Jump to content

winrscmde infection, help please


obione
 Share

Recommended Posts

  • Staff

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.

    [*]Please do not attach logs or use code boxes, just copy and paste the text.

    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.

    [*]Please read every post completely before doing anything.

    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.

    [*]Please provide feedback about your experience as we go.

    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

I need to get some reports to get a base to start from so I need you to run these programs first.

-DeFogger-

  • Please download
DeFogger to your desktop.
Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK

Do not re-enable these drivers until otherwise instructed.

-Security Check-

  • Download Security Check by screen317 from
here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-Download DDS-

  • Please download DDS from one of the links below and save it to your desktop:
    dds_scr.gif
    Download DDS and save it to your desktop
Link1
Link2
Link3
  • Double-Click on dds.scr and a command window will appear. This is normal.
  • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt

    [*]A window will open instructing you save & post the logs

    [*]Save the logs to a convenient place such as your desktop

    [*]Copy the contents of both logs & post in your next reply

information and logs

  • In your next post I need the following
  1. both reports from DDS
  2. report from security check
  3. let me know of any problems you may have had

Gringo

Link to post
Share on other sites

Issues Im Having = Blue Screen twice, but didnt get info..I know Im usless :P I saw the high usage message with the winrscmde listed. Looked it up and found my way here. I am having a ton of pop ups when surfing, but other than that pc is working. Think Im doing something wrong with ur programs. I followed the instructions and read through them, but...

Defogger =

defogger_disable by jpshortstuff (23.02.10.1)

Log created at 00:01 on 27/11/2012 (Sam)

Checking for autostart values...

HKCU\~\Run values retrieved.

HKLM\~\Run values retrieved.

Checking for services/drivers...

-=E.O.F=-

Security Check =

Results of screen317's Security Check version 0.99.56

Windows 7 Service Pack 1 x64 (UAC is disabled!)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Norton 360 Premier Edition

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

JavaFX 2.1.1

Java 6 Update 29

Java 7 Update 5

Java version out of Date!

Adobe Flash Player 11.4.402.287 Flash Player out of Date!

Adobe Reader 9 Adobe Reader out of Date!

Google Chrome 21.0.1180.83

Google Chrome 21.0.1180.89

Google Chrome 22.0.1229.79

Google Chrome 22.0.1229.92

Google Chrome 22.0.1229.94

Google Chrome 23.0.1271.64

````````Process Check: objlist.exe by Laurent````````

Norton ccSvcHst.exe

Symantec Norton Online Backup NOBuAgent.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 6%

````````````````````End of Log``````````````````````

DDS = comes back with a ton of jibberish and says it cant run in DOS.

Link to post
Share on other sites

  • Staff

Hello

These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-AdwCleaner-

  • Please download
AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
    • Quit all programs that you may have started.
    • Please disconnect any USB or external drives from the computer before you run this scan!
    • For Vista or Windows 7, right-click and select "Run as Administrator to start"
    • For Windows XP, double-click to start.
    • Wait until Prescan has finished ...
    • Then Click on "Scan" button
    • Wait until the Status box shows "Scan Finished"
    • click on "delete"
    • Wait until the Status box shows "Deleting Finished"
    • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    • The log should be found in RKreport[1].txt on your Desktop
    • Exit/Close RogueKiller+

Gringo

Link to post
Share on other sites

# AdwCleaner v2.009 - Logfile created 11/27/2012 at 16:04:33

# Updated 24/11/2012 by Xplode

# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)

# User : Sam - SAM-PC

# Boot Mode : Normal

# Running from : C:\Users\Sam\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\AutocompletePro

Folder Deleted : C:\Program Files (x86)\PageRage

Folder Deleted : C:\Program Files (x86)\Search Toolbar

Folder Deleted : C:\Program Files (x86)\vGrabber

Folder Deleted : C:\Program Files (x86)\Yontoo Layers Runtime

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\ProgramData\BabylonUpdater

Folder Deleted : C:\ProgramData\Tarma Installer

Folder Deleted : C:\Users\Sam\AppData\Local\Babylon

Folder Deleted : C:\Users\Sam\AppData\Local\Conduit

Folder Deleted : C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk

Folder Deleted : C:\Users\Sam\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Sam\AppData\LocalLow\PageRage

Folder Deleted : C:\Users\Sam\AppData\Roaming\Babylon

Folder Deleted : C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vGrabber

Folder Deleted : C:\Users\Sam\Documents\DealRunner

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted : HKCU\Software\AppDataLow\Software\Freecause

Key Deleted : HKCU\Software\AppDataLow\Software\PageRage

Key Deleted : HKCU\Software\AppDataLow\Toolbar

Key Deleted : HKCU\Software\AutocompletePro

Key Deleted : HKCU\Software\IM

Key Deleted : HKCU\Software\ImInstaller

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9565115D-C7D6-46D3-BD63-B67B481A4368}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9565115D-C7D6-46D3-BD63-B67B481A4368}

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\Zugo

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKLM\Software\Babylon

Key Deleted : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO

Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2418376

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\Freeze.com

Key Deleted : HKLM\Software\ImInstaller

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{60A4228B-CFB0-4567-92C7-3350E7FB7802}

Key Deleted : HKLM\Software\PageRage

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{60A4228B-CFB0-4567-92C7-3350E7FB7802}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9565115D-C7D6-46D3-BD63-B67B481A4368}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AD7E04D-F24D-4055-9D9B-0F4CE5D19E8D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1961756-9772-412C-AE0D-12BF9B84938A}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PageRage Toolbar

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Key Deleted : HKLM\SOFTWARE\Tarma Installer

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{9565115D-C7D6-46D3-BD63-B67B481A4368}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{9565115D-C7D6-46D3-BD63-B67B481A4368}]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.64

File : C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.84] : icon_url = "hxxp://www.ask.com/favicon.ico",

Deleted [l.90] : search_url = "hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=15527&prt=360&am[...]

*************************

AdwCleaner[s1].txt - [6473 octets] - [27/11/2012 16:04:33]

########## EOF - C:\AdwCleaner[s1].txt - [6533 octets] ##########

Link to post
Share on other sites

Total of 3 reports =

RogueKiller V8.3.1 [Nov 26 2012] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Sam [Admin rights]

Mode : Scan -- Date : 11/27/2012 16:15:45

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD1002FAEX-007BA0 ATA Device +++++

--- User ---

[MBR] c2ae85e87ab201bd9e41cb9c40bce021

[bSP] 4209e8b13664d6c39144344c99715123 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_11272012_02d1615.txt >>

RKreport[1]_S_11272012_02d1615.txt

RogueKiller V8.3.1 [Nov 26 2012] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Sam [Admin rights]

Mode : Remove -- Date : 11/27/2012 16:15:54

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)

[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD1002FAEX-007BA0 ATA Device +++++

--- User ---

[MBR] c2ae85e87ab201bd9e41cb9c40bce021

[bSP] 4209e8b13664d6c39144344c99715123 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[2]_D_11272012_02d1615.txt >>

RKreport[1]_S_11272012_02d1615.txt ; RKreport[2]_D_11272012_02d1615.txt

RogueKiller V8.3.1 [Nov 26 2012] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Sam [Admin rights]

Mode : Remove -- Date : 11/27/2012 16:16:28

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD1002FAEX-007BA0 ATA Device +++++

--- User ---

[MBR] c2ae85e87ab201bd9e41cb9c40bce021

[bSP] 4209e8b13664d6c39144344c99715123 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[3]_D_11272012_02d1616.txt >>

RKreport[1]_S_11272012_02d1615.txt ; RKreport[2]_D_11272012_02d1615.txt ; RKreport[3]_D_11272012_02d1616.txt

Link to post
Share on other sites

  • Staff

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.

Link 1
Link 2
Link 3

1. Close any open browsers or any other programs that are open.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

Link to post
Share on other sites

ComboFix 12-11-27.01 - Sam 11/27/2012 18:25:07.1.4 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.16366.13212 [GMT -6:00]

Running from: c:\users\Sam\Desktop\ComboFix.exe

AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\ntuser.dat

c:\windows\svchost.exe

c:\windows\SysWow64\URTTemp

c:\windows\SysWow64\URTTemp\regtlib.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-10-28 to 2012-11-28 )))))))))))))))))))))))))))))))

.

.

2012-11-27 09:02 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll

2012-11-26 10:35 . 2012-11-26 10:36 -------- d-----w- C:\FRST

2012-11-26 10:11 . 2012-11-26 10:11 -------- d-----w- C:\TDSSKiller_Quarantine

2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\users\Sam\AppData\Roaming\SpeedyPC Software

2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\users\Sam\AppData\Roaming\DriverCure

2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\program files (x86)\Common Files\SpeedyPC Software

2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\programdata\SpeedyPC Software

2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\program files (x86)\SpeedyPC Software

2012-11-26 09:26 . 2012-11-26 09:27 -------- d-----w- C:\sh4ldr

2012-11-26 09:26 . 2012-11-26 09:26 -------- d-----w- c:\program files\Enigma Software Group

2012-11-14 09:07 . 2012-07-26 05:05 2560 ----a-w- c:\windows\system32\drivers\es-ES\wdf01000.sys.mui

2012-11-14 09:07 . 2012-07-26 05:15 2560 ----a-w- c:\windows\system32\drivers\he-IL\wdf01000.sys.mui

2012-11-14 09:07 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2012-11-14 09:07 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2012-11-14 09:07 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui

2012-11-14 09:07 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll

2012-11-14 09:00 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2012-11-14 09:00 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2012-11-14 09:00 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll

2012-11-14 09:00 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll

2012-11-14 09:00 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe

2012-11-14 09:00 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll

2012-11-14 09:00 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2012-11-14 07:07 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll

2012-11-14 07:07 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-11-14 09:01 . 2011-04-14 04:35 66395536 ----a-w- c:\windows\system32\MRT.exe

2012-10-11 03:23 . 2012-10-11 03:23 247144 ----a-w- c:\windows\system32\nvinitx.dll

2012-10-11 03:23 . 2012-10-11 03:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll

2012-10-11 03:23 . 2012-10-11 03:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll

2012-10-11 03:23 . 2012-09-14 12:58 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll

2012-10-11 03:23 . 2012-10-11 03:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll

2012-10-11 03:23 . 2012-10-11 03:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2012-10-11 03:23 . 2012-10-11 03:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll

2012-10-11 03:23 . 2012-10-11 03:23 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll

2012-10-11 03:23 . 2012-10-11 03:23 202600 ----a-w- c:\windows\SysWow64\nvinit.dll

2012-10-11 03:23 . 2012-10-11 03:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll

2012-10-11 03:23 . 2012-08-28 05:55 2731880 ----a-w- c:\windows\system32\nvapi64.dll

2012-10-11 03:23 . 2012-03-14 01:10 973672 ----a-w- c:\windows\system32\nvumdshimx.dll

2012-10-11 03:23 . 2012-08-28 05:56 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-10-11 03:23 . 2012-10-11 03:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll

2012-10-11 03:23 . 2012-10-11 03:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll

2012-10-11 03:23 . 2012-10-11 03:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-10-11 03:23 . 2012-10-11 03:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll

2012-10-11 03:22 . 2012-10-11 03:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll

2012-10-11 03:22 . 2012-08-28 05:56 26331496 ----a-w- c:\windows\system32\nvoglv64.dll

2012-10-11 03:22 . 2011-10-25 02:13 1760104 ----a-w- c:\windows\system32\nvdispco64.dll

