Jump to content

Ping.exe and Trojan.dropper.bcminer and redirecting internet


Recommended Posts

I've been having this issue ongoing for nearly two weeks... I have followed numerous topics on trying to remove this virus and stop the redirecting/random advertisements playing on my computer. In my processes I have Ping.exe and Malware detects the Bcminer... Attached are logs that I normally see requested when providing assistance. I have gone through numerous different topics and followed all of there instructions to no avail, so hopefully tailored service may help my situation. I would appreciate any assistance Malwarebytes may provide :)

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.4.1

Run by napdizzle at 15:56:58 on 2012-06-17

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4095.2038 [GMT -5:00]

.

AV: Microsoft Security Essentials *Disabled/Outdated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Disabled/Outdated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\atieclxx.exe

C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe

C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe

C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe

C:\Program Files\Microsoft LifeCam\MSCamS64.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files\Zune\ZuneLauncher.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Windows\SysWOW64\Ctxfihlp.exe

C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\SysWOW64\ping.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll

uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"

uRun: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent

uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

uRun: [Google Update] "C:\Users\napdizzle\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"

mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"

mRun: [CTxfiHlp] CTXFIHLP.EXE

mRun: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AMLDEV~1.LNK - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL

LSP: mswsock.dll

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{249BD807-FFCF-443B-90E5-952C3A29DE0F} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{67986829-03FE-4B19-B19C-30F44ABEFE5B} : DhcpNameServer = 10.36.16.1

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll

BHO-X64: AMD SteadyVideo BHO - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

BHO-X64: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll

BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun-x64: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"

mRun-x64: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"

mRun-x64: [CTxfiHlp] CTXFIHLP.EXE

mRun-x64: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\napdizzle\AppData\Roaming\Mozilla\Firefox\Profiles\8dpkf5f0.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/|www.gmail.com

FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll

FF - plugin: C:\Program Files (x86)\Download Manager\npfpdlm.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\napdizzle\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Users\napdizzle\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-2-14 361984]

R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-1-3 55936]

R2 cpuz133;cpuz133;\??\C:\Windows\system32\drivers\cpuz133_x64.sys --> C:\Windows\system32\drivers\cpuz133_x64.sys [?]

R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-4-10 542552]

R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -product HSS --> C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -product HSS [?]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-22 654408]

R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]

R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]

R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\system32\Drivers\nx6000.sys --> C:\Windows\system32\Drivers\nx6000.sys [?]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

S2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-1-3 55936]

S2 PEVSystemStart;PEVSystemStart;C:\32788R22FWJFW\pev.3XE [2011-6-26 256000]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-1-31 79360]

S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]

S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]

S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 113120]

S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]

S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2010-9-23 306416]

.

=============== Created Last 30 ================

.

2012-06-17 20:44:36 -------- d-----w- C:\Users\napdizzle\AppData\Local\{CE85CE9E-B705-41A9-A4EE-3BA45ADB3D9A}

2012-06-17 17:48:03 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll

2012-06-17 17:48:03 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll

2012-06-16 06:37:17 -------- d-----w- C:\Users\napdizzle\AppData\Local\{00121ED0-6BA3-4EB4-8901-ED00E2FE8D61}

2012-06-13 02:10:36 561992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor12.dll

2012-06-13 02:10:10 -------- d-----w- C:\update

2012-06-13 02:10:10 -------- d-----w- C:\hsswd

2012-06-13 02:10:10 -------- d-----w- C:\hssff

2012-06-13 02:10:09 -------- d-----w- C:\ProgramData\Hotspot Shield

2012-06-12 02:03:59 -------- d-----w- C:\Users\napdizzle\AppData\Local\Skyrim

2012-06-12 01:26:51 -------- d-----w- C:\Users\napdizzle\AppData\Local\{417C1B19-9E0F-4373-85A1-530EF725C547}

2012-06-12 01:06:19 78680 ----a-w- C:\Windows\System32\XAPOFX1_4.dll

2012-06-12 01:06:19 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_4.dll

2012-06-12 01:06:19 530776 ----a-w- C:\Windows\System32\XAudio2_6.dll

2012-06-12 01:06:19 528216 ----a-w- C:\Windows\SysWow64\XAudio2_6.dll

2012-06-12 01:06:18 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll

2012-06-12 01:06:18 238936 ----a-w- C:\Windows\SysWow64\xactengine3_6.dll

2012-06-12 01:06:18 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll

2012-06-12 01:06:18 176984 ----a-w- C:\Windows\System32\xactengine3_6.dll

2012-06-12 01:01:38 -------- d-----w- C:\Program Files (x86)\The Elder Scrolls V Skyrim

2012-06-12 00:34:51 -------- d-----w- C:\Program Files (x86)\Oracle

2012-06-12 00:34:34 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-06-11 13:26:26 -------- d-----w- C:\Users\napdizzle\AppData\Local\{06E32F9D-600F-46A4-A06C-13207BEB2174}

2012-06-11 13:26:15 -------- d-----w- C:\Users\napdizzle\AppData\Local\{64AF2943-7B43-4284-A562-3D3E352A2DF3}

2012-06-11 01:34:31 98816 ----a-w- C:\Windows\sed.exe

2012-06-11 01:34:31 518144 ----a-w- C:\Windows\SWREG.exe

2012-06-11 01:34:31 256000 ----a-w- C:\Windows\PEV.exe

2012-06-11 01:34:31 208896 ----a-w- C:\Windows\MBR.exe

2012-06-11 01:34:25 -------- d-s---w- C:\ComboFix

2012-06-11 01:25:49 -------- d-----w- C:\Users\napdizzle\AppData\Local\{89CF3D2F-66E1-4867-8E2D-CD5698DD685C}

2012-06-11 01:25:34 -------- d-----w- C:\Users\napdizzle\AppData\Local\{F355C043-FEBE-439F-91E5-C4B0D130E74F}

2012-06-11 01:24:37 -------- d-----w- C:\Windows\en

2012-06-11 01:19:41 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\46b4e4bc1cd477003\DSETUP.dll

2012-06-11 01:19:41 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\46b4e4bc1cd477003\DXSETUP.exe

2012-06-11 01:19:41 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\46b4e4bc1cd477003\dsetup32.dll

2012-06-11 01:15:52 -------- d-----w- C:\Users\napdizzle\AppData\Local\{220F9A20-E422-49BA-885B-DF5509174EE4}

2012-06-11 01:15:39 -------- d-----w- C:\Users\napdizzle\AppData\Local\{9BFAD569-CCF0-4D7A-8BCB-E0C4F119BDDE}

2012-06-11 00:32:35 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-06-10 23:36:31 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

2012-06-10 20:55:47 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D9EBB7D1-801F-425F-9DEB-22DEA6D080AF}\mpengine.dll

2012-05-30 20:53:02 -------- d-----w- C:\Users\napdizzle\AppData\Local\{ACECDD50-E09F-46BB-A07B-2D9A43BD8579}

2012-05-30 20:52:34 -------- d-----w- C:\Users\napdizzle\AppData\Local\{E0918699-3109-45AA-B4B9-8FD1DE156650}

2012-05-23 14:13:39 -------- d-----w- C:\Users\napdizzle\AppData\Local\{EAC9A3A3-B853-48B6-B69D-D48B58F97D9E}

2012-05-23 14:13:25 -------- d-----w- C:\Users\napdizzle\AppData\Local\{7F0A22DD-F753-4759-88F2-68F5E1F805A1}

2012-05-22 04:49:20 288 ----a-w- C:\Users\napdizzle\AppData\Roaming\9F513D51.reg

2012-05-22 04:34:14 -------- d-----w- C:\Users\napdizzle\AppData\Local\{4C1A56FE-673C-4191-89C1-00F7A71804CD}

2012-05-22 04:33:52 -------- d-----w- C:\Users\napdizzle\AppData\Local\{FEA777D8-6B8F-4C32-B2AB-15AA29387CC6}

.

==================== Find3M ====================

.

2012-06-11 00:32:35 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-04-04 23:47:02 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-04-04 20:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

.

============= FINISH: 15:57:51.10 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 3/8/2010 5:53:00 PM

System Uptime: 6/17/2012 3:42:59 PM (0 hours ago)

.

Motherboard: DFI Inc. | | LP DK 790FXB-M3H5

Processor: AMD Phenom™ II X4 965 Processor | Socket AM2 | 3400/200mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 699 GiB total, 109.915 GiB free.

D: is CDROM (UDF)

F: is FIXED (FAT32) - 466 GiB total, 3.472 GiB free.

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP800: 5/31/2012 3:55:17 PM - Windows Update

RP801: 6/1/2012 3:55:03 PM - Windows Update

RP802: 6/2/2012 3:55:03 PM - Windows Update

RP803: 6/3/2012 2:08:45 AM - Windows Update

RP804: 6/3/2012 3:55:00 PM - Windows Update

RP805: 6/4/2012 3:55:01 PM - Windows Update

RP806: 6/5/2012 3:55:01 PM - Windows Update

RP807: 6/6/2012 3:55:07 PM - Windows Update

RP808: 6/7/2012 3:55:01 PM - Windows Update

RP809: 6/8/2012 3:55:00 PM - Windows Update

RP810: 6/9/2012 3:55:01 PM - Windows Update

RP811: 6/10/2012 2:09:02 AM - Windows Update

RP812: 6/10/2012 3:55:18 PM - Windows Update

RP813: 6/10/2012 8:19:40 PM - Windows Live Essentials

RP814: 6/10/2012 8:21:08 PM - Installed DirectX

RP815: 6/10/2012 8:21:28 PM - Installed DirectX

RP816: 6/10/2012 8:21:55 PM - WLSetup

RP817: 6/11/2012 7:34:09 PM - Installed Java™ 7 Update 4

RP818: 6/11/2012 7:34:36 PM - Installed JavaFX 2.1.0

RP819: 6/11/2012 8:05:01 PM - Installed DirectX

.

==== Installed Programs ======================

.

µTorrent

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader 9.3

Alien Swarm

Altitude

AMD VISION Engine Control Center

ArcaniA - Gothic 4

Assassin's Creed II

ATI Catalyst Registration

Battlefield 3™ Open Beta

Battlefield: Bad Company 2

Battlelog Web Plugins

Belkin Setup and Router Monitor

Call of Duty: Black Ops

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Cities XL 2011

Counter-Strike: Source

Creative Audio Control Panel

Creative Software AutoUpdate

Creative Sound Blaster Properties x64 Edition

D3DX10

DC Universe Online Beta

Dead Space™ 2

Deus Ex - Human Revolution version 1.0

DFX for Windows Media Player

DivX Web Player

Download Manager 2.3.10

Driver Cleaner.NET

ESN Sonar

Ez_Flash

Facebook Plug-In

Fallout New Vegas

FoxTab FLV Player

GmoteServer

Google Chrome

Grand Theft Auto IV

Hotspot Shield 2.53

HP Deskjet 1000 J110 series Help

Java Auto Updater

Java™ 6 Update 26

Java™ 7 Update 4

JavaFX 2.1.0

Mafia II

Malwarebytes Anti-Malware version 1.61.0.1400

Medal of Honor™ MP Beta

Microsoft Corporation

Microsoft Games for Windows - LIVE

Microsoft Games for Windows - LIVE Redistributable

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 13.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

Need for Speed™ Hot Pursuit

NVIDIA PhysX

OpenAL

Origin

PDG Gold for NCOs - 2009

PFPortChecker 1.0.32

Portal

Portal 2

PunkBuster Services

Rockstar Games Social Club

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for 2007 Microsoft Office System (KB982312)

Security Update for 2007 Microsoft Office System (KB982331)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB982308)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office Outlook 2007 (KB980376)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office Publisher 2007 (KB982124)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB969613)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB982135)

Skype Click to Call

Skype™ 5.5

Steam

System Requirements Lab

Team Fortress 2

The Lord of the Rings FREE Trial

Tom Clancy's Splinter Cell Conviction

TVersity Codec Pack 1.4

TVersity Media Server 1.9.2

Ubisoft Game Launcher

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Outlook 2007 Junk Email Filter (kb2202131)

VC80CRTRedist - 8.0.50727.762

VLC media player 1.1.4

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

WinPcap 4.1.1

Wireshark 1.2.6

Yahoo! Messenger

Yahoo! Software Update

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

6/17/2012 3:48:23 PM, Error: Service Control Manager [7034] - The TVersityMediaServer service terminated unexpectedly. It has done this 1 time(s).

6/17/2012 3:43:36 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

6/17/2012 3:43:36 PM, Error: Service Control Manager [7000] - The AODDriver4.1 service failed to start due to the following error: The system cannot find the file specified.

6/17/2012 3:43:34 PM, Error: Service Control Manager [7000] - The NTPort Library Driver service failed to start due to the following error: This driver has been blocked from loading

6/17/2012 3:43:34 PM, Error: Application Popup [1060] - \SystemRoot\System32\drivers\zntport.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

6/17/2012 3:43:33 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

6/17/2012 3:43:33 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

6/12/2012 9:10:12 PM, Error: Service Control Manager [7034] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 1 time(s).

6/12/2012 9:10:10 PM, Error: Service Control Manager [7030] - The Hotspot Shield Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

6/10/2012 8:36:08 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.

6/10/2012 8:36:08 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.

6/10/2012 8:35:08 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Application Experience service, but this action failed with the following error: An instance of the service is already running.

6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Secondary Logon service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

6/10/2012 8:34:08 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

6/10/2012 8:34:05 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

6/10/2012 3:55:56 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

6/10/2012 2:09:37 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

.

==== End Of File ===========================

Link to post
Share on other sites

15:26:43.0817 4548 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31

15:26:44.0183 4548 ============================================================

15:26:44.0183 4548 Current date / time: 2012/06/17 15:26:44.0183

15:26:44.0183 4548 SystemInfo:

15:26:44.0184 4548

15:26:44.0184 4548 OS Version: 6.1.7600 ServicePack: 0.0

15:26:44.0184 4548 Product type: Workstation

15:26:44.0184 4548 ComputerName: NAPDIZZLE-PC

15:26:44.0184 4548 UserName: napdizzle

15:26:44.0184 4548 Windows directory: C:\Windows

15:26:44.0184 4548 System windows directory: C:\Windows

15:26:44.0184 4548 Running under WOW64

15:26:44.0184 4548 Processor architecture: Intel x64

15:26:44.0184 4548 Number of processors: 4

15:26:44.0184 4548 Page size: 0x1000

15:26:44.0184 4548 Boot type: Normal boot

15:26:44.0184 4548 ============================================================

15:26:44.0954 4548 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x17A85, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040

15:26:44.0959 4548 Drive \Device\Harddisk3\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

15:26:50.0376 4548 ============================================================

15:26:50.0376 4548 \Device\Harddisk0\DR0:

15:26:50.0377 4548 MBR partitions:

15:26:50.0377 4548 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

15:26:50.0377 4548 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x57513000

15:26:50.0377 4548 \Device\Harddisk3\DR3:

15:26:50.0378 4548 MBR partitions:

15:26:50.0378 4548 \Device\Harddisk3\DR3\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A384C02

15:26:50.0378 4548 ============================================================

15:26:50.0390 4548 C: <-> \Device\Harddisk0\DR0\Partition1

15:26:50.0391 4548 F: <-> \Device\Harddisk3\DR3\Partition0

15:26:50.0391 4548 ============================================================

15:26:50.0391 4548 Initialize success

15:26:50.0391 4548 ============================================================

15:27:08.0254 4832 ============================================================

15:27:08.0254 4832 Scan started

15:27:08.0254 4832 Mode: Manual; SigCheck; TDLFS;

15:27:08.0254 4832 ============================================================

15:27:10.0872 4832 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

15:27:10.0925 4832 1394ohci - ok

15:27:10.0957 4832 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

15:27:10.0967 4832 ACPI - ok

15:27:10.0996 4832 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

15:27:11.0022 4832 AcpiPmi - ok

15:27:11.0072 4832 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

15:27:11.0088 4832 adp94xx - ok

15:27:11.0135 4832 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

15:27:11.0145 4832 adpahci - ok

15:27:11.0159 4832 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

15:27:11.0167 4832 adpu320 - ok

15:27:11.0201 4832 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

15:27:11.0236 4832 AeLookupSvc - ok

15:27:11.0283 4832 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys

15:27:11.0335 4832 AFD - ok

15:27:11.0439 4832 AffinegyService (7e077309910ce334c3b2b7b8665a55c4) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe

15:27:11.0448 4832 AffinegyService - ok

15:27:11.0456 4832 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

15:27:11.0461 4832 agp440 - ok

15:27:11.0475 4832 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

15:27:11.0483 4832 ALG - ok

15:27:11.0485 4832 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

15:27:11.0490 4832 aliide - ok

15:27:11.0617 4832 ALSysIO - ok

15:27:11.0659 4832 AMD External Events Utility (962227630779043b5c1d4cd157abb912) C:\Windows\system32\atiesrxx.exe

15:27:11.0672 4832 AMD External Events Utility - ok

15:27:11.0741 4832 AMD FUEL Service - ok

15:27:11.0745 4832 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

15:27:11.0750 4832 amdide - ok

15:27:11.0758 4832 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys

15:27:11.0770 4832 amdiox64 - ok

15:27:11.0792 4832 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

15:27:11.0818 4832 AmdK8 - ok

15:27:12.0367 4832 amdkmdag (56d6631761ec37745f0df16bcdc4caf4) C:\Windows\system32\DRIVERS\atikmdag.sys

15:27:12.0556 4832 amdkmdag - ok

15:27:12.0727 4832 amdkmdap (2d9005ea0bfd25c740e53c8dd3c069e0) C:\Windows\system32\DRIVERS\atikmpag.sys

