Jump to content

Computer seems fine, but....


Recommended Posts

What's going on so my computer seems fine, fast as always however today while just browsing the web, visiting the same sites I do every single day, I went to amazon.com and I got a random download in chrome, all it had for a name was download,

so I immediately canceled it before it could finish (I'm not even sure if it was able to start).

If I go into chromes download manager it tells me I can retry the download.From what I have been able to find online about this it seems like it has happened to quite a few people with chrome(amazon isn't the source of this problem I believe) but with earlier versions of chrome. Well here are my two logs and thanks

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16482

Run by airso_000 at 17:12:18 on 2013-03-01

Microsoft Windows 8 Pro with Media Center 6.2.9200.0.1252.1.1033.18.16206.11104 [GMT -5:00]

.

AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\WINDOWS\system32\svchost.exe -k RPCSS

C:\WINDOWS\system32\atiesrxx.exe

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\system32\dwm.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\WINDOWS\system32\atieclxx.exe

C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\WINDOWS\system32\nvvsvc.exe

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\System32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe

C:\WINDOWS\sysWow64\CtHdaSvc.exe

C:\WINDOWS\system32\IProsetMonitor.exe

C:\WINDOWS\system32\dashost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\WINDOWS\SysWOW64\PnkBstrA.exe

C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe

C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\taskhostex.exe

C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe

C:\Windows\System32\WWAHost.exe

C:\Windows\System32\RuntimeBroker.exe

C:\WINDOWS\WinStore\WSHost.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe

C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\MusicManager.exe

C:\Program Files (x86)\Origin\Origin.exe

C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe

C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe

C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Users\airso_000\Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe

C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe

C:\Program Files\HP\HP Photosmart 6510 series\Bin\HP Photosmart 6510 series.exe

C:\Windows\SysWOW64\mshta.exe

C:\Program Files (x86)\HP\HP Photosmart 6510 series\bin\HPScan.exe

D:\Steam\steam.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\WINDOWS\system32\wwahost.exe

C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe\LiveComm.exe

C:\WINDOWS\system32\mspaint.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\taskeng.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\system32\SearchFilterHost.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll

uRun: [steam] "D:\Steam\steam.exe" -silent

uRun: [KasperskyPasswordManager] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe

uRun: [Google Update] "C:\Users\airso_000\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [MusicManager] "C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"

uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart

uRun: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN278521PD05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1

mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe"

mRun: [sound Blaster Recon3Di Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe" /r

mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [ghost] C:\Users\airso_000\Documents\GIGABYTE\AIVIA GHOST\ghostopen.exe

StartupFolder: C:\Users\AIRSO_~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SAMSUN~1.LNK - C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\QUALCO~1.LNK - C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe

IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll

LSP: %SYSTEMROOT%\system32\BfLLR.dll

DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab

DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{A7939EEC-125A-4D78-9471-DF5ABD644C2D} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{C5F6885D-1307-4019-B255-6D2284AAA4F4} : DHCPNameServer = 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll,C:\WINDOWS\SysWOW64\nvinit.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings

x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll

x64-Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe

x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" -f "C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat"

x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R1 BfLwf;Qualcomm Atheros Bandwidth Control;C:\WINDOWS\System32\Drivers\bwcW8x64.sys [2012-8-1 73072]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\WINDOWS\System32\Drivers\klim6.sys [2012-8-2 28504]

R1 klwfp;klwfp;C:\WINDOWS\System32\Drivers\klwfp.sys [2012-8-3 50088]

R1 kneps;kneps;C:\WINDOWS\System32\Drivers\kneps.sys [2012-8-13 178008]

R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2012-11-15 240640]

R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-8-17 356376]

R2 CtHdaSvc;SB Recon3D Service;C:\Windows\SysWOW64\CtHdaSvc.exe [2012-8-22 103424]

R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\WINDOWS\System32\IPROSetMonitor.exe [2012-9-6 170824]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-30 398184]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-30 682344]

R2 Qualcomm Atheros Killer Service;Qualcomm Atheros Killer Service;C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [2012-8-1 490496]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-2-9 383264]

R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848]

R3 cthda;SB Recon3D HDAudio;C:\WINDOWS\System32\Drivers\cthda.sys [2012-8-22 1044320]

R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2012-11-11 160256]