2012-10-11 03:22 . 2012-08-28 05:55 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-10-11 03:22 . 2012-10-11 03:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll

2012-10-11 03:22 . 2012-10-11 03:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll

2012-10-11 03:22 . 2012-10-11 03:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-10-11 03:22 . 2012-10-11 03:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2012-10-09 18:54 . 2012-06-23 20:39 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-10-09 18:54 . 2011-05-20 13:49 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-09 01:00 . 2012-10-26 01:29 776864 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\srtsp64.sys

2012-10-04 01:40 . 2012-10-26 01:29 1133216 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\symefa64.sys

2012-10-04 01:40 . 2012-10-26 01:29 493216 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\symds64.sys

2012-10-04 01:19 . 2012-10-26 01:29 168096 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\ccsetx64.sys

2012-10-02 19:51 . 2012-03-14 01:11 3536817 ----a-w- c:\windows\system32\nvcoproc.bin

2012-10-02 19:51 . 2011-01-16 22:13 3293544 ----a-w- c:\windows\system32\nvsvc64.dll

2012-10-02 19:51 . 2011-01-16 22:13 6200680 ----a-w- c:\windows\system32\nvcpl.dll

2012-10-02 19:50 . 2011-07-24 06:31 63336 ----a-w- c:\windows\system32\nvshext.dll

2012-10-02 19:50 . 2011-01-16 22:13 891240 ----a-w- c:\windows\system32\nvvsvc.exe

2012-10-02 19:50 . 2011-01-16 22:13 118120 ----a-w- c:\windows\system32\nvmctray.dll

2012-10-02 19:15 . 2012-10-02 19:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe

2012-09-29 03:30 . 2012-05-26 19:48 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS

2012-09-14 19:19 . 2012-10-09 22:29 2048 ----a-w- c:\windows\system32\tzres.dll

2012-09-14 18:28 . 2012-10-09 22:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-09-07 02:05 . 2012-10-26 01:29 432800 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\symnets.sys

2012-09-07 01:48 . 2012-10-26 01:29 224416 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\ironx64.sys

2012-08-31 18:19 . 2012-10-09 22:30 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys

2012-08-31 17:17 . 2012-08-31 17:17 4278384 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2012-08-31 17:17 . 2012-08-31 17:17 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2012-08-30 18:03 . 2012-10-09 22:30 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-30 17:12 . 2012-10-09 22:30 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-08-30 17:12 . 2012-10-09 22:30 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]

"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\StartSuperCharger.exe" [2011-01-25 303104]

"Live Update 5"="c:\program files (x86)\MSI\Live Update 5\LU5.exe" [2011-02-01 1220608]

"Q-Face agent"="c:\program files (x86)\MSI\MSI Q-Face\webtest.exe" [2008-12-15 20792]

"NortonOnlineBackup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-03-05 1112920]

"STCAgent"="c:\program files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe" [2011-01-21 776064]

"ZyngaGamesAgent"="c:\program files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" [2010-11-15 841544]

"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2006-07-13 122880]

"AudioDrvEmulator"="c:\program files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 49152]

"CTHelper"="CTHELPER.EXE" [2006-05-24 17920]

"CTXFIREG"="CTXFIREG.exe" [2010-05-06 47104]

"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]

"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]

"PDF7 Registry Controller"="c:\program files (x86)\Nuance\PDF Converter 7\RegistryController.exe" [2010-08-18 121120]

"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-06 25600]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-07 421736]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-08-20 724576]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Nostromo Loadout Manager.lnk - c:\windows\Installer\{548C7B77-8B04-427E-ACD0-D0E6E6E59BCF}\NewShortcut2_548C7B778B04427EACD0D0E6E6E59BCF.exe [2011-7-25 45056]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 ALSysIO;ALSysIO;c:\users\Sam\AppData\Local\Temp\ALSysIO64.sys [x]

R3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys [2007-08-14 35328]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-12-12 79360]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-12-12 79360]

R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2010-05-06 202840]

R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2010-05-06 1417304]

R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2010-05-06 94808]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 EraserUtilDrv11220;EraserUtilDrv11220;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys [x]

R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]

R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2011-04-04 21504]

R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2009-01-29 9216]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]

R3 RoxMediaDBGame1X;RoxMediaDBGame1X;c:\program files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe [2011-02-17 1099248]

R3 RTCore64;RTCore64;c:\program files (x86)\RMClock\RTCore64.sys [2005-05-25 7168]

R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2010-04-10 50720]

R3 SaiH8000;SaiH8000;c:\windows\system32\DRIVERS\SaiH8000.sys [2008-04-04 178560]

R3 SaiK0CCB;SaiK0CCB;c:\windows\system32\DRIVERS\SaiK0CCB.sys [2011-09-20 183104]

R3 SaiU0CCB;SaiU0CCB;c:\windows\system32\DRIVERS\SaiU0CCB.sys [2011-09-20 47168]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-02-18 51712]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-14 1255736]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS [2012-10-04 493216]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS [2012-10-04 1133216]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20121106.001\BHDrvx64.sys [2012-10-23 1384608]

S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys [2012-10-04 168096]

S1 hugoio64;hugoio64;c:\program files (x86)\i-Menu\hugoio64.sys [2008-04-30 13856]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20121123.001_1cc\IDSvia64.sys [2012-11-23 513184]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS [2012-09-07 224416]

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1402000.013\SYMNETS.SYS [2012-09-07 432800]

S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-06 169408]

S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]

S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-11-14 8704]

S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-04-26 223088]

S2 N360;Norton 360;c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.0.19\ccSvcHst.exe [2012-10-11 143928]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe service [x]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-08-20 474208]

S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27136]

S2 SCBackService;Splashtop Connect Service;c:\program files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-05-21 13832]

S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-05-21 134928]

S2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480]

S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2010-05-06 202840]

S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2010-05-06 1417304]

S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2010-05-06 94808]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-09-29 138912]

S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-07-14 22408]

S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-07-14 16008]

S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]

S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-10 33592]

S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]

S3 SaiK0CD7;SaiK0CD7;c:\windows\system32\DRIVERS\SaiK0CD7.sys [2011-09-20 183104]

S3 SaiU0CD7;SaiU0CD7;c:\windows\system32\DRIVERS\SaiU0CD7.sys [2011-09-20 47168]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-08-20 18:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Contents of the 'Scheduled Tasks' folder

.

2012-11-27 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 18:54]

.

2012-11-27 c:\windows\Tasks\FinalTorrent Update Checker.job

- c:\program files (x86)\FinalTorrent\FTCheckForUpdates.exe [2011-05-08 21:50]

.

2012-11-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421509916-3391201345-338949333-1000Core.job

- c:\users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-14 05:26]

.

2012-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421509916-3391201345-338949333-1000UA.job

- c:\users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-14 05:26]

.

2012-11-26 c:\windows\Tasks\SpeedyPC Pro.job

- c:\program files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2012-10-04 20:42]

.

2012-11-26 c:\windows\Tasks\SpeedyPC Registration3.job

- c:\windows\system32\rundll32.exe [2009-07-13 01:14]

.

2012-11-26 c:\windows\Tasks\SpeedyPC Update Version3 Startup Task.job

- c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2012-10-04 20:42]

.

2012-11-26 c:\windows\Tasks\SpeedyPC Update Version3.job

- c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2012-10-04 20:42]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-01-17 6602856]

"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]

"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-09-29 110360]

"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-08-14 415752]

"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2009-08-13 2093064]

"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-08-14 4195848]

"ProfilerU"="c:\program files\SmartTechnology\Software\ProfilerU.exe" [2012-01-23 432640]

"SaiMfd"="c:\program files\SmartTechnology\Software\SaiMfd.exe" [2012-01-23 158208]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = https://www.google.com/

uInternet Settings,ProxyOverride = *.local;192.168.*.*

IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: Open with Nuance PDF Converter 7.0 - c:\program files (x86)\Nuance\PDF Converter 7\cnvres_eng.dll /100

IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: DhcpNameServer = 65.32.5.111 65.32.5.112

DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

.

.

------- File Associations -------

.

JSEFile=NOTEPAD.EXE %1

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{f2c43291-151e-499c-98a7-923c120b88fa} - (no file)

BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files (x86)\Yontoo Layers Runtime\YontooIEClient.dll

SafeBoot-35453725.sys

WebBrowser-{F2C43291-151E-499C-98A7-923C120B88FA} - (no file)

HKLM-Run-AsioThk32Reg - %SYSTEMROOT%\SYSWOW64\CTASIO.DLL

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-Search Toolbar - c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe

AddRemove-vGrabber - c:\program files (x86)\vGrabber\uninstall.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]

"ImagePath"="\"c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.0.19\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.0.19\diMaster.dll\" /prefetch:1"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-421509916-3391201345-338949333-1000\Software\SecuROM\License information*]

"datasecu"=hex:07,6e,4a,58,0c,2d,52,60,98,34,12,3c,64,79,85,e0,f1,8a,de,68,c0,

df,1c,a5,01,63,b9,f4,3a,01,87,83,9a,e2,3b,b6,e4,52,c0,c4,27,b9,6b,fb,30,7e,\

"rkeysecu"=hex:a7,30,38,a9,6e,c8,ed,54,4d,c6,5d,08,68,15,d5,aa

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-11-27 18:32:05

ComboFix-quarantined-files.txt 2012-11-28 00:32

.

Pre-Run: 257,637,412,864 bytes free

Post-Run: 257,710,182,400 bytes free

.

- - End Of File - - 2EB580B042EB30FD564EEA288E3EC4B6

I havent restarted but it seems fine, quicker responsiveness in browser and favs. Didnt have any problems, I went thru and disabled Norton but got an error message to make sure it was. Im pretty sure I turned it all off b4 clicking on the final message to make sure it was disabled. Im going to do a restart and let you know.

Link to post
Share on other sites

Restarted and seems that Its fine. Looked for the same pop ups but didnt surf long, but they seem to be gone. The first issues that brought me here seem to be fixed. Ill post later if I have any issues. I know after a few days it will be closed completely, so Ill keep you apprised. I truely appreciate your help thus far sir.

Link to post
Share on other sites

  • Staff

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.