15:27:12.0766 4832 amdkmdap - ok

15:27:12.0793 4832 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

15:27:12.0822 4832 AmdPPM - ok

15:27:12.0849 4832 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys

15:27:12.0855 4832 amdsata - ok

15:27:12.0875 4832 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

15:27:12.0882 4832 amdsbs - ok

15:27:12.0894 4832 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys

15:27:12.0900 4832 amdxata - ok

15:27:12.0979 4832 AODDriver4.01 (0e2ba6dc63e9cf3bf275856735a3e3be) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

15:27:12.0983 4832 AODDriver4.01 - ok

15:27:12.0988 4832 AODDriver4.1 (0e2ba6dc63e9cf3bf275856735a3e3be) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

15:27:12.0992 4832 AODDriver4.1 - ok

15:27:13.0012 4832 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

15:27:13.0051 4832 AppID - ok

15:27:13.0077 4832 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

15:27:13.0111 4832 AppIDSvc - ok

15:27:13.0137 4832 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll

15:27:13.0160 4832 Appinfo - ok

15:27:13.0192 4832 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll

15:27:13.0200 4832 AppMgmt - ok

15:27:13.0219 4832 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

15:27:13.0225 4832 arc - ok

15:27:13.0240 4832 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

15:27:13.0247 4832 arcsas - ok

15:27:13.0270 4832 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

15:27:13.0311 4832 AsyncMac - ok

15:27:13.0331 4832 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

15:27:13.0336 4832 atapi - ok

15:27:13.0369 4832 AtiHDAudioService (2b3b05c0a7768bf033217eb8f33f9c35) C:\Windows\system32\drivers\AtihdW76.sys

15:27:13.0374 4832 AtiHDAudioService - ok

15:27:13.0406 4832 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys

15:27:13.0436 4832 AtiHdmiService - ok

15:27:13.0481 4832 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

15:27:13.0533 4832 AudioEndpointBuilder - ok

15:27:13.0538 4832 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

15:27:13.0563 4832 AudioSrv - ok

15:27:13.0582 4832 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll

15:27:13.0609 4832 AxInstSV - ok

15:27:13.0651 4832 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

15:27:13.0685 4832 b06bdrv - ok

15:27:13.0730 4832 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

15:27:13.0753 4832 b57nd60a - ok

15:27:13.0784 4832 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

15:27:13.0807 4832 BDESVC - ok

15:27:13.0829 4832 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

15:27:13.0864 4832 Beep - ok

15:27:13.0925 4832 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll

15:27:13.0976 4832 BITS - ok

15:27:13.0997 4832 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

15:27:14.0004 4832 blbdrive - ok

15:27:14.0013 4832 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys

15:27:14.0047 4832 bowser - ok

15:27:14.0063 4832 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

15:27:14.0071 4832 BrFiltLo - ok

15:27:14.0082 4832 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

15:27:14.0090 4832 BrFiltUp - ok

15:27:14.0105 4832 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys

15:27:14.0143 4832 BridgeMP - ok

15:27:14.0163 4832 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll

15:27:14.0204 4832 Browser - ok

15:27:14.0237 4832 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

15:27:14.0264 4832 Brserid - ok

15:27:14.0282 4832 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

15:27:14.0291 4832 BrSerWdm - ok

15:27:14.0293 4832 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

15:27:14.0302 4832 BrUsbMdm - ok

15:27:14.0305 4832 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

15:27:14.0312 4832 BrUsbSer - ok

15:27:14.0321 4832 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

15:27:14.0330 4832 BTHMODEM - ok

15:27:14.0337 4832 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

15:27:14.0379 4832 bthserv - ok

15:27:14.0408 4832 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

15:27:14.0447 4832 cdfs - ok

15:27:14.0485 4832 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

15:27:14.0508 4832 cdrom - ok

15:27:14.0551 4832 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

15:27:14.0574 4832 CertPropSvc - ok

15:27:14.0578 4832 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

15:27:14.0605 4832 circlass - ok

15:27:14.0619 4832 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

15:27:14.0629 4832 CLFS - ok

15:27:14.0682 4832 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:27:14.0688 4832 clr_optimization_v2.0.50727_32 - ok

15:27:14.0750 4832 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

15:27:14.0756 4832 clr_optimization_v2.0.50727_64 - ok

15:27:14.0764 4832 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

15:27:14.0770 4832 CmBatt - ok

15:27:14.0773 4832 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

15:27:14.0778 4832 cmdide - ok

15:27:14.0819 4832 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

15:27:14.0839 4832 CNG - ok

15:27:14.0868 4832 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

15:27:14.0873 4832 Compbatt - ok

15:27:14.0888 4832 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

15:27:14.0915 4832 CompositeBus - ok

15:27:14.0917 4832 COMSysApp - ok

15:27:14.0958 4832 cpuz133 (641243746597fbd650e5000d95811ea3) C:\Windows\system32\drivers\cpuz133_x64.sys

15:27:14.0962 4832 cpuz133 - ok

15:27:14.0973 4832 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

15:27:14.0978 4832 crcdisk - ok

15:27:15.0039 4832 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

15:27:15.0042 4832 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning

15:27:15.0042 4832 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)

15:27:15.0092 4832 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll

15:27:15.0129 4832 CryptSvc - ok

15:27:15.0166 4832 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys

15:27:15.0182 4832 CSC - ok

15:27:15.0215 4832 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll

15:27:15.0246 4832 CscService - ok

15:27:15.0279 4832 CT20XUT (b3b541b3b25adb02d793c51953b22491) C:\Windows\system32\drivers\CT20XUT.SYS

15:27:15.0286 4832 CT20XUT - ok

15:27:15.0292 4832 CT20XUT.SYS (b3b541b3b25adb02d793c51953b22491) C:\Windows\System32\drivers\CT20XUT.SYS

15:27:15.0297 4832 CT20XUT.SYS - ok

15:27:15.0332 4832 ctac32k (f2e098f140b769ae62803e89230f11a9) C:\Windows\system32\drivers\ctac32k.sys

15:27:15.0343 4832 ctac32k - ok

15:27:15.0388 4832 ctaud2k (5c315e9dabf63d9d12973585a6113066) C:\Windows\system32\drivers\ctaud2k.sys

15:27:15.0407 4832 ctaud2k - ok

15:27:15.0462 4832 CTAudSvcService (07ba6d17e66879018b30b6c3f976ebed) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

15:27:15.0483 4832 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning

15:27:15.0483 4832 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)

15:27:15.0553 4832 CTEXFIFX (59d681564c6d5cd72890082925501be9) C:\Windows\system32\drivers\CTEXFIFX.SYS

15:27:15.0582 4832 CTEXFIFX - ok

15:27:15.0738 4832 CTEXFIFX.SYS (59d681564c6d5cd72890082925501be9) C:\Windows\System32\drivers\CTEXFIFX.SYS

15:27:15.0756 4832 CTEXFIFX.SYS - ok

15:27:15.0807 4832 CTHWIUT (d0ebcff35fe9a4f9d3ca2fd6a38bee56) C:\Windows\system32\drivers\CTHWIUT.SYS

15:27:15.0812 4832 CTHWIUT - ok

15:27:15.0814 4832 CTHWIUT.SYS (d0ebcff35fe9a4f9d3ca2fd6a38bee56) C:\Windows\System32\drivers\CTHWIUT.SYS

15:27:15.0818 4832 CTHWIUT.SYS - ok

15:27:15.0831 4832 ctprxy2k (ef305cab6295b8a250a77a7fd5f9f113) C:\Windows\system32\drivers\ctprxy2k.sys

15:27:15.0834 4832 ctprxy2k - ok

15:27:15.0849 4832 ctsfm2k (01323c189318b92bb7781b911de9d62b) C:\Windows\system32\drivers\ctsfm2k.sys

15:27:15.0856 4832 ctsfm2k - ok

15:27:15.0914 4832 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

15:27:15.0956 4832 DcomLaunch - ok

15:27:16.0016 4832 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

15:27:16.0127 4832 defragsvc - ok

15:27:16.0179 4832 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys

15:27:16.0243 4832 DfsC - ok

15:27:16.0273 4832 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll

15:27:16.0287 4832 Dhcp - ok

15:27:16.0300 4832 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

15:27:16.0337 4832 discache - ok

15:27:16.0365 4832 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

15:27:16.0371 4832 Disk - ok

15:27:16.0391 4832 Dnscache (676108c4e3aa6f6b34633748bd0bebd9) C:\Windows\System32\dnsrslvr.dll

15:27:16.0429 4832 Dnscache - ok

15:27:16.0462 4832 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll

15:27:16.0498 4832 dot3svc - ok

15:27:16.0529 4832 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll

15:27:16.0553 4832 DPS - ok

15:27:16.0589 4832 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

15:27:16.0597 4832 drmkaud - ok

15:27:16.0667 4832 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys

15:27:16.0706 4832 DXGKrnl - ok

15:27:16.0728 4832 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

15:27:16.0766 4832 EapHost - ok

15:27:16.0913 4832 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

15:27:16.0992 4832 ebdrv - ok

15:27:17.0110 4832 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe

15:27:17.0118 4832 EFS - ok

15:27:17.0190 4832 ehRecvr (3d69fae60ede442e004611a4ee4db44c) C:\Windows\ehome\ehRecvr.exe

15:27:17.0211 4832 ehRecvr - ok

15:27:17.0343 4832 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

15:27:17.0351 4832 ehSched - ok

15:27:17.0392 4832 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

15:27:17.0405 4832 elxstor - ok

15:27:17.0437 4832 emupia (1b68c7ddd39811df63fc04af937be91a) C:\Windows\system32\drivers\emupia2k.sys

15:27:17.0441 4832 emupia - ok

15:27:17.0452 4832 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

15:27:17.0477 4832 ErrDev - ok

15:27:17.0516 4832 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

15:27:17.0553 4832 EventSystem - ok

15:27:17.0579 4832 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

15:27:17.0604 4832 exfat - ok

15:27:17.0615 4832 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

15:27:17.0650 4832 fastfat - ok

15:27:17.0725 4832 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe

15:27:17.0756 4832 Fax - ok

15:27:17.0777 4832 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

15:27:17.0795 4832 fdc - ok

15:27:17.0818 4832 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

15:27:17.0842 4832 fdPHost - ok

15:27:17.0851 4832 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

15:27:17.0874 4832 FDResPub - ok

15:27:17.0889 4832 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

15:27:17.0895 4832 FileInfo - ok

15:27:17.0899 4832 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

15:27:17.0922 4832 Filetrace - ok

15:27:17.0933 4832 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

15:27:17.0940 4832 flpydisk - ok

15:27:17.0960 4832 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

15:27:17.0969 4832 FltMgr - ok

15:27:18.0025 4832 FontCache (8ac4cb4ea61e41009fae9ae7b2b5da3a) C:\Windows\system32\FntCache.dll

15:27:18.0083 4832 FontCache - ok

15:27:18.0160 4832 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

15:27:18.0164 4832 FontCache3.0.0.0 - ok

15:27:18.0196 4832 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

15:27:18.0202 4832 FsDepends - ok

15:27:18.0205 4832 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

15:27:18.0210 4832 Fs_Rec - ok

15:27:18.0245 4832 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

15:27:18.0256 4832 fvevol - ok

15:27:18.0281 4832 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

15:27:18.0287 4832 gagp30kx - ok

15:27:18.0346 4832 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll

15:27:18.0384 4832 gpsvc - ok

15:27:18.0465 4832 ha20x2k (c1c61e83f44b105a4a131cb0c583174c) C:\Windows\system32\drivers\ha20x2k.sys

15:27:18.0501 4832 ha20x2k - ok

15:27:18.0595 4832 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

15:27:18.0617 4832 hcw85cir - ok

15:27:18.0653 4832 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

15:27:18.0675 4832 HdAudAddService - ok

15:27:18.0707 4832 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

15:27:18.0734 4832 HDAudBus - ok

15:27:18.0752 4832 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

15:27:18.0776 4832 HidBatt - ok

15:27:18.0799 4832 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

15:27:18.0822 4832 HidBth - ok

15:27:18.0841 4832 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

15:27:18.0868 4832 HidIr - ok

15:27:18.0887 4832 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll

15:27:18.0921 4832 hidserv - ok

15:27:18.0961 4832 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

15:27:18.0968 4832 HidUsb - ok

15:27:18.0990 4832 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll

15:27:19.0029 4832 hkmsvc - ok

15:27:19.0059 4832 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll

15:27:19.0069 4832 HomeGroupListener - ok

15:27:19.0109 4832 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll

15:27:19.0128 4832 HomeGroupProvider - ok

15:27:19.0151 4832 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

15:27:19.0157 4832 HpSAMD - ok

15:27:19.0259 4832 hshld (b7cfe93627e7796624004687125a729f) C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe

15:27:19.0268 4832 hshld - ok

15:27:19.0327 4832 HssSrv (2cfea9c337b699aca38487e8a7438f35) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe

15:27:19.0334 4832 HssSrv - ok

15:27:19.0384 4832 HssTrayService (b3c6eeeff5c5ea3235b7d84317c1fb3f) C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE

15:27:19.0389 4832 HssTrayService - ok

15:27:19.0405 4832 HssWd - ok

15:27:19.0448 4832 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

15:27:19.0482 4832 HTTP - ok

15:27:19.0488 4832 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

15:27:19.0493 4832 hwpolicy - ok

15:27:19.0513 4832 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

15:27:19.0521 4832 i8042prt - ok

15:27:19.0548 4832 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys

15:27:19.0559 4832 iaStorV - ok

15:27:19.0695 4832 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

15:27:19.0719 4832 idsvc - ok

15:27:19.0734 4832 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

15:27:19.0740 4832 iirsp - ok

15:27:19.0807 4832 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll

15:27:19.0865 4832 IKEEXT - ok

15:27:19.0880 4832 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

15:27:19.0886 4832 intelide - ok

15:27:19.0902 4832 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

15:27:19.0925 4832 intelppm - ok

15:27:19.0950 4832 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

15:27:19.0985 4832 IPBusEnum - ok

15:27:20.0005 4832 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:27:20.0028 4832 IpFilterDriver - ok

15:27:20.0040 4832 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

15:27:20.0047 4832 IPMIDRV - ok

15:27:20.0063 4832 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

15:27:20.0104 4832 IPNAT - ok

15:27:20.0158 4832 irda (05360b1ea5a2abf620d1d96ebd8bd8f1) C:\Windows\system32\DRIVERS\irda.sys

15:27:20.0182 4832 irda - ok

15:27:20.0210 4832 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

15:27:20.0219 4832 IRENUM - ok

15:27:20.0233 4832 Irmon (3848384ab383f0a8f506c4370635c1f9) C:\Windows\System32\irmon.dll

15:27:20.0255 4832 Irmon - ok

15:27:20.0291 4832 irsir (d2ca12736624ba636f8357dc3ef0757e) C:\Windows\system32\DRIVERS\irsir.sys

15:27:20.0314 4832 irsir - ok

15:27:20.0328 4832 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

15:27:20.0333 4832 isapnp - ok

15:27:20.0353 4832 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

15:27:20.0361 4832 iScsiPrt - ok

15:27:20.0380 4832 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

15:27:20.0386 4832 kbdclass - ok

15:27:20.0399 4832 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

15:27:20.0406 4832 kbdhid - ok

15:27:20.0435 4832 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe

15:27:20.0442 4832 KeyIso - ok

15:27:20.0448 4832 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

15:27:20.0454 4832 KSecDD - ok

15:27:20.0476 4832 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

15:27:20.0484 4832 KSecPkg - ok

15:27:20.0497 4832 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

15:27:20.0530 4832 ksthunk - ok

15:27:20.0574 4832 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

15:27:20.0601 4832 KtmRm - ok

15:27:20.0638 4832 LanmanServer (c926920b8978de6acfe9e15c709e9b57) C:\Windows\System32\srvsvc.dll

15:27:20.0664 4832 LanmanServer - ok

15:27:20.0708 4832 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll

15:27:20.0732 4832 LanmanWorkstation - ok

15:27:20.0770 4832 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

15:27:20.0793 4832 lltdio - ok

15:27:20.0837 4832 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

15:27:20.0877 4832 lltdsvc - ok

15:27:20.0892 4832 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

15:27:20.0914 4832 lmhosts - ok

15:27:20.0955 4832 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

15:27:20.0961 4832 LSI_FC - ok

15:27:20.0976 4832 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

15:27:20.0983 4832 LSI_SAS - ok

15:27:20.0990 4832 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

15:27:20.0996 4832 LSI_SAS2 - ok

15:27:21.0007 4832 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

15:27:21.0014 4832 LSI_SCSI - ok

15:27:21.0023 4832 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

15:27:21.0057 4832 luafv - ok

15:27:21.0112 4832 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

15:27:21.0117 4832 MBAMProtector - ok

15:27:21.0196 4832 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

15:27:21.0216 4832 MBAMService - ok

15:27:21.0245 4832 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll

15:27:21.0270 4832 Mcx2Svc - ok

15:27:21.0289 4832 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

15:27:21.0295 4832 megasas - ok

15:27:21.0313 4832 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

15:27:21.0323 4832 MegaSR - ok

15:27:21.0366 4832 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

15:27:21.0372 4832 Microsoft Office Groove Audit Service - ok

15:27:21.0387 4832 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

15:27:21.0426 4832 MMCSS - ok

15:27:21.0448 4832 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

15:27:21.0488 4832 Modem - ok

15:27:21.0520 4832 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

15:27:21.0546 4832 monitor - ok

15:27:21.0574 4832 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

15:27:21.0579 4832 mouclass - ok

15:27:21.0591 4832 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

15:27:21.0598 4832 mouhid - ok

15:27:21.0610 4832 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

15:27:21.0616 4832 mountmgr - ok

15:27:21.0686 4832 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

15:27:21.0692 4832 MozillaMaintenance - ok

15:27:21.0754 4832 MpFilter (e6ba8e5a4a871899e23d64573ef58ee9) C:\Windows\system32\DRIVERS\MpFilter.sys

