows\SysWow64\WRusr.dll

[2012/01/19 19:41:19 | 000,111,592 | ---- | C] (Webroot) -- C:\Windows\SysNative\drivers\WRkrn.sys

[2012/01/19 19:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\Webroot

[2012/01/19 19:40:54 | 000,000,000 | ---D | C] -- C:\ProgramData\WRData

[2012/01/19 01:26:03 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Roaming\Malwarebytes

[2012/01/19 01:25:51 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012/01/19 01:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012/01/19 01:25:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012/01/19 01:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012/01/18 15:56:32 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{8FE65F55-7B50-4EF5-A097-0286322B8A0B}

[2012/01/18 15:56:21 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{1E622D3F-6030-4338-A603-67D6A2EDF07F}

[2012/01/18 03:06:54 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{DD338B4D-7ECB-4484-A617-87D75D77FE2F}

[2012/01/17 15:06:29 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{DC099166-FA94-44E2-A5D0-1CEC061636FD}

[2012/01/17 15:06:17 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{579C4399-0863-4566-869A-7DBCDC15CEDC}

[2012/01/16 14:29:36 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{43CD0D9E-FCD3-4434-ADFA-4AB3498FA7E6}

[2012/01/16 14:29:25 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{EE2FA067-75A3-4914-ACAB-89DBD0240FD6}

[2012/01/13 13:12:56 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{E3124284-1044-4249-9030-269B0CE5C811}

[2012/01/13 13:12:45 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{F21F5EF3-5DC3-494B-AC8B-4CEBF9ADFC70}

[2012/01/09 13:28:39 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{31675FBD-A1A3-4557-9359-6641EA53589C}

[2012/01/09 13:28:28 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{49A04A97-3721-4D62-89AC-33E335BDF751}

[2012/01/07 13:38:07 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\ElevatedDiagnostics

[2012/01/06 15:21:02 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{B90C9C0D-56E9-4BCA-ABB1-63C080A2848E}

[2012/01/06 15:20:51 | 000,000,000 | ---D | C] -- C:\Users\Dustin Bechtel\AppData\Local\{A32DCAE5-8CEE-4870-8467-64AA29376981}

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/05 09:13:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/02/04 10:44:30 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/02/04 10:44:30 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/02/04 10:41:32 | 000,742,894 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012/02/04 10:41:32 | 000,636,268 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012/02/04 10:41:32 | 000,110,694 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012/02/04 10:37:07 | 000,000,749 | ---- | M] () -- C:\Users\Public\Desktop\Webroot SecureAnywhere.lnk

[2012/02/04 10:37:00 | 2129,526,783 | -HS- | M] () -- C:\hiberfil.sys

[2012/02/02 13:56:29 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe

[2012/02/02 13:25:01 | 000,145,528 | ---- | M] (Webroot) -- C:\Windows\SysWow64\WRusr.dll

[2012/02/02 13:25:01 | 000,111,592 | ---- | M] (Webroot) -- C:\Windows\SysNative\drivers\WRkrn.sys

[2012/02/02 13:25:01 | 000,097,136 | ---- | M] (Webroot) -- C:\Windows\SysNative\WRusr.dll

[2012/02/02 12:56:14 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/01/23 05:20:22 | 000,000,956 | ---- | M] () -- C:\Users\Public\Desktop\War of the Immortals.lnk

[2012/01/19 19:39:08 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2012/01/19 19:36:49 | 000,007,652 | ---- | M] () -- C:\Users\Dustin Bechtel\AppData\Local\resmon.resmoncfg

[2012/01/18 22:40:22 | 000,009,213 | ---- | M] () -- C:\Users\Dustin Bechtel\AppData\Roaming\windowslogs

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/02 12:56:14 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/01/31 19:55:02 | 000,000,749 | ---- | C] () -- C:\Users\Public\Desktop\Webroot SecureAnywhere.lnk

[2012/01/23 05:20:22 | 000,000,956 | ---- | C] () -- C:\Users\Public\Desktop\War of the Immortals.lnk

[2012/01/18 20:08:35 | 000,009,213 | ---- | C] () -- C:\Users\Dustin Bechtel\AppData\Roaming\windowslogs

[2011/08/22 14:59:12 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini

[2011/06/25 22:07:11 | 000,007,652 | ---- | C] () -- C:\Users\Dustin Bechtel\AppData\Local\resmon.resmoncfg

[2011/06/17 11:50:19 | 000,759,118 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011/05/20 21:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

[2011/05/04 07:30:53 | 000,001,200 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini

[2011/05/04 07:30:53 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini

[2011/05/04 07:30:53 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini

[2011/05/04 07:30:52 | 000,181,760 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL

[2011/05/04 07:30:52 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL

[2011/05/04 07:14:21 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll

[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2009/07/29 00:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini

[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2012/01/21 00:45:09 | 000,000,000 | ---D | M] -- C:\Users\Dustin Bechtel\AppData\Roaming\BigHugeEngine

[2011/08/16 00:12:46 | 000,000,000 | ---D | M] -- C:\Users\Dustin Bechtel\AppData\Roaming\DriverFinder

[2011/12/14 19:24:33 | 000,000,000 | ---D | M] -- C:\Users\Dustin Bechtel\AppData\Roaming\Electronic Arts

[2011/06/26 14:01:27 | 000,000,000 | ---D | M] -- C:\Users\Dustin Bechtel\AppData\Roaming\GetRightToGo

[2011/06/17 21:07:50 | 000,000,000 | ---D | M] -- C:\Users\Dustin Bechtel\AppData\Roaming\Lionhead Studios

[2011/06/14 17:33:29 | 000,000,000 | ---D | M] -- C:\Users\Dustin Bechtel\AppData\Roaming\Nuance

[2011/07/23 01:12:47 | 000,000,000 | ---D | M] -- C:\Users\Dustin Bechtel\AppData\Roaming\RIFT

[2011/11/11 18:04:36 | 000,000,000 | ---D | M] -- C:\Users\Dustin Bechtel\AppData\Roaming\SoftGrid Client

[2011/06/17 11:51:12 | 000,000,000 | ---D | M] -- C:\Users\Dustin Bechtel\AppData\Roaming\TP

[2011/06/14 17:33:25 | 000,000,000 | ---D | M] -- C:\Users\Dustin Bechtel\AppData\Roaming\Zeon

[2011/08/26 12:33:59 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

OTL Extras logfile created on: 2/5/2012 2:13:55 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Dustin Bechtel\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.98 Gb Total Physical Memory | 6.19 Gb Available Physical Memory | 77.64% Memory free

15.95 Gb Paging File | 13.78 Gb Available in Paging File | 86.39% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 677.15 Gb Total Space | 546.70 Gb Free Space | 80.74% Space Free | Partition Type: NTFS

Computer Name: DUSTINBECHTEL | User Name: Dustin Bechtel | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = internetshortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-19\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-20\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1637223077-1823268894-3705665849-1000\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1637223077-1823268894-3705665849-1007\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety

"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel® Turbo Boost Technology Monitor

"{45C1C61B-9DA9-4B61-8C89-C76B1746C3AA}" = Fresco Logic USB3.0 Host Controller

"{4F26C164-9373-4974-8F43-E0F2176AF937}" = Intel WiMAX Tutorial

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6548B189-BEA4-4041-80E0-AEB60548E046}" = Intel® PROSet/Wireless WiMAX Software

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid

"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security

"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 275.33

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 275.33

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 275.33

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 275.33

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.23.3

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"NVIDIA Display Control Panel" = NVIDIA Display Control Panel

"ProInst" = Intel PROSet Wireless

"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{02EE09E7-958A-4E7F-80B6-8BA2D262BD04}" = ASUS AI Recovery

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0C4FF2FE-9E75-4DBF-B2DA-11CE1F10C4B5}" = Roxio AACS Certificate

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3

"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java 6 Update 30

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"{499DED08-6FA8-4749-8E94-8526CC9D1CA8}" = ExpressGate Cloud

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver

"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{7EE9145D-C430-44E6-B5ED-61FF9C332101}_is1" = War of the Immortals

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash

"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7DEE877-3031-4313-B235-96FDEB16EF7E}" = Roxio CinePlayer

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package

"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime

"{B11AB9C8-18A6-41DC-98B4-4988CC030136}" = THX TruStudio

"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader

"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX

"{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}" = Roxio CinePlayer

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager

"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module

"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update

"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Asus Vibe2.0" = AsusVibe2.0

"Asus_G73_Screensaver" = Asus_G73_Screensaver

"DriverFinder" = DriverFinder

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"InstallShield_{499DED08-6FA8-4749-8E94-8526CC9D1CA8}" = ExpressGate Cloud

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"InstallShield_{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000

"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Office14.Click2Run" = Microsoft Office Click-to-Run 2010

"Steam App 105400" = Fable III

"Steam App 203970" = Kingdoms of Amalur: Reckoning Demo

"Steam App 58540" = Divinity II - The Dragon Knight Saga

"SystemRequirementsLab" = System Requirements Lab

"WinLiveSuite" = Windows Live Essentials

"World of Warcraft" = World of Warcraft

"WRUNINST" = Webroot SecureAnywhere

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1637223077-1823268894-3705665849-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"090215de958f1060" = Curse Client