  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo

Link to post
Share on other sites

11:23:16.0537 31880 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

11:23:17.0083 31880 ============================================================

11:23:17.0083 31880 Current date / time: 2012/11/28 11:23:17.0083

11:23:17.0083 31880 SystemInfo:

11:23:17.0083 31880

11:23:17.0083 31880 OS Version: 6.1.7601 ServicePack: 1.0

11:23:17.0083 31880 Product type: Workstation

11:23:17.0083 31880 ComputerName: SAM-PC

11:23:17.0083 31880 UserName: Sam

11:23:17.0083 31880 Windows directory: C:\Windows

11:23:17.0083 31880 System windows directory: C:\Windows

11:23:17.0083 31880 Running under WOW64

11:23:17.0083 31880 Processor architecture: Intel x64

11:23:17.0083 31880 Number of processors: 4

11:23:17.0083 31880 Page size: 0x1000

11:23:17.0083 31880 Boot type: Normal boot

11:23:17.0083 31880 ============================================================

11:23:18.0190 31880 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

11:23:18.0190 31880 ============================================================

11:23:18.0190 31880 \Device\Harddisk0\DR0:

11:23:18.0190 31880 MBR partitions:

11:23:18.0190 31880 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

11:23:18.0190 31880 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800

11:23:18.0190 31880 ============================================================

11:23:18.0237 31880 C: <-> \Device\Harddisk0\DR0\Partition2

11:23:18.0237 31880 ============================================================

11:23:18.0237 31880 Initialize success

11:23:18.0237 31880 ============================================================

11:23:33.0026 32512 ============================================================

11:23:33.0026 32512 Scan started

11:23:33.0026 32512 Mode: Manual;

11:23:33.0026 32512 ============================================================

11:23:34.0165 32512 ================ Scan system memory ========================

11:23:34.0165 32512 System memory - ok

11:23:34.0165 32512 ================ Scan services =============================

11:23:34.0461 32512 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

11:23:34.0492 32512 1394ohci - ok

11:23:34.0508 32512 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

11:23:34.0508 32512 ACPI - ok

11:23:34.0539 32512 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

11:23:34.0539 32512 AcpiPmi - ok

11:23:34.0633 32512 [ C004F38974F4D321B4C20A240E1175C0 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

11:23:34.0648 32512 AdobeActiveFileMonitor9.0 - ok

11:23:34.0726 32512 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

11:23:34.0726 32512 AdobeFlashPlayerUpdateSvc - ok

11:23:34.0758 32512 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

11:23:34.0758 32512 adp94xx - ok

11:23:34.0773 32512 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

11:23:34.0773 32512 adpahci - ok

11:23:34.0789 32512 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

11:23:34.0804 32512 adpu320 - ok

11:23:34.0820 32512 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

11:23:34.0820 32512 AeLookupSvc - ok

11:23:34.0867 32512 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

11:23:34.0898 32512 AFD - ok

11:23:34.0914 32512 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

11:23:34.0914 32512 agp440 - ok

11:23:34.0929 32512 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

11:23:34.0929 32512 ALG - ok

11:23:34.0945 32512 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

11:23:34.0945 32512 aliide - ok

11:23:35.0023 32512 ALSysIO - ok

11:23:35.0038 32512 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

11:23:35.0038 32512 amdide - ok

11:23:35.0054 32512 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

11:23:35.0054 32512 AmdK8 - ok

11:23:35.0070 32512 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

11:23:35.0070 32512 AmdPPM - ok

11:23:35.0101 32512 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

11:23:35.0132 32512 amdsata - ok

11:23:35.0148 32512 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

11:23:35.0148 32512 amdsbs - ok

11:23:35.0163 32512 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

11:23:35.0163 32512 amdxata - ok

11:23:35.0194 32512 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

11:23:35.0194 32512 AppID - ok

11:23:35.0210 32512 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

11:23:35.0210 32512 AppIDSvc - ok

11:23:35.0241 32512 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

11:23:35.0241 32512 Appinfo - ok

11:23:35.0304 32512 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

11:23:35.0304 32512 Apple Mobile Device - ok

11:23:35.0335 32512 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll

11:23:35.0335 32512 AppMgmt - ok

11:23:35.0350 32512 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

11:23:35.0350 32512 arc - ok

11:23:35.0350 32512 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

11:23:35.0366 32512 arcsas - ok

11:23:35.0444 32512 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

11:23:35.0475 32512 aspnet_state - ok

11:23:35.0475 32512 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

11:23:35.0475 32512 AsyncMac - ok

11:23:35.0491 32512 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

11:23:35.0491 32512 atapi - ok

11:23:35.0522 32512 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

11:23:35.0522 32512 AudioEndpointBuilder - ok

11:23:35.0538 32512 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

11:23:35.0538 32512 AudioSrv - ok

11:23:35.0569 32512 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

11:23:35.0569 32512 AxInstSV - ok

11:23:35.0584 32512 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

11:23:35.0600 32512 b06bdrv - ok

11:23:35.0616 32512 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

11:23:35.0631 32512 b57nd60a - ok

11:23:35.0662 32512 [ 5BE512E49C43C8466AB7B4740D1927D7 ] bcgame C:\Windows\system32\drivers\bcgame.sys

11:23:35.0662 32512 bcgame - ok

11:23:35.0678 32512 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

11:23:35.0678 32512 BDESVC - ok

11:23:35.0678 32512 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

11:23:35.0678 32512 Beep - ok

11:23:35.0725 32512 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

11:23:35.0725 32512 BFE - ok

11:23:35.0896 32512 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20121106.001\BHDrvx64.sys

11:23:35.0896 32512 BHDrvx64 - ok

11:23:35.0943 32512 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll

11:23:35.0959 32512 BITS - ok

11:23:35.0959 32512 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

11:23:35.0959 32512 blbdrive - ok

11:23:36.0006 32512 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

11:23:36.0006 32512 Bonjour Service - ok

11:23:36.0037 32512 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

11:23:36.0037 32512 bowser - ok

11:23:36.0052 32512 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

11:23:36.0052 32512 BrFiltLo - ok

11:23:36.0068 32512 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

11:23:36.0068 32512 BrFiltUp - ok

11:23:36.0084 32512 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

11:23:36.0099 32512 BridgeMP - ok

11:23:36.0115 32512 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

11:23:36.0115 32512 Browser - ok

11:23:36.0146 32512 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

11:23:36.0146 32512 Brserid - ok

11:23:36.0162 32512 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

11:23:36.0177 32512 BrSerWdm - ok

11:23:36.0177 32512 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

11:23:36.0193 32512 BrUsbMdm - ok

11:23:36.0208 32512 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

11:23:36.0224 32512 BrUsbSer - ok

11:23:36.0224 32512 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

11:23:36.0224 32512 BTHMODEM - ok

11:23:36.0240 32512 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

11:23:36.0255 32512 bthserv - ok

11:23:36.0255 32512 catchme - ok

11:23:36.0318 32512 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys

11:23:36.0333 32512 ccSet_N360 - ok

11:23:36.0333 32512 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

11:23:36.0349 32512 cdfs - ok

11:23:36.0380 32512 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

11:23:36.0380 32512 cdrom - ok

11:23:36.0411 32512 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

11:23:36.0411 32512 CertPropSvc - ok

11:23:36.0427 32512 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

11:23:36.0427 32512 circlass - ok

11:23:36.0442 32512 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

11:23:36.0442 32512 CLFS - ok

11:23:36.0474 32512 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

11:23:36.0489 32512 clr_optimization_v2.0.50727_32 - ok

11:23:36.0536 32512 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

11:23:36.0536 32512 clr_optimization_v2.0.50727_64 - ok

11:23:36.0583 32512 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

11:23:36.0583 32512 clr_optimization_v4.0.30319_32 - ok

11:23:36.0583 32512 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

11:23:36.0583 32512 clr_optimization_v4.0.30319_64 - ok

11:23:36.0598 32512 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

11:23:36.0598 32512 CmBatt - ok

11:23:36.0630 32512 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

11:23:36.0630 32512 cmdide - ok

11:23:36.0661 32512 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

11:23:36.0692 32512 CNG - ok

11:23:36.0708 32512 [ 8B0894025E4077324A460830E4CE48D3 ] COMMONFX.DLL C:\Windows\System32\COMMONFX.DLL

11:23:36.0723 32512 COMMONFX.DLL - ok

11:23:36.0739 32512 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

11:23:36.0754 32512 Compbatt - ok

11:23:36.0786 32512 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

11:23:36.0786 32512 CompositeBus - ok

11:23:36.0786 32512 COMSysApp - ok

11:23:36.0786 32512 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

11:23:36.0786 32512 crcdisk - ok

11:23:36.0817 32512 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe

11:23:36.0832 32512 Creative ALchemy AL6 Licensing Service - ok

11:23:36.0848 32512 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

11:23:36.0864 32512 Creative Audio Engine Licensing Service - ok

11:23:36.0895 32512 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

11:23:36.0895 32512 CryptSvc - ok

11:23:36.0926 32512 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys

11:23:36.0942 32512 CSC - ok

11:23:36.0973 32512 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll

11:23:36.0988 32512 CscService - ok

11:23:37.0004 32512 [ 229E3B8F266ABDAFD54E4A372B9D5DDC ] CT20XUT C:\Windows\system32\drivers\CT20XUT.SYS

11:23:37.0020 32512 CT20XUT - ok

11:23:37.0035 32512 CT20XUT.DLL - ok

11:23:37.0035 32512 [ 229E3B8F266ABDAFD54E4A372B9D5DDC ] CT20XUT.SYS C:\Windows\System32\drivers\CT20XUT.SYS

11:23:37.0035 32512 CT20XUT.SYS - ok

11:23:37.0051 32512 [ EB3843A91A10150C9E05607CBCB44090 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys

11:23:37.0082 32512 ctac32k - ok

11:23:37.0098 32512 [ BC06EFB59A2316537765462DFE40F764 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys

11:23:37.0113 32512 ctaud2k - ok

11:23:37.0129 32512 [ 044AE7EF3B00D3FF78C2499020CF5877 ] CTAUDFX.DLL C:\Windows\System32\CTAUDFX.DLL

11:23:37.0160 32512 CTAUDFX.DLL - ok

11:23:37.0222 32512 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

11:23:37.0222 32512 CTAudSvcService - ok

11:23:37.0222 32512 [ 00406FE23F68323C5B6E5DB7C9E1F630 ] CTEAPSFX.DLL C:\Windows\System32\CTEAPSFX.DLL

11:23:37.0238 32512 CTEAPSFX.DLL - ok

11:23:37.0254 32512 [ 65DE222141B31AC3FFE6F57D3E24AF12 ] CTEDSPFX.DLL C:\Windows\System32\CTEDSPFX.DLL

11:23:37.0254 32512 CTEDSPFX.DLL - ok

11:23:37.0269 32512 [ 54F59F12BE0DB627273A55DC8EF7B35B ] CTEDSPIO.DLL C:\Windows\System32\CTEDSPIO.DLL

11:23:37.0269 32512 CTEDSPIO.DLL - ok

11:23:37.0285 32512 [ C0CBEB55E12B3D63AEB4CA5926D65FEA ] CTEDSPSY.DLL C:\Windows\System32\CTEDSPSY.DLL

11:23:37.0300 32512 CTEDSPSY.DLL - ok

11:23:37.0332 32512 [ 63B2B6CE9D3EF182981FB64BD5433DA4 ] CTEXFIFX C:\Windows\system32\drivers\CTEXFIFX.SYS

11:23:37.0347 32512 CTEXFIFX - ok

11:23:37.0347 32512 CTEXFIFX.DLL - ok

11:23:37.0363 32512 [ 63B2B6CE9D3EF182981FB64BD5433DA4 ] CTEXFIFX.SYS C:\Windows\System32\drivers\CTEXFIFX.SYS

11:23:37.0378 32512 CTEXFIFX.SYS - ok

11:23:37.0378 32512 [ 6D115CC80873B85FD80DDA1C41F75A2C ] CTHWIUT C:\Windows\system32\drivers\CTHWIUT.SYS

11:23:37.0394 32512 CTHWIUT - ok

11:23:37.0394 32512 CTHWIUT.DLL - ok

11:23:37.0394 32512 [ 6D115CC80873B85FD80DDA1C41F75A2C ] CTHWIUT.SYS C:\Windows\System32\drivers\CTHWIUT.SYS

11:23:37.0394 32512 CTHWIUT.SYS - ok

11:23:37.0425 32512 [ EBC9548EF5838CB5AA8F18B3AC28AF12 ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys

11:23:37.0441 32512 ctprxy2k - ok

11:23:37.0456 32512 [ B92DFA633AB0595E1D941778844A9909 ] CTSBLFX.DLL C:\Windows\System32\CTSBLFX.DLL