15:27:21.0762 4832 MpFilter - ok

15:27:21.0779 4832 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

15:27:21.0787 4832 mpio - ok

15:27:21.0798 4832 MpNWMon (98b09a4f2c462441030b83a80a3f6fb3) C:\Windows\system32\DRIVERS\MpNWMon.sys

15:27:21.0802 4832 MpNWMon - ok

15:27:21.0811 4832 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

15:27:21.0834 4832 mpsdrv - ok

15:27:21.0860 4832 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

15:27:21.0888 4832 MRxDAV - ok

15:27:21.0913 4832 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys

15:27:21.0933 4832 mrxsmb - ok

15:27:21.0959 4832 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:27:21.0986 4832 mrxsmb10 - ok

15:27:22.0019 4832 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:27:22.0026 4832 mrxsmb20 - ok

15:27:22.0033 4832 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

15:27:22.0038 4832 msahci - ok

15:27:22.0103 4832 MSCamSvc (a592a054d78750b4d73abaa4c94decdf) C:\Program Files\Microsoft LifeCam\MSCamS64.exe

15:27:22.0109 4832 MSCamSvc - ok

15:27:22.0125 4832 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

15:27:22.0132 4832 msdsm - ok

15:27:22.0169 4832 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

15:27:22.0191 4832 MSDTC - ok

15:27:22.0211 4832 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

15:27:22.0233 4832 Msfs - ok

15:27:22.0253 4832 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

15:27:22.0275 4832 mshidkmdf - ok

15:27:22.0304 4832 MSHUSBVideo (55218f924e55fd2786ed40edf4ed79c3) C:\Windows\system32\Drivers\nx6000.sys

15:27:22.0308 4832 MSHUSBVideo - ok

15:27:22.0311 4832 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

15:27:22.0316 4832 msisadrv - ok

15:27:22.0344 4832 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

15:27:22.0394 4832 MSiSCSI - ok

15:27:22.0396 4832 msiserver - ok

15:27:22.0409 4832 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

15:27:22.0447 4832 MSKSSRV - ok

15:27:22.0475 4832 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

15:27:22.0497 4832 MSPCLOCK - ok

15:27:22.0499 4832 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

15:27:22.0531 4832 MSPQM - ok

15:27:22.0564 4832 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

15:27:22.0574 4832 MsRPC - ok

15:27:22.0585 4832 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

15:27:22.0590 4832 mssmbios - ok

15:27:22.0592 4832 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

15:27:22.0627 4832 MSTEE - ok

15:27:22.0646 4832 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

15:27:22.0665 4832 MTConfig - ok

15:27:22.0732 4832 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

15:27:22.0738 4832 Mup - ok

15:27:22.0796 4832 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll

15:27:22.0829 4832 napagent - ok

15:27:22.0888 4832 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

15:27:22.0914 4832 NativeWifiP - ok

15:27:22.0972 4832 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

15:27:22.0996 4832 NDIS - ok

15:27:23.0009 4832 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

15:27:23.0031 4832 NdisCap - ok

15:27:23.0049 4832 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

15:27:23.0071 4832 NdisTapi - ok

15:27:23.0086 4832 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

15:27:23.0122 4832 Ndisuio - ok

15:27:23.0146 4832 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

15:27:23.0169 4832 NdisWan - ok

15:27:23.0184 4832 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

15:27:23.0206 4832 NDProxy - ok

15:27:23.0214 4832 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

15:27:23.0248 4832 NetBIOS - ok

15:27:23.0274 4832 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

15:27:23.0310 4832 NetBT - ok

15:27:23.0335 4832 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe

15:27:23.0342 4832 Netlogon - ok

15:27:23.0390 4832 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

15:27:23.0432 4832 Netman - ok

15:27:23.0470 4832 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

15:27:23.0503 4832 netprofm - ok

15:27:23.0604 4832 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

15:27:23.0610 4832 NetTcpPortSharing - ok

15:27:23.0618 4832 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

15:27:23.0624 4832 nfrd960 - ok

15:27:23.0659 4832 NisDrv (3713e8452b88d3e0be095e06b6fbc776) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

15:27:23.0664 4832 NisDrv - ok

15:27:23.0763 4832 NisSrv (c67e39d2968400b38f54a10822e6eacf) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

15:27:23.0772 4832 NisSrv - ok

15:27:23.0795 4832 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll

15:27:23.0834 4832 NlaSvc - ok

15:27:23.0878 4832 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\drivers\npf.sys

15:27:23.0882 4832 NPF - ok

15:27:23.0895 4832 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

15:27:23.0917 4832 Npfs - ok

15:27:23.0943 4832 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

15:27:23.0982 4832 nsi - ok

15:27:24.0002 4832 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

15:27:24.0041 4832 nsiproxy - ok

15:27:24.0120 4832 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys

15:27:24.0154 4832 Ntfs - ok

15:27:24.0272 4832 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

15:27:24.0308 4832 Null - ok

15:27:24.0328 4832 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys

15:27:24.0335 4832 nvraid - ok

15:27:24.0353 4832 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys

15:27:24.0360 4832 nvstor - ok

15:27:24.0369 4832 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

15:27:24.0375 4832 nv_agp - ok

15:27:24.0465 4832 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

15:27:24.0481 4832 odserv - ok

15:27:24.0492 4832 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

15:27:24.0499 4832 ohci1394 - ok

15:27:24.0522 4832 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:27:24.0528 4832 ose - ok

15:27:24.0562 4832 ossrv (eb8724534cee0977eac4878812682f6b) C:\Windows\system32\drivers\ctoss2k.sys

15:27:24.0568 4832 ossrv - ok

15:27:24.0612 4832 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

15:27:24.0634 4832 p2pimsvc - ok

15:27:24.0679 4832 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

15:27:24.0697 4832 p2psvc - ok

15:27:24.0706 4832 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

15:27:24.0713 4832 Parport - ok

15:27:24.0723 4832 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

15:27:24.0728 4832 partmgr - ok

15:27:24.0747 4832 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

15:27:24.0774 4832 PcaSvc - ok

15:27:24.0800 4832 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

15:27:24.0807 4832 pci - ok

15:27:24.0819 4832 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

15:27:24.0824 4832 pciide - ok

15:27:24.0834 4832 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

15:27:24.0842 4832 pcmcia - ok

15:27:24.0854 4832 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

15:27:24.0860 4832 pcw - ok

15:27:24.0903 4832 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

15:27:24.0953 4832 PEAUTH - ok

15:27:25.0018 4832 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll

15:27:25.0061 4832 PeerDistSvc - ok

15:27:25.0132 4832 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

15:27:25.0155 4832 PerfHost - ok

15:27:25.0229 4832 PEVSystemStart - ok

15:27:25.0343 4832 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll

15:27:25.0398 4832 pla - ok

15:27:25.0459 4832 PlugPlay (23157d583244400e1d7fbaee2e4b31b7) C:\Windows\system32\umpnpmgr.dll

15:27:25.0485 4832 PlugPlay - ok

15:27:25.0498 4832 PnkBstrA - ok

15:27:25.0506 4832 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

15:27:25.0532 4832 PNRPAutoReg - ok

15:27:25.0570 4832 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

15:27:25.0579 4832 PNRPsvc - ok

15:27:25.0624 4832 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll

15:27:25.0667 4832 PolicyAgent - ok

15:27:25.0693 4832 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

15:27:25.0732 4832 Power - ok

15:27:25.0792 4832 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

15:27:25.0830 4832 PptpMiniport - ok

15:27:25.0864 4832 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

15:27:25.0885 4832 Processor - ok

15:27:25.0912 4832 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll

15:27:25.0938 4832 ProfSvc - ok

15:27:25.0968 4832 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe

15:27:25.0976 4832 ProtectedStorage - ok

15:27:26.0015 4832 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

15:27:26.0039 4832 Psched - ok

15:27:26.0113 4832 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

15:27:26.0143 4832 ql2300 - ok

15:27:26.0244 4832 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

15:27:26.0250 4832 ql40xx - ok

15:27:26.0274 4832 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

15:27:26.0286 4832 QWAVE - ok

15:27:26.0296 4832 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

15:27:26.0322 4832 QWAVEdrv - ok

15:27:26.0341 4832 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

15:27:26.0374 4832 RasAcd - ok

15:27:26.0415 4832 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

15:27:26.0437 4832 RasAgileVpn - ok

15:27:26.0471 4832 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

15:27:26.0495 4832 RasAuto - ok

15:27:26.0508 4832 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

15:27:26.0532 4832 Rasl2tp - ok

15:27:26.0551 4832 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll

15:27:26.0577 4832 RasMan - ok

15:27:26.0589 4832 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

15:27:26.0612 4832 RasPppoe - ok

15:27:26.0654 4832 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

15:27:26.0690 4832 RasSstp - ok

15:27:26.0739 4832 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

15:27:26.0782 4832 rdbss - ok

15:27:26.0824 4832 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

15:27:26.0833 4832 rdpbus - ok

15:27:26.0838 4832 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

15:27:26.0859 4832 RDPCDD - ok

15:27:26.0884 4832 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys

15:27:26.0906 4832 RDPDR - ok

15:27:26.0928 4832 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

15:27:26.0966 4832 RDPENCDD - ok

15:27:26.0980 4832 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

15:27:27.0001 4832 RDPREFMP - ok

15:27:27.0047 4832 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

15:27:27.0083 4832 RDPWD - ok

15:27:27.0124 4832 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

15:27:27.0132 4832 rdyboost - ok

15:27:27.0168 4832 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

15:27:27.0191 4832 RemoteAccess - ok

15:27:27.0240 4832 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

15:27:27.0279 4832 RemoteRegistry - ok

15:27:27.0351 4832 rpcapd (a780d3eaa74582ea1deb6bd9c7a3d9c9) C:\Program Files (x86)\WinPcap\rpcapd.exe

15:27:27.0356 4832 rpcapd - ok

15:27:27.0367 4832 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

15:27:27.0401 4832 RpcEptMapper - ok

15:27:27.0430 4832 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

15:27:27.0485 4832 RpcLocator - ok

15:27:27.0588 4832 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

15:27:27.0617 4832 RpcSs - ok

15:27:27.0632 4832 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

15:27:27.0673 4832 rspndr - ok

15:27:27.0700 4832 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys

15:27:27.0707 4832 s3cap - ok

15:27:27.0718 4832 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe

15:27:27.0725 4832 SamSs - ok

15:27:27.0739 4832 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

15:27:27.0745 4832 sbp2port - ok

15:27:27.0764 4832 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

15:27:27.0790 4832 SCardSvr - ok

15:27:27.0799 4832 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

15:27:27.0838 4832 scfilter - ok

15:27:27.0911 4832 Schedule (ec56b171f85c7e855e7b0588ac503eea) C:\Windows\system32\schedsvc.dll

15:27:27.0955 4832 Schedule - ok

15:27:27.0984 4832 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

15:27:28.0006 4832 SCPolicySvc - ok

15:27:28.0020 4832 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll

15:27:28.0029 4832 SDRSVC - ok

15:27:28.0070 4832 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

15:27:28.0110 4832 secdrv - ok

15:27:28.0129 4832 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll

15:27:28.0169 4832 seclogon - ok

15:27:28.0188 4832 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

15:27:28.0226 4832 SENS - ok

15:27:28.0242 4832 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

15:27:28.0261 4832 SensrSvc - ok

15:27:28.0276 4832 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

15:27:28.0282 4832 Serenum - ok

15:27:28.0294 4832 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

15:27:28.0301 4832 Serial - ok

15:27:28.0314 4832 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

15:27:28.0321 4832 sermouse - ok

15:27:28.0341 4832 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll

15:27:28.0365 4832 SessionEnv - ok

15:27:28.0381 4832 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

15:27:28.0404 4832 sffdisk - ok

15:27:28.0428 4832 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

15:27:28.0445 4832 sffp_mmc - ok

15:27:28.0462 4832 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys

15:27:28.0469 4832 sffp_sd - ok

15:27:28.0477 4832 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

15:27:28.0484 4832 sfloppy - ok

15:27:28.0507 4832 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll

15:27:28.0535 4832 ShellHWDetection - ok

15:27:28.0553 4832 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

15:27:28.0558 4832 SiSRaid2 - ok

15:27:28.0570 4832 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

15:27:28.0575 4832 SiSRaid4 - ok

15:27:28.0599 4832 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

15:27:28.0622 4832 Smb - ok

15:27:28.0644 4832 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

15:27:28.0652 4832 SNMPTRAP - ok

15:27:28.0659 4832 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

15:27:28.0664 4832 spldr - ok

15:27:28.0693 4832 Spooler (89e8550c5862999fcf482ea562b0e98e) C:\Windows\System32\spoolsv.exe

15:27:28.0716 4832 Spooler - ok

15:27:28.0865 4832 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe

15:27:28.0930 4832 sppsvc - ok

15:27:29.0024 4832 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

15:27:29.0048 4832 sppuinotify - ok

15:27:29.0135 4832 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys

15:27:29.0135 4832 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb

15:27:29.0137 4832 sptd ( LockedFile.Multi.Generic ) - warning

15:27:29.0137 4832 sptd - detected LockedFile.Multi.Generic (1)

15:27:29.0179 4832 srv (37c3abc2338010e110d2a6a3930f3149) C:\Windows\system32\DRIVERS\srv.sys

15:27:29.0195 4832 srv - ok

15:27:29.0243 4832 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys

15:27:29.0270 4832 srv2 - ok

15:27:29.0302 4832 srvnet (cce32bb223e9ff55d241099a858fa889) C:\Windows\system32\DRIVERS\srvnet.sys

15:27:29.0327 4832 srvnet - ok

15:27:29.0377 4832 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

15:27:29.0420 4832 SSDPSRV - ok

15:27:29.0444 4832 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

15:27:29.0468 4832 SstpSvc - ok

15:27:29.0530 4832 Steam Client Service - ok

15:27:29.0539 4832 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

15:27:29.0544 4832 stexstor - ok

15:27:29.0597 4832 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll

15:27:29.0638 4832 stisvc - ok

15:27:29.0658 4832 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys

15:27:29.0664 4832 storflt - ok

15:27:29.0682 4832 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys

15:27:29.0687 4832 storvsc - ok

15:27:29.0692 4832 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

15:27:29.0697 4832 swenum - ok

15:27:29.0730 4832 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

15:27:29.0761 4832 swprv - ok

15:27:29.0837 4832 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll

15:27:29.0877 4832 SysMain - ok

15:27:29.0977 4832 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll

15:27:30.0006 4832 TabletInputService - ok

15:27:30.0050 4832 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys

15:27:30.0054 4832 taphss - ok

15:27:30.0075 4832 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll

15:27:30.0112 4832 TapiSrv - ok

15:27:30.0131 4832 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

15:27:30.0156 4832 TBS - ok

15:27:30.0252 4832 Tcpip (7fc877a25796d8adf539e64703fca7e1) C:\Windows\system32\drivers\tcpip.sys

15:27:30.0289 4832 Tcpip - ok

15:27:30.0385 4832 TCPIP6 (7fc877a25796d8adf539e64703fca7e1) C:\Windows\system32\DRIVERS\tcpip.sys

15:27:30.0408 4832 TCPIP6 - ok

15:27:30.0442 4832 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

15:27:30.0464 4832 tcpipreg - ok

15:27:30.0469 4832 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

15:27:30.0492 4832 TDPIPE - ok

15:27:30.0502 4832 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

15:27:30.0523 4832 TDTCP - ok

15:27:30.0535 4832 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

15:27:30.0570 4832 tdx - ok

15:27:30.0588 4832 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

15:27:30.0593 4832 TermDD - ok

15:27:30.0646 4832 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll

15:27:30.0699 4832 TermService - ok

15:27:30.0746 4832 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

15:27:30.0757 4832 Themes - ok

15:27:30.0786 4832 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

15:27:30.0809 4832 THREADORDER - ok

15:27:30.0832 4832 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

15:27:30.0857 4832 TrkWks - ok

15:27:30.0925 4832 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe

15:27:30.0935 4832 TrustedInstaller - ok

15:27:30.0941 4832 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

15:27:30.0965 4832 tssecsrv - ok

15:27:31.0029 4832 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

15:27:31.0069 4832 tunnel - ok

15:27:31.0220 4832 TVersityMediaServer (685a80878bab2e587b07053793c47bc4) C:\Users\napdizzle\AppData\Local\TVersity\Media Server\MediaServer.exe

15:27:31.0241 4832 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - warning

15:27:31.0241 4832 TVersityMediaServer - detected UnsignedFile.Multi.Generic (1)

15:27:31.0249 4832 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

15:27:31.0255 4832 uagp35 - ok

15:27:31.0276 4832 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

15:27:31.0316 4832 udfs - ok

15:27:31.0339 4832 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

15:27:31.0347 4832 UI0Detect - ok

15:27:31.0357 4832 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

15:27:31.0363 4832 uliagpkx - ok

15:27:31.0381 4832 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

15:27:31.0388 4832 umbus - ok

15:27:31.0393 4832 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

15:27:31.0411 4832 UmPass - ok

15:27:31.0503 4832 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll

15:27:31.0513 4832 UmRdpService - ok

15:27:31.0537 4832 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

15:27:31.0563 4832 upnphost - ok

15:27:31.0606 4832 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys

15:27:31.0631 4832 usbaudio - ok

15:27:31.0648 4832 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys

15:27:31.0668 4832 usbccgp - ok

15:27:31.0699 4832 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

15:27:31.0726 4832 usbcir - ok

15:27:31.0743 4832 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys

15:27:31.0750 4832 usbehci - ok

15:27:31.0783 4832 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys

15:27:31.0808 4832 usbhub - ok

15:27:31.0828 4832 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys

15:27:31.0834 4832 usbohci - ok

15:27:31.0854 4832 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

15:27:31.0862 4832 usbprint - ok

15:27:31.0900 4832 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

15:27:31.0909 4832 usbscan - ok

15:27:31.0917 4832 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:27:31.0925 4832 USBSTOR - ok