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 12/16/2011 11:17:23 AM | Computer Name = DustinBechtel | Source = Application Error | ID = 1000

Description = Faulting application name: WRConsumerService.exe, version: 7.0.11.25,

time stamp: 0x4e5b11d3 Faulting module name: ole32.dll, version: 6.1.7601.17514,

time stamp: 0x4ce7b96f Exception code: 0xc0000005 Fault offset: 0x0003bc21 Faulting

process id: 0x378 Faulting application start time: 0x01ccbc058f651e61 Faulting application

path: C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe

Faulting

module path: C:\Windows\syswow64\ole32.dll Report Id: 0dc48695-27f9-11e1-bbfc-f46d04393cdc

Error - 1/1/2012 5:01:10 AM | Computer Name = DustinBechtel | Source = Application Error | ID = 1000

Description = Faulting application name: swtor.exe, version: 1.0.0.0, time stamp:

0x4ef3bb70 Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp:

0x4e211319 Exception code: 0xc0000005 Fault offset: 0x0000b9bc Faulting process id:

0x18cc Faulting application start time: 0x01ccc7fef137b141 Faulting application path:

C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\RetailClient\swtor.exe

Faulting

module path: C:\Windows\syswow64\KERNELBASE.dll Report Id: 25b71f53-3457-11e1-86d2-f46d04393cdc

Error - 1/1/2012 5:06:27 AM | Computer Name = DustinBechtel | Source = Application Error | ID = 1000

Description = Faulting application name: launcher.exe_SWTOR Launcher, version: 3.1.7.0,

time stamp: 0x4ec55d62 Faulting module name: launcher.exe, version: 3.1.7.0, time

stamp: 0x4ec55d62 Exception code: 0xc0000005 Fault offset: 0x00001ef6 Faulting process

id: 0x1244 Faulting application start time: 0x01ccc8645bea3bb3 Faulting application

path: C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe

Faulting

module path: C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old

Republic\launcher.exe Report Id: e28afc03-3457-11e1-86d2-f46d04393cdc

Error - 1/1/2012 5:11:45 AM | Computer Name = DustinBechtel | Source = Application Hang | ID = 1002

Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting

with Windows and was closed. To see if more information about the problem is available,

check the problem history in the Action Center control panel. Process ID: 14fc Start

Time: 01ccc864f7e929a8 Termination Time: 0 Application Path: C:\Program Files (x86)\Internet

Explorer\iexplore.exe Report Id:

Error - 1/1/2012 5:12:04 AM | Computer Name = DustinBechtel | Source = Application Hang | ID = 1002

Description = The program WRFrame.exe version 7.0.12.22 stopped interacting with

Windows and was closed. To see if more information about the problem is available,

check the problem history in the Action Center control panel. Process ID: 1b30 Start

Time: 01ccc864fd1b3ac7 Termination Time: 0 Application Path: C:\Program Files (x86)\Webroot\Security\Current\Framework\WRFrame.exe

Report

Id: 979b0ef8-3458-11e1-86d2-f46d04393cdc

Error - 1/11/2012 8:24:45 PM | Computer Name = DustinBechtel | Source = Microsoft-Windows-CAPI2 | ID = 513

Description = Cryptographic Services failed while processing the OnIdentity() call

in the System Writer Object. Details: AddCoreCsiFiles : GetNextFileMapContent() failed.

System

Error: The process cannot access the file because it is being used by another process.

.

Error - 1/11/2012 8:32:06 PM | Computer Name = DustinBechtel | Source = Windows Backup | ID = 4104

Description =

Error - 1/21/2012 1:43:10 AM | Computer Name = DustinBechtel | Source = Microsoft-Windows-CAPI2 | ID = 513

Description = Cryptographic Services failed while processing the OnIdentity() call

in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image

of binary ssfmonm. System Error: The system cannot find the file specified. .

Error - 1/21/2012 1:43:10 AM | Computer Name = DustinBechtel | Source = Microsoft-Windows-CAPI2 | ID = 513

Description = Cryptographic Services failed while processing the OnIdentity() call

in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image

of binary ssidrv. System Error: The system cannot find the file specified. .

Error - 1/22/2012 5:34:00 AM | Computer Name = DustinBechtel | Source = Application Error | ID = 1000

Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,

time stamp: 0x4d76255d Faulting module name: Flash10t.ocx, version: 10.3.181.26,

time stamp: 0x4df339cd Exception code: 0xc0000005 Fault offset: 0x00424a3a Faulting

process id: 0x154c Faulting application start time: 0x01ccd8e4e1e17452 Faulting application

path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:

C:\Windows\SysWOW64\Macromed\Flash\Flash10t.ocx Report Id: 36663d15-44dc-11e1-91fd-f46d04393cdc

[ System Events ]

Error - 9/8/2011 3:23:02 PM | Computer Name = DustinBechtel | Source = Service Control Manager | ID = 7022

Description = The Webroot Spy Sweeper Engine service hung on starting.

Error - 9/9/2011 1:17:17 PM | Computer Name = DustinBechtel | Source = Service Control Manager | ID = 7022

Description = The Webroot Spy Sweeper Engine service hung on starting.

Error - 9/9/2011 1:18:44 PM | Computer Name = DustinBechtel | Source = Service Control Manager | ID = 7034

Description = The Webroot Client Service service terminated unexpectedly. It has

done this 1 time(s).

Error - 9/10/2011 3:41:54 PM | Computer Name = DustinBechtel | Source = Service Control Manager | ID = 7009

Description = A timeout was reached (30000 milliseconds) while waiting for the Steam

Client Service service to connect.

Error - 9/10/2011 3:41:54 PM | Computer Name = DustinBechtel | Source = Service Control Manager | ID = 7000

Description = The Steam Client Service service failed to start due to the following

error: %%1053

Error - 9/25/2011 4:11:19 PM | Computer Name = DustinBechtel | Source = Service Control Manager | ID = 7009

Description = A timeout was reached (30000 milliseconds) while waiting for the Steam

Client Service service to connect.

Error - 9/25/2011 4:11:19 PM | Computer Name = DustinBechtel | Source = Service Control Manager | ID = 7000

Description = The Steam Client Service service failed to start due to the following

error: %%1053

Error - 9/25/2011 8:32:40 PM | Computer Name = DustinBechtel | Source = Service Control Manager | ID = 7009

Description = A timeout was reached (30000 milliseconds) while waiting for the Steam

Client Service service to connect.

Error - 9/25/2011 8:32:40 PM | Computer Name = DustinBechtel | Source = Service Control Manager | ID = 7000

Description = The Steam Client Service service failed to start due to the following

error: %%1053

Error - 9/28/2011 12:48:50 AM | Computer Name = DustinBechtel | Source = DCOM | ID = 10010

Description =

< End of report >

Link to post
Share on other sites

Lets clean these up...........

Please do this:

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - No CLSID value found
    IE - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - No CLSID value found
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found.
    O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found.
    O3 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found.
    O3 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found.
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007..\RunOnce: [mctadmin] "C:\Windows\System32\mctadmin.exe" File not found
    :Commands
    [emptytemp]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, when done it will say "Fix Complete press ok to open the log"
  • Please post that log in your next reply. Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

MrC

Link to post
Share on other sites

This came up on reboot

All processes killed

Error: Unable to interpret <:OTLIE - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - No CLSID value foundIE - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - No CLSID value foundO3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found.O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found.O3 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found.O3 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found.O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File n> in the current context!

Error: Unable to interpret <ot foundO4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not foundO4 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007..\RunOnce: [mctadmin] "C:\Windows\System32\mctadmin.exe" File not found:Commands[emptytemp]> in the current context!

OTL by OldTimer - Version 3.2.31.0 log created on 02052012_145629

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Hope this is what u wanted because nothing comes up when I search in notebook files with your *.log

Link to post
Share on other sites

No, it wasn't enter correctly, this is the code: (in blue > copy and paste)

:OTL

IE - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - No CLSID value found

IE - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - No CLSID value found

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found.

O3 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1000\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found.

O3 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found.

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-21-1637223077-1823268894-3705665849-1007..\RunOnce: [mctadmin] "C:\Windows\System32\mctadmin.exe" File not found

:Commands

[emptytemp]

MrC

Link to post
Share on other sites

Alright again on start up this came up

All processes killed

========== OTL ==========

Registry value HKEY_USERS\S-1-5-21-1637223077-1823268894-3705665849-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{a8864317-e18b-4292-99d9-e6e65ab905d3} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8864317-e18b-4292-99d9-e6e65ab905d3}\ not found.

Registry value HKEY_USERS\S-1-5-21-1637223077-1823268894-3705665849-1007\Software\Microsoft\Internet Explorer\URLSearchHooks\\{a8864317-e18b-4292-99d9-e6e65ab905d3} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8864317-e18b-4292-99d9-e6e65ab905d3}\ not found.