R3 Ke2200;NDIS Miniport Driver for the Killer e2200 Gigabit Ethernet Controller;C:\WINDOWS\System32\Drivers\e22w8x64.sys [2012-8-1 164720]

R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\WINDOWS\System32\Drivers\klkbdflt.sys [2012-5-25 29016]

R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\WINDOWS\System32\Drivers\klmouflt.sys [2012-7-25 29528]

R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\Drivers\mbam.sys [2012-11-30 24176]

R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2012-11-19 13368]

S0 klelam;klelam;C:\WINDOWS\System32\Drivers\klelam.sys [2012-7-27 29616]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\Drivers\AtihdW86.sys [2012-8-21 91648]

S3 etdrv;etdrv;C:\Windows\etdrv.sys [2012-11-11 25640]

S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-12-9 150464]

S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2012-11-11 30528]

S3 LVRS64;Logitech RightSound Filter Driver;C:\WINDOWS\System32\Drivers\lvrs64.sys [2012-10-26 351520]

S3 LVUVC64;@oem13.inf,%PID_082D_DD%(UVC);Logitech HD Pro Webcam C920(UVC);C:\WINDOWS\System32\Drivers\lvuvc64.sys [2012-10-26 4758176]

S3 Media Center 18 Service;Media Center 18 Service;C:\Program Files (x86)\J River\Media Center 18\JRService.exe [2013-2-24 488704]

S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-25 117248]

S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\Drivers\WUDFRd.sys [2012-7-25 198656]

S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\WINDOWS\System32\Drivers\xusb22.sys [2012-7-25 89088]

.

=============== Created Last 30 ================

.

2013-02-25 02:25:54 76 ----a-w- C:\WINDOWS\SysWow64\netjr32.dll

2013-02-25 02:25:54 585728 ------w- C:\WINDOWS\SysWow64\AReadyLB.dll

2013-02-25 02:25:54 585728 ------w- C:\WINDOWS\System32\AReadyLB.dll

2013-02-25 02:25:54 521472 ------w- C:\WINDOWS\SysWow64\MC18.exe

2013-02-25 02:25:54 521472 ------w- C:\WINDOWS\System32\MC18.exe

2013-02-25 02:25:54 229376 ------w- C:\WINDOWS\SysWow64\AudDevicePlugin.dll

2013-02-25 02:25:54 229376 ------w- C:\WINDOWS\System32\AudDevicePlugin.dll

2013-02-25 02:25:54 -------- d-----w- C:\Program Files (x86)\J River

2013-02-25 02:25:31 -------- d-----w- C:\Users\airso_000\AppData\Roaming\J River

2013-02-24 21:40:15 -------- d-----w- C:\Fraps

2013-02-23 06:08:51 -------- d-----w- C:\Users\airso_000\AppData\Roaming\NVIDIA

2013-02-19 02:10:07 -------- d-----w- C:\WINDOWS\SysWow64\NV

2013-02-19 02:10:07 -------- d-----w- C:\WINDOWS\System32\NV

2013-02-19 02:10:05 877856 ----a-w- C:\WINDOWS\System32\nvvsvc.exe

2013-02-19 02:10:05 6393120 ----a-w- C:\WINDOWS\System32\nvcpl.dll

2013-02-19 02:10:05 63776 ----a-w- C:\WINDOWS\System32\nvshext.dll

2013-02-19 02:10:05 3472672 ----a-w- C:\WINDOWS\System32\nvsvc64.dll

2013-02-19 02:10:05 3035306 ----a-w- C:\WINDOWS\System32\nvcoproc.bin

2013-02-19 02:10:05 237856 ----a-w- C:\WINDOWS\System32\nvmctray.dll

2013-02-19 02:09:55 -------- d-----w- C:\ProgramData\NVIDIA Corporation

2013-02-19 02:09:37 31672 ----a-w- C:\WINDOWS\System32\nvhdap64.dll

2013-02-19 02:09:37 194488 ----a-w- C:\WINDOWS\System32\drivers\nvhda64v.sys

2013-02-19 02:09:37 1807136 ----a-w- C:\WINDOWS\System32\nvdispco6420294.dll

2013-02-19 02:09:37 1510328 ----a-w- C:\WINDOWS\System32\nvhdagenco6420103.dll

2013-02-19 02:09:37 1510176 ----a-w- C:\WINDOWS\System32\nvdispgenco6420162.dll

2013-02-12 23:44:04 4055552 ----a-w- C:\WINDOWS\System32\win32k.sys

2013-02-09 23:43:52 555808 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe

2013-02-05 05:28:00 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

.