15:27:31.0928 4832 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys

15:27:31.0935 4832 usbuhci - ok

15:27:31.0967 4832 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys

15:27:31.0988 4832 usbvideo - ok

15:27:32.0006 4832 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

15:27:32.0028 4832 UxSms - ok

15:27:32.0059 4832 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe

15:27:32.0066 4832 VaultSvc - ok

15:27:32.0074 4832 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

15:27:32.0079 4832 vdrvroot - ok

15:27:32.0107 4832 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe

15:27:32.0131 4832 vds - ok

15:27:32.0142 4832 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

15:27:32.0150 4832 vga - ok

15:27:32.0155 4832 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

15:27:32.0189 4832 VgaSave - ok

15:27:32.0216 4832 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

15:27:32.0223 4832 vhdmp - ok

15:27:32.0236 4832 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

15:27:32.0241 4832 viaide - ok

15:27:32.0255 4832 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys

15:27:32.0263 4832 vmbus - ok

15:27:32.0270 4832 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys

15:27:32.0288 4832 VMBusHID - ok

15:27:32.0308 4832 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

15:27:32.0314 4832 volmgr - ok

15:27:32.0334 4832 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

15:27:32.0344 4832 volmgrx - ok

15:27:32.0363 4832 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

15:27:32.0372 4832 volsnap - ok

15:27:32.0384 4832 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

15:27:32.0391 4832 vsmraid - ok

15:27:32.0462 4832 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe

15:27:32.0514 4832 VSS - ok

15:27:32.0784 4832 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

15:27:32.0793 4832 vwifibus - ok

15:27:32.0814 4832 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

15:27:32.0841 4832 W32Time - ok

15:27:32.0851 4832 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

15:27:32.0858 4832 WacomPen - ok

15:27:32.0877 4832 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

15:27:32.0900 4832 WANARP - ok

15:27:32.0902 4832 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

15:27:32.0924 4832 Wanarpv6 - ok

15:27:32.0991 4832 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe

15:27:33.0042 4832 wbengine - ok

15:27:33.0091 4832 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

15:27:33.0104 4832 WbioSrvc - ok

15:27:33.0124 4832 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll

15:27:33.0140 4832 wcncsvc - ok

15:27:33.0152 4832 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

15:27:33.0170 4832 WcsPlugInService - ok

15:27:33.0192 4832 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

15:27:33.0197 4832 Wd - ok

15:27:33.0264 4832 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

15:27:33.0279 4832 Wdf01000 - ok

15:27:33.0294 4832 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

15:27:33.0317 4832 WdiServiceHost - ok

15:27:33.0319 4832 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

15:27:33.0329 4832 WdiSystemHost - ok

15:27:33.0361 4832 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll

15:27:33.0384 4832 WebClient - ok

15:27:33.0415 4832 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

15:27:33.0457 4832 Wecsvc - ok

15:27:33.0474 4832 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

15:27:33.0517 4832 wercplsupport - ok

15:27:33.0547 4832 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

15:27:33.0571 4832 WerSvc - ok

15:27:33.0620 4832 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

15:27:33.0643 4832 WfpLwf - ok

15:27:33.0653 4832 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

15:27:33.0658 4832 WIMMount - ok

15:27:33.0662 4832 WinHttpAutoProxySvc - ok

15:27:33.0726 4832 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

15:27:33.0751 4832 Winmgmt - ok

15:27:33.0836 4832 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll

15:27:33.0905 4832 WinRM - ok

15:27:34.0037 4832 WinUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.sys

15:27:34.0046 4832 WinUSB - ok

15:27:34.0088 4832 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

15:27:34.0115 4832 Wlansvc - ok

15:27:34.0290 4832 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

15:27:34.0332 4832 wlidsvc - ok

15:27:34.0380 4832 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

15:27:34.0386 4832 WmiAcpi - ok

15:27:34.0448 4832 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

15:27:34.0474 4832 wmiApSrv - ok

15:27:34.0522 4832 WMPNetworkSvc - ok

15:27:34.0586 4832 WMZuneComm (45de51db0950a4b8595520ef0bafcff1) c:\Program Files\Zune\WMZuneComm.exe

15:27:34.0596 4832 WMZuneComm - ok

15:27:34.0610 4832 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

15:27:34.0617 4832 WPCSvc - ok

15:27:34.0637 4832 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll

15:27:34.0663 4832 WPDBusEnum - ok

15:27:34.0666 4832 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

15:27:34.0689 4832 ws2ifsl - ok

15:27:34.0691 4832 WSearch - ok

15:27:34.0808 4832 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll

15:27:34.0867 4832 wuauserv - ok

15:27:34.0968 4832 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

15:27:34.0992 4832 WudfPf - ok

15:27:35.0014 4832 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

15:27:35.0038 4832 WUDFRd - ok

15:27:35.0049 4832 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll

15:27:35.0090 4832 wudfsvc - ok

15:27:35.0114 4832 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

15:27:35.0127 4832 WwanSvc - ok

15:27:35.0250 4832 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

15:27:35.0259 4832 YahooAUService - ok

15:27:35.0307 4832 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys

15:27:35.0337 4832 yukonw7 - ok

15:27:35.0384 4832 zntport (518b04e0ebeab273135b4408b8ed97e6) C:\Windows\System32\drivers\zntport.sys

15:27:35.0390 4832 zntport - ok

15:27:35.0768 4832 ZuneNetworkSvc (b79c2ce5340a5eca38ca1f74aa445d2b) c:\Program Files\Zune\ZuneNss.exe

15:27:35.0908 4832 ZuneNetworkSvc - ok

15:27:36.0037 4832 ZuneWlanCfgSvc (e2859aea054422fe40517179ae867c2d) c:\Windows\system32\ZuneWlanCfgSvc.exe

15:27:36.0054 4832 ZuneWlanCfgSvc - ok

15:27:36.0077 4832 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

15:27:36.0240 4832 \Device\Harddisk0\DR0 - ok

15:27:36.0243 4832 MBR (0x1B8) (8ff255184f078c9c04e6a2ce66117c5c) \Device\Harddisk3\DR3

15:27:36.0806 4832 \Device\Harddisk3\DR3 - ok

15:27:36.0811 4832 Boot (0x1200) (df95e5de16c96b5e1b88fb0a95af43f8) \Device\Harddisk0\DR0\Partition0

15:27:36.0812 4832 \Device\Harddisk0\DR0\Partition0 - ok

15:27:36.0818 4832 Boot (0x1200) (bdf0ccfb93bf6c62250ee1a0bef32d50) \Device\Harddisk0\DR0\Partition1

15:27:36.0819 4832 \Device\Harddisk0\DR0\Partition1 - ok

15:27:36.0822 4832 Boot (0x1200) (e0a169b83be2ad6ab453a54b87aab61d) \Device\Harddisk3\DR3\Partition0

15:27:36.0823 4832 \Device\Harddisk3\DR3\Partition0 - ok

15:27:36.0823 4832 ============================================================

15:27:36.0823 4832 Scan finished

15:27:36.0823 4832 ============================================================

15:27:36.0830 0708 Detected object count: 4

15:27:36.0831 0708 Actual detected object count: 4

15:34:37.0302 0708 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user

15:34:37.0302 0708 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:34:37.0303 0708 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user

15:34:37.0303 0708 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:34:37.0304 0708 sptd ( LockedFile.Multi.Generic ) - skipped by user

15:34:37.0304 0708 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

15:34:37.0305 0708 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - skipped by user

15:34:37.0305 0708 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:34:57.0881 5044 ============================================================

15:34:57.0881 5044 Scan started

15:34:57.0881 5044 Mode: Manual; SigCheck; TDLFS;

15:34:57.0881 5044 ============================================================

15:34:59.0444 5044 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

15:34:59.0455 5044 1394ohci - ok

15:34:59.0478 5044 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

15:34:59.0486 5044 ACPI - ok

15:34:59.0493 5044 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

15:34:59.0501 5044 AcpiPmi - ok

15:34:59.0535 5044 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

15:34:59.0544 5044 adp94xx - ok

15:34:59.0565 5044 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

15:34:59.0572 5044 adpahci - ok

15:34:59.0589 5044 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

15:34:59.0596 5044 adpu320 - ok

15:34:59.0639 5044 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

15:34:59.0661 5044 AeLookupSvc - ok

15:34:59.0758 5044 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys

15:34:59.0783 5044 AFD - ok

15:34:59.0877 5044 AffinegyService (7e077309910ce334c3b2b7b8665a55c4) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe

15:34:59.0887 5044 AffinegyService - ok

15:34:59.0895 5044 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

15:34:59.0900 5044 agp440 - ok

15:34:59.0914 5044 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

15:34:59.0921 5044 ALG - ok

15:34:59.0923 5044 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

15:34:59.0928 5044 aliide - ok

15:35:00.0047 5044 ALSysIO - ok

15:35:00.0081 5044 AMD External Events Utility (962227630779043b5c1d4cd157abb912) C:\Windows\system32\atiesrxx.exe

15:35:00.0092 5044 AMD External Events Utility - ok

15:35:00.0155 5044 AMD FUEL Service - ok

15:35:00.0158 5044 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

15:35:00.0163 5044 amdide - ok

15:35:00.0172 5044 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys

15:35:00.0175 5044 amdiox64 - ok

15:35:00.0189 5044 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

15:35:00.0195 5044 AmdK8 - ok

15:35:00.0627 5044 amdkmdag (56d6631761ec37745f0df16bcdc4caf4) C:\Windows\system32\DRIVERS\atikmdag.sys

15:35:00.0715 5044 amdkmdag - ok

15:35:00.0857 5044 amdkmdap (2d9005ea0bfd25c740e53c8dd3c069e0) C:\Windows\system32\DRIVERS\atikmpag.sys

15:35:00.0870 5044 amdkmdap - ok

15:35:00.0906 5044 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

15:35:00.0912 5044 AmdPPM - ok

15:35:00.0929 5044 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys

15:35:00.0936 5044 amdsata - ok

15:35:00.0955 5044 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

15:35:00.0962 5044 amdsbs - ok

15:35:00.0975 5044 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys

15:35:00.0980 5044 amdxata - ok

15:35:01.0051 5044 AODDriver4.01 (0e2ba6dc63e9cf3bf275856735a3e3be) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

15:35:01.0055 5044 AODDriver4.01 - ok

15:35:01.0057 5044 AODDriver4.1 (0e2ba6dc63e9cf3bf275856735a3e3be) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

15:35:01.0060 5044 AODDriver4.1 - ok

15:35:01.0068 5044 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

15:35:01.0078 5044 AppID - ok

15:35:01.0108 5044 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

15:35:01.0130 5044 AppIDSvc - ok

15:35:01.0142 5044 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll

15:35:01.0164 5044 Appinfo - ok

15:35:01.0180 5044 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll

15:35:01.0188 5044 AppMgmt - ok

15:35:01.0199 5044 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

15:35:01.0205 5044 arc - ok

15:35:01.0221 5044 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

15:35:01.0227 5044 arcsas - ok

15:35:01.0233 5044 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

15:35:01.0255 5044 AsyncMac - ok

15:35:01.0261 5044 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

15:35:01.0266 5044 atapi - ok

15:35:01.0291 5044 AtiHDAudioService (2b3b05c0a7768bf033217eb8f33f9c35) C:\Windows\system32\drivers\AtihdW76.sys

15:35:01.0296 5044 AtiHDAudioService - ok

15:35:01.0319 5044 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys

15:35:01.0334 5044 AtiHdmiService - ok

15:35:01.0369 5044 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

15:35:01.0405 5044 AudioEndpointBuilder - ok

15:35:01.0409 5044 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

15:35:01.0435 5044 AudioSrv - ok

15:35:01.0445 5044 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll

15:35:01.0455 5044 AxInstSV - ok

15:35:01.0481 5044 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

Link to post
Share on other sites

15:35:01.0502 5044 b06bdrv - ok

15:35:01.0519 5044 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

15:35:01.0528 5044 b57nd60a - ok

15:35:01.0556 5044 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

15:35:01.0563 5044 BDESVC - ok

15:35:01.0568 5044 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

15:35:01.0589 5044 Beep - ok

15:35:01.0654 5044 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll

15:35:01.0695 5044 BITS - ok

15:35:01.0702 5044 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

15:35:01.0708 5044 blbdrive - ok

15:35:01.0718 5044 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys

15:35:01.0740 5044 bowser - ok

15:35:01.0751 5044 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

15:35:01.0759 5044 BrFiltLo - ok

15:35:01.0771 5044 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

15:35:01.0778 5044 BrFiltUp - ok

15:35:01.0794 5044 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys

15:35:01.0816 5044 BridgeMP - ok

15:35:01.0835 5044 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll

15:35:01.0857 5044 Browser - ok

15:35:01.0875 5044 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

15:35:01.0885 5044 Brserid - ok

15:35:01.0895 5044 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

15:35:01.0904 5044 BrSerWdm - ok

15:35:01.0906 5044 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

15:35:01.0914 5044 BrUsbMdm - ok

15:35:01.0916 5044 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

15:35:01.0922 5044 BrUsbSer - ok

15:35:01.0934 5044 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

15:35:01.0942 5044 BTHMODEM - ok

15:35:01.0949 5044 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

15:35:01.0971 5044 bthserv - ok

15:35:01.0980 5044 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

15:35:02.0002 5044 cdfs - ok

15:35:02.0015 5044 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

15:35:02.0023 5044 cdrom - ok

15:35:02.0032 5044 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

15:35:02.0054 5044 CertPropSvc - ok

15:35:02.0057 5044 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

15:35:02.0065 5044 circlass - ok

15:35:02.0090 5044 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

15:35:02.0099 5044 CLFS - ok

15:35:02.0146 5044 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:35:02.0150 5044 clr_optimization_v2.0.50727_32 - ok

15:35:02.0214 5044 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

15:35:02.0218 5044 clr_optimization_v2.0.50727_64 - ok

15:35:02.0221 5044 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

15:35:02.0227 5044 CmBatt - ok

15:35:02.0229 5044 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

15:35:02.0234 5044 cmdide - ok

15:35:02.0265 5044 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

15:35:02.0286 5044 CNG - ok

15:35:02.0298 5044 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

15:35:02.0303 5044 Compbatt - ok

15:35:02.0310 5044 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

15:35:02.0318 5044 CompositeBus - ok

15:35:02.0320 5044 COMSysApp - ok

15:35:02.0355 5044 cpuz133 (641243746597fbd650e5000d95811ea3) C:\Windows\system32\drivers\cpuz133_x64.sys

15:35:02.0359 5044 cpuz133 - ok

15:35:02.0370 5044 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

15:35:02.0374 5044 crcdisk - ok

15:35:02.0427 5044 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

15:35:02.0430 5044 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning

15:35:02.0430 5044 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)

15:35:02.0447 5044 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll

15:35:02.0470 5044 CryptSvc - ok

15:35:02.0496 5044 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys

15:35:02.0523 5044 CSC - ok

15:35:02.0561 5044 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll

15:35:02.0581 5044 CscService - ok

15:35:02.0610 5044 CT20XUT (b3b541b3b25adb02d793c51953b22491) C:\Windows\system32\drivers\CT20XUT.SYS

15:35:02.0616 5044 CT20XUT - ok

15:35:02.0619 5044 CT20XUT.SYS (b3b541b3b25adb02d793c51953b22491) C:\Windows\System32\drivers\CT20XUT.SYS

15:35:02.0624 5044 CT20XUT.SYS - ok

15:35:02.0653 5044 ctac32k (f2e098f140b769ae62803e89230f11a9) C:\Windows\system32\drivers\ctac32k.sys

15:35:02.0665 5044 ctac32k - ok

15:35:02.0710 5044 ctaud2k (5c315e9dabf63d9d12973585a6113066) C:\Windows\system32\drivers\ctaud2k.sys

15:35:02.0729 5044 ctaud2k - ok

15:35:02.0784 5044 CTAudSvcService (07ba6d17e66879018b30b6c3f976ebed) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

15:35:02.0789 5044 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning

15:35:02.0789 5044 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)

15:35:02.0866 5044 CTEXFIFX (59d681564c6d5cd72890082925501be9) C:\Windows\system32\drivers\CTEXFIFX.SYS

15:35:02.0895 5044 CTEXFIFX - ok

15:35:03.0058 5044 CTEXFIFX.SYS (59d681564c6d5cd72890082925501be9) C:\Windows\System32\drivers\CTEXFIFX.SYS

15:35:03.0075 5044 CTEXFIFX.SYS - ok

15:35:03.0120 5044 CTHWIUT (d0ebcff35fe9a4f9d3ca2fd6a38bee56) C:\Windows\system32\drivers\CTHWIUT.SYS

15:35:03.0125 5044 CTHWIUT - ok

15:35:03.0127 5044 CTHWIUT.SYS (d0ebcff35fe9a4f9d3ca2fd6a38bee56) C:\Windows\System32\drivers\CTHWIUT.SYS

15:35:03.0131 5044 CTHWIUT.SYS - ok

15:35:03.0136 5044 ctprxy2k (ef305cab6295b8a250a77a7fd5f9f113) C:\Windows\system32\drivers\ctprxy2k.sys