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A8864317-E18B-4292-99D9-E6E65AB905D3} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8864317-E18B-4292-99D9-E6E65AB905D3}\ not found.

Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A8864317-E18B-4292-99D9-E6E65AB905D3} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8864317-E18B-4292-99D9-E6E65AB905D3}\ not found.

Registry value HKEY_USERS\S-1-5-21-1637223077-1823268894-3705665849-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A8864317-E18B-4292-99D9-E6E65AB905D3} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8864317-E18B-4292-99D9-E6E65AB905D3}\ not found.

Registry value HKEY_USERS\S-1-5-21-1637223077-1823268894-3705665849-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A8864317-E18B-4292-99D9-E6E65AB905D3} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8864317-E18B-4292-99D9-E6E65AB905D3}\ not found.

Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-21-1637223077-1823268894-3705665849-1007\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

File ptytemp] not found.

OTL by OldTimer - Version 3.2.31.0 log created on 02052012_150804

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Link to post
Share on other sites

Please download and run TDSSKiller as outlined in the post below:

http://forums.malwar...howtopic=104821

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic please choose

Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Post back the log, MrC

Link to post
Share on other sites

15:16:18.0570 6028 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49

15:16:18.0820 6028 ============================================================

15:16:18.0820 6028 Current date / time: 2012/02/05 15:16:18.0820

15:16:18.0820 6028 SystemInfo:

15:16:18.0820 6028

15:16:18.0820 6028 OS Version: 6.1.7601 ServicePack: 1.0

15:16:18.0820 6028 Product type: Workstation

15:16:18.0820 6028 ComputerName: DUSTINBECHTEL

15:16:18.0820 6028 UserName: Dustin Bechtel

15:16:18.0820 6028 Windows directory: C:\Windows

15:16:18.0820 6028 System windows directory: C:\Windows

15:16:18.0820 6028 Running under WOW64

15:16:18.0835 6028 Processor architecture: Intel x64

15:16:18.0835 6028 Number of processors: 8

15:16:18.0835 6028 Page size: 0x1000

15:16:18.0835 6028 Boot type: Normal boot

15:16:18.0835 6028 ============================================================

15:16:24.0763 6028 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

15:16:24.0779 6028 \Device\Harddisk0\DR0:

15:16:24.0779 6028 MBR used

15:16:24.0779 6028 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2AF98B5, BlocksNum 0x54A4C63B

15:16:24.0826 6028 Initialize success

15:16:24.0826 6028 ============================================================

15:16:51.0907 5968 ============================================================

15:16:51.0907 5968 Scan started

15:16:51.0907 5968 Mode: Manual; SigCheck; TDLFS;

15:16:51.0907 5968 ============================================================

15:16:52.0422 5968 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

15:16:52.0500 5968 1394ohci - ok

15:16:52.0531 5968 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

15:16:52.0547 5968 ACPI - ok

15:16:52.0563 5968 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

15:16:52.0656 5968 AcpiPmi - ok

15:16:52.0719 5968 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

15:16:52.0734 5968 adp94xx - ok

15:16:52.0765 5968 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

15:16:52.0781 5968 adpahci - ok

15:16:52.0812 5968 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

15:16:52.0828 5968 adpu320 - ok

15:16:52.0906 5968 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys

15:16:52.0953 5968 AFD - ok

15:16:53.0015 5968 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

15:16:53.0031 5968 agp440 - ok

15:16:53.0077 5968 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

15:16:53.0093 5968 aliide - ok

15:16:53.0140 5968 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

15:16:53.0155 5968 amdide - ok

15:16:53.0218 5968 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

15:16:53.0280 5968 AmdK8 - ok

15:16:53.0296 5968 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

15:16:53.0343 5968 AmdPPM - ok

15:16:53.0374 5968 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

15:16:53.0389 5968 amdsata - ok

15:16:53.0421 5968 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

15:16:53.0436 5968 amdsbs - ok

15:16:53.0467 5968 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

15:16:53.0467 5968 amdxata - ok

15:16:53.0530 5968 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

15:16:53.0686 5968 AppID - ok

15:16:53.0795 5968 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

15:16:53.0811 5968 arc - ok

15:16:53.0842 5968 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

15:16:53.0857 5968 arcsas - ok

15:16:53.0920 5968 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

15:16:53.0935 5968 ASMMAP64 - ok

15:16:53.0967 5968 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

15:16:54.0091 5968 AsyncMac - ok

15:16:54.0169 5968 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

15:16:54.0185 5968 atapi - ok

15:16:54.0232 5968 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\Windows\system32\DRIVERS\athrx.sys

15:16:54.0388 5968 athr - ok

15:16:54.0466 5968 ATKWMIACPIIO (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

15:16:54.0481 5968 ATKWMIACPIIO - ok

15:16:54.0591 5968 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

15:16:54.0637 5968 b06bdrv - ok

15:16:54.0700 5968 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

15:16:54.0715 5968 b57nd60a - ok

15:16:54.0809 5968 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

15:16:54.0856 5968 Beep - ok

15:16:54.0887 5968 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

15:16:54.0918 5968 blbdrive - ok

15:16:54.0996 5968 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

15:16:55.0043 5968 bowser - ok

15:16:55.0090 5968 bpenum (f46dd257fad7d2d097ef32e72220a06c) C:\Windows\system32\DRIVERS\bpenum.sys

15:16:55.0137 5968 bpenum - ok

15:16:55.0168 5968 bpmp (e82060aed0f28ed8909f2b07fa276185) C:\Windows\system32\DRIVERS\bpmp.sys

15:16:55.0215 5968 bpmp - ok

15:16:55.0261 5968 bpusb (fc6313a5a45c1ae53d0491f0057d5a4d) C:\Windows\system32\Drivers\bpusb.sys

15:16:55.0293 5968 bpusb - ok

15:16:55.0339 5968 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

15:16:55.0371 5968 BrFiltLo - ok

15:16:55.0386 5968 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

15:16:55.0402 5968 BrFiltUp - ok

15:16:55.0480 5968 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

15:16:55.0527 5968 Brserid - ok

15:16:55.0558 5968 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

15:16:55.0589 5968 BrSerWdm - ok

15:16:55.0605 5968 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

15:16:55.0636 5968 BrUsbMdm - ok

15:16:55.0651 5968 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

15:16:55.0683 5968 BrUsbSer - ok

15:16:55.0698 5968 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

15:16:55.0729 5968 BTHMODEM - ok

15:16:55.0776 5968 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

15:16:55.0823 5968 cdfs - ok

15:16:55.0885 5968 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

15:16:55.0917 5968 cdrom - ok

15:16:55.0963 5968 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

15:16:55.0995 5968 circlass - ok

15:16:56.0026 5968 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

15:16:56.0041 5968 CLFS - ok

15:16:56.0182 5968 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

15:16:56.0213 5968 CmBatt - ok

15:16:56.0244 5968 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

15:16:56.0260 5968 cmdide - ok

15:16:56.0307 5968 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

15:16:56.0322 5968 CNG - ok

15:16:56.0353 5968 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

15:16:56.0369 5968 Compbatt - ok

15:16:56.0416 5968 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

15:16:56.0447 5968 CompositeBus - ok

15:16:56.0494 5968 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

15:16:56.0509 5968 crcdisk - ok

15:16:56.0587 5968 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

15:16:56.0634 5968 DfsC - ok

15:16:56.0743 5968 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

15:16:56.0775 5968 discache - ok

15:16:56.0790 5968 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

15:16:56.0806 5968 Disk - ok

15:16:56.0853 5968 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

15:16:56.0868 5968 drmkaud - ok

15:16:56.0915 5968 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

15:16:56.0946 5968 DXGKrnl - ok

15:16:57.0024 5968 EagleX64 - ok

15:16:57.0118 5968 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

15:16:57.0196 5968 ebdrv - ok

15:16:57.0305 5968 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

15:16:57.0321 5968 elxstor - ok

15:16:57.0367 5968 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

15:16:57.0399 5968 ErrDev - ok

15:16:57.0445 5968 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

15:16:57.0477 5968 exfat - ok

15:16:57.0508 5968 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

15:16:57.0539 5968 fastfat - ok

15:16:57.0555 5968 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

15:16:57.0601 5968 fdc - ok

15:16:57.0633 5968 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

15:16:57.0648 5968 FileInfo - ok

15:16:57.0664 5968 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

15:16:57.0711 5968 Filetrace - ok

15:16:57.0726 5968 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

15:16:57.0742 5968 flpydisk - ok

15:16:57.0789 5968 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

15:16:57.0804 5968 FltMgr - ok

15:16:57.0867 5968 FLxHCIc (d0adbcf2a5316d23ef67dfaa02d5d544) C:\Windows\system32\DRIVERS\FLxHCIc.sys

15:16:57.0913 5968 FLxHCIc - ok

15:16:57.0929 5968 FLxHCIh (f9b6db9727ad2f14ecf84e43eb5279f7) C:\Windows\system32\DRIVERS\FLxHCIh.sys