11:23:37.0488 32512 CTSBLFX.DLL - ok

11:23:37.0503 32512 [ 459BEE1682121842285C162E2D98D81A ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys

11:23:37.0503 32512 ctsfm2k - ok

11:23:37.0534 32512 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

11:23:37.0534 32512 DcomLaunch - ok

11:23:37.0550 32512 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

11:23:37.0550 32512 defragsvc - ok

11:23:37.0581 32512 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

11:23:37.0581 32512 DfsC - ok

11:23:37.0612 32512 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

11:23:37.0612 32512 Dhcp - ok

11:23:37.0628 32512 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

11:23:37.0644 32512 discache - ok

11:23:37.0659 32512 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

11:23:37.0659 32512 Disk - ok

11:23:37.0690 32512 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

11:23:37.0690 32512 Dnscache - ok

11:23:37.0722 32512 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

11:23:37.0722 32512 dot3svc - ok

11:23:37.0753 32512 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

11:23:37.0753 32512 DPS - ok

11:23:37.0768 32512 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

11:23:37.0784 32512 drmkaud - ok

11:23:37.0815 32512 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

11:23:37.0815 32512 DXGKrnl - ok

11:23:37.0815 32512 EagleX64 - ok

11:23:37.0831 32512 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

11:23:37.0831 32512 EapHost - ok

11:23:37.0878 32512 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

11:23:37.0924 32512 ebdrv - ok

11:23:38.0002 32512 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

11:23:38.0018 32512 eeCtrl - ok

11:23:38.0049 32512 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

11:23:38.0049 32512 EFS - ok

11:23:38.0080 32512 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

11:23:38.0096 32512 ehRecvr - ok

11:23:38.0112 32512 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

11:23:38.0112 32512 ehSched - ok

11:23:38.0143 32512 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

11:23:38.0143 32512 elxstor - ok

11:23:38.0158 32512 [ C26133B6165928FBD156C6FE570F9ED2 ] emupia C:\Windows\system32\drivers\emupia2k.sys

11:23:38.0174 32512 emupia - ok

11:23:38.0190 32512 EraserUtilDrv11220 - ok

11:23:38.0236 32512 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

11:23:38.0236 32512 EraserUtilRebootDrv - ok

11:23:38.0268 32512 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

11:23:38.0268 32512 ErrDev - ok

11:23:38.0299 32512 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

11:23:38.0299 32512 EventSystem - ok

11:23:38.0314 32512 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

11:23:38.0314 32512 exfat - ok

11:23:38.0330 32512 Fabs - ok

11:23:38.0346 32512 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

11:23:38.0346 32512 fastfat - ok

11:23:38.0377 32512 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

11:23:38.0392 32512 Fax - ok

11:23:38.0392 32512 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

11:23:38.0392 32512 fdc - ok

11:23:38.0408 32512 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

11:23:38.0408 32512 fdPHost - ok

11:23:38.0408 32512 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

11:23:38.0424 32512 FDResPub - ok

11:23:38.0424 32512 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

11:23:38.0424 32512 FileInfo - ok

11:23:38.0439 32512 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

11:23:38.0439 32512 Filetrace - ok

11:23:38.0502 32512 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe

11:23:38.0533 32512 FirebirdServerMAGIXInstance - ok

11:23:38.0548 32512 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

11:23:38.0548 32512 flpydisk - ok

11:23:38.0580 32512 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

11:23:38.0580 32512 FltMgr - ok

11:23:38.0626 32512 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

11:23:38.0626 32512 FontCache - ok

11:23:38.0658 32512 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

11:23:38.0673 32512 FontCache3.0.0.0 - ok

11:23:38.0673 32512 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

11:23:38.0673 32512 FsDepends - ok

11:23:38.0704 32512 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys

11:23:38.0720 32512 fssfltr - ok

11:23:38.0767 32512 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

11:23:38.0814 32512 fsssvc - ok

11:23:38.0860 32512 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

11:23:38.0876 32512 Fs_Rec - ok

11:23:38.0892 32512 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

11:23:38.0907 32512 fvevol - ok

11:23:38.0907 32512 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

11:23:38.0907 32512 gagp30kx - ok

11:23:38.0938 32512 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

11:23:38.0954 32512 GEARAspiWDM - ok

11:23:38.0985 32512 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

11:23:38.0985 32512 gpsvc - ok

11:23:39.0016 32512 [ A3F010D5DBFB589A3B3288C05C2EA3F9 ] ha20x2k C:\Windows\system32\drivers\ha20x2k.sys

11:23:39.0048 32512 ha20x2k - ok

11:23:39.0048 32512 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

11:23:39.0063 32512 hcw85cir - ok

11:23:39.0110 32512 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

11:23:39.0110 32512 HdAudAddService - ok

11:23:39.0141 32512 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

11:23:39.0141 32512 HDAudBus - ok

11:23:39.0141 32512 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

11:23:39.0157 32512 HidBatt - ok

11:23:39.0172 32512 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

11:23:39.0172 32512 HidBth - ok

11:23:39.0188 32512 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

11:23:39.0204 32512 HidIr - ok

11:23:39.0219 32512 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

11:23:39.0219 32512 hidserv - ok

11:23:39.0250 32512 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

11:23:39.0250 32512 HidUsb - ok

11:23:39.0328 32512 [ E4EF2B270971648EEBED0EEE39A6D594 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe

11:23:39.0328 32512 HiPatchService - ok

11:23:39.0360 32512 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

11:23:39.0360 32512 hkmsvc - ok

11:23:39.0422 32512 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

11:23:39.0422 32512 HomeGroupListener - ok

11:23:39.0453 32512 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

11:23:39.0453 32512 HomeGroupProvider - ok

11:23:39.0469 32512 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

11:23:39.0469 32512 HpSAMD - ok

11:23:39.0500 32512 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

11:23:39.0516 32512 HTTP - ok

11:23:39.0547 32512 [ 129128E192F9470EB92DB28B6730B06B ] hugoio64 C:\Program Files (x86)\i-Menu\hugoio64.sys

11:23:39.0547 32512 hugoio64 - ok

11:23:39.0562 32512 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

11:23:39.0562 32512 hwpolicy - ok

11:23:39.0594 32512 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

11:23:39.0594 32512 i8042prt - ok

11:23:39.0609 32512 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

11:23:39.0609 32512 iaStorV - ok

11:23:39.0656 32512 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

11:23:39.0672 32512 idsvc - ok

11:23:39.0781 32512 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20121127.001\IDSvia64.sys

11:23:39.0781 32512 IDSVia64 - ok

11:23:39.0796 32512 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

11:23:39.0812 32512 iirsp - ok

11:23:39.0843 32512 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

11:23:39.0843 32512 IKEEXT - ok

11:23:39.0890 32512 [ 13089F31AA37CDE1CE3784EE01A48484 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

11:23:39.0906 32512 IntcAzAudAddService - ok

11:23:39.0921 32512 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

11:23:39.0921 32512 intelide - ok

11:23:39.0937 32512 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

11:23:39.0937 32512 intelppm - ok

11:23:39.0952 32512 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

11:23:39.0952 32512 IPBusEnum - ok

11:23:39.0984 32512 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

11:23:39.0984 32512 IpFilterDriver - ok

11:23:40.0015 32512 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

11:23:40.0015 32512 iphlpsvc - ok

11:23:40.0062 32512 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

11:23:40.0062 32512 IPMIDRV - ok

11:23:40.0093 32512 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

11:23:40.0093 32512 IPNAT - ok

11:23:40.0124 32512 [ 755E4BA6DCE627A2683BB7640553C8D6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

11:23:40.0140 32512 iPod Service - ok

11:23:40.0155 32512 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

11:23:40.0155 32512 IRENUM - ok

11:23:40.0155 32512 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

11:23:40.0155 32512 isapnp - ok

11:23:40.0186 32512 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

11:23:40.0202 32512 iScsiPrt - ok

11:23:40.0218 32512 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

11:23:40.0218 32512 kbdclass - ok

11:23:40.0233 32512 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

11:23:40.0233 32512 kbdhid - ok

11:23:40.0233 32512 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

11:23:40.0233 32512 KeyIso - ok

11:23:40.0264 32512 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

11:23:40.0264 32512 KSecDD - ok

11:23:40.0296 32512 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

11:23:40.0311 32512 KSecPkg - ok

11:23:40.0311 32512 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

11:23:40.0311 32512 ksthunk - ok

11:23:40.0327 32512 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

11:23:40.0342 32512 KtmRm - ok

11:23:40.0358 32512 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

11:23:40.0358 32512 LanmanServer - ok

11:23:40.0374 32512 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

11:23:40.0389 32512 LanmanWorkstation - ok

11:23:40.0436 32512 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

11:23:40.0467 32512 LBTServ - ok

11:23:40.0498 32512 [ DB164EB571FD118D277D939510B0F562 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys

11:23:40.0498 32512 LGBusEnum - ok

11:23:40.0514 32512 [ DA1C7839CE72BB724822D1EE597DCB19 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys

11:23:40.0514 32512 LGVirHid - ok

11:23:40.0545 32512 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys

11:23:40.0545 32512 LHidFilt - ok

11:23:40.0592 32512 [ 2238B91AC1A12CC6CC4C4FED41258B2A ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

11:23:40.0592 32512 LightScribeService - ok

11:23:40.0608 32512 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

11:23:40.0608 32512 lltdio - ok

11:23:40.0623 32512 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

11:23:40.0639 32512 lltdsvc - ok

11:23:40.0654 32512 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

11:23:40.0654 32512 lmhosts - ok

11:23:40.0670 32512 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys

11:23:40.0686 32512 LMouFilt - ok

11:23:40.0701 32512 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

11:23:40.0701 32512 LSI_FC - ok

11:23:40.0717 32512 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

11:23:40.0717 32512 LSI_SAS - ok

11:23:40.0732 32512 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

11:23:40.0732 32512 LSI_SAS2 - ok

11:23:40.0748 32512 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

11:23:40.0748 32512 LSI_SCSI - ok

11:23:40.0764 32512 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

11:23:40.0764 32512 luafv - ok

11:23:40.0764 32512 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys

11:23:40.0779 32512 MBfilt - ok

11:23:40.0810 32512 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

11:23:40.0810 32512 Mcx2Svc - ok

11:23:40.0826 32512 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

11:23:40.0842 32512 megasas - ok

11:23:40.0857 32512 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

11:23:40.0857 32512 MegaSR - ok

11:23:40.0857 32512 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

11:23:40.0873 32512 MEIx64 - ok

11:23:40.0873 32512 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

11:23:40.0873 32512 MMCSS - ok

11:23:40.0873 32512 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

11:23:40.0873 32512 Modem - ok

11:23:40.0904 32512 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

11:23:40.0904 32512 monitor - ok

11:23:40.0951 32512 [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys

11:23:40.0951 32512 motccgp - ok

11:23:40.0966 32512 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys

11:23:40.0966 32512 motccgpfl - ok

11:23:41.0029 32512 [ 3BBC6C2402242401F791548AAEBF3D39 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