15:35:03.0140 5044 ctprxy2k - ok

15:35:03.0154 5044 ctsfm2k (01323c189318b92bb7781b911de9d62b) C:\Windows\system32\drivers\ctsfm2k.sys

15:35:03.0161 5044 ctsfm2k - ok

15:35:03.0193 5044 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

15:35:03.0218 5044 DcomLaunch - ok

15:35:03.0238 5044 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

15:35:03.0263 5044 defragsvc - ok

15:35:03.0301 5044 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys

15:35:03.0324 5044 DfsC - ok

15:35:03.0344 5044 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll

15:35:03.0357 5044 Dhcp - ok

15:35:03.0364 5044 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

15:35:03.0386 5044 discache - ok

15:35:03.0395 5044 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

15:35:03.0400 5044 Disk - ok

15:35:03.0419 5044 Dnscache (676108c4e3aa6f6b34633748bd0bebd9) C:\Windows\System32\dnsrslvr.dll

15:35:03.0442 5044 Dnscache - ok

15:35:03.0462 5044 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll

15:35:03.0486 5044 dot3svc - ok

15:35:03.0501 5044 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll

15:35:03.0524 5044 DPS - ok

15:35:03.0544 5044 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

15:35:03.0551 5044 drmkaud - ok

15:35:03.0653 5044 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys

15:35:03.0678 5044 DXGKrnl - ok

15:35:03.0691 5044 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

15:35:03.0714 5044 EapHost - ok

15:35:03.0851 5044 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

15:35:03.0902 5044 ebdrv - ok

15:35:03.0999 5044 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe

15:35:04.0006 5044 EFS - ok

15:35:04.0078 5044 ehRecvr (3d69fae60ede442e004611a4ee4db44c) C:\Windows\ehome\ehRecvr.exe

15:35:04.0105 5044 ehRecvr - ok

15:35:04.0137 5044 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

15:35:04.0144 5044 ehSched - ok

15:35:04.0186 5044 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

15:35:04.0198 5044 elxstor - ok

15:35:04.0225 5044 emupia (1b68c7ddd39811df63fc04af937be91a) C:\Windows\system32\drivers\emupia2k.sys

15:35:04.0230 5044 emupia - ok

15:35:04.0241 5044 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

15:35:04.0247 5044 ErrDev - ok

15:35:04.0279 5044 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

15:35:04.0305 5044 EventSystem - ok

15:35:04.0318 5044 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

15:35:04.0341 5044 exfat - ok

15:35:04.0354 5044 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

15:35:04.0377 5044 fastfat - ok

15:35:04.0413 5044 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe

15:35:04.0437 5044 Fax - ok

15:35:04.0440 5044 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

15:35:04.0446 5044 fdc - ok

15:35:04.0457 5044 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

15:35:04.0479 5044 fdPHost - ok

15:35:04.0490 5044 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

15:35:04.0511 5044 FDResPub - ok

15:35:04.0519 5044 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

15:35:04.0525 5044 FileInfo - ok

15:35:04.0528 5044 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

15:35:04.0549 5044 Filetrace - ok

15:35:04.0555 5044 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

15:35:04.0562 5044 flpydisk - ok

15:35:04.0582 5044 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

15:35:04.0590 5044 FltMgr - ok

15:35:04.0638 5044 FontCache (8ac4cb4ea61e41009fae9ae7b2b5da3a) C:\Windows\system32\FntCache.dll

15:35:04.0680 5044 FontCache - ok

15:35:04.0803 5044 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

15:35:04.0807 5044 FontCache3.0.0.0 - ok

15:35:04.0926 5044 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

15:35:04.0932 5044 FsDepends - ok

15:35:04.0934 5044 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

15:35:04.0939 5044 Fs_Rec - ok

15:35:04.0967 5044 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

15:35:04.0975 5044 fvevol - ok

15:35:05.0003 5044 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

15:35:05.0008 5044 gagp30kx - ok

15:35:05.0043 5044 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll

15:35:05.0064 5044 gpsvc - ok

15:35:05.0145 5044 ha20x2k (c1c61e83f44b105a4a131cb0c583174c) C:\Windows\system32\drivers\ha20x2k.sys

15:35:05.0173 5044 ha20x2k - ok

15:35:05.0265 5044 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

15:35:05.0272 5044 hcw85cir - ok

15:35:05.0308 5044 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

15:35:05.0318 5044 HdAudAddService - ok

15:35:05.0329 5044 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

15:35:05.0337 5044 HDAudBus - ok

15:35:05.0350 5044 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

15:35:05.0356 5044 HidBatt - ok

15:35:05.0371 5044 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

15:35:05.0380 5044 HidBth - ok

15:35:05.0388 5044 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

15:35:05.0396 5044 HidIr - ok

15:35:05.0409 5044 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll

15:35:05.0431 5044 hidserv - ok

15:35:05.0442 5044 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

15:35:05.0448 5044 HidUsb - ok

15:35:05.0462 5044 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll

15:35:05.0484 5044 hkmsvc - ok

15:35:05.0498 5044 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll

15:35:05.0507 5044 HomeGroupListener - ok

15:35:05.0522 5044 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll

15:35:05.0531 5044 HomeGroupProvider - ok

15:35:05.0540 5044 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

15:35:05.0546 5044 HpSAMD - ok

15:35:05.0647 5044 hshld (b7cfe93627e7796624004687125a729f) C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe

15:35:05.0656 5044 hshld - ok

15:35:05.0707 5044 HssSrv (2cfea9c337b699aca38487e8a7438f35) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe

15:35:05.0714 5044 HssSrv - ok

15:35:05.0732 5044 HssTrayService (b3c6eeeff5c5ea3235b7d84317c1fb3f) C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE

15:35:05.0736 5044 HssTrayService - ok

15:35:05.0738 5044 HssWd - ok

15:35:05.0778 5044 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

15:35:05.0813 5044 HTTP - ok

15:35:05.0819 5044 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

15:35:05.0824 5044 hwpolicy - ok

15:35:05.0835 5044 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

15:35:05.0842 5044 i8042prt - ok

15:35:05.0870 5044 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys

15:35:05.0880 5044 iaStorV - ok

15:35:06.0016 5044 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

15:35:06.0041 5044 idsvc - ok

15:35:06.0056 5044 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

15:35:06.0061 5044 iirsp - ok

15:35:06.0103 5044 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll

15:35:06.0143 5044 IKEEXT - ok

15:35:06.0152 5044 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

15:35:06.0157 5044 intelide - ok

15:35:06.0165 5044 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

15:35:06.0172 5044 intelppm - ok

15:35:06.0180 5044 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

15:35:06.0203 5044 IPBusEnum - ok

15:35:06.0211 5044 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:35:06.0233 5044 IpFilterDriver - ok

15:35:06.0245 5044 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

15:35:06.0252 5044 IPMIDRV - ok

15:35:06.0269 5044 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

15:35:06.0291 5044 IPNAT - ok

15:35:06.0306 5044 irda (05360b1ea5a2abf620d1d96ebd8bd8f1) C:\Windows\system32\DRIVERS\irda.sys

15:35:06.0316 5044 irda - ok

15:35:06.0324 5044 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

15:35:06.0333 5044 IRENUM - ok

15:35:06.0338 5044 Irmon (3848384ab383f0a8f506c4370635c1f9) C:\Windows\System32\irmon.dll

15:35:06.0348 5044 Irmon - ok

15:35:06.0371 5044 irsir (d2ca12736624ba636f8357dc3ef0757e) C:\Windows\system32\DRIVERS\irsir.sys

15:35:06.0376 5044 irsir - ok

15:35:06.0383 5044 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

15:35:06.0388 5044 isapnp - ok

15:35:06.0425 5044 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

15:35:06.0433 5044 iScsiPrt - ok

15:35:06.0444 5044 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

15:35:06.0449 5044 kbdclass - ok

15:35:06.0454 5044 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

15:35:06.0460 5044 kbdhid - ok

15:35:06.0465 5044 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe

15:35:06.0473 5044 KeyIso - ok

15:35:06.0478 5044 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

15:35:06.0484 5044 KSecDD - ok

15:35:06.0506 5044 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

15:35:06.0513 5044 KSecPkg - ok

15:35:06.0519 5044 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

15:35:06.0540 5044 ksthunk - ok

15:35:06.0562 5044 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

15:35:06.0588 5044 KtmRm - ok

15:35:06.0610 5044 LanmanServer (c926920b8978de6acfe9e15c709e9b57) C:\Windows\System32\srvsvc.dll

15:35:06.0635 5044 LanmanServer - ok

15:35:06.0669 5044 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll

15:35:06.0693 5044 LanmanWorkstation - ok

15:35:06.0725 5044 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

15:35:06.0748 5044 lltdio - ok

15:35:06.0767 5044 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

15:35:06.0792 5044 lltdsvc - ok

15:35:06.0798 5044 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

15:35:06.0820 5044 lmhosts - ok

15:35:06.0835 5044 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

15:35:06.0841 5044 LSI_FC - ok

15:35:06.0857 5044 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

15:35:06.0863 5044 LSI_SAS - ok

15:35:06.0871 5044 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

15:35:06.0876 5044 LSI_SAS2 - ok

15:35:06.0887 5044 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

15:35:06.0894 5044 LSI_SCSI - ok

15:35:06.0903 5044 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

15:35:06.0925 5044 luafv - ok

15:35:06.0951 5044 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

15:35:06.0955 5044 MBAMProtector - ok

15:35:07.0034 5044 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

15:35:07.0043 5044 MBAMService - ok

15:35:07.0059 5044 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll

15:35:07.0066 5044 Mcx2Svc - ok

15:35:07.0078 5044 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

15:35:07.0083 5044 megasas - ok

15:35:07.0101 5044 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

15:35:07.0110 5044 MegaSR - ok

15:35:07.0147 5044 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

15:35:07.0152 5044 Microsoft Office Groove Audit Service - ok

15:35:07.0167 5044 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

15:35:07.0189 5044 MMCSS - ok

15:35:07.0195 5044 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

15:35:07.0217 5044 Modem - ok

15:35:07.0234 5044 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

15:35:07.0242 5044 monitor - ok

15:35:07.0255 5044 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

15:35:07.0259 5044 mouclass - ok

15:35:07.0272 5044 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

15:35:07.0278 5044 mouhid - ok

15:35:07.0291 5044 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

15:35:07.0296 5044 mountmgr - ok

15:35:07.0350 5044 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

15:35:07.0355 5044 MozillaMaintenance - ok

15:35:07.0393 5044 MpFilter (e6ba8e5a4a871899e23d64573ef58ee9) C:\Windows\system32\DRIVERS\MpFilter.sys

15:35:07.0400 5044 MpFilter - ok

15:35:07.0418 5044 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

15:35:07.0425 5044 mpio - ok

15:35:07.0437 5044 MpNWMon (98b09a4f2c462441030b83a80a3f6fb3) C:\Windows\system32\DRIVERS\MpNWMon.sys

15:35:07.0441 5044 MpNWMon - ok

15:35:07.0475 5044 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

15:35:07.0497 5044 mpsdrv - ok

15:35:07.0507 5044 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

15:35:07.0518 5044 MRxDAV - ok

15:35:07.0535 5044 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys

15:35:07.0553 5044 mrxsmb - ok

15:35:07.0592 5044 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:35:07.0602 5044 mrxsmb10 - ok

15:35:07.0616 5044 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:35:07.0623 5044 mrxsmb20 - ok

15:35:07.0630 5044 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

15:35:07.0635 5044 msahci - ok

15:35:07.0692 5044 MSCamSvc (a592a054d78750b4d73abaa4c94decdf) C:\Program Files\Microsoft LifeCam\MSCamS64.exe

15:35:07.0698 5044 MSCamSvc - ok

15:35:07.0713 5044 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

15:35:07.0720 5044 msdsm - ok

15:35:07.0750 5044 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

15:35:07.0758 5044 MSDTC - ok

15:35:07.0766 5044 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

15:35:07.0789 5044 Msfs - ok

15:35:07.0792 5044 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

15:35:07.0814 5044 mshidkmdf - ok

15:35:07.0826 5044 MSHUSBVideo (55218f924e55fd2786ed40edf4ed79c3) C:\Windows\system32\Drivers\nx6000.sys

15:35:07.0831 5044 MSHUSBVideo - ok

15:35:07.0833 5044 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

15:35:07.0838 5044 msisadrv - ok

15:35:07.0864 5044 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

15:35:07.0888 5044 MSiSCSI - ok

15:35:07.0891 5044 msiserver - ok

15:35:07.0894 5044 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

15:35:07.0916 5044 MSKSSRV - ok

15:35:07.0922 5044 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

15:35:07.0944 5044 MSPCLOCK - ok

15:35:07.0947 5044 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

15:35:07.0969 5044 MSPQM - ok

15:35:07.0994 5044 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

15:35:08.0004 5044 MsRPC - ok

15:35:08.0016 5044 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

15:35:08.0021 5044 mssmbios - ok

15:35:08.0023 5044 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

15:35:08.0046 5044 MSTEE - ok

15:35:08.0052 5044 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

15:35:08.0058 5044 MTConfig - ok

15:35:08.0064 5044 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

15:35:08.0070 5044 Mup - ok

15:35:08.0118 5044 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll

15:35:08.0152 5044 napagent - ok

15:35:08.0177 5044 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

15:35:08.0190 5044 NativeWifiP - ok

15:35:08.0236 5044 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

15:35:08.0260 5044 NDIS - ok

15:35:08.0272 5044 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

15:35:08.0295 5044 NdisCap - ok

15:35:08.0305 5044 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

15:35:08.0327 5044 NdisTapi - ok

15:35:08.0342 5044 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

15:35:08.0365 5044 Ndisuio - ok

15:35:08.0377 5044 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

15:35:08.0401 5044 NdisWan - ok

15:35:08.0414 5044 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

15:35:08.0438 5044 NDProxy - ok

15:35:08.0444 5044 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

15:35:08.0467 5044 NetBIOS - ok

15:35:08.0488 5044 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

15:35:08.0514 5044 NetBT - ok

15:35:08.0540 5044 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe

15:35:08.0547 5044 Netlogon - ok

15:35:08.0588 5044 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

15:35:08.0615 5044 Netman - ok

15:35:08.0642 5044 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

15:35:08.0676 5044 netprofm - ok

15:35:08.0777 5044 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

15:35:08.0782 5044 NetTcpPortSharing - ok

15:35:08.0789 5044 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

15:35:08.0794 5044 nfrd960 - ok

15:35:08.0823 5044 NisDrv (3713e8452b88d3e0be095e06b6fbc776) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

15:35:08.0828 5044 NisDrv - ok

15:35:08.0902 5044 NisSrv (c67e39d2968400b38f54a10822e6eacf) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

15:35:08.0911 5044 NisSrv - ok

15:35:08.0933 5044 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll

15:35:08.0959 5044 NlaSvc - ok

15:35:09.0000 5044 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\drivers\npf.sys

15:35:09.0004 5044 NPF - ok

15:35:09.0017 5044 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

15:35:09.0039 5044 Npfs - ok

15:35:09.0065 5044 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

15:35:09.0088 5044 nsi - ok

15:35:09.0099 5044 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

15:35:09.0121 5044 nsiproxy - ok

15:35:09.0189 5044 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys

15:35:09.0225 5044 Ntfs - ok

15:35:09.0344 5044 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

15:35:09.0365 5044 Null - ok

15:35:09.0383 5044 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys

15:35:09.0390 5044 nvraid - ok

15:35:09.0408 5044 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys

15:35:09.0415 5044 nvstor - ok

15:35:09.0424 5044 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

15:35:09.0430 5044 nv_agp - ok

15:35:09.0520 5044 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

15:35:09.0530 5044 odserv - ok

15:35:09.0539 5044 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

15:35:09.0546 5044 ohci1394 - ok

15:35:09.0560 5044 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:35:09.0566 5044 ose - ok

15:35:09.0592 5044 ossrv (eb8724534cee0977eac4878812682f6b) C:\Windows\system32\drivers\ctoss2k.sys

15:35:09.0598 5044 ossrv - ok

15:35:09.0642 5044 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

15:35:09.0661 5044 p2pimsvc - ok

15:35:09.0684 5044 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

15:35:09.0695 5044 p2psvc - ok

15:35:09.0711 5044 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

15:35:09.0718 5044 Parport - ok

15:35:09.0728 5044 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

15:35:09.0734 5044 partmgr - ok

15:35:09.0753 5044 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

15:35:09.0764 5044 PcaSvc - ok

15:35:09.0797 5044 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

15:35:09.0803 5044 pci - ok

15:35:09.0808 5044 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

15:35:09.0812 5044 pciide - ok

15:35:09.0822 5044 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

15:35:09.0830 5044 pcmcia - ok

15:35:09.0843 5044 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

15:35:09.0848 5044 pcw - ok

15:35:09.0891 5044 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

15:35:09.0929 5044 PEAUTH - ok

15:35:10.0005 5044 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll

15:35:10.0038 5044 PeerDistSvc - ok

15:35:10.0138 5044 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

15:35:10.0145 5044 PerfHost - ok

15:35:10.0226 5044 PEVSystemStart - ok

15:35:10.0337 5044 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll

15:35:10.0383 5044 pla - ok

15:35:10.0422 5044 PlugPlay (23157d583244400e1d7fbaee2e4b31b7) C:\Windows\system32\umpnpmgr.dll