15:16:57.0960 5968 FLxHCIh - ok

15:16:58.0007 5968 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

15:16:58.0023 5968 FsDepends - ok

15:16:58.0069 5968 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

15:16:58.0085 5968 fssfltr - ok

15:16:58.0147 5968 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

15:16:58.0163 5968 Fs_Rec - ok

15:16:58.0210 5968 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

15:16:58.0225 5968 fvevol - ok

15:16:58.0241 5968 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

15:16:58.0257 5968 gagp30kx - ok

15:16:58.0272 5968 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

15:16:58.0319 5968 hcw85cir - ok

15:16:58.0397 5968 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

15:16:58.0428 5968 HdAudAddService - ok

15:16:58.0475 5968 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

15:16:58.0506 5968 HDAudBus - ok

15:16:58.0537 5968 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

15:16:58.0584 5968 HidBatt - ok

15:16:58.0600 5968 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

15:16:58.0631 5968 HidBth - ok

15:16:58.0662 5968 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

15:16:58.0693 5968 HidIr - ok

15:16:58.0756 5968 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

15:16:58.0787 5968 HidUsb - ok

15:16:58.0818 5968 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

15:16:58.0834 5968 HpSAMD - ok

15:16:58.0896 5968 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

15:16:58.0943 5968 HTTP - ok

15:16:58.0974 5968 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

15:16:58.0990 5968 hwpolicy - ok

15:16:59.0037 5968 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

15:16:59.0052 5968 i8042prt - ok

15:16:59.0115 5968 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys

15:16:59.0130 5968 iaStor - ok

15:16:59.0193 5968 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

15:16:59.0208 5968 iaStorV - ok

15:16:59.0239 5968 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

15:16:59.0255 5968 iirsp - ok

15:16:59.0349 5968 IntcAzAudAddService (028e40182a6f0374978c755f85b9f07c) C:\Windows\system32\drivers\RTKVHD64.sys

15:16:59.0380 5968 IntcAzAudAddService - ok

15:16:59.0442 5968 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

15:16:59.0442 5968 intelide - ok

15:16:59.0489 5968 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

15:16:59.0505 5968 intelppm - ok

15:16:59.0551 5968 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:16:59.0583 5968 IpFilterDriver - ok

15:16:59.0645 5968 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

15:16:59.0661 5968 IPMIDRV - ok

15:16:59.0785 5968 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

15:16:59.0817 5968 IPNAT - ok

15:16:59.0848 5968 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

15:16:59.0879 5968 IRENUM - ok

15:16:59.0910 5968 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

15:16:59.0926 5968 isapnp - ok

15:16:59.0957 5968 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

15:16:59.0957 5968 iScsiPrt - ok

15:16:59.0988 5968 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

15:17:00.0004 5968 kbdclass - ok

15:17:00.0019 5968 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

15:17:00.0051 5968 kbdhid - ok

15:17:00.0082 5968 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys

15:17:00.0082 5968 kbfiltr - ok

15:17:00.0129 5968 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

15:17:00.0144 5968 KSecDD - ok

15:17:00.0160 5968 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

15:17:00.0175 5968 KSecPkg - ok

15:17:00.0207 5968 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

15:17:00.0253 5968 ksthunk - ok

15:17:00.0300 5968 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

15:17:00.0347 5968 lltdio - ok

15:17:00.0441 5968 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

15:17:00.0456 5968 LSI_FC - ok

15:17:00.0487 5968 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

15:17:00.0487 5968 LSI_SAS - ok

15:17:00.0519 5968 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

15:17:00.0519 5968 LSI_SAS2 - ok

15:17:00.0550 5968 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

15:17:00.0550 5968 LSI_SCSI - ok

15:17:00.0581 5968 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

15:17:00.0643 5968 luafv - ok

15:17:00.0784 5968 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

15:17:00.0784 5968 MBAMProtector - ok

15:17:00.0893 5968 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys

15:17:00.0893 5968 MBfilt - ok

15:17:00.0924 5968 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

15:17:00.0940 5968 megasas - ok

15:17:00.0971 5968 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

15:17:00.0987 5968 MegaSR - ok

15:17:01.0033 5968 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys

15:17:01.0033 5968 MEIx64 - ok

15:17:01.0080 5968 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

15:17:01.0127 5968 Modem - ok

15:17:01.0158 5968 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

15:17:01.0174 5968 monitor - ok

15:17:01.0236 5968 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

15:17:01.0236 5968 mouclass - ok

15:17:01.0267 5968 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

15:17:01.0283 5968 mouhid - ok

15:17:01.0345 5968 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

15:17:01.0345 5968 mountmgr - ok

15:17:01.0392 5968 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

15:17:01.0408 5968 mpio - ok

15:17:01.0439 5968 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

15:17:01.0486 5968 mpsdrv - ok

15:17:01.0533 5968 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

15:17:01.0611 5968 MRxDAV - ok

15:17:01.0689 5968 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

15:17:01.0720 5968 mrxsmb - ok

15:17:01.0767 5968 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:17:01.0798 5968 mrxsmb10 - ok

15:17:01.0829 5968 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:17:01.0845 5968 mrxsmb20 - ok

15:17:01.0876 5968 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

15:17:01.0891 5968 msahci - ok

15:17:01.0907 5968 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

15:17:01.0923 5968 msdsm - ok

15:17:01.0969 5968 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

15:17:02.0001 5968 Msfs - ok

15:17:02.0032 5968 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

15:17:02.0079 5968 mshidkmdf - ok

15:17:02.0125 5968 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

15:17:02.0125 5968 msisadrv - ok

15:17:02.0188 5968 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

15:17:02.0235 5968 MSKSSRV - ok

15:17:02.0297 5968 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

15:17:02.0344 5968 MSPCLOCK - ok

15:17:02.0359 5968 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

15:17:02.0391 5968 MSPQM - ok

15:17:02.0437 5968 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

15:17:02.0453 5968 MsRPC - ok

15:17:02.0500 5968 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

15:17:02.0500 5968 mssmbios - ok

15:17:02.0547 5968 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

15:17:02.0609 5968 MSTEE - ok

15:17:02.0625 5968 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

15:17:02.0656 5968 MTConfig - ok

15:17:02.0687 5968 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

15:17:02.0687 5968 Mup - ok

15:17:02.0734 5968 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

15:17:02.0765 5968 NativeWifiP - ok

15:17:02.0843 5968 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

15:17:02.0874 5968 NDIS - ok

15:17:02.0905 5968 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

15:17:02.0952 5968 NdisCap - ok

15:17:03.0015 5968 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

15:17:03.0061 5968 NdisTapi - ok

15:17:03.0124 5968 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

15:17:03.0171 5968 Ndisuio - ok

15:17:03.0202 5968 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

15:17:03.0249 5968 NdisWan - ok

15:17:03.0280 5968 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

15:17:03.0327 5968 NDProxy - ok

15:17:03.0373 5968 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

15:17:03.0405 5968 NetBIOS - ok

15:17:03.0451 5968 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

15:17:03.0498 5968 NetBT - ok

15:17:03.0717 5968 NETwNs64 (eb43840babf5589e33186d094de7381d) C:\Windows\system32\DRIVERS\NETwNs64.sys