11:23:41.0029 32512 MotoHelper - ok

11:23:41.0044 32512 [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys

11:23:41.0044 32512 MotoSwitchService - ok

11:23:41.0076 32512 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

11:23:41.0091 32512 mouclass - ok

11:23:41.0091 32512 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

11:23:41.0107 32512 mouhid - ok

11:23:41.0122 32512 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

11:23:41.0122 32512 mountmgr - ok

11:23:41.0138 32512 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

11:23:41.0154 32512 mpio - ok

11:23:41.0169 32512 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

11:23:41.0185 32512 mpsdrv - ok

11:23:41.0216 32512 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

11:23:41.0216 32512 MpsSvc - ok

11:23:41.0247 32512 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

11:23:41.0263 32512 MRxDAV - ok

11:23:41.0294 32512 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

11:23:41.0325 32512 mrxsmb - ok

11:23:41.0372 32512 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

11:23:41.0388 32512 mrxsmb10 - ok

11:23:41.0419 32512 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

11:23:41.0434 32512 mrxsmb20 - ok

11:23:41.0450 32512 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

11:23:41.0450 32512 msahci - ok

11:23:41.0466 32512 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

11:23:41.0481 32512 msdsm - ok

11:23:41.0481 32512 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

11:23:41.0481 32512 MSDTC - ok

11:23:41.0497 32512 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

11:23:41.0512 32512 Msfs - ok

11:23:41.0528 32512 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

11:23:41.0528 32512 mshidkmdf - ok

11:23:41.0559 32512 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

11:23:41.0559 32512 msisadrv - ok

11:23:41.0575 32512 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

11:23:41.0590 32512 MSiSCSI - ok

11:23:41.0590 32512 msiserver - ok

11:23:41.0622 32512 [ 192476C10371DC83243D67432B2CDCBF ] MSI_MSIBIOS_010507 C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys

11:23:41.0622 32512 MSI_MSIBIOS_010507 - ok

11:23:41.0637 32512 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

11:23:41.0637 32512 MSKSSRV - ok

11:23:41.0653 32512 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

11:23:41.0653 32512 MSPCLOCK - ok

11:23:41.0668 32512 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

11:23:41.0668 32512 MSPQM - ok

11:23:41.0700 32512 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

11:23:41.0700 32512 MsRPC - ok

11:23:41.0731 32512 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

11:23:41.0731 32512 mssmbios - ok

11:23:41.0731 32512 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

11:23:41.0731 32512 MSTEE - ok

11:23:41.0746 32512 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

11:23:41.0746 32512 MTConfig - ok

11:23:41.0762 32512 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

11:23:41.0762 32512 Mup - ok

11:23:41.0840 32512 [ 4A9258B9597A31DB68EC9740F3A8A70B ] N360 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.0.19\ccSvcHst.exe

11:23:41.0840 32512 N360 - ok

11:23:41.0871 32512 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

11:23:41.0871 32512 napagent - ok

11:23:41.0887 32512 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

11:23:41.0902 32512 NativeWifiP - ok

11:23:41.0996 32512 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20121128.003\ENG64.SYS

11:23:41.0996 32512 NAVENG - ok

11:23:42.0043 32512 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20121128.003\EX64.SYS

11:23:42.0058 32512 NAVEX15 - ok

11:23:42.0105 32512 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

11:23:42.0105 32512 NDIS - ok

11:23:42.0121 32512 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

11:23:42.0121 32512 NdisCap - ok

11:23:42.0136 32512 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

11:23:42.0152 32512 NdisTapi - ok

11:23:42.0183 32512 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

11:23:42.0183 32512 Ndisuio - ok

11:23:42.0214 32512 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

11:23:42.0214 32512 NdisWan - ok

11:23:42.0246 32512 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

11:23:42.0246 32512 NDProxy - ok

11:23:42.0261 32512 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

11:23:42.0261 32512 NetBIOS - ok

11:23:42.0277 32512 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

11:23:42.0292 32512 NetBT - ok

11:23:42.0292 32512 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

11:23:42.0292 32512 Netlogon - ok

11:23:42.0308 32512 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

11:23:42.0308 32512 Netman - ok

11:23:42.0324 32512 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

11:23:42.0324 32512 NetMsmqActivator - ok

11:23:42.0339 32512 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

11:23:42.0339 32512 NetPipeActivator - ok

11:23:42.0355 32512 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

11:23:42.0355 32512 netprofm - ok

11:23:42.0355 32512 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

11:23:42.0355 32512 NetTcpActivator - ok

11:23:42.0355 32512 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

11:23:42.0355 32512 NetTcpPortSharing - ok

11:23:42.0370 32512 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

11:23:42.0386 32512 nfrd960 - ok

11:23:42.0417 32512 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

11:23:42.0417 32512 NlaSvc - ok

11:23:42.0448 32512 [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

11:23:42.0464 32512 NMIndexingService - ok

11:23:42.0480 32512 NOBU - ok

11:23:42.0495 32512 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

11:23:42.0495 32512 Npfs - ok

11:23:42.0511 32512 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

11:23:42.0511 32512 nsi - ok

11:23:42.0511 32512 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

11:23:42.0511 32512 nsiproxy - ok

11:23:42.0558 32512 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

11:23:42.0620 32512 Ntfs - ok

11:23:42.0636 32512 [ 1B32C54B95121AB1683C7B83B2DB4B96 ] NTIOLib_1_0_4 C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys

11:23:42.0651 32512 NTIOLib_1_0_4 - ok

11:23:42.0667 32512 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

11:23:42.0667 32512 Null - ok

11:23:42.0682 32512 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys

11:23:42.0714 32512 nusb3hub - ok

11:23:42.0729 32512 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys

11:23:42.0729 32512 nusb3xhc - ok

11:23:42.0760 32512 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys

11:23:42.0760 32512 NVHDA - ok

11:23:42.0932 32512 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

11:23:43.0010 32512 nvlddmkm - ok

11:23:43.0041 32512 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

11:23:43.0041 32512 nvraid - ok

11:23:43.0057 32512 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

11:23:43.0072 32512 nvstor - ok

11:23:43.0119 32512 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe

11:23:43.0119 32512 nvsvc - ok

11:23:43.0182 32512 [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

11:23:43.0182 32512 nvUpdatusService - ok

11:23:43.0213 32512 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

11:23:43.0213 32512 nv_agp - ok

11:23:43.0244 32512 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

11:23:43.0244 32512 ohci1394 - ok

11:23:43.0275 32512 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

11:23:43.0275 32512 ose - ok

11:23:43.0353 32512 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

11:23:43.0431 32512 osppsvc - ok

11:23:43.0462 32512 [ 0E2DE427EBE106E7E5B52869D5C99F68 ] ossrv C:\Windows\system32\drivers\ctoss2k.sys

11:23:43.0462 32512 ossrv - ok

11:23:43.0478 32512 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

11:23:43.0478 32512 p2pimsvc - ok

11:23:43.0494 32512 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

11:23:43.0494 32512 p2psvc - ok

11:23:43.0509 32512 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

11:23:43.0509 32512 Parport - ok

11:23:43.0525 32512 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

11:23:43.0540 32512 partmgr - ok

11:23:43.0556 32512 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

11:23:43.0556 32512 PcaSvc - ok

11:23:43.0572 32512 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

11:23:43.0572 32512 pci - ok

11:23:43.0603 32512 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

11:23:43.0603 32512 pciide - ok

11:23:43.0618 32512 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

11:23:43.0618 32512 pcmcia - ok

11:23:43.0634 32512 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

11:23:43.0634 32512 pcw - ok

11:23:43.0650 32512 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

11:23:43.0650 32512 PEAUTH - ok

11:23:43.0696 32512 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

11:23:43.0696 32512 PeerDistSvc - ok

11:23:43.0743 32512 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

11:23:43.0759 32512 PerfHost - ok

11:23:43.0806 32512 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

11:23:43.0821 32512 pla - ok

11:23:43.0852 32512 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

11:23:43.0868 32512 PlugPlay - ok

11:23:43.0930 32512 [ 734D9EB27B76B2BA9F5030405345C707 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

11:23:43.0962 32512 PMBDeviceInfoProvider - ok

11:23:43.0962 32512 PnkBstrA - ok

11:23:43.0962 32512 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

11:23:43.0977 32512 PNRPAutoReg - ok

11:23:43.0977 32512 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

11:23:43.0977 32512 PNRPsvc - ok

11:23:44.0008 32512 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

11:23:44.0008 32512 PolicyAgent - ok

11:23:44.0040 32512 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

11:23:44.0040 32512 Power - ok

11:23:44.0055 32512 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

11:23:44.0071 32512 PptpMiniport - ok

11:23:44.0071 32512 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

11:23:44.0086 32512 Processor - ok

11:23:44.0118 32512 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

11:23:44.0118 32512 ProfSvc - ok

11:23:44.0133 32512 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

11:23:44.0133 32512 ProtectedStorage - ok

11:23:44.0164 32512 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

11:23:44.0164 32512 Psched - ok

11:23:44.0196 32512 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

11:23:44.0211 32512 PxHlpa64 - ok

11:23:44.0242 32512 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

11:23:44.0258 32512 ql2300 - ok

11:23:44.0274 32512 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

11:23:44.0274 32512 ql40xx - ok

11:23:44.0305 32512 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

11:23:44.0305 32512 QWAVE - ok

11:23:44.0320 32512 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

11:23:44.0320 32512 QWAVEdrv - ok

11:23:44.0336 32512 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

11:23:44.0336 32512 RasAcd - ok

11:23:44.0352 32512 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

11:23:44.0352 32512 RasAgileVpn - ok

11:23:44.0352 32512 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

11:23:44.0352 32512 RasAuto - ok

11:23:44.0383 32512 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

11:23:44.0383 32512 Rasl2tp - ok

11:23:44.0414 32512 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

11:23:44.0414 32512 RasMan - ok

11:23:44.0430 32512 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

11:23:44.0430 32512 RasPppoe - ok

11:23:44.0445 32512 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

11:23:44.0445 32512 RasSstp - ok

11:23:44.0461 32512 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

11:23:44.0461 32512 rdbss - ok

11:23:44.0476 32512 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

11:23:44.0476 32512 rdpbus - ok

11:23:44.0492 32512 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

11:23:44.0492 32512 RDPCDD - ok

11:23:44.0523 32512 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

11:23:44.0523 32512 RDPDR - ok

11:23:44.0523 32512 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

11:23:44.0523 32512 RDPENCDD - ok

11:23:44.0523 32512 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

11:23:44.0523 32512 RDPREFMP - ok

11:23:44.0586 32512 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

11:23:44.0586 32512 RdpVideoMiniport - ok

11:23:44.0617 32512 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

11:23:44.0617 32512 RDPWD - ok

11:23:44.0664 32512 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

11:23:44.0664 32512 rdyboost - ok

11:23:44.0679 32512 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

11:23:44.0679 32512 RemoteAccess - ok

11:23:44.0695 32512 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

11:23:44.0695 32512 RemoteRegistry - ok

11:23:44.0710 32512 [ 71B48DDAF5E9C2B40E64DE5C405F5AAC ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys

11:23:44.0726 32512 RimUsb - ok

11:23:44.0757 32512 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys

11:23:44.0773 32512 RimVSerPort - ok

11:23:44.0788 32512 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys

11:23:44.0788 32512 ROOTMODEM - ok

11:23:44.0913 32512 [ E1AAAFF55A3CB098B80D6E8D932FBC98 ] RoxMediaDBGame1X C:\Program Files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe

11:23:44.0944 32512 RoxMediaDBGame1X - ok

11:23:44.0960 32512 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

11:23:44.0976 32512 RpcEptMapper - ok

11:23:44.0991 32512 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

11:23:45.0007 32512 RpcLocator - ok

11:23:45.0038 32512 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

11:23:45.0038 32512 RpcSs - ok

11:23:45.0054 32512 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

11:23:45.0054 32512 rspndr - ok

11:23:45.0069 32512 [ 592065B29131AF32AA18A9E546BE9617 ] RTCore64 C:\Program Files (x86)\RMClock\RTCore64.sys

11:23:45.0085 32512 RTCore64 - ok

11:23:45.0116 32512 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

11:23:45.0116 32512 RTL8167 - ok

11:23:45.0132 32512 [ 2B38C905492F36FE42B59DA52D6B4EB7 ] RtNdPt60 C:\Windows\system32\DRIVERS\RtNdPt60.sys

11:23:45.0132 32512 RtNdPt60 - ok

11:23:45.0147 32512 [ F3F166CA4283FF6F5F2C0D883D475CF8 ] RTTEAMPT C:\Windows\system32\DRIVERS\RtTeam60.sys

11:23:45.0178 32512 RTTEAMPT - ok

11:23:45.0194 32512 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys

11:23:45.0194 32512 s3cap - ok

11:23:45.0225 32512 [ CF0E5155A089C7C8D7CFD9D1088AFDA4 ] SaiH8000 C:\Windows\system32\DRIVERS\SaiH8000.sys

11:23:45.0241 32512 SaiH8000 - ok

11:23:45.0288 32512 [ 37FE3F97AC8ECAB53DF56BF275F8D2D5 ] SaiK0CCB C:\Windows\system32\DRIVERS\SaiK0CCB.sys

11:23:45.0303 32512 SaiK0CCB - ok

11:23:45.0350 32512 [ 2E6A17E1160B488C784FEE9E55EBD5E2 ] SaiK0CD7 C:\Windows\system32\DRIVERS\SaiK0CD7.sys

11:23:45.0350 32512 SaiK0CD7 - ok

11:23:45.0381 32512 [ E124BCFB55ADCD4AA273E73C3D666F9F ] SaiMini C:\Windows\system32\DRIVERS\SaiMini.sys

11:23:45.0397 32512 SaiMini - ok

11:23:45.0444 32512 [ 94AB59E2D3F301DC2B6EA97A027CEBFA ] SaiNtBus C:\Windows\system32\drivers\SaiBus.sys

11:23:45.0459 32512 SaiNtBus - ok

11:23:45.0475 32512 [ 950DCA50AF39563D96EEC57AC614366C ] SaiU0CCB C:\Windows\system32\DRIVERS\SaiU0CCB.sys

11:23:45.0490 32512 SaiU0CCB - ok

11:23:45.0506 32512 [ C15DDCCE5FAD5BA211CF01558219AB21 ] SaiU0CD7 C:\Windows\system32\DRIVERS\SaiU0CD7.sys

11:23:45.0522 32512 SaiU0CD7 - ok

11:23:45.0537 32512 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

11:23:45.0553 32512 SamSs - ok

11:23:45.0568 32512 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

11:23:45.0584 32512 sbp2port - ok

11:23:45.0584 32512 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

11:23:45.0600 32512 SCardSvr - ok

11:23:45.0631 32512 [ 8475E746EB72D04F1015E6F091F50E09 ] SCBackService C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe

11:23:45.0646 32512 SCBackService - ok

11:23:45.0678 32512 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

11:23:45.0678 32512 scfilter - ok

11:23:45.0724 32512 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

11:23:45.0724 32512 Schedule - ok

11:23:45.0756 32512 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

11:23:45.0756 32512 SCPolicySvc - ok

11:23:45.0787 32512 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

11:23:45.0802 32512 SDRSVC - ok

11:23:45.0834 32512 [ 331E7BDE228914574FC9AE6CD520DAFA ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

11:23:45.0834 32512 SeaPort - ok

11:23:45.0834 32512 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

11:23:45.0849 32512 secdrv - ok

11:23:45.0865 32512 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

11:23:45.0865 32512 seclogon - ok

11:23:45.0880 32512 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

11:23:45.0880 32512 SENS - ok

11:23:45.0880 32512 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

11:23:45.0880 32512 SensrSvc - ok

11:23:45.0896 32512 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

11:23:45.0896 32512 Serenum - ok

11:23:45.0912 32512 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

11:23:45.0912 32512 Serial - ok

11:23:45.0943 32512 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

11:23:45.0943 32512 sermouse - ok

11:23:45.0974 32512 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

11:23:45.0974 32512 SessionEnv - ok

11:23:46.0005 32512 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

11:23:46.0005 32512 sffdisk - ok

11:23:46.0005 32512 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

11:23:46.0005 32512 sffp_mmc - ok

11:23:46.0021 32512 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

11:23:46.0021 32512 sffp_sd - ok

11:23:46.0036 32512 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

11:23:46.0036 32512 sfloppy - ok

11:23:46.0068 32512 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

11:23:46.0068 32512 SharedAccess - ok

11:23:46.0099 32512 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

11:23:46.0099 32512 ShellHWDetection - ok

11:23:46.0114 32512 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

11:23:46.0114 32512 SiSRaid2 - ok

11:23:46.0130 32512 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

11:23:46.0130 32512 SiSRaid4 - ok

11:23:46.0146 32512 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

11:23:46.0146 32512 Smb - ok

11:23:46.0161 32512 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

11:23:46.0161 32512 SNMPTRAP - ok

11:23:46.0177 32512 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

11:23:46.0177 32512 spldr - ok

11:23:46.0208 32512 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

11:23:46.0224 32512 Spooler - ok

11:23:46.0286 32512 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

11:23:46.0317 32512 sppsvc - ok

11:23:46.0333 32512 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

11:23:46.0333 32512 sppuinotify - ok

11:23:46.0411 32512 [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP C:\Windows\System32\Drivers\N360x64\1402000.013\SRTSP64.SYS

11:23:46.0442 32512 SRTSP - ok

11:23:46.0458 32512 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\N360x64\1402000.013\SRTSPX64.SYS

11:23:46.0458 32512 SRTSPX - ok

11:23:46.0504 32512 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

11:23:46.0504 32512 srv - ok

11:23:46.0536 32512 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

11:23:46.0551 32512 srv2 - ok

11:23:46.0582 32512 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

11:23:46.0598 32512 srvnet - ok

11:23:46.0614 32512 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

11:23:46.0614 32512 SSDPSRV - ok

11:23:46.0614 32512 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

11:23:46.0629 32512 SstpSvc - ok

11:23:46.0660 32512 Steam Client Service - ok

11:23:46.0738 32512 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

11:23:46.0754 32512 Stereo Service - ok

11:23:46.0770 32512 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

11:23:46.0785 32512 stexstor - ok

11:23:46.0816 32512 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

11:23:46.0816 32512 stisvc - ok

11:23:46.0848 32512 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys

11:23:46.0848 32512 storflt - ok

11:23:46.0863 32512 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys

11:23:46.0863 32512 storvsc - ok

11:23:46.0910 32512 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

11:23:46.0910 32512 swenum - ok

11:23:46.0926 32512 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

11:23:46.0926 32512 swprv - ok

11:23:46.0941 32512 [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS C:\Windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS

11:23:46.0957 32512 SymDS - ok

11:23:46.0972 32512 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\Windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS

11:23:46.0988 32512 SymEFA - ok

11:23:47.0050 32512 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

11:23:47.0066 32512 SymEvent - ok

11:23:47.0113 32512 [ BFD99DC6C7FEB2F8B20D488FDF3A9A55 ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys

11:23:47.0113 32512 SymIM - ok

11:23:47.0160 32512 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS

11:23:47.0160 32512 SymIRON - ok

11:23:47.0175 32512 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\System32\Drivers\N360x64\1402000.013\SYMNETS.SYS

11:23:47.0191 32512 SymNetS - ok

11:23:47.0206 32512 Synth3dVsc - ok

11:23:47.0253 32512 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

11:23:47.0253 32512 SysMain - ok

11:23:47.0300 32512 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

11:23:47.0300 32512 TabletInputService - ok

11:23:47.0331 32512 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

11:23:47.0331 32512 TapiSrv - ok

11:23:47.0331 32512 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

11:23:47.0331 32512 TBS - ok

11:23:47.0394 32512 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

11:23:47.0425 32512 Tcpip - ok

11:23:47.0440 32512 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

11:23:47.0440 32512 TCPIP6 - ok

11:23:47.0472 32512 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

11:23:47.0487 32512 tcpipreg - ok

11:23:47.0503 32512 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

11:23:47.0503 32512 TDPIPE - ok

11:23:47.0534 32512 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

11:23:47.0550 32512 TDTCP - ok

11:23:47.0565 32512 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

11:23:47.0565 32512 tdx - ok

11:23:47.0581 32512 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

11:23:47.0581 32512 TermDD - ok

11:23:47.0612 32512 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

11:23:47.0612 32512 TermService - ok

11:23:47.0628 32512 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

11:23:47.0628 32512 Themes - ok

11:23:47.0643 32512 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

11:23:47.0643 32512 THREADORDER - ok

11:23:47.0643 32512 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

11:23:47.0643 32512 TrkWks - ok

11:23:47.0690 32512 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

11:23:47.0706 32512 TrustedInstaller - ok

11:23:47.0737 32512 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

11:23:47.0737 32512 tssecsrv - ok

11:23:47.0752 32512 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

11:23:47.0752 32512 TsUsbFlt - ok

11:23:47.0752 32512 tsusbhub - ok

11:23:47.0784 32512 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

11:23:47.0784 32512 tunnel - ok

11:23:47.0815 32512 [ F37D49111A12A97DE4BB5D8FF444BD2C ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys

11:23:47.0830 32512 TurboB - ok

11:23:47.0862 32512 [ 44D81B1BFD2428274BBA98316D9606DC ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe

11:23:47.0877 32512 TurboBoost - ok

11:23:47.0893 32512 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

11:23:47.0893 32512 uagp35 - ok

11:23:47.0924 32512 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

11:23:47.0940 32512 udfs - ok

11:23:47.0955 32512 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

11:23:47.0955 32512 UI0Detect - ok

11:23:47.0971 32512 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

11:23:47.0971 32512 uliagpkx - ok

11:23:47.0986 32512 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

11:23:47.0986 32512 umbus - ok

11:23:48.0002 32512 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

11:23:48.0002 32512 UmPass - ok

11:23:48.0018 32512 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll

11:23:48.0018 32512 UmRdpService - ok

11:23:48.0033 32512 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

11:23:48.0049 32512 upnphost - ok

11:23:48.0064 32512 [ 54D4B48D443E7228BF64CF7CDC3118AC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