15:35:10.0449 5044 PlugPlay - ok

15:35:10.0451 5044 PnkBstrA - ok

15:35:10.0462 5044 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

15:35:10.0468 5044 PNRPAutoReg - ok

15:35:10.0509 5044 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

15:35:10.0517 5044 PNRPsvc - ok

15:35:10.0562 5044 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll

15:35:10.0593 5044 PolicyAgent - ok

15:35:10.0614 5044 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

15:35:10.0638 5044 Power - ok

15:35:10.0694 5044 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

15:35:10.0717 5044 PptpMiniport - ok

15:35:10.0744 5044 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

15:35:10.0751 5044 Processor - ok

15:35:10.0768 5044 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll

15:35:10.0792 5044 ProfSvc - ok

15:35:10.0832 5044 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe

15:35:10.0839 5044 ProtectedStorage - ok

15:35:10.0870 5044 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

15:35:10.0893 5044 Psched - ok

15:35:10.0975 5044 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

15:35:11.0023 5044 ql2300 - ok

15:35:11.0116 5044 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

15:35:11.0122 5044 ql40xx - ok

15:35:11.0146 5044 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

15:35:11.0158 5044 QWAVE - ok

15:35:11.0168 5044 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

15:35:11.0177 5044 QWAVEdrv - ok

15:35:11.0188 5044 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

15:35:11.0209 5044 RasAcd - ok

15:35:11.0237 5044 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

15:35:11.0259 5044 RasAgileVpn - ok

15:35:11.0278 5044 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

15:35:11.0301 5044 RasAuto - ok

15:35:11.0322 5044 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

15:35:11.0345 5044 Rasl2tp - ok

15:35:11.0364 5044 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll

15:35:11.0390 5044 RasMan - ok

15:35:11.0403 5044 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

15:35:11.0426 5044 RasPppoe - ok

15:35:11.0460 5044 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

15:35:11.0482 5044 RasSstp - ok

15:35:11.0501 5044 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

15:35:11.0526 5044 rdbss - ok

15:35:11.0556 5044 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

15:35:11.0564 5044 rdpbus - ok

15:35:11.0570 5044 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

15:35:11.0591 5044 RDPCDD - ok

15:35:11.0607 5044 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys

15:35:11.0617 5044 RDPDR - ok

15:35:11.0626 5044 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

15:35:11.0648 5044 RDPENCDD - ok

15:35:11.0653 5044 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

15:35:11.0675 5044 RDPREFMP - ok

15:35:11.0690 5044 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

15:35:11.0714 5044 RDPWD - ok

15:35:11.0731 5044 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

15:35:11.0739 5044 rdyboost - ok

15:35:11.0766 5044 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

15:35:11.0789 5044 RemoteAccess - ok

15:35:11.0805 5044 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

15:35:11.0829 5044 RemoteRegistry - ok

15:35:11.0891 5044 rpcapd (a780d3eaa74582ea1deb6bd9c7a3d9c9) C:\Program Files (x86)\WinPcap\rpcapd.exe

15:35:11.0896 5044 rpcapd - ok

15:35:11.0907 5044 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

15:35:11.0930 5044 RpcEptMapper - ok

15:35:11.0943 5044 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

15:35:11.0950 5044 RpcLocator - ok

15:35:11.0986 5044 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

15:35:12.0011 5044 RpcSs - ok

15:35:12.0022 5044 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

15:35:12.0045 5044 rspndr - ok

15:35:12.0073 5044 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys

15:35:12.0079 5044 s3cap - ok

15:35:12.0091 5044 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe

15:35:12.0098 5044 SamSs - ok

15:35:12.0112 5044 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

15:35:12.0118 5044 sbp2port - ok

15:35:12.0137 5044 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

15:35:12.0162 5044 SCardSvr - ok

15:35:12.0172 5044 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

15:35:12.0194 5044 scfilter - ok

15:35:12.0241 5044 Schedule (ec56b171f85c7e855e7b0588ac503eea) C:\Windows\system32\schedsvc.dll

15:35:12.0284 5044 Schedule - ok

15:35:12.0315 5044 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

15:35:12.0337 5044 SCPolicySvc - ok

15:35:12.0351 5044 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll

15:35:12.0369 5044 SDRSVC - ok

15:35:12.0394 5044 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

15:35:12.0416 5044 secdrv - ok

15:35:12.0419 5044 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll

15:35:12.0441 5044 seclogon - ok

15:35:12.0452 5044 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

15:35:12.0474 5044 SENS - ok

15:35:12.0477 5044 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

15:35:12.0488 5044 SensrSvc - ok

15:35:12.0491 5044 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

15:35:12.0497 5044 Serenum - ok

15:35:12.0509 5044 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

15:35:12.0515 5044 Serial - ok

15:35:12.0521 5044 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

15:35:12.0527 5044 sermouse - ok

15:35:12.0539 5044 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll

15:35:12.0562 5044 SessionEnv - ok

15:35:12.0579 5044 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

15:35:12.0585 5044 sffdisk - ok

15:35:12.0595 5044 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

15:35:12.0601 5044 sffp_mmc - ok

15:35:12.0610 5044 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys

15:35:12.0616 5044 sffp_sd - ok

15:35:12.0625 5044 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

15:35:12.0632 5044 sfloppy - ok

15:35:12.0654 5044 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll

15:35:12.0669 5044 ShellHWDetection - ok

15:35:12.0676 5044 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

15:35:12.0681 5044 SiSRaid2 - ok

15:35:12.0693 5044 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

15:35:12.0699 5044 SiSRaid4 - ok

15:35:12.0714 5044 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

15:35:12.0737 5044 Smb - ok

15:35:12.0742 5044 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

15:35:12.0750 5044 SNMPTRAP - ok

15:35:12.0757 5044 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

15:35:12.0762 5044 spldr - ok

15:35:12.0791 5044 Spooler (89e8550c5862999fcf482ea562b0e98e) C:\Windows\System32\spoolsv.exe

15:35:12.0806 5044 Spooler - ok

15:35:12.0951 5044 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe

15:35:13.0015 5044 sppsvc - ok

15:35:13.0123 5044 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

15:35:13.0145 5044 sppuinotify - ok

15:35:13.0231 5044 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys

15:35:13.0231 5044 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb

15:35:13.0232 5044 sptd ( LockedFile.Multi.Generic ) - warning

15:35:13.0232 5044 sptd - detected LockedFile.Multi.Generic (1)

15:35:13.0276 5044 srv (37c3abc2338010e110d2a6a3930f3149) C:\Windows\system32\DRIVERS\srv.sys

15:35:13.0297 5044 srv - ok

15:35:13.0324 5044 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys

15:35:13.0350 5044 srv2 - ok

15:35:13.0383 5044 srvnet (cce32bb223e9ff55d241099a858fa889) C:\Windows\system32\DRIVERS\srvnet.sys

15:35:13.0391 5044 srvnet - ok

15:35:13.0408 5044 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

15:35:13.0432 5044 SSDPSRV - ok

15:35:13.0442 5044 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

15:35:13.0464 5044 SstpSvc - ok

15:35:13.0520 5044 Steam Client Service - ok

15:35:13.0528 5044 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

15:35:13.0534 5044 stexstor - ok

15:35:13.0569 5044 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll

15:35:13.0594 5044 stisvc - ok

15:35:13.0623 5044 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys

15:35:13.0628 5044 storflt - ok

15:35:13.0639 5044 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys

15:35:13.0644 5044 storvsc - ok

15:35:13.0648 5044 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

15:35:13.0653 5044 swenum - ok

15:35:13.0686 5044 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

15:35:13.0717 5044 swprv - ok

15:35:13.0793 5044 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll

15:35:13.0824 5044 SysMain - ok

15:35:13.0925 5044 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll

15:35:13.0935 5044 TabletInputService - ok

15:35:13.0981 5044 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys

15:35:13.0986 5044 taphss - ok

15:35:14.0006 5044 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll

15:35:14.0031 5044 TapiSrv - ok

15:35:14.0046 5044 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

15:35:14.0075 5044 TBS - ok

15:35:14.0163 5044 Tcpip (7fc877a25796d8adf539e64703fca7e1) C:\Windows\system32\drivers\tcpip.sys

15:35:14.0203 5044 Tcpip - ok

15:35:14.0297 5044 TCPIP6 (7fc877a25796d8adf539e64703fca7e1) C:\Windows\system32\DRIVERS\tcpip.sys

15:35:14.0320 5044 TCPIP6 - ok

15:35:14.0357 5044 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

15:35:14.0379 5044 tcpipreg - ok

15:35:14.0393 5044 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

15:35:14.0414 5044 TDPIPE - ok

15:35:14.0425 5044 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

15:35:14.0447 5044 TDTCP - ok

15:35:14.0458 5044 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

15:35:14.0480 5044 tdx - ok

15:35:14.0494 5044 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

15:35:14.0499 5044 TermDD - ok

15:35:14.0534 5044 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll

15:35:14.0561 5044 TermService - ok

15:35:14.0568 5044 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

15:35:14.0578 5044 Themes - ok

15:35:14.0609 5044 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

15:35:14.0631 5044 THREADORDER - ok

15:35:14.0637 5044 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

15:35:14.0660 5044 TrkWks - ok

15:35:14.0722 5044 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe

15:35:14.0731 5044 TrustedInstaller - ok

15:35:14.0736 5044 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

15:35:14.0758 5044 tssecsrv - ok

15:35:14.0768 5044 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

15:35:14.0791 5044 tunnel - ok

15:35:14.0934 5044 TVersityMediaServer (685a80878bab2e587b07053793c47bc4) C:\Users\napdizzle\AppData\Local\TVersity\Media Server\MediaServer.exe

15:35:14.0956 5044 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - warning

15:35:14.0956 5044 TVersityMediaServer - detected UnsignedFile.Multi.Generic (1)

15:35:15.0014 5044 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

15:35:15.0027 5044 uagp35 - ok

15:35:15.0097 5044 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

15:35:15.0122 5044 udfs - ok

15:35:15.0137 5044 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

15:35:15.0145 5044 UI0Detect - ok

15:35:15.0156 5044 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

15:35:15.0161 5044 uliagpkx - ok

15:35:15.0171 5044 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

15:35:15.0177 5044 umbus - ok

15:35:15.0183 5044 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

15:35:15.0189 5044 UmPass - ok

15:35:15.0202 5044 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll

15:35:15.0211 5044 UmRdpService - ok

15:35:15.0225 5044 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

15:35:15.0251 5044 upnphost - ok

15:35:15.0288 5044 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys

15:35:15.0296 5044 usbaudio - ok

15:35:15.0305 5044 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys

15:35:15.0312 5044 usbccgp - ok

15:35:15.0323 5044 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

15:35:15.0332 5044 usbcir - ok

15:35:15.0350 5044 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys

15:35:15.0356 5044 usbehci - ok

15:35:15.0380 5044 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys

15:35:15.0389 5044 usbhub - ok

15:35:15.0401 5044 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys

15:35:15.0407 5044 usbohci - ok

15:35:15.0419 5044 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

15:35:15.0426 5044 usbprint - ok

15:35:15.0457 5044 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

15:35:15.0465 5044 usbscan - ok

15:35:15.0474 5044 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:35:15.0480 5044 USBSTOR - ok

15:35:15.0483 5044 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys

15:35:15.0489 5044 usbuhci - ok

15:35:15.0515 5044 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys

15:35:15.0524 5044 usbvideo - ok

15:35:15.0537 5044 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

15:35:15.0559 5044 UxSms - ok

15:35:15.0607 5044 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe

15:35:15.0614 5044 VaultSvc - ok

15:35:15.0622 5044 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

15:35:15.0627 5044 vdrvroot - ok

15:35:15.0654 5044 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe

15:35:15.0671 5044 vds - ok

15:35:15.0682 5044 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

15:35:15.0690 5044 vga - ok

15:35:15.0695 5044 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

15:35:15.0717 5044 VgaSave - ok

15:35:15.0730 5044 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

15:35:15.0738 5044 vhdmp - ok

15:35:15.0743 5044 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

15:35:15.0748 5044 viaide - ok

15:35:15.0761 5044 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys

15:35:15.0769 5044 vmbus - ok

15:35:15.0777 5044 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys

15:35:15.0783 5044 VMBusHID - ok

15:35:15.0790 5044 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

15:35:15.0795 5044 volmgr - ok

15:35:15.0815 5044 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

15:35:15.0825 5044 volmgrx - ok

15:35:15.0844 5044 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

15:35:15.0851 5044 volsnap - ok

15:35:15.0865 5044 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

15:35:15.0872 5044 vsmraid - ok

15:35:15.0941 5044 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe

15:35:15.0968 5044 VSS - ok

15:35:16.0083 5044 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

15:35:16.0091 5044 vwifibus - ok

15:35:16.0111 5044 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

15:35:16.0138 5044 W32Time - ok

15:35:16.0149 5044 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

15:35:16.0155 5044 WacomPen - ok

15:35:16.0167 5044 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

15:35:16.0190 5044 WANARP - ok

15:35:16.0192 5044 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

15:35:16.0213 5044 Wanarpv6 - ok

15:35:16.0277 5044 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe

15:35:16.0311 5044 wbengine - ok

15:35:16.0355 5044 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

15:35:16.0367 5044 WbioSrvc - ok

15:35:16.0388 5044 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll

15:35:16.0402 5044 wcncsvc - ok

15:35:16.0408 5044 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

15:35:16.0423 5044 WcsPlugInService - ok

15:35:16.0432 5044 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

15:35:16.0437 5044 Wd - ok

15:35:16.0474 5044 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

15:35:16.0495 5044 Wdf01000 - ok

15:35:16.0509 5044 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

15:35:16.0519 5044 WdiServiceHost - ok

15:35:16.0522 5044 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

15:35:16.0532 5044 WdiSystemHost - ok

15:35:16.0550 5044 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll

15:35:16.0563 5044 WebClient - ok

15:35:16.0579 5044 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

15:35:16.0604 5044 Wecsvc - ok

15:35:16.0614 5044 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

15:35:16.0637 5044 wercplsupport - ok

15:35:16.0646 5044 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

15:35:16.0668 5044 WerSvc - ok

15:35:16.0677 5044 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

15:35:16.0698 5044 WfpLwf - ok

15:35:16.0718 5044 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

15:35:16.0723 5044 WIMMount - ok

15:35:16.0726 5044 WinHttpAutoProxySvc - ok

15:35:16.0791 5044 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

15:35:16.0815 5044 Winmgmt - ok

15:35:16.0913 5044 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll

15:35:16.0988 5044 WinRM - ok

15:35:17.0094 5044 WinUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.sys

15:35:17.0102 5044 WinUSB - ok

15:35:17.0143 5044 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

15:35:17.0171 5044 Wlansvc - ok

15:35:17.0329 5044 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

15:35:17.0371 5044 wlidsvc - ok

15:35:17.0420 5044 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

15:35:17.0426 5044 WmiAcpi - ok

15:35:17.0463 5044 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

15:35:17.0472 5044 wmiApSrv - ok

15:35:17.0520 5044 WMPNetworkSvc - ok

15:35:17.0567 5044 WMZuneComm (45de51db0950a4b8595520ef0bafcff1) c:\Program Files\Zune\WMZuneComm.exe

15:35:17.0576 5044 WMZuneComm - ok

15:35:17.0579 5044 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

15:35:17.0596 5044 WPCSvc - ok

15:35:17.0610 5044 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll

15:35:17.0619 5044 WPDBusEnum - ok

15:35:17.0621 5044 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

15:35:17.0643 5044 ws2ifsl - ok

15:35:17.0645 5044 WSearch - ok

15:35:17.0747 5044 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll

15:35:17.0805 5044 wuauserv - ok

15:35:17.0866 5044 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

15:35:17.0890 5044 WudfPf - ok

15:35:17.0904 5044 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

15:35:17.0927 5044 WUDFRd - ok

15:35:17.0938 5044 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll

15:35:17.0961 5044 wudfsvc - ok

15:35:17.0979 5044 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

15:35:17.0991 5044 WwanSvc - ok

15:35:18.0081 5044 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

15:35:18.0102 5044 YahooAUService - ok

15:35:18.0146 5044 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys

15:35:18.0157 5044 yukonw7 - ok

15:35:18.0183 5044 zntport (518b04e0ebeab273135b4408b8ed97e6) C:\Windows\System32\drivers\zntport.sys

15:35:18.0188 5044 zntport - ok

15:35:18.0546 5044 ZuneNetworkSvc (b79c2ce5340a5eca38ca1f74aa445d2b) c:\Program Files\Zune\ZuneNss.exe

15:35:18.0698 5044 ZuneNetworkSvc - ok

15:35:18.0810 5044 ZuneWlanCfgSvc (e2859aea054422fe40517179ae867c2d) c:\Windows\system32\ZuneWlanCfgSvc.exe

15:35:18.0819 5044 ZuneWlanCfgSvc - ok

15:35:18.0851 5044 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

15:35:19.0013 5044 \Device\Harddisk0\DR0 - ok

15:35:19.0020 5044 MBR (0x1B8) (8ff255184f078c9c04e6a2ce66117c5c) \Device\Harddisk3\DR3

15:35:19.0163 5044 \Device\Harddisk3\DR3 - ok

15:35:19.0165 5044 Boot (0x1200) (df95e5de16c96b5e1b88fb0a95af43f8) \Device\Harddisk0\DR0\Partition0

15:35:19.0166 5044 \Device\Harddisk0\DR0\Partition0 - ok

15:35:19.0183 5044 Boot (0x1200) (bdf0ccfb93bf6c62250ee1a0bef32d50) \Device\Harddisk0\DR0\Partition1

15:35:19.0184 5044 \Device\Harddisk0\DR0\Partition1 - ok

15:35:19.0187 5044 Boot (0x1200) (e0a169b83be2ad6ab453a54b87aab61d) \Device\Harddisk3\DR3\Partition0

15:35:19.0189 5044 \Device\Harddisk3\DR3\Partition0 - ok

15:35:19.0189 5044 ============================================================

15:35:19.0189 5044 Scan finished

15:35:19.0189 5044 ============================================================

15:35:19.0194 4932 Detected object count: 4

15:35:19.0194 4932 Actual detected object count: 4

15:35:32.0918 4932 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user

15:35:32.0918 4932 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:35:32.0919 4932 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user

15:35:32.0919 4932 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:35:32.0920 4932 sptd ( LockedFile.Multi.Generic ) - skipped by user

15:35:32.0920 4932 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

15:35:32.0921 4932 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - skipped by user

15:35:32.0921 4932 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - User select action: Skip

This log file is located at C:\rkill.log.