15:17:03.0935 5968 NETwNs64 - ok

15:17:03.0982 5968 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

15:17:03.0997 5968 nfrd960 - ok

15:17:04.0029 5968 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

15:17:04.0075 5968 Npfs - ok

15:17:04.0107 5968 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

15:17:04.0122 5968 nsiproxy - ok

15:17:04.0200 5968 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

15:17:04.0247 5968 Ntfs - ok

15:17:04.0278 5968 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

15:17:04.0325 5968 Null - ok

15:17:04.0419 5968 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys

15:17:04.0419 5968 NVHDA - ok

15:17:04.0637 5968 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys

15:17:04.0793 5968 nvlddmkm - ok

15:17:04.0933 5968 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

15:17:04.0933 5968 nvraid - ok

15:17:04.0965 5968 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

15:17:04.0965 5968 nvstor - ok

15:17:05.0027 5968 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

15:17:05.0043 5968 nv_agp - ok

15:17:05.0058 5968 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

15:17:05.0089 5968 ohci1394 - ok

15:17:05.0152 5968 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

15:17:05.0183 5968 Parport - ok

15:17:05.0214 5968 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

15:17:05.0230 5968 partmgr - ok

15:17:05.0277 5968 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

15:17:05.0292 5968 pci - ok

15:17:05.0308 5968 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

15:17:05.0308 5968 pciide - ok

15:17:05.0339 5968 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

15:17:05.0355 5968 pcmcia - ok

15:17:05.0386 5968 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

15:17:05.0386 5968 pcw - ok

15:17:05.0417 5968 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

15:17:05.0464 5968 PEAUTH - ok

15:17:05.0589 5968 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

15:17:05.0635 5968 PptpMiniport - ok

15:17:05.0682 5968 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

15:17:05.0713 5968 Processor - ok

15:17:05.0791 5968 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

15:17:05.0838 5968 Psched - ok

15:17:05.0869 5968 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys

15:17:05.0885 5968 PxHlpa64 - ok

15:17:05.0947 5968 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

15:17:06.0010 5968 ql2300 - ok

15:17:06.0088 5968 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

15:17:06.0103 5968 ql40xx - ok

15:17:06.0135 5968 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

15:17:06.0166 5968 QWAVEdrv - ok

15:17:06.0197 5968 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

15:17:06.0228 5968 RasAcd - ok

15:17:06.0275 5968 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

15:17:06.0322 5968 RasAgileVpn - ok

15:17:06.0369 5968 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

15:17:06.0400 5968 Rasl2tp - ok

15:17:06.0509 5968 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

15:17:06.0556 5968 RasPppoe - ok

15:17:06.0587 5968 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

15:17:06.0634 5968 RasSstp - ok

15:17:06.0681 5968 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

15:17:06.0727 5968 rdbss - ok

15:17:06.0759 5968 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

15:17:06.0790 5968 rdpbus - ok

15:17:06.0837 5968 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

15:17:06.0868 5968 RDPCDD - ok

15:17:06.0899 5968 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

15:17:06.0930 5968 RDPENCDD - ok

15:17:07.0039 5968 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

15:17:07.0071 5968 RDPREFMP - ok

15:17:07.0102 5968 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

15:17:07.0133 5968 RDPWD - ok

15:17:07.0180 5968 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

15:17:07.0195 5968 rdyboost - ok

15:17:07.0242 5968 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

15:17:07.0289 5968 rspndr - ok

15:17:07.0367 5968 RSUSBVSTOR (e57fac2cdb73f06586ed2ed310b80932) C:\Windows\system32\Drivers\RtsUVStor.sys

15:17:07.0383 5968 RSUSBVSTOR - ok

15:17:07.0398 5968 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\Windows\system32\DRIVERS\Rt64win7.sys

15:17:07.0414 5968 RTL8167 - ok

15:17:07.0461 5968 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

15:17:07.0461 5968 sbp2port - ok

15:17:07.0507 5968 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

15:17:07.0539 5968 scfilter - ok

15:17:07.0585 5968 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

15:17:07.0632 5968 secdrv - ok

15:17:07.0695 5968 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

15:17:07.0726 5968 Serenum - ok

15:17:07.0757 5968 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

15:17:07.0773 5968 Serial - ok

15:17:07.0819 5968 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

15:17:07.0851 5968 sermouse - ok

15:17:07.0882 5968 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

15:17:07.0913 5968 sffdisk - ok

15:17:07.0975 5968 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

15:17:08.0007 5968 sffp_mmc - ok

15:17:08.0022 5968 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

15:17:08.0053 5968 sffp_sd - ok

15:17:08.0085 5968 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

15:17:08.0100 5968 sfloppy - ok

15:17:08.0147 5968 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys

15:17:08.0163 5968 Sftfs - ok

15:17:08.0194 5968 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys

15:17:08.0209 5968 Sftplay - ok

15:17:08.0225 5968 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys

15:17:08.0241 5968 Sftredir - ok

15:17:08.0287 5968 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys

15:17:08.0287 5968 Sftvol - ok

15:17:08.0350 5968 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys

15:17:08.0381 5968 SiSGbeLH - ok

15:17:08.0397 5968 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

15:17:08.0428 5968 SiSRaid2 - ok

15:17:08.0443 5968 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

15:17:08.0459 5968 SiSRaid4 - ok

15:17:08.0490 5968 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

15:17:08.0537 5968 Smb - ok

15:17:08.0646 5968 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

15:17:08.0662 5968 spldr - ok

15:17:08.0709 5968 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

15:17:08.0740 5968 srv - ok

15:17:08.0818 5968 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

15:17:08.0833 5968 srv2 - ok

15:17:08.0865 5968 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

15:17:08.0896 5968 srvnet - ok

15:17:09.0021 5968 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

15:17:09.0036 5968 stexstor - ok

15:17:09.0099 5968 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

15:17:09.0099 5968 swenum - ok

15:17:09.0161 5968 SynTP (bc642d540aedf9a253c74d10c848ebd2) C:\Windows\system32\DRIVERS\SynTP.sys

15:17:09.0177 5968 SynTP - ok

15:17:09.0301 5968 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

15:17:09.0364 5968 Tcpip - ok

15:17:09.0426 5968 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

15:17:09.0457 5968 TCPIP6 - ok

15:17:09.0535 5968 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

15:17:09.0582 5968 tcpipreg - ok

15:17:09.0613 5968 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

15:17:09.0660 5968 TDPIPE - ok

15:17:09.0676 5968 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

15:17:09.0723 5968 TDTCP - ok

15:17:09.0785 5968 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

15:17:09.0816 5968 tdx - ok

15:17:09.0847 5968 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

15:17:09.0863 5968 TermDD - ok

15:17:09.0957 5968 tmactmon (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\Windows\system32\DRIVERS\tmactmon.sys

15:17:09.0957 5968 tmactmon - ok

15:17:09.0972 5968 tmcomm (360e61217d4e1e333583d0c721057f70) C:\Windows\system32\DRIVERS\tmcomm.sys

15:17:09.0988 5968 tmcomm - ok

15:17:10.0003 5968 tmevtmgr (699d34eb7c670139ca23a65372bd5743) C:\Windows\system32\DRIVERS\tmevtmgr.sys

15:17:10.0003 5968 tmevtmgr - ok

15:17:10.0035 5968 tmtdi (262198efb734012bfcd17e7479ae4a09) C:\Windows\system32\DRIVERS\tmtdi.sys

15:17:10.0050 5968 tmtdi - ok

15:17:10.0097 5968 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

15:17:10.0144 5968 tssecsrv - ok

15:17:10.0237 5968 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

15:17:10.0284 5968 TsUsbFlt - ok

15:17:10.0347 5968 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

15:17:10.0409 5968 tunnel - ok

15:17:10.0440 5968 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys

15:17:10.0440 5968 TurboB - ok

15:17:10.0487 5968 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

15:17:10.0503 5968 uagp35 - ok

15:17:10.0549 5968 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

15:17:10.0581 5968 udfs - ok

15:17:10.0627 5968 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

15:17:10.0643 5968 uliagpkx - ok

15:17:10.0659 5968 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

15:17:10.0690 5968 umbus - ok

15:17:10.0721 5968 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

15:17:10.0737 5968 UmPass - ok

15:17:10.0815 5968 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

15:17:10.0830 5968 usbaudio - ok

15:17:10.0877 5968 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

15:17:10.0893 5968 usbccgp - ok

15:17:10.0924 5968 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

15:17:10.0955 5968 usbcir - ok

15:17:10.0971 5968 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

15:17:11.0002 5968 usbehci - ok

15:17:11.0033 5968 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

15:17:11.0049 5968 usbhub - ok

15:17:11.0095 5968 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

15:17:11.0111 5968 usbohci - ok

15:17:11.0142 5968 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

15:17:11.0173 5968 usbprint - ok

15:17:11.0189 5968 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS

15:17:11.0236 5968 USBSTOR - ok

15:17:11.0251 5968 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

15:17:11.0267 5968 usbuhci - ok

15:17:11.0329 5968 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

15:17:11.0345 5968 usbvideo - ok

15:17:11.0376 5968 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

15:17:11.0392 5968 vdrvroot - ok

15:17:11.0439 5968 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

15:17:11.0454 5968 vga - ok

15:17:11.0470 5968 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

15:17:11.0501 5968 VgaSave - ok

15:17:11.0548 5968 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

15:17:11.0548 5968 vhdmp - ok

15:17:11.0579 5968 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

15:17:11.0595 5968 viaide - ok

15:17:11.0610 5968 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

15:17:11.0626 5968 volmgr - ok

15:17:11.0657 5968 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

15:17:11.0673 5968 volmgrx - ok

15:17:11.0704 5968 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

15:17:11.0719 5968 volsnap - ok

15:17:11.0751 5968 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

15:17:11.0766 5968 vsmraid - ok

15:17:11.0782 5968 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

15:17:11.0829 5968 vwifibus - ok

15:17:11.0844 5968 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

15:17:11.0891 5968 vwififlt - ok

15:17:11.0985 5968 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

15:17:12.0000 5968 vwifimp - ok

15:17:12.0031 5968 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

15:17:12.0047 5968 WacomPen - ok

15:17:12.0109 5968 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

15:17:12.0156 5968 WANARP - ok

15:17:12.0156 5968 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

15:17:12.0187 5968 Wanarpv6 - ok

15:17:12.0312 5968 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

15:17:12.0328 5968 Wd - ok

15:17:12.0359 5968 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

15:17:12.0375 5968 Wdf01000 - ok

15:17:12.0421 5968 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

15:17:12.0453 5968 WfpLwf - ok

15:17:12.0484 5968 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys

15:17:12.0499 5968 WimFltr - ok

15:17:12.0531 5968 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

15:17:12.0546 5968 WIMMount - ok

15:17:12.0624 5968 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

15:17:12.0655 5968 WmiAcpi - ok

15:17:12.0780 5968 WRkrn (1478e6e6f5f9df5d2201b28440c5c2ad) C:\Windows\system32\drivers\WRkrn.sys