11:23:48.0064 32512 USBAAPL64 - ok

11:23:48.0096 32512 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

11:23:48.0096 32512 usbaudio - ok

11:23:48.0127 32512 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

11:23:48.0158 32512 usbccgp - ok

11:23:48.0189 32512 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

11:23:48.0205 32512 usbcir - ok

11:23:48.0220 32512 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

11:23:48.0236 32512 usbehci - ok

11:23:48.0252 32512 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

11:23:48.0267 32512 usbhub - ok

11:23:48.0283 32512 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

11:23:48.0298 32512 usbohci - ok

11:23:48.0298 32512 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

11:23:48.0314 32512 usbprint - ok

11:23:48.0330 32512 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

11:23:48.0345 32512 USBSTOR - ok

11:23:48.0361 32512 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

11:23:48.0376 32512 usbuhci - ok

11:23:48.0392 32512 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

11:23:48.0392 32512 UxSms - ok

11:23:48.0392 32512 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

11:23:48.0392 32512 VaultSvc - ok

11:23:48.0408 32512 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

11:23:48.0408 32512 vdrvroot - ok

11:23:48.0439 32512 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

11:23:48.0439 32512 vds - ok

11:23:48.0454 32512 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

11:23:48.0454 32512 vga - ok

11:23:48.0470 32512 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

11:23:48.0470 32512 VgaSave - ok

11:23:48.0470 32512 VGPU - ok

11:23:48.0486 32512 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

11:23:48.0486 32512 vhdmp - ok

11:23:48.0517 32512 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

11:23:48.0517 32512 viaide - ok

11:23:48.0532 32512 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys

11:23:48.0532 32512 vmbus - ok

11:23:48.0548 32512 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

11:23:48.0548 32512 VMBusHID - ok

11:23:48.0564 32512 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

11:23:48.0579 32512 volmgr - ok

11:23:48.0626 32512 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

11:23:48.0657 32512 volmgrx - ok

11:23:48.0720 32512 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

11:23:48.0751 32512 volsnap - ok

11:23:48.0782 32512 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

11:23:48.0813 32512 vsmraid - ok

11:23:49.0094 32512 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

11:23:49.0125 32512 VSS - ok

11:23:49.0141 32512 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

11:23:49.0156 32512 vwifibus - ok

11:23:49.0234 32512 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

11:23:49.0234 32512 W32Time - ok

11:23:49.0250 32512 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

11:23:49.0281 32512 WacomPen - ok

11:23:49.0312 32512 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

11:23:49.0328 32512 WANARP - ok

11:23:49.0344 32512 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

11:23:49.0344 32512 Wanarpv6 - ok

11:23:49.0578 32512 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

11:23:49.0593 32512 WatAdminSvc - ok

11:23:49.0843 32512 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

11:23:49.0874 32512 wbengine - ok

11:23:49.0905 32512 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

11:23:49.0921 32512 WbioSrvc - ok

11:23:50.0014 32512 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

11:23:50.0030 32512 wcncsvc - ok

11:23:50.0061 32512 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

11:23:50.0077 32512 WcsPlugInService - ok

11:23:50.0170 32512 [ 147C60622CB53E901EFD8BB6D44A4C46 ] WCUService_STC_IE C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe

11:23:50.0186 32512 WCUService_STC_IE - ok

11:23:50.0202 32512 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

11:23:50.0217 32512 Wd - ok

11:23:50.0264 32512 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys

11:23:50.0280 32512 WDC_SAM - ok

11:23:50.0373 32512 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

11:23:50.0919 32512 Wdf01000 - ok

11:23:50.0935 32512 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

11:23:50.0935 32512 WdiServiceHost - ok

11:23:50.0950 32512 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

11:23:50.0950 32512 WdiSystemHost - ok

11:23:51.0013 32512 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

11:23:53.0618 32512 WebClient - ok

11:23:53.0634 32512 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

11:23:53.0634 32512 Wecsvc - ok

11:23:53.0649 32512 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

11:23:53.0649 32512 wercplsupport - ok

11:23:53.0665 32512 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

11:23:53.0665 32512 WerSvc - ok

11:23:53.0680 32512 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

11:23:53.0696 32512 WfpLwf - ok

11:23:53.0712 32512 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

11:23:53.0712 32512 WIMMount - ok

11:23:53.0727 32512 WinDefend - ok

11:23:53.0727 32512 WinHttpAutoProxySvc - ok

11:23:53.0758 32512 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

11:23:53.0758 32512 Winmgmt - ok

11:23:53.0805 32512 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

11:23:53.0836 32512 WinRM - ok

11:23:53.0868 32512 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

11:23:53.0883 32512 WinUsb - ok

11:23:53.0914 32512 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

11:23:53.0914 32512 Wlansvc - ok

11:23:53.0977 32512 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

11:23:53.0977 32512 wlcrasvc - ok

11:23:54.0039 32512 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

11:23:54.0070 32512 wlidsvc - ok

11:23:54.0102 32512 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

11:23:54.0102 32512 WmiAcpi - ok

11:23:54.0117 32512 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

11:23:54.0117 32512 wmiApSrv - ok

11:23:54.0117 32512 WMPNetworkSvc - ok

11:23:54.0133 32512 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

11:23:54.0148 32512 WPCSvc - ok

11:23:54.0180 32512 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

11:23:54.0180 32512 WPDBusEnum - ok

11:23:54.0195 32512 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

11:23:54.0211 32512 ws2ifsl - ok

11:23:54.0226 32512 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

11:23:54.0226 32512 wscsvc - ok

11:23:54.0226 32512 WSearch - ok

11:23:54.0289 32512 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

11:23:54.0351 32512 wuauserv - ok

11:23:54.0382 32512 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

11:23:54.0382 32512 WudfPf - ok

11:23:54.0398 32512 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

11:23:54.0398 32512 WUDFRd - ok

11:23:54.0429 32512 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

11:23:54.0445 32512 wudfsvc - ok

11:23:54.0445 32512 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

11:23:54.0476 32512 WwanSvc - ok

11:23:54.0476 32512 ================ Scan global ===============================

11:23:54.0523 32512 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

11:23:54.0554 32512 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll

11:23:54.0554 32512 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll

11:23:54.0570 32512 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

11:23:54.0585 32512 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

11:23:54.0585 32512 [Global] - ok

11:23:54.0585 32512 ================ Scan MBR ==================================

11:23:54.0601 32512 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

11:23:54.0804 32512 \Device\Harddisk0\DR0 - ok

11:23:54.0804 32512 ================ Scan VBR ==================================

11:23:54.0804 32512 [ 5A2EC5C74C0A8E96D99A221CDBFE9BD5 ] \Device\Harddisk0\DR0\Partition1

11:23:54.0804 32512 \Device\Harddisk0\DR0\Partition1 - ok

11:23:54.0819 32512 [ 4573A5896519F4B1CAD4AFE181CBE0D3 ] \Device\Harddisk0\DR0\Partition2

11:23:54.0819 32512 \Device\Harddisk0\DR0\Partition2 - ok

11:23:54.0819 32512 ============================================================

11:23:54.0819 32512 Scan finished

11:23:54.0819 32512 ============================================================

11:23:54.0819 32672 Detected object count: 0

11:23:54.0819 32672 Actual detected object count: 0

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software

Run date: 2012-11-28 11:25:14

-----------------------------

11:25:14.890 OS Version: Windows x64 6.1.7601 Service Pack 1

11:25:14.890 Number of processors: 4 586 0x2A07

11:25:14.890 ComputerName: SAM-PC UserName: Sam

11:25:16.902 Initialize success

11:26:12.613 AVAST engine defs: 12112800

11:26:19.899 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

11:26:19.899 Disk 0 Vendor: WDC_WD1002FAEX-007BA0 05.01D05 Size: 953869MB BusType: 3

11:26:19.945 Disk 0 MBR read successfully

11:26:19.945 Disk 0 MBR scan

11:26:19.961 Disk 0 Windows 7 default MBR code

11:26:19.961 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048

11:26:19.961 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848

11:26:19.977 Disk 0 scanning C:\Windows\system32\drivers

11:26:29.461 Service scanning

11:26:45.935 Modules scanning

11:26:45.935 Disk 0 trace - called modules:

11:26:45.935 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys

11:26:45.951 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800deda060]

11:26:45.951 3 CLASSPNP.SYS[fffff88001b6943f] -> nt!IofCallDriver -> [0xfffffa800db5d540]

11:26:46.263 5 ACPI.sys[fffff88000f587a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800db7b060]

11:26:48.462 AVAST engine scan C:\Windows

11:26:51.208 AVAST engine scan C:\Windows\system32

11:29:38.175 AVAST engine scan C:\Windows\system32\drivers

11:30:26.535 AVAST engine scan C:\Users\Sam

11:37:52.805 Disk 0 MBR has been saved successfully to "C:\Users\Sam\Desktop\MBR.dat"

11:37:52.805 The log file has been saved successfully to "C:\Users\Sam\Desktop\aswMBR.txt"

No probs running either program

Link to post
Share on other sites

  • Staff

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

 ClearJavaCache::
Folder::
c:\users\Sam\AppData\Roaming\SpeedyPC Software
c:\users\Sam\AppData\Roaming\DriverCure
c:\program files (x86)\Common Files\SpeedyPC Software
c:\programdata\SpeedyPC Software
c:\program files (x86)\SpeedyPC Software

File::
c:\windows\Tasks\SpeedyPC Pro.job
c:\windows\Tasks\SpeedyPC Registration3.job
c:\windows\Tasks\SpeedyPC Update Version3 Startup Task.job
c:\windows\Tasks\SpeedyPC Update Version3.job

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe

CFScriptB-4.gif

This will let ComboFix run again.

Restart if you have to.

Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  1. report from Combofix
  2. let me know of any problems you may have had
  3. How is the computer doing now after running the script?

Gringo

Link to post
Share on other sites

ComboFix 12-11-28.02 - Sam 11/29/2012 0:50.2.4 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.16366.12647 [GMT -6:00]

Running from: c:\users\Sam\Desktop\ComboFix.exe

Command switches used :: c:\users\Sam\Desktop\CFScript.txt

AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton 360 Premier Edition *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2012-10-28 to 2012-11-29 )))))))))))))))))))))))))))))))

.

.

2012-11-29 06:56 . 2012-11-29 06:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-11-29 06:56 . 2012-11-29 06:56 -------- d-----w- c:\users\UpdatusUser.Sam-PC\AppData\Local\temp

2012-11-29 06:56 . 2012-11-29 06:56 -------- d-----w- c:\users\Mcx1-SAM-PC\AppData\Local\temp

2012-11-29 06:56 . 2012-11-29 06:56 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-11-28 22:06 . 2012-11-28 22:06 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2012-11-28 21:14 . 2012-11-28 21:14 -------- d-----w- c:\windows\LastGood

2012-11-28 00:56 . 2012-11-28 00:56 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-11-28 00:56 . 2012-11-28 00:56 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-11-27 09:02 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll

2012-11-26 10:35 . 2012-11-26 10:36 -------- d-----w- C:\FRST

2012-11-26 10:11 . 2012-11-26 10:11 -------- d-----w- C:\TDSSKiller_Quarantine

2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\users\Sam\AppData\Roaming\SpeedyPC Software

2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\users\Sam\AppData\Roaming\DriverCure

2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\program files (x86)\Common Files\SpeedyPC Software

2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\programdata\SpeedyPC Software

2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\program files (x86)\SpeedyPC Software

2012-11-26 09:26 . 2012-11-26 09:27 -------- d-----w- C:\sh4ldr

2012-11-26 09:26 . 2012-11-26 09:26 -------- d-----w- c:\program files\Enigma Software Group

2012-11-14 09:07 . 2012-07-26 05:05 2560 ----a-w- c:\windows\system32\drivers\es-ES\wdf01000.sys.mui

2012-11-14 09:07 . 2012-07-26 05:15 2560 ----a-w- c:\windows\system32\drivers\he-IL\wdf01000.sys.mui

2012-11-14 09:07 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2012-11-14 09:07 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2012-11-14 09:07 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui

2012-11-14 09:07 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll

2012-11-14 09:00 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2012-11-14 09:00 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2012-11-14 09:00 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll

2012-11-14 09:00 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll

2012-11-14 09:00 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe

2012-11-14 09:00 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll

2012-11-14 09:00 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2012-11-14 07:07 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll

2012-11-14 07:07 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-11-28 00:56 . 2012-07-04 00:06 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-11-28 00:56 . 2011-10-25 01:47 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-11-14 09:01 . 2011-04-14 04:35 66395536 ----a-w- c:\windows\system32\MRT.exe

2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx

2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts

2012-10-16 08:38 . 2012-11-28 03:00 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38 . 2012-11-28 03:00 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39 . 2012-11-28 03:00 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-10-11 03:23 . 2012-10-11 03:23 247144 ----a-w- c:\windows\system32\nvinitx.dll

2012-10-11 03:23 . 2012-10-11 03:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll

2012-10-11 03:23 . 2012-10-11 03:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll

2012-10-11 03:23 . 2012-09-14 12:58 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll

2012-10-11 03:23 . 2012-10-11 03:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll

2012-10-11 03:23 . 2012-10-11 03:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2012-10-11 03:23 . 2012-10-11 03:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll

2012-10-11 03:23 . 2012-10-11 03:23 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll

2012-10-11 03:23 . 2012-10-11 03:23 202600 ----a-w- c:\windows\SysWow64\nvinit.dll

2012-10-11 03:23 . 2012-10-11 03:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll

2012-10-11 03:23 . 2012-08-28 05:55 2731880 ----a-w- c:\windows\system32\nvapi64.dll

2012-10-11 03:23 . 2012-03-14 01:10 973672 ----a-w- c:\windows\system32\nvumdshimx.dll

2012-10-11 03:23 . 2012-08-28 05:56 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-10-11 03:23 . 2012-10-11 03:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll

2012-10-11 03:23 . 2012-10-11 03:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll

2012-10-11 03:23 . 2012-10-11 03:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-10-11 03:23 . 2012-10-11 03:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll

2012-10-11 03:22 . 2012-10-11 03:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll

2012-10-11 03:22 . 2012-08-28 05:56 26331496 ----a-w- c:\windows\system32\nvoglv64.dll

2012-10-11 03:22 . 2011-10-25 02:13 1760104 ----a-w- c:\windows\system32\nvdispco64.dll

2012-10-11 03:22 . 2012-08-28 05:55 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-10-11 03:22 . 2012-10-11 03:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll

2012-10-11 03:22 . 2012-10-11 03:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll

2012-10-11 03:22 . 2012-10-11 03:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-10-11 03:22 . 2012-10-11 03:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2012-10-09 18:54 . 2012-06-23 20:39 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-10-09 18:54 . 2011-05-20 13:49 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-09 01:00 . 2012-10-26 01:29 776864 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\srtsp64.sys

2012-10-04 01:40 . 2012-10-26 01:29 1133216 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\symefa64.sys

2012-10-04 01:40 . 2012-10-26 01:29 493216 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\symds64.sys

2012-10-04 01:19 . 2012-10-26 01:29 168096 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\ccsetx64.sys

2012-10-02 19:51 . 2012-03-14 01:11 3536817 ----a-w- c:\windows\system32\nvcoproc.bin

2012-10-02 19:51 . 2011-01-16 22:13 3293544 ----a-w- c:\windows\system32\nvsvc64.dll

2012-10-02 19:51 . 2011-01-16 22:13 6200680 ----a-w- c:\windows\system32\nvcpl.dll

2012-10-02 19:50 . 2011-07-24 06:31 63336 ----a-w- c:\windows\system32\nvshext.dll

2012-10-02 19:50 . 2011-01-16 22:13 891240 ----a-w- c:\windows\system32\nvvsvc.exe

2012-10-02 19:50 . 2011-01-16 22:13 118120 ----a-w- c:\windows\system32\nvmctray.dll

2012-10-02 19:15 . 2012-10-02 19:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe

2012-09-29 03:30 . 2012-05-26 19:48 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS

2012-09-14 19:19 . 2012-10-09 22:29 2048 ----a-w- c:\windows\system32\tzres.dll

2012-09-14 18:28 . 2012-10-09 22:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-09-07 02:05 . 2012-10-26 01:29 432800 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\symnets.sys

2012-09-07 01:48 . 2012-10-26 01:29 224416 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\ironx64.sys

2012-08-31 18:19 . 2012-10-09 22:30 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys

2012-08-31 17:17 . 2012-08-31 17:17 4278384 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2012-08-31 17:17 . 2012-08-31 17:17 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]

c:\program files (x86)\Yontoo Layers Runtime\YontooIEClient.dll [bU]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]

"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\StartSuperCharger.exe" [2011-01-25 303104]

"Live Update 5"="c:\program files (x86)\MSI\Live Update 5\LU5.exe" [2011-02-01 1220608]

"Q-Face agent"="c:\program files (x86)\MSI\MSI Q-Face\webtest.exe" [2008-12-15 20792]

"NortonOnlineBackup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-03-05 1112920]

"STCAgent"="c:\program files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe" [2011-01-21 776064]

"ZyngaGamesAgent"="c:\program files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" [2010-11-15 841544]

"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2006-07-13 122880]

"AudioDrvEmulator"="c:\program files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 49152]

"CTHelper"="CTHELPER.EXE" [2006-05-24 17920]

"CTXFIREG"="CTXFIREG.exe" [2010-05-06 47104]

"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]

"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]

"PDF7 Registry Controller"="c:\program files (x86)\Nuance\PDF Converter 7\RegistryController.exe" [2010-08-18 121120]

"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-06 25600]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]

"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-08-20 724576]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Nostromo Loadout Manager.lnk - c:\windows\Installer\{548C7B77-8B04-427E-ACD0-D0E6E6E59BCF}\NewShortcut2_548C7B778B04427EACD0D0E6E6E59BCF.exe [2011-7-25 45056]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 ALSysIO;ALSysIO;c:\users\Sam\AppData\Local\Temp\ALSysIO64.sys [x]

R3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys [2007-08-14 35328]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-12-12 79360]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-12-12 79360]

R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2010-05-06 202840]

R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2010-05-06 1417304]

R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2010-05-06 94808]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 EraserUtilDrv11220;EraserUtilDrv11220;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys [x]

R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]

R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2011-04-04 21504]

R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2009-01-29 9216]

R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-10 33592]

R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]

R3 RoxMediaDBGame1X;RoxMediaDBGame1X;c:\program files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe [2011-02-17 1099248]

R3 RTCore64;RTCore64;c:\program files (x86)\RMClock\RTCore64.sys [2005-05-25 7168]

R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2010-04-10 50720]

R3 SaiH8000;SaiH8000;c:\windows\system32\DRIVERS\SaiH8000.sys [2008-04-04 178560]

R3 SaiK0CCB;SaiK0CCB;c:\windows\system32\DRIVERS\SaiK0CCB.sys [2011-09-20 183104]

R3 SaiU0CCB;SaiU0CCB;c:\windows\system32\DRIVERS\SaiU0CCB.sys [2011-09-20 47168]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-14 1255736]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS [2012-10-04 493216]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS [2012-10-04 1133216]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20121106.001\BHDrvx64.sys [2012-10-23 1384608]

S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys [2012-10-04 168096]

S1 hugoio64;hugoio64;c:\program files (x86)\i-Menu\hugoio64.sys [2008-04-30 13856]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20121128.001\IDSvia64.sys [2012-11-23 513184]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS [2012-09-07 224416]

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1402000.013\SYMNETS.SYS [2012-09-07 432800]

S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-06 169408]

S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]

S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-11-14 8704]

S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-04-26 223088]

S2 N360;Norton 360;c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.0.19\ccSvcHst.exe [2012-10-11 143928]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe service [x]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-08-20 474208]

S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27136]

S2 SCBackService;Splashtop Connect Service;c:\program files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-05-21 13832]

S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-05-21 134928]

S2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480]

S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2010-05-06 202840]

S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2010-05-06 1417304]

S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2010-05-06 94808]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-09-29 138912]

S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-07-14 22408]

S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-07-14 16008]

S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]

S3 SaiK0CD7;SaiK0CD7;c:\windows\system32\DRIVERS\SaiK0CD7.sys [2011-09-20 183104]

S3 SaiU0CD7;SaiU0CD7;c:\windows\system32\DRIVERS\SaiU0CD7.sys [2011-09-20 47168]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 22451595

*NewlyCreated* - ASWMBR

*Deregistered* - 22451595

*Deregistered* - aswMBR

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-08-20 18:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Contents of the 'Scheduled Tasks' folder

.

2012-11-29 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 18:54]

.

2012-11-29 c:\windows\Tasks\FinalTorrent Update Checker.job

- c:\program files (x86)\FinalTorrent\FTCheckForUpdates.exe [2011-05-08 21:50]

.

2012-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421509916-3391201345-338949333-1000Core.job

- c:\users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-14 05:26]

.

2012-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421509916-3391201345-338949333-1000UA.job

- c:\users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-14 05:26]

.

2012-11-26 c:\windows\Tasks\SpeedyPC Pro.job

- c:\program files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2012-10-04 20:42]

.

2012-11-26 c:\windows\Tasks\SpeedyPC Registration3.job

- c:\windows\system32\rundll32.exe [2009-07-13 01:14]

.

2012-11-26 c:\windows\Tasks\SpeedyPC Update Version3 Startup Task.job

- c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2012-10-04 20:42]

.

2012-11-26 c:\windows\Tasks\SpeedyPC Update Version3.job

- c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2012-10-04 20:42]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-01-17 6602856]

"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]

"AsioThk32Reg"="%SYSTEMROOT%\SYSWOW64\CTASIO.DLL" [bU]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]

"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-09-29 110360]

"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-08-14 415752]

"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2009-08-13 2093064]

"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-08-14 4195848]

"ProfilerU"="c:\program files\SmartTechnology\Software\ProfilerU.exe" [2012-01-23 432640]

"SaiMfd"="c:\program files\SmartTechnology\Software\SaiMfd.exe" [2012-01-23 158208]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = https://www.google.com/

uInternet Settings,ProxyOverride = *.local;192.168.*.*

IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: Open with Nuance PDF Converter 7.0 - c:\program files (x86)\Nuance\PDF Converter 7\cnvres_eng.dll /100

IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: DhcpNameServer = 65.32.5.111 65.32.5.112

DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

.

- - - - ORPHANS REMOVED - - - -

.

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-Search Toolbar - c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe

AddRemove-vGrabber - c:\program files (x86)\vGrabber\uninstall.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]

"ImagePath"="\"c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.0.19\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.0.19\diMaster.dll\" /prefetch:1"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-421509916-3391201345-338949333-1000\Software\SecuROM\License information*]

"datasecu"=hex:07,6e,4a,58,0c,2d,52,60,98,34,12,3c,64,79,85,e0,f1,8a,de,68,c0,

df,1c,a5,01,63,b9,f4,3a,01,87,83,9a,e2,3b,b6,e4,52,c0,c4,27,b9,6b,fb,30,7e,\

"rkeysecu"=hex:a7,30,38,a9,6e,c8,ed,54,4d,c6,5d,08,68,15,d5,aa

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-11-29 00:58:28

ComboFix-quarantined-files.txt 2012-11-29 06:58

ComboFix2.txt 2012-11-28 00:32

.

Pre-Run: 279,595,356,160 bytes free

Post-Run: 279,532,425,216 bytes free

.

- - End Of File - - A3987E49A0A592EDA08F110093E0A606

No problems

PC is running fine

Link to post
Share on other sites

  • Staff

Greetings

I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools

Gringo

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.