Please post this only if requested to by the person helping you.

Otherwise you can close this log when you wish.

Rkill was run on 06/10/2012 at 20:33:24.

Operating System: Windows 7 Ultimate

Processes terminated by Rkill or while it was running:

Rkill completed on 06/10/2012 at 20:33:29.

Link to post
Share on other sites

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-06-17 16:08:57

-----------------------------

16:08:57.585 OS Version: Windows x64 6.1.7600

16:08:57.585 Number of processors: 4 586 0x403

16:08:57.586 ComputerName: NAPDIZZLE-PC UserName: napdizzle

16:09:02.107 Initialize success

16:09:14.077 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

16:09:14.079 Disk 0 Vendor: WDC_WD7501AALS-00E8B0 05.00K05 Size: 715404MB BusType: 3

16:09:14.086 Disk 0 MBR read successfully

16:09:14.088 Disk 0 MBR scan

16:09:14.089 Disk 0 Windows 7 default MBR code

16:09:14.096 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048

16:09:14.102 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 715302 MB offset 206848

16:09:14.105 Disk 0 scanning C:\Windows\system32\drivers

16:09:17.935 Service scanning

16:09:25.568 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32

16:09:29.249 Modules scanning

16:09:29.253 Disk 0 trace - called modules:

16:09:29.261 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80047042c0]<<spry.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys

16:09:29.264 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004b00060]

16:09:29.590 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa800484d520]

16:09:29.593 5 ACPI.sys[fffff88000c0b781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800484f060]

16:09:29.596 \Driver\atapi[0xfffffa8004836360] -> IRP_MJ_CREATE -> 0xfffffa80047042c0

16:09:29.599 Scan finished successfully

16:09:42.055 Disk 0 MBR has been saved successfully to "C:\Users\napdizzle\Desktop\MBR.dat"

16:09:42.058 The log file has been saved successfully to "C:\Users\napdizzle\Desktop\aswMBR.txt"

Link to post
Share on other sites

Hello twistid and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Please uninstall µTorrent, because of our rules:

http://forums.malwarebytes.org/index.php?showtopic=9573

Step 2

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

Link to post
Share on other sites

I happend to run ESET I found in another thread...

C:\Program Files (x86)\FoxTabFLVPlayer\FLVPlayer.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined

C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\ubiorbitapi_r2.dll a variant of Win32/Packed.VMProtect.AAA trojan cleaned by deleting - quarantined

C:\Qoobox\Quarantine\C\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\n.vir Win64/Sirefef.W trojan cleaned by deleting (after the next restart) - quarantined

C:\Qoobox\Quarantine\C\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\00000008.@.vir Win64/Agent.BA trojan cleaned by deleting - quarantined

C:\Qoobox\Quarantine\C\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000000.@.vir Win64/Sirefef.AE trojan cleaned by deleting - quarantined

C:\Qoobox\Quarantine\C\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000032.@.vir probably a variant of Win32/Sirefef.EU trojan cleaned by deleting - quarantined

C:\Qoobox\Quarantine\C\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000064.@.vir Win64/Sirefef.AE trojan cleaned by deleting - quarantined

C:\Users\napdizzle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIU8YK9B\8[1].exe Win32/Simda.B trojan cleaned by deleting - quarantined

C:\Users\napdizzle\AppData\Local\Mozilla\Firefox\Profiles\8dpkf5f0.default\Cache\5\31\CEE37d01 HTML/ScrInject.B.Gen virus deleted - quarantined

C:\Users\napdizzle\AppData\Local\Mozilla\Firefox\Profiles\8dpkf5f0.default\Cache\8\68\F56D7d01 HTML/Iframe.B.Gen virus deleted - quarantined

C:\Users\napdizzle\AppData\Local\Temp\B55A.tmp Win32/Simda.B trojan cleaned by deleting - quarantined

C:\Users\napdizzle\AppData\Local\Temp\Main.class a variant of Java/Exploit.CVE-2011-3544.BK trojan cleaned by deleting - quarantined

C:\Users\napdizzle\AppData\Local\Temp\NOD7338.tmp Win64/Sirefef.W trojan cleaned by deleting (after the next restart) - quarantined

C:\Users\napdizzle\AppData\Local\Temp\is1438683437\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined

C:\Users\napdizzle\AppData\Local\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\n Win64/Sirefef.W trojan cleaned by deleting (after the next restart) - quarantined

C:\Users\napdizzle\AppData\Local\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined

C:\Users\napdizzle\AppData\Local\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000032.@ probably a variant of Win32/Sirefef.EU trojan cleaned by deleting - quarantined

C:\Users\napdizzle\AppData\Local\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000064.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined

C:\Users\napdizzle\Downloads\driverperformer_849.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined

C:\Users\napdizzle\Downloads\HSS-1.37-install-anchorfree-76-conduit.exe a variant of Win32/HotSpotShield application cleaned by deleting - quarantined

C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined

C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined

C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000032.@ probably a variant of Win32/Sirefef.EU trojan cleaned by deleting - quarantined

C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000064.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined

Operating memory a variant of Win32/Sirefef.EZ trojan

I'll start on OTL

Link to post
Share on other sites

OTL logfile created on: 6/17/2012 5:28:44 PM - Run 1

OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\napdizzle\Desktop

64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.23 Gb Available Physical Memory | 30.76% Memory free

8.00 Gb Paging File | 5.12 Gb Available in Paging File | 63.98% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 698.54 Gb Total Space | 109.41 Gb Free Space | 15.66% Space Free | Partition Type: NTFS

Drive D: | 83.16 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Drive F: | 465.65 Gb Total Space | 3.47 Gb Free Space | 0.75% Space Free | Partition Type: FAT32

Computer Name: NAPDIZZLE-PC | User Name: napdizzle | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/17 17:27:53 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\napdizzle\Desktop\OTL.exe

PRC - [2012/04/10 18:59:14 | 000,542,552 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe

PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2012/04/02 13:46:58 | 000,329,544 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe

PRC - [2011/11/15 13:26:48 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe

PRC - [2011/09/29 21:59:22 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2010/07/28 03:34:02 | 000,569,752 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe

PRC - [2010/07/28 03:33:58 | 006,995,864 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe

PRC - [2010/07/28 03:33:58 | 001,485,208 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe

PRC - [2010/04/01 04:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

PRC - [2010/02/17 05:30:48 | 005,244,216 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

PRC - [2009/07/13 20:14:28 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PING.EXE

PRC - [2009/02/22 21:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

========== Modules (No Company Name) ==========

MOD - [2010/07/28 03:34:04 | 000,022,424 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll

MOD - [2010/07/28 03:02:58 | 000,658,432 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll

MOD - [2010/06/23 04:12:28 | 007,187,456 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll

MOD - [2010/06/23 04:11:52 | 000,325,632 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll

MOD - [2010/06/23 04:11:48 | 001,954,304 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll

MOD - [2010/06/23 04:11:48 | 000,847,360 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll

MOD - [2010/06/23 03:38:18 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll

MOD - [2010/02/17 05:30:46 | 000,929,792 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll

MOD - [2009/07/13 20:15:51 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/02/14 22:16:40 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)

SRV:64bit: - [2012/02/14 22:13:00 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2010/11/11 00:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)

SRV:64bit: - [2010/09/23 23:17:16 | 000,467,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)

SRV:64bit: - [2010/09/23 23:17:16 | 000,306,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)

SRV:64bit: - [2010/09/23 23:17:10 | 008,251,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)

SRV:64bit: - [2010/05/20 01:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)

SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2012/06/17 12:48:04 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/04/10 19:06:10 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)

SRV - [2012/04/10 18:59:14 | 000,542,552 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)

SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012/04/02 13:46:58 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)

SRV - [2011/11/15 13:26:48 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)

SRV - [2011/09/29 21:59:22 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2011/07/01 16:55:08 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2011/06/26 01:45:56 | 000,256,000 | ---- | M] () [Auto | Stopped] -- C:\32788R22FWJFW\pev.3XE -- (PEVSystemStart)

SRV - [2011/01/31 18:55:19 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2010/07/28 03:34:02 | 000,569,752 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)

SRV - [2010/07/25 01:26:02 | 000,884,736 | ---- | M] () [Auto | Stopped] -- C:\Users\napdizzle\AppData\Local\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)

SRV - [2009/10/20 13:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)

SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/02/22 21:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012/02/14 22:48:32 | 010,856,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2012/02/14 21:13:12 | 000,327,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2012/01/03 22:22:54 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)

DRV:64bit: - [2012/01/03 22:22:54 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)

DRV:64bit: - [2011/12/05 14:47:30 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2010/10/24 07:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)

DRV:64bit: - [2010/05/20 01:26:28 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)

DRV:64bit: - [2010/04/03 10:40:33 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2010/03/30 09:35:04 | 000,020,968 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz133_x64.sys -- (cpuz133)

DRV:64bit: - [2010/02/17 19:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)

DRV:64bit: - [2010/01/28 09:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2010/01/08 18:42:40 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)

DRV:64bit: - [2009/10/20 13:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)

DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/13 20:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/13 19:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)

DRV:64bit: - [2009/06/10 15:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/06/04 05:49:58 | 001,561,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)

DRV:64bit: - [2009/06/04 05:49:42 | 000,118,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)

DRV:64bit: - [2009/06/04 05:49:34 | 000,213,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)

DRV:64bit: - [2009/06/04 05:49:26 | 000,015,896 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)

DRV:64bit: - [2009/06/04 05:49:18 | 000,179,224 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)

DRV:64bit: - [2009/06/04 05:49:08 | 000,684,312 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)

DRV:64bit: - [2009/06/04 05:49:00 | 000,580,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)

DRV:64bit: - [2009/06/04 05:48:50 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)

DRV:64bit: - [2009/06/04 05:48:50 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)

DRV:64bit: - [2009/06/04 05:48:38 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)

DRV:64bit: - [2009/06/04 05:48:38 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)

DRV:64bit: - [2009/06/04 05:48:30 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)

DRV:64bit: - [2009/06/04 05:48:30 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)

DRV:64bit: - [2008/01/19 09:36:12 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\irsir.sys -- (irsir)

DRV:64bit: - [2007/12/22 18:41:38 | 000,012,344 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\zntport.sys -- (zntport)

DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2007/12/22 18:41:38 | 000,012,344 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\ZNTPORT.SYS -- (zntport)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us

IE - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2F 47 6D 55 6D C7 CC 01 [binary data]

IE - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://findgala.com/?&uid=3127&q={searchTerms}

IE - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/|www.gmail.com"

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@fileplanet.com/fpdlm: C:\Program Files (x86)\Download Manager\npfpdlm.dll (IGN Entertainment)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\napdizzle\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\napdizzle\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\napdizzle\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/17 12:48:04 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/11 19:34:34 | 000,000,000 | ---D | M]

[2010/03/08 19:55:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\napdizzle\AppData\Roaming\Mozilla\Extensions

[2012/05/22 18:48:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\napdizzle\AppData\Roaming\Mozilla\Firefox\Profiles\8dpkf5f0.default\extensions

[2012/05/22 18:48:42 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\napdizzle\AppData\Roaming\Mozilla\Firefox\Profiles\8dpkf5f0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2012/05/21 23:49:20 | 000,001,210 | ---- | M] () -- C:\Users\napdizzle\AppData\Roaming\Mozilla\Firefox\Profiles\8dpkf5f0.default\searchplugins\search.xml

[2012/01/01 02:40:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2011/12/30 00:32:38 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2011/08/26 15:10:10 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com

[2012/06/17 12:48:04 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012/06/17 12:48:03 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012/06/17 12:48:03 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\napdizzle\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\napdizzle\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\napdizzle\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL

CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll

CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll

CHR - plugin: IGN Download Manager Plug-in (Enabled) = C:\Program Files (x86)\Download Manager\npfpdlm.dll

CHR - plugin: Google Update (Enabled) = C:\Users\napdizzle\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll

CHR - plugin: Facebook Plugin (Enabled) = C:\Users\napdizzle\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\hssie\HssIE_64.dll (AnchorFree Inc.)

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)

O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\hssie\HssIE.dll (AnchorFree Inc.)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)

O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)

O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [instaLAN] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)

O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000..\Run: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe (IGN Entertainment)

O4 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)

O4 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)

O4 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000..\Run: [steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

O4 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-4061514787-1851555340-1822992461-1000\..Trusted Domains: sony.com ([]* in Trusted sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.4.1)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.4.1)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{249BD807-FFCF-443B-90E5-952C3A29DE0F}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67986829-03FE-4B19-B19C-30F44ABEFE5B}: DhcpNameServer = 10.36.16.1

O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/03/11 11:09:30 | 000,000,037 | R--- | M] () - D:\autorun.inf -- [ UDF ]

O32 - AutoRun File - [2007/10/13 04:00:32 | 000,000,000 | ---D | M] - F:\autorun -- [ FAT32 ]

O32 - AutoRun File - [2007/05/18 10:37:12 | 000,000,069 | RH-- | M] () - F:\autorun.inf -- [ FAT32 ]

O33 - MountPoints2\{3a8a2dca-2b06-11df-8dd8-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{3a8a2dca-2b06-11df-8dd8-806e6f6e6963}\Shell\AutoRun\command - "" = D:\PhotoApp.exe -- [2010/03/11 11:09:30 | 004,965,304 | R--- | M] ()

O33 - MountPoints2\{3a8a2deb-2b06-11df-8dd8-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe

O33 - MountPoints2\{3a8a2deb-2b06-11df-8dd8-806e6f6e6963}\Shell\phone\command - "" = F:\autorun.exe

O33 - MountPoints2\{7cc6650c-3f37-11df-bee5-000129a79902}\Shell - "" = AutoRun

O33 - MountPoints2\{7cc6650c-3f37-11df-bee5-000129a79902}\Shell\AutoRun\command - "" = G:\INSTALL.EXE

O33 - MountPoints2\{de43be15-2ca4-11e1-806b-000129a79902}\Shell - "" = AutoRun

O33 - MountPoints2\{de43be15-2ca4-11e1-806b-000129a79902}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a

O33 - MountPoints2\{f9d0803b-336b-11e1-9006-000129a79902}\Shell - "" = AutoRun

O33 - MountPoints2\{f9d0803b-336b-11e1-9006-000129a79902}\Shell\AutoRun\command - "" = K:\setup.exe -a

O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe

O33 - MountPoints2\F\Shell\phone\command - "" = F:\autorun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/17 17:27:51 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\napdizzle\Desktop\OTL.exe

[2012/06/17 16:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2012/06/17 15:44:36 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{CE85CE9E-B705-41A9-A4EE-3BA45ADB3D9A}

[2012/06/16 01:37:17 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{00121ED0-6BA3-4EB4-8901-ED00E2FE8D61}

[2012/06/12 21:10:10 | 000,000,000 | ---D | C] -- C:\update

[2012/06/12 21:10:10 | 000,000,000 | ---D | C] -- C:\hsswd

[2012/06/12 21:10:10 | 000,000,000 | ---D | C] -- C:\hssff

[2012/06/12 21:10:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Hotspot Shield

[2012/06/11 21:03:59 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\Skyrim

[2012/06/11 20:26:51 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{417C1B19-9E0F-4373-85A1-530EF725C547}

[2012/06/11 20:06:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911

[2012/06/11 20:06:19 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll

[2012/06/11 20:06:19 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll

[2012/06/11 20:06:19 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll

[2012/06/11 20:06:19 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll

[2012/06/11 20:06:18 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll

[2012/06/11 20:06:18 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll

[2012/06/11 20:06:18 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll

[2012/06/11 20:06:18 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll

[2012/06/11 20:01:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Elder Scrolls V Skyrim

[2012/06/11 19:43:43 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2012/06/11 19:36:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2012/06/11 19:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle

[2012/06/11 19:34:34 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll

[2012/06/11 08:26:26 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{06E32F9D-600F-46A4-A06C-13207BEB2174}

[2012/06/11 08:26:15 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{64AF2943-7B43-4284-A562-3D3E352A2DF3}

[2012/06/10 20:34:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2012/06/10 20:34:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2012/06/10 20:34:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2012/06/10 20:34:26 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2012/06/10 20:34:25 | 000,000,000 | --SD | C] -- C:\ComboFix

[2012/06/10 20:34:15 | 000,000,000 | ---D | C] -- C:\Qoobox

[2012/06/10 20:34:03 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW

[2012/06/10 20:25:49 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{89CF3D2F-66E1-4867-8E2D-CD5698DD685C}

[2012/06/10 20:25:34 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{F355C043-FEBE-439F-91E5-C4B0D130E74F}

[2012/06/10 20:24:37 | 000,000,000 | ---D | C] -- C:\Windows\en

[2012/06/10 20:15:52 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{220F9A20-E422-49BA-885B-DF5509174EE4}

[2012/06/10 20:15:39 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{9BFAD569-CCF0-4D7A-8BCB-E0C4F119BDDE}

[2012/06/10 19:32:35 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2012/06/10 18:36:31 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%

[2012/06/10 16:33:14 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\Desktop\skyrim

[2012/05/30 15:53:02 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{ACECDD50-E09F-46BB-A07B-2D9A43BD8579}