15:17:12.0796 5968 WRkrn - ok

15:17:12.0843 5968 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

15:17:12.0889 5968 ws2ifsl - ok

15:17:12.0936 5968 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

15:17:12.0967 5968 WudfPf - ok

15:17:13.0045 5968 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

15:17:13.0092 5968 WUDFRd - ok

15:17:13.0123 5968 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

15:17:13.0295 5968 \Device\Harddisk0\DR0 - ok

15:17:13.0295 5968 Boot (0x1200) (e576322af891f9efd16ce8de647055fc) \Device\Harddisk0\DR0\Partition0

15:17:13.0295 5968 \Device\Harddisk0\DR0\Partition0 - ok

15:17:13.0295 5968 ============================================================

15:17:13.0295 5968 Scan finished

15:17:13.0295 5968 ============================================================

15:17:13.0311 4296 Detected object count: 0

15:17:13.0311 4296 Actual detected object count: 0

15:18:13.0121 2512 ============================================================

15:18:13.0121 2512 Scan started

15:18:13.0121 2512 Mode: Manual; SigCheck; TDLFS;

15:18:13.0121 2512 ============================================================

15:18:13.0870 2512 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

15:18:13.0886 2512 1394ohci - ok

15:18:13.0901 2512 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

15:18:13.0917 2512 ACPI - ok

15:18:13.0932 2512 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

15:18:13.0948 2512 AcpiPmi - ok

15:18:13.0995 2512 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

15:18:14.0010 2512 adp94xx - ok

15:18:14.0026 2512 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

15:18:14.0026 2512 adpahci - ok

15:18:14.0042 2512 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

15:18:14.0057 2512 adpu320 - ok

15:18:14.0104 2512 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys

15:18:14.0120 2512 AFD - ok

15:18:14.0151 2512 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

15:18:14.0166 2512 agp440 - ok

15:18:14.0182 2512 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

15:18:14.0198 2512 aliide - ok

15:18:14.0213 2512 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

15:18:14.0229 2512 amdide - ok

15:18:14.0260 2512 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

15:18:14.0276 2512 AmdK8 - ok

15:18:14.0291 2512 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

15:18:14.0307 2512 AmdPPM - ok

15:18:14.0338 2512 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

15:18:14.0354 2512 amdsata - ok

15:18:14.0369 2512 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

15:18:14.0385 2512 amdsbs - ok

15:18:14.0400 2512 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

15:18:14.0416 2512 amdxata - ok

15:18:14.0447 2512 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

15:18:14.0478 2512 AppID - ok

15:18:14.0525 2512 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

15:18:14.0541 2512 arc - ok

15:18:14.0556 2512 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

15:18:14.0572 2512 arcsas - ok

15:18:14.0619 2512 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

15:18:14.0634 2512 ASMMAP64 - ok

15:18:14.0712 2512 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

15:18:14.0744 2512 AsyncMac - ok

15:18:14.0790 2512 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

15:18:14.0790 2512 atapi - ok

15:18:14.0837 2512 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\Windows\system32\DRIVERS\athrx.sys

15:18:14.0853 2512 athr - ok

15:18:14.0915 2512 ATKWMIACPIIO (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

15:18:14.0931 2512 ATKWMIACPIIO - ok

15:18:15.0024 2512 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

15:18:15.0056 2512 b06bdrv - ok

15:18:15.0071 2512 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

15:18:15.0087 2512 b57nd60a - ok

15:18:15.0102 2512 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

15:18:15.0134 2512 Beep - ok

15:18:15.0149 2512 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

15:18:15.0165 2512 blbdrive - ok

15:18:15.0212 2512 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

15:18:15.0212 2512 bowser - ok

15:18:15.0258 2512 bpenum (f46dd257fad7d2d097ef32e72220a06c) C:\Windows\system32\DRIVERS\bpenum.sys

15:18:15.0258 2512 bpenum - ok

15:18:15.0274 2512 bpmp (e82060aed0f28ed8909f2b07fa276185) C:\Windows\system32\DRIVERS\bpmp.sys

15:18:15.0290 2512 bpmp - ok

15:18:15.0305 2512 bpusb (fc6313a5a45c1ae53d0491f0057d5a4d) C:\Windows\system32\Drivers\bpusb.sys

15:18:15.0305 2512 bpusb - ok

15:18:15.0336 2512 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

15:18:15.0352 2512 BrFiltLo - ok

15:18:15.0368 2512 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

15:18:15.0383 2512 BrFiltUp - ok

15:18:15.0399 2512 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

15:18:15.0414 2512 Brserid - ok

15:18:15.0446 2512 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

15:18:15.0446 2512 BrSerWdm - ok

15:18:15.0461 2512 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

15:18:15.0477 2512 BrUsbMdm - ok

15:18:15.0492 2512 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

15:18:15.0508 2512 BrUsbSer - ok

15:18:15.0524 2512 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

15:18:15.0539 2512 BTHMODEM - ok

15:18:15.0555 2512 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

15:18:15.0586 2512 cdfs - ok

15:18:15.0617 2512 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

15:18:15.0633 2512 cdrom - ok

15:18:15.0664 2512 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

15:18:15.0680 2512 circlass - ok

15:18:15.0726 2512 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

15:18:15.0742 2512 CLFS - ok

15:18:15.0758 2512 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

15:18:15.0773 2512 CmBatt - ok

15:18:15.0804 2512 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

15:18:15.0820 2512 cmdide - ok

15:18:15.0867 2512 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

15:18:15.0882 2512 CNG - ok

15:18:15.0898 2512 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

15:18:15.0898 2512 Compbatt - ok

15:18:15.0914 2512 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

15:18:15.0929 2512 CompositeBus - ok

15:18:15.0960 2512 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

15:18:15.0976 2512 crcdisk - ok

15:18:16.0023 2512 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

15:18:16.0054 2512 DfsC - ok

15:18:16.0070 2512 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

15:18:16.0101 2512 discache - ok

15:18:16.0116 2512 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

15:18:16.0116 2512 Disk - ok

15:18:16.0148 2512 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

15:18:16.0163 2512 drmkaud - ok

15:18:16.0210 2512 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

15:18:16.0226 2512 DXGKrnl - ok

15:18:16.0241 2512 EagleX64 - ok

15:18:16.0319 2512 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

15:18:16.0350 2512 ebdrv - ok

15:18:16.0397 2512 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

15:18:16.0413 2512 elxstor - ok

15:18:16.0444 2512 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

15:18:16.0460 2512 ErrDev - ok

15:18:16.0475 2512 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

15:18:16.0506 2512 exfat - ok

15:18:16.0538 2512 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

15:18:16.0569 2512 fastfat - ok

15:18:16.0584 2512 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

15:18:16.0600 2512 fdc - ok

15:18:16.0616 2512 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

15:18:16.0631 2512 FileInfo - ok

15:18:16.0647 2512 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

15:18:16.0678 2512 Filetrace - ok

15:18:16.0694 2512 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

15:18:16.0709 2512 flpydisk - ok

15:18:16.0756 2512 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

15:18:16.0756 2512 FltMgr - ok

15:18:16.0803 2512 FLxHCIc (d0adbcf2a5316d23ef67dfaa02d5d544) C:\Windows\system32\DRIVERS\FLxHCIc.sys

15:18:16.0818 2512 FLxHCIc - ok

15:18:16.0834 2512 FLxHCIh (f9b6db9727ad2f14ecf84e43eb5279f7) C:\Windows\system32\DRIVERS\FLxHCIh.sys

15:18:16.0850 2512 FLxHCIh - ok

15:18:16.0881 2512 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

15:18:16.0896 2512 FsDepends - ok

15:18:16.0912 2512 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

15:18:16.0928 2512 fssfltr - ok

15:18:16.0943 2512 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

15:18:16.0959 2512 Fs_Rec - ok

15:18:16.0990 2512 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

15:18:17.0006 2512 fvevol - ok

15:18:17.0037 2512 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

15:18:17.0037 2512 gagp30kx - ok

15:18:17.0068 2512 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

15:18:17.0084 2512 hcw85cir - ok

15:18:17.0115 2512 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

15:18:17.0130 2512 HdAudAddService - ok

15:18:17.0162 2512 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

15:18:17.0177 2512 HDAudBus - ok

15:18:17.0208 2512 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

15:18:17.0224 2512 HidBatt - ok

15:18:17.0240 2512 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

15:18:17.0255 2512 HidBth - ok

15:18:17.0286 2512 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

15:18:17.0286 2512 HidIr - ok

15:18:17.0333 2512 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

15:18:17.0349 2512 HidUsb - ok

15:18:17.0364 2512 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

15:18:17.0380 2512 HpSAMD - ok

15:18:17.0427 2512 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

15:18:17.0458 2512 HTTP - ok

15:18:17.0505 2512 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

15:18:17.0505 2512 hwpolicy - ok

15:18:17.0552 2512 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

15:18:17.0567 2512 i8042prt - ok

15:18:17.0598 2512 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys

15:18:17.0614 2512 iaStor - ok

15:18:17.0661 2512 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

15:18:17.0676 2512 iaStorV - ok

15:18:17.0723 2512 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

15:18:17.0723 2512 iirsp - ok

15:18:17.0801 2512 IntcAzAudAddService (028e40182a6f0374978c755f85b9f07c) C:\Windows\system32\drivers\RTKVHD64.sys

15:18:17.0848 2512 IntcAzAudAddService - ok

15:18:17.0895 2512 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

15:18:17.0910 2512 intelide - ok

15:18:17.0942 2512 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

15:18:17.0957 2512 intelppm - ok

15:18:18.0004 2512 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:18:18.0020 2512 IpFilterDriver - ok

15:18:18.0066 2512 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

15:18:18.0082 2512 IPMIDRV - ok

15:18:18.0113 2512 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

15:18:18.0144 2512 IPNAT - ok

15:18:18.0160 2512 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

15:18:18.0176 2512 IRENUM - ok

15:18:18.0222 2512 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

15:18:18.0222 2512 isapnp - ok

15:18:18.0254 2512 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

15:18:18.0269 2512 iScsiPrt - ok

15:18:18.0285 2512 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

15:18:18.0300 2512 kbdclass - ok

15:18:18.0316 2512 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

15:18:18.0316 2512 kbdhid - ok

15:18:18.0347 2512 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys

15:18:18.0363 2512 kbfiltr - ok

15:18:18.0394 2512 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

15:18:18.0410 2512 KSecDD - ok

15:18:18.0425 2512 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

15:18:18.0441 2512 KSecPkg - ok

15:18:18.0472 2512 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

15:18:18.0503 2512 ksthunk - ok

15:18:18.0519 2512 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

15:18:18.0550 2512 lltdio - ok

15:18:18.0566 2512 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

15:18:18.0581 2512 LSI_FC - ok

15:18:18.0597 2512 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

15:18:18.0612 2512 LSI_SAS - ok

15:18:18.0628 2512 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

15:18:18.0628 2512 LSI_SAS2 - ok

15:18:18.0659 2512 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

15:18:18.0659 2512 LSI_SCSI - ok

15:18:18.0690 2512 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

15:18:18.0722 2512 luafv - ok

15:18:18.0768 2512 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

15:18:18.0784 2512 MBAMProtector - ok

15:18:18.0831 2512 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys

15:18:18.0831 2512 MBfilt - ok

15:18:18.0909 2512 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

15:18:18.0909 2512 megasas - ok

15:18:18.0940 2512 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

15:18:18.0956 2512 MegaSR - ok

15:18:18.0987 2512 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys

15:18:19.0002 2512 MEIx64 - ok

15:18:19.0034 2512 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

15:18:19.0065 2512 Modem - ok

15:18:19.0080 2512 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

15:18:19.0096 2512 monitor - ok

15:18:19.0127 2512 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

15:18:19.0143 2512 mouclass - ok

15:18:19.0174 2512 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

15:18:19.0190 2512 mouhid - ok

15:18:19.0221 2512 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

15:18:19.0236 2512 mountmgr - ok

15:18:19.0283 2512 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

15:18:19.0283 2512 mpio - ok

15:18:19.0330 2512 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

15:18:19.0361 2512 mpsdrv - ok

15:18:19.0392 2512 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

15:18:19.0408 2512 MRxDAV - ok

15:18:19.0455 2512 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

15:18:19.0455 2512 mrxsmb - ok

15:18:19.0502 2512 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:18:19.0517 2512 mrxsmb10 - ok

15:18:19.0533 2512 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:18:19.0548 2512 mrxsmb20 - ok

15:18:19.0580 2512 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

15:18:19.0595 2512 msahci - ok

15:18:19.0611 2512 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

15:18:19.0626 2512 msdsm - ok

15:18:19.0658 2512 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

15:18:19.0689 2512 Msfs - ok

15:18:19.0704 2512 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

15:18:19.0736 2512 mshidkmdf - ok

15:18:19.0782 2512 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

15:18:19.0782 2512 msisadrv - ok

15:18:19.0829 2512 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

15:18:19.0845 2512 MSKSSRV - ok

15:18:19.0860 2512 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

15:18:19.0892 2512 MSPCLOCK - ok

15:18:19.0907 2512 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

15:18:19.0938 2512 MSPQM - ok

15:18:19.0970 2512 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

15:18:19.0985 2512 MsRPC - ok

15:18:20.0032 2512 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

15:18:20.0032 2512 mssmbios - ok

15:18:20.0079 2512 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

15:18:20.0110 2512 MSTEE - ok

15:18:20.0126 2512 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

15:18:20.0126 2512 MTConfig - ok

15:18:20.0157 2512 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

15:18:20.0157 2512 Mup - ok

15:18:20.0188 2512 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

15:18:20.0204 2512 NativeWifiP - ok

15:18:20.0250 2512 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

15:18:20.0266 2512 NDIS - ok

15:18:20.0313 2512 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

15:18:20.0344 2512 NdisCap - ok

15:18:20.0344 2512 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

15:18:20.0375 2512 NdisTapi - ok

15:18:20.0453 2512 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

15:18:20.0469 2512 Ndisuio - ok

15:18:20.0516 2512 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

15:18:20.0547 2512 NdisWan - ok

15:18:20.0594 2512 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

15:18:20.0609 2512 NDProxy - ok

15:18:20.0640 2512 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

15:18:20.0672 2512 NetBIOS - ok

15:18:20.0718 2512 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

15:18:20.0750 2512 NetBT - ok

15:18:20.0874 2512 NETwNs64 (eb43840babf5589e33186d094de7381d) C:\Windows\system32\DRIVERS\NETwNs64.sys

15:18:20.0952 2512 NETwNs64 - ok

15:18:20.0999 2512 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

15:18:21.0015 2512 nfrd960 - ok

15:18:21.0030 2512 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

15:18:21.0062 2512 Npfs - ok

15:18:21.0077 2512 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

15:18:21.0108 2512 nsiproxy - ok

15:18:21.0171 2512 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

15:18:21.0202 2512 Ntfs - ok

15:18:21.0264 2512 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

15:18:21.0296 2512 Null - ok

15:18:21.0327 2512 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys

15:18:21.0327 2512 NVHDA - ok

15:18:21.0545 2512 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys

15:18:21.0701 2512 nvlddmkm - ok

15:18:21.0764 2512 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

15:18:21.0779 2512 nvraid - ok

15:18:21.0795 2512 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

15:18:21.0810 2512 nvstor - ok

15:18:21.0842 2512 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

15:18:21.0857 2512 nv_agp - ok

15:18:21.0873 2512 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

15:18:21.0888 2512 ohci1394 - ok

15:18:21.0935 2512 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

15:18:21.0951 2512 Parport - ok

15:18:21.0982 2512 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

15:18:21.0998 2512 partmgr - ok

15:18:22.0044 2512 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

15:18:22.0044 2512 pci - ok

15:18:22.0076 2512 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

15:18:22.0076 2512 pciide - ok

15:18:22.0107 2512 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

15:18:22.0122 2512 pcmcia - ok

15:18:22.0138 2512 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

15:18:22.0154 2512 pcw - ok

15:18:22.0169 2512 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

15:18:22.0216 2512 PEAUTH - ok

15:18:22.0278 2512 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

15:18:22.0310 2512 PptpMiniport - ok

15:18:22.0356 2512 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

15:18:22.0356 2512 Processor - ok

15:18:22.0403 2512 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

15:18:22.0434 2512 Psched - ok

15:18:22.0481 2512 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys

15:18:22.0481 2512 PxHlpa64 - ok

15:18:22.0544 2512 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

15:18:22.0575 2512 ql2300 - ok

15:18:22.0622 2512 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

15:18:22.0637 2512 ql40xx - ok

15:18:22.0653 2512 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

15:18:22.0668 2512 QWAVEdrv - ok

15:18:22.0684 2512 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

15:18:22.0715 2512 RasAcd - ok

15:18:22.0746 2512 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

15:18:22.0778 2512 RasAgileVpn - ok

15:18:22.0824 2512 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

15:18:22.0856 2512 Rasl2tp - ok

15:18:22.0871 2512 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

15:18:22.0902 2512 RasPppoe - ok

15:18:22.0918 2512 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

15:18:22.0949 2512 RasSstp - ok

15:18:22.0980 2512 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

15:18:23.0012 2512 rdbss - ok

15:18:23.0043 2512 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

15:18:23.0058 2512 rdpbus - ok

15:18:23.0074 2512 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

15:18:23.0105 2512 RDPCDD - ok

15:18:23.0121 2512 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

15:18:23.0152 2512 RDPENCDD - ok

15:18:23.0168 2512 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

15:18:23.0199 2512 RDPREFMP - ok

15:18:23.0246 2512 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

15:18:23.0261 2512 RDPWD - ok

15:18:23.0308 2512 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

15:18:23.0324 2512 rdyboost - ok

15:18:23.0355 2512 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

15:18:23.0386 2512 rspndr - ok

15:18:23.0433 2512 RSUSBVSTOR (e57fac2cdb73f06586ed2ed310b80932) C:\Windows\system32\Drivers\RtsUVStor.sys