[2012/05/30 15:52:34 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{E0918699-3109-45AA-B4B9-8FD1DE156650}

[2012/05/29 09:22:17 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\Desktop\investment

[2012/05/23 09:13:39 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{EAC9A3A3-B853-48B6-B69D-D48B58F97D9E}

[2012/05/23 09:13:25 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{7F0A22DD-F753-4759-88F2-68F5E1F805A1}

[2012/05/21 23:34:14 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{4C1A56FE-673C-4191-89C1-00F7A71804CD}

[2012/05/21 23:33:52 | 000,000,000 | ---D | C] -- C:\Users\napdizzle\AppData\Local\{FEA777D8-6B8F-4C32-B2AB-15AA29387CC6}

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/17 17:27:53 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\napdizzle\Desktop\OTL.exe

[2012/06/17 16:42:08 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4061514787-1851555340-1822992461-1000UA.job

[2012/06/17 16:09:42 | 000,000,512 | ---- | M] () -- C:\Users\napdizzle\Desktop\MBR.dat

[2012/06/17 15:48:34 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/06/17 15:48:34 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/06/17 15:48:00 | 000,717,324 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012/06/17 15:48:00 | 000,617,222 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012/06/17 15:48:00 | 000,104,496 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012/06/17 15:43:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/06/17 15:43:09 | 3220,824,064 | -HS- | M] () -- C:\hiberfil.sys

[2012/06/17 15:40:19 | 000,061,160 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx

[2012/06/17 15:40:19 | 000,061,160 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx

[2012/06/17 15:40:19 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx

[2012/06/16 23:42:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4061514787-1851555340-1822992461-1000Core.job

[2012/06/16 01:32:31 | 002,329,218 | ---- | M] () -- C:\Users\napdizzle\Desktop\boat.xps

[2012/06/11 19:34:25 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2012/06/11 19:34:25 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2012/06/10 19:32:35 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2012/06/10 19:32:35 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2012/06/05 22:32:36 | 193,474,269 | ---- | M] () -- C:\Users\napdizzle\Desktop\01-nicolas_jaar_-_essential_mix-sat-05-19-2012-talion.mp3

[2012/06/05 22:32:14 | 000,011,760 | -HS- | M] () -- C:\Users\napdizzle\Desktop\Folder.jpg

[2012/06/05 22:32:14 | 000,011,760 | -HS- | M] () -- C:\Users\napdizzle\Desktop\AlbumArt_{D8F020C2-866C-4DCE-B014-A4742941E853}_Large.jpg

[2012/06/05 22:32:14 | 000,002,401 | -HS- | M] () -- C:\Users\napdizzle\Desktop\AlbumArtSmall.jpg

[2012/06/05 22:32:14 | 000,002,401 | -HS- | M] () -- C:\Users\napdizzle\Desktop\AlbumArt_{D8F020C2-866C-4DCE-B014-A4742941E853}_Small.jpg

[2012/05/28 09:52:03 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk

[2012/05/22 23:43:50 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/05/21 23:49:20 | 000,001,731 | ---- | M] () -- C:\Users\napdizzle\Desktop\Computer.lnk

[2012/05/21 23:49:20 | 000,000,288 | ---- | M] () -- C:\Users\napdizzle\AppData\Roaming\9F513D51.reg

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/17 16:56:43 | 000,232,960 | ---- | C] () -- C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\00000008.@

[2012/06/17 16:56:41 | 000,093,696 | ---- | C] () -- C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000032.@

[2012/06/17 16:56:40 | 000,076,800 | ---- | C] () -- C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000064.@

[2012/06/17 16:56:40 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\80000000.@

[2012/06/17 16:09:42 | 000,000,512 | ---- | C] () -- C:\Users\napdizzle\Desktop\MBR.dat

[2012/06/17 16:09:27 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\00000004.@

[2012/06/17 16:09:27 | 000,001,584 | ---- | C] () -- C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\000000cb.@

[2012/06/17 16:09:27 | 000,000,773 | ---- | C] () -- C:\Windows\Installer\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\L\00000004.@

[2012/06/16 01:32:30 | 002,329,218 | ---- | C] () -- C:\Users\napdizzle\Desktop\boat.xps

[2012/06/10 20:35:16 | 000,001,584 | ---- | C] () -- C:\Users\napdizzle\AppData\Local\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\000000cb.@

[2012/06/10 20:35:16 | 000,001,536 | ---- | C] () -- C:\Users\napdizzle\AppData\Local\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\U\00000004.@

[2012/06/10 20:35:16 | 000,000,740 | ---- | C] () -- C:\Users\napdizzle\AppData\Local\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\L\00000004.@

[2012/06/10 20:34:31 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2012/06/10 20:34:31 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2012/06/10 20:34:31 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2012/06/10 20:34:31 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2012/06/10 20:34:31 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2012/06/05 22:32:14 | 000,011,760 | -HS- | C] () -- C:\Users\napdizzle\Desktop\AlbumArt_{D8F020C2-866C-4DCE-B014-A4742941E853}_Large.jpg

[2012/06/05 22:32:14 | 000,002,401 | -HS- | C] () -- C:\Users\napdizzle\Desktop\AlbumArt_{D8F020C2-866C-4DCE-B014-A4742941E853}_Small.jpg

[2012/05/22 21:33:01 | 000,090,439 | ---- | C] () -- C:\Users\napdizzle\Desktop\2012-05-22_20-31-52_370.jpg

[2012/05/22 19:00:02 | 193,474,269 | ---- | C] () -- C:\Users\napdizzle\Desktop\01-nicolas_jaar_-_essential_mix-sat-05-19-2012-talion.mp3

[2012/05/21 23:49:20 | 000,001,731 | ---- | C] () -- C:\Users\napdizzle\Desktop\Computer.lnk

[2012/05/21 23:49:20 | 000,000,288 | ---- | C] () -- C:\Users\napdizzle\AppData\Roaming\9F513D51.reg

[2012/02/14 22:05:16 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll

[2012/02/14 21:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat

[2012/02/14 21:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

[2012/01/31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

[2011/12/30 22:17:33 | 000,011,946 | -HS- | C] () -- C:\Users\napdizzle\AppData\Local\121ttv68j532vb67d2pmg2e107012j02r3742

[2011/12/30 22:17:33 | 000,011,946 | -HS- | C] () -- C:\ProgramData\121ttv68j532vb67d2pmg2e107012j02r3742

[2011/09/25 05:00:11 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat

[2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2011/02/23 04:37:37 | 000,730,638 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011/01/01 00:55:35 | 000,000,110 | ---- | C] () -- C:\ProgramData\{2602B4DC-7F39-4116-941F-7BFCC60D703F}_WiseFW.ini

[2010/07/08 09:43:57 | 000,007,680 | ---- | C] () -- C:\Users\napdizzle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/07/13 18:22:13 | 000,002,048 | -HS- | C] () -- C:\Users\napdizzle\AppData\Local\{4d28bc9a-4a99-aa15-c3b2-0458967b9fe1}\@

< End of report >

Link to post
Share on other sites

OTL Extras logfile created on: 6/17/2012 5:28:44 PM - Run 1

OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\napdizzle\Desktop

64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.23 Gb Available Physical Memory | 30.76% Memory free

8.00 Gb Paging File | 5.12 Gb Available in Paging File | 63.98% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 698.54 Gb Total Space | 109.41 Gb Free Space | 15.66% Space Free | Partition Type: NTFS

Drive D: | 83.16 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Drive F: | 465.65 Gb Total Space | 3.47 Gb Free Space | 0.75% Space Free | Partition Type: FAT32

Computer Name: NAPDIZZLE-PC | User Name: napdizzle | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [TVersity] -- "C:\Users\napdizzle\AppData\Local\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [TVersity] -- "C:\Users\napdizzle\AppData\Local\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector

"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)

"{0C818871-6337-17AC-CA8C-A3942F15D92A}" = AMD Accelerated Video Transcoding

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

"{2C4E2E4E-A7C9-4CCB-BF03-FE6EBD5D4AB7}" = Windows Mobile Device Updater Component

"{353D1262-B2D2-AD87-EB5E-6B1395AF9FAE}" = AMD Catalyst Install Manager

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{503640E5-B2ED-3173-D109-D4D03153471A}" = AMD Drag and Drop Transcoding

"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime

"{54FFD5AC-7350-52B9-FB8F-1A8A6CF1FB5B}" = AMD Media Foundation Decoders

"{551F4187-F029-4240-DEF9-836B5E43CB29}" = AMD Fuel

"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)

"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)

"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam

"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)

"{7006ED29-58F2-40C3-AE87-039287AD20B6}" = Zune

"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{883B114D-BD3E-498F-9DAD-5E4A8E1C43BA}" = HP Deskjet 1000 J110 series Basic Device Software

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation

"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)

"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)

"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)

"{D6DDB606-CD15-98C7-AA65-6B617EE8CDA5}" = ccc-utility64

"{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}" = AMD Steady Video Plug-In

"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit

"CPUID CPU-Z_is1" = CPUID CPU-Z 1.54

"Microsoft Security Client" = Microsoft Security Essentials

"WinRAR archiver" = WinRAR archiver

"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable

"{030C0401-52A9-BE86-D8A7-52C0DA203275}" = CCC Help Swedish

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration

"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0

"{1146E8F3-4057-4F46-B39C-D18AB4BB1523}_is1" = Deus Ex - Human Revolution version 1.0

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2602B4DC-7F39-4116-941F-7BFCC60D703F}" = PDG Gold for NCOs - 2009

"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 26

"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java 7 Update 4

"{283153BB-CEE6-EE9C-81E8-4350D73354BA}" = CCC Help Turkish

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{39445575-7D3A-52AA-152B-7F9423D1AE69}" = CCC Help German

"{3C9A3282-9DAE-F492-13F4-6D4D664AC15F}" = CCC Help Spanish

"{45C8D17D-B5E0-4e93-8370-4329AB16D2A0}" = Battlefield 3™ Open Beta

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{5236FA8C-4B70-E30E-93EF-F7D3A5E468C7}" = CCC Help Greek

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV

"{586F0E27-0BC5-34DE-AA0B-96D14397910E}" = CCC Help Russian

"{5AF7EA0B-F009-CC00-E446-C2286AF80471}" = CCC Help Czech

"{5FC116F2-4508-A6FC-15FB-C64F05AB0F26}" = CCC Help Chinese Traditional

"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{685ACA56-004C-4F80-2BC0-951BF278C03F}" = CCC Help Chinese Standard

"{6D1AFFC2-AC60-BC3B-2DC9-0D80A1E9CB16}" = CCC Help Thai

"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762

"{79CFDE3C-4602-85B2-ACF6-83D897B8B33A}" = CCC Help Korean

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed Hot Pursuit

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II

"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher

"{8972B1C8-B899-0AA0-8596-BFC9AE3311F1}" = CCC Help Finnish

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab

"{92BE4E1B-AEFD-DA72-B805-948290A4BB13}" = CCC Help Hungarian

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{9526B61A-1C35-96D1-531B-C8DB1D36C336}" = CCC Help Danish

"{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}" = Dead Space™ 2

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9A295F81-04C8-FB18-2D1C-A33AA8A442CA}" = CCC Help French

"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A64479BE-7DB6-4B07-87B9-70AD85B7EAD2}" = Medal of Honor™ MP Beta

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5

"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3

"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation

"{B3C8C8EF-77E0-1C0D-1CFA-A39E2E898311}" = CCC Help Italian

"{B5AD9952-F716-9862-7ED7-734E0328CF7C}" = AMD VISION Engine Control Center

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player

"{C0E69600-E8D1-784D-829C-788D91D65051}" = CCC Help Polish

"{C37B1C57-DD9B-D1E0-B933-8EA8D56E2222}" = CCC Help Norwegian

"{CA3A3F20-566B-ABB1-A541-3D93C0D09EE5}" = CCC Help Japanese

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D4C4485B-16EB-31A8-C2DE-D778E8E4628B}" = Catalyst Control Center Localization All

"{D6C95F4B-86BF-4D75-B1A1-72C650CAC79B}" = Ez_Flash

"{DAF650C8-AFE5-3460-E1C4-B9716D2DA5D2}" = Catalyst Control Center InstallProxy

"{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}" = HP Deskjet 1000 J110 series Help

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E0C6F271-FE15-B2D5-FF42-BCA40700DC51}" = CCC Help English

"{E1D0A4DC-97BD-CE37-3E89-87D3337E55CA}" = CCC Help Dutch

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E6FA341F-8840-6B18-5BCE-C7CCEBDFE516}" = Catalyst Control Center Graphics Previews Common

"{ED15763E-A6ED-56D2-B0B5-C7D22D4CE248}" = CCC Help Portuguese

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"ArcaniA" = ArcaniA - Gothic 4

"AudioCS" = Creative Audio Control Panel

"Battlelog Web Plugins" = Battlelog Web Plugins

"Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor

"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops

"Cities XL 2011" = Cities XL 2011

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"Creative Software AutoUpdate" = Creative Software AutoUpdate

"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition

"DDA23392-9C73-4909-A221-BC12C6D2664D" = GmoteServer

"DFX for Windows Media Player" = DFX for Windows Media Player

"Download Manager" = Download Manager 2.3.10

"DriverCleanerDotNET" = Driver Cleaner.NET

"ENTERPRISE" = Microsoft Office Enterprise 2007

"ESET Online Scanner" = ESET Online Scanner v3

"ESN Sonar-0.70.0" = ESN Sonar

"Fallout New Vegas_is1" = Fallout New Vegas

"HotspotShield" = Hotspot Shield 2.53

"Mafia II_is1" = Mafia II

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400

"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"OpenAL" = OpenAL

"Origin" = Origin

"PFPortChecker" = PFPortChecker 1.0.32

"Postal 2_is1" = Portal 2

"PunkBusterSvc" = PunkBuster Services

"Steam App 240" = Counter-Strike: Source

"Steam App 24960" = Battlefield: Bad Company 2

"Steam App 400" = Portal

"Steam App 41300" = Altitude

"Steam App 440" = Team Fortress 2

"Steam App 630" = Alien Swarm

"TVersity Codec Pack" = TVersity Codec Pack 1.4

"TVersity Media Server" = TVersity Media Server 1.9.2

"uTorrent" = µTorrent

"VLC media player" = VLC media player 1.1.4

"WinLiveSuite" = Windows Live Essentials

"WinPcapInst" = WinPcap 4.1.1

"Wireshark" = Wireshark 1.2.6

"Yahoo! Companion" = Yahoo! Toolbar

"Yahoo! Messenger" = Yahoo! Messenger

"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4061514787-1851555340-1822992461-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Facebook Plug-In" = Facebook Plug-In

"FoxTab FLV Player" = FoxTab FLV Player

"Google Chrome" = Google Chrome

"SOE-DC Universe Online Beta" = DC Universe Online Beta

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 6/17/2012 4:34:20 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/17/2012 4:39:31 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/17/2012 4:54:22 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/17/2012 5:04:25 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/17/2012 5:06:33 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/17/2012 5:07:21 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/17/2012 5:08:00 PM | Computer Name = napdizzle-PC | Source = SideBySide | ID = 16842832

Description = Activation context generation failed for "C:\Users\napdizzle\Downloads\esetsmartinstaller_enu.exe".Error

in manifest or policy file "" on line . A component version required by the application

conflicts with another component version already active. Conflicting components

are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Component

2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error - 6/17/2012 5:15:28 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/17/2012 5:19:26 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/17/2012 5:20:03 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/17/2012 5:22:17 PM | Computer Name = napdizzle-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

[ System Events ]

Error - 6/16/2012 2:35:19 AM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7000

Description = The NTPort Library Driver service failed to start due to the following

error: %%1275

Error - 6/17/2012 4:40:10 PM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7034

Description = The TVersityMediaServer service terminated unexpectedly. It has done

this 1 time(s).

Error - 6/17/2012 4:43:33 PM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7000

Description = The AODDriver4.1 service failed to start due to the following error:

%%2

Error - 6/17/2012 4:43:33 PM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7003

Description = The IKE and AuthIP IPsec Keying Modules service depends the following

service: BFE. This service might not be installed.

Error - 6/17/2012 4:43:33 PM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7003

Description = The IPsec Policy Agent service depends the following service: BFE.

This service might not be installed.

Error - 6/17/2012 4:43:34 PM | Computer Name = napdizzle-PC | Source = Application Popup | ID = 1060

Description = \SystemRoot\System32\drivers\zntport.sys has been blocked from loading

due to incompatibility with this system. Please contact your software vendor for

a compatible version of the driver.

Error - 6/17/2012 4:43:34 PM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7000

Description = The NTPort Library Driver service failed to start due to the following

error: %%1275

Error - 6/17/2012 4:43:36 PM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7000

Description = The AODDriver4.1 service failed to start due to the following error:

%%2

Error - 6/17/2012 4:43:36 PM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7023

Description = The Computer Browser service terminated with the following error:

%%1060

Error - 6/17/2012 4:48:23 PM | Computer Name = napdizzle-PC | Source = Service Control Manager | ID = 7034

Description = The TVersityMediaServer service terminated unexpectedly. It has done

this 1 time(s).

< End of report >

Link to post
Share on other sites

BACKDOOR WARNING

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

Did you take a look at my first step for uTorrent? Do you have a USB Flash drive?

Link to post
Share on other sites

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:


    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt

[*]Select Command Prompt

[*]In the command window type in notepad and press Enter.

[*]The notepad opens. Under File menu select Open.

[*]Select "Computer" and find your flash drive letter and close the notepad.

[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

Note: Replace letter e with the drive letter of your flash drive.

[*]The tool will start to run.

[*]When the tool opens click Yes to disclaimer.

[*]Press Scan button.

[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.