15:18:23.0448 2512 RSUSBVSTOR - ok

15:18:23.0464 2512 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\Windows\system32\DRIVERS\Rt64win7.sys

15:18:23.0464 2512 RTL8167 - ok

15:18:23.0511 2512 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

15:18:23.0526 2512 sbp2port - ok

15:18:23.0558 2512 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

15:18:23.0589 2512 scfilter - ok

15:18:23.0620 2512 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

15:18:23.0651 2512 secdrv - ok

15:18:23.0682 2512 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

15:18:23.0682 2512 Serenum - ok

15:18:23.0698 2512 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

15:18:23.0714 2512 Serial - ok

15:18:23.0745 2512 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

15:18:23.0760 2512 sermouse - ok

15:18:23.0776 2512 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

15:18:23.0792 2512 sffdisk - ok

15:18:23.0807 2512 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

15:18:23.0823 2512 sffp_mmc - ok

15:18:23.0838 2512 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

15:18:23.0854 2512 sffp_sd - ok

15:18:23.0885 2512 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

15:18:23.0901 2512 sfloppy - ok

15:18:23.0948 2512 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys

15:18:23.0963 2512 Sftfs - ok

15:18:23.0994 2512 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys

15:18:24.0010 2512 Sftplay - ok

15:18:24.0041 2512 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys

15:18:24.0041 2512 Sftredir - ok

15:18:24.0088 2512 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys

15:18:24.0088 2512 Sftvol - ok

15:18:24.0135 2512 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys

15:18:24.0150 2512 SiSGbeLH - ok

15:18:24.0166 2512 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

15:18:24.0182 2512 SiSRaid2 - ok

15:18:24.0197 2512 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

15:18:24.0197 2512 SiSRaid4 - ok

15:18:24.0228 2512 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

15:18:24.0244 2512 Smb - ok

15:18:24.0275 2512 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

15:18:24.0275 2512 spldr - ok

15:18:24.0322 2512 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

15:18:24.0338 2512 srv - ok

15:18:24.0353 2512 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

15:18:24.0369 2512 srv2 - ok

15:18:24.0400 2512 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

15:18:24.0400 2512 srvnet - ok

15:18:24.0447 2512 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

15:18:24.0462 2512 stexstor - ok

15:18:24.0494 2512 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

15:18:24.0509 2512 swenum - ok

15:18:24.0556 2512 SynTP (bc642d540aedf9a253c74d10c848ebd2) C:\Windows\system32\DRIVERS\SynTP.sys

15:18:24.0587 2512 SynTP - ok

15:18:24.0650 2512 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

15:18:24.0681 2512 Tcpip - ok

15:18:24.0743 2512 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

15:18:24.0774 2512 TCPIP6 - ok

15:18:24.0821 2512 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

15:18:24.0852 2512 tcpipreg - ok

15:18:24.0899 2512 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

15:18:24.0915 2512 TDPIPE - ok

15:18:24.0946 2512 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

15:18:24.0962 2512 TDTCP - ok

15:18:25.0008 2512 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

15:18:25.0040 2512 tdx - ok

15:18:25.0086 2512 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

15:18:25.0102 2512 TermDD - ok

15:18:25.0133 2512 tmactmon (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\Windows\system32\DRIVERS\tmactmon.sys

15:18:25.0133 2512 tmactmon - ok

15:18:25.0149 2512 tmcomm (360e61217d4e1e333583d0c721057f70) C:\Windows\system32\DRIVERS\tmcomm.sys

15:18:25.0164 2512 tmcomm - ok

15:18:25.0180 2512 tmevtmgr (699d34eb7c670139ca23a65372bd5743) C:\Windows\system32\DRIVERS\tmevtmgr.sys

15:18:25.0180 2512 tmevtmgr - ok

15:18:25.0196 2512 tmtdi (262198efb734012bfcd17e7479ae4a09) C:\Windows\system32\DRIVERS\tmtdi.sys

15:18:25.0196 2512 tmtdi - ok

15:18:25.0242 2512 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

15:18:25.0274 2512 tssecsrv - ok

15:18:25.0305 2512 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

15:18:25.0320 2512 TsUsbFlt - ok

15:18:25.0367 2512 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

15:18:25.0398 2512 tunnel - ok

15:18:25.0430 2512 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys

15:18:25.0430 2512 TurboB - ok

15:18:25.0476 2512 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

15:18:25.0476 2512 uagp35 - ok

15:18:25.0523 2512 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

15:18:25.0539 2512 udfs - ok

15:18:25.0586 2512 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

15:18:25.0586 2512 uliagpkx - ok

15:18:25.0617 2512 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

15:18:25.0632 2512 umbus - ok

15:18:25.0648 2512 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

15:18:25.0664 2512 UmPass - ok

15:18:25.0710 2512 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

15:18:25.0710 2512 usbaudio - ok

15:18:25.0757 2512 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

15:18:25.0773 2512 usbccgp - ok

15:18:25.0788 2512 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

15:18:25.0804 2512 usbcir - ok

15:18:25.0820 2512 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

15:18:25.0835 2512 usbehci - ok

15:18:25.0866 2512 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

15:18:25.0866 2512 usbhub - ok

15:18:25.0913 2512 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

15:18:25.0913 2512 usbohci - ok

15:18:25.0960 2512 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

15:18:25.0960 2512 usbprint - ok

15:18:26.0007 2512 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS

15:18:26.0022 2512 USBSTOR - ok

15:18:26.0038 2512 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

15:18:26.0054 2512 usbuhci - ok

15:18:26.0100 2512 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

15:18:26.0116 2512 usbvideo - ok

15:18:26.0132 2512 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

15:18:26.0132 2512 vdrvroot - ok

15:18:26.0178 2512 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

15:18:26.0178 2512 vga - ok

15:18:26.0194 2512 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

15:18:26.0225 2512 VgaSave - ok

15:18:26.0288 2512 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

15:18:26.0288 2512 vhdmp - ok

15:18:26.0319 2512 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

15:18:26.0319 2512 viaide - ok

15:18:26.0350 2512 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

15:18:26.0366 2512 volmgr - ok

15:18:26.0397 2512 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

15:18:26.0412 2512 volmgrx - ok

15:18:26.0459 2512 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

15:18:26.0475 2512 volsnap - ok

15:18:26.0568 2512 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

15:18:26.0584 2512 vsmraid - ok

15:18:26.0600 2512 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

15:18:26.0615 2512 vwifibus - ok

15:18:26.0631 2512 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

15:18:26.0646 2512 vwififlt - ok

15:18:26.0662 2512 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

15:18:26.0678 2512 vwifimp - ok

15:18:26.0693 2512 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

15:18:26.0709 2512 WacomPen - ok

15:18:26.0756 2512 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

15:18:26.0787 2512 WANARP - ok

15:18:26.0787 2512 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

15:18:26.0818 2512 Wanarpv6 - ok

15:18:26.0880 2512 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

15:18:26.0880 2512 Wd - ok

15:18:26.0912 2512 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

15:18:26.0927 2512 Wdf01000 - ok

15:18:26.0958 2512 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

15:18:26.0990 2512 WfpLwf - ok

15:18:27.0021 2512 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys

15:18:27.0036 2512 WimFltr - ok

15:18:27.0068 2512 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

15:18:27.0068 2512 WIMMount - ok

15:18:27.0114 2512 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

15:18:27.0130 2512 WmiAcpi - ok

15:18:27.0177 2512 WRkrn (1478e6e6f5f9df5d2201b28440c5c2ad) C:\Windows\system32\drivers\WRkrn.sys

15:18:27.0177 2512 WRkrn - ok

15:18:27.0208 2512 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

15:18:27.0224 2512 ws2ifsl - ok

15:18:27.0270 2512 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

15:18:27.0302 2512 WudfPf - ok

15:18:27.0333 2512 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

15:18:27.0364 2512 WUDFRd - ok

15:18:27.0380 2512 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

15:18:27.0536 2512 \Device\Harddisk0\DR0 - ok

15:18:27.0536 2512 Boot (0x1200) (e576322af891f9efd16ce8de647055fc) \Device\Harddisk0\DR0\Partition0

15:18:27.0551 2512 \Device\Harddisk0\DR0\Partition0 - ok

15:18:27.0551 2512 ============================================================

15:18:27.0551 2512 Scan finished

15:18:27.0551 2512 ============================================================

15:18:27.0551 1144 Detected object count: 0

15:18:27.0551 1144 Actual detected object count: 0

Link to post
Share on other sites

So far everything is clean.

Download aswMBR to your desktop.

http://public.avast....erek/aswMBR.exe

Double click the aswMBR.exe to run it.

If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".

Click the "Scan" button to start scan.

On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

MrC

Link to post
Share on other sites

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.