==================== Find3M ====================

.

2013-02-26 04:56:58 50088 ----a-w- C:\WINDOWS\System32\drivers\klwfp.sys

2013-02-06 23:06:14 78176 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl

2013-02-06 23:06:14 692576 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe

2013-01-31 03:29:52 2226408 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys

2013-01-16 00:35:49 44032 ----a-w- C:\WINDOWS\SysWow64\UXInit.dll

2013-01-16 00:31:26 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll

2013-01-16 00:25:17 1437696 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll

2013-01-16 00:23:19 1690624 ----a-w- C:\WINDOWS\System32\GdiPlus.dll

2013-01-14 03:56:14 6967016 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe

2013-01-10 01:53:32 28904 ----a-w- C:\WINDOWS\System32\drivers\msgpiowin32.sys

2013-01-10 01:40:39 1448168 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys

2013-01-10 01:40:38 303848 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys

2013-01-10 01:39:29 194280 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys

2013-01-10 01:39:22 124648 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys

2013-01-10 01:29:56 91880 ----a-w- C:\WINDOWS\System32\drivers\partmgr.sys

2013-01-10 01:29:54 1934056 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys

2013-01-10 01:29:21 785504 ----a-w- C:\WINDOWS\System32\drivers\Wdf01000.sys

2013-01-09 23:26:53 83968 ----a-w- C:\WINDOWS\SysWow64\wiaacmgr.exe

2013-01-09 23:26:46 1611776 ----a-w- C:\WINDOWS\SysWow64\mmc.exe

2013-01-09 23:26:35 410624 ----a-w- C:\WINDOWS\SysWow64\Windows.Networking.dll

2013-01-09 23:26:35 261120 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll

2013-01-09 23:26:25 278528 ----a-w- C:\WINDOWS\SysWow64\srm.dll

2013-01-09 23:26:25 202752 ----a-w- C:\WINDOWS\SysWow64\srmstormod.dll

2013-01-09 23:26:23 1752064 ----a-w- C:\WINDOWS\SysWow64\setupapi.dll

2013-01-09 23:26:20 67584 ----a-w- C:\WINDOWS\SysWow64\samlib.dll

2013-01-09 23:26:08 115712 ----a-w- C:\WINDOWS\SysWow64\netprofm.dll

2013-01-09 23:26:04 890880 ----a-w- C:\WINDOWS\SysWow64\msctf.dll

2013-01-09 23:26:03 436736 ----a-w- C:\WINDOWS\SysWow64\MP4SDECD.DLL

2013-01-09 23:25:55 582144 ----a-w- C:\WINDOWS\SysWow64\gpprefcl.dll

2013-01-09 23:23:32 95232 ----a-w- C:\WINDOWS\System32\wiaacmgr.exe

2013-01-09 23:23:25 2094592 ----a-w- C:\WINDOWS\System32\mmc.exe

2013-01-09 23:23:18 256000 ----a-w- C:\WINDOWS\System32\WSDMon.dll

2013-01-09 23:23:16 1964544 ----a-w- C:\WINDOWS\System32\wlidsvc.dll

2013-01-09 23:23:14 594944 ----a-w- C:\WINDOWS\System32\Windows.Networking.dll

2013-01-09 23:23:14 406016 ----a-w- C:\WINDOWS\System32\Windows.Media.dll

2013-01-09 23:23:09 274432 ----a-w- C:\WINDOWS\System32\srmstormod.dll

2013-01-09 23:23:08 279040 ----a-w- C:\WINDOWS\System32\srm.dll

2013-01-09 23:23:07 1886208 ----a-w- C:\WINDOWS\System32\setupapi.dll

2013-01-09 23:23:05 728064 ----a-w- C:\WINDOWS\System32\samsrv.dll

2013-01-09 23:22:53 464384 ----a-w- C:\WINDOWS\System32\netprofmsvc.dll

2013-01-09 23:22:53 151040 ----a-w- C:\WINDOWS\System32\netprofm.dll

2013-01-09 23:22:43 1120768 ----a-w- C:\WINDOWS\System32\msctf.dll

2013-01-09 23:22:41 666112 ----a-w- C:\WINDOWS\System32\MP4SDECD.DLL

2013-01-09 23:22:35 438272 ----a-w- C:\WINDOWS\System32\lsm.dll

2013-01-09 23:22:29 894464 ----a-w- C:\WINDOWS\System32\iphlpsvc.dll

2013-01-09 23:22:29 159232 ----a-w- C:\WINDOWS\System32\inetpp.dll

2013-01-09 23:22:26 49152 ----a-w- C:\WINDOWS\System32\drivers\UMDF\HidBthLE.dll

2013-01-09 23:22:25 820736 ----a-w- C:\WINDOWS\System32\gpprefcl.dll

2013-01-09 23:22:05 1918464 ----a-w- C:\WINDOWS\System32\wbem\cimwin32.dll

2013-01-09 03:59:47 341504 ----a-w- C:\WINDOWS\System32\drivers\HdAudio.sys

2013-01-06 15:32:20 30528 ----a-w- C:\WINDOWS\GVTDrv64.sys

2013-01-06 15:32:12 25640 ----a-w- C:\WINDOWS\gdrv.sys

2013-01-04 05:32:36 2706432 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb

2013-01-04 04:19:53 2706432 ----a-w- C:\WINDOWS\System32\mshtml.tlb

2012-12-26 22:18:06 76888 ----a-w- C:\WINDOWS\SysWow64\PnkBstrA.exe

2012-12-26 22:16:35 281688 ----a-w- C:\WINDOWS\SysWow64\PnkBstrB.exe

2012-12-20 00:37:37 1775616 ----a-w- C:\WINDOWS\SysWow64\wininet.dll

2012-12-20 00:37:04 2881536 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll

2012-12-20 00:37:02 61440 ----a-w- C:\WINDOWS\SysWow64\iesetup.dll

2012-12-20 00:37:02 109056 ----a-w- C:\WINDOWS\SysWow64\iesysprep.dll

2012-12-20 00:36:50 431616 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll

2012-12-20 00:29:16 2246656 ----a-w- C:\WINDOWS\System32\wininet.dll

2012-12-20 00:29:11 907776 ----a-w- C:\WINDOWS\System32\uxtheme.dll

2012-12-20 00:28:29 3966464 ----a-w- C:\WINDOWS\System32\jscript9.dll

2012-12-20 00:28:26 136704 ----a-w- C:\WINDOWS\System32\iesysprep.dll

2012-12-20 00:28:04 39936 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll

2012-12-19 11:34:48 2250024 ----a-w- C:\WINDOWS\SysWow64\pbsvc.exe

2012-12-19 01:27:13 281688 ----a-w- C:\WINDOWS\SysWow64\PnkBstrB.xtr

2012-12-19 01:20:07 281688 ----a-w- C:\WINDOWS\SysWow64\PnkBstrB.ex0

2012-12-18 01:56:27 534528 ----a-w- C:\WINDOWS\SysWow64\uxtheme.dll

2012-12-16 08:28:20 46080 ----a-w- C:\WINDOWS\System32\atmlib.dll

2012-12-16 08:20:01 35328 ----a-w- C:\WINDOWS\SysWow64\atmlib.dll

2012-12-16 08:08:33 362496 ----a-w- C:\WINDOWS\System32\atmfd.dll

2012-12-16 07:57:09 300032 ----a-w- C:\WINDOWS\SysWow64\atmfd.dll

2012-12-14 21:49:28 24176 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys

2012-12-06 04:23:00 170496 ----a-w- C:\WINDOWS\System32\TimeBrokerServer.dll

2012-12-06 04:22:59 178176 ----a-w- C:\WINDOWS\System32\SystemEventsBrokerServer.dll

2012-12-05 12:03:59 29016 ----a-w- C:\WINDOWS\System32\drivers\klkbdflt.sys

2012-12-04 23:25:44 0 ----a-w- C:\WINDOWS\ativpsrm.bin

2012-12-04 04:21:42 368640 ----a-w- C:\WINDOWS\System32\sppwinob.dll

.

============= FINISH: 17:12:36.68 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 8 Pro with Media Center

Boot Device: \Device\HarddiskVolume2

Install Date: 10/26/2012 7:47:48 AM

System Uptime: 2/24/2013 4:49:31 PM (121 hours ago)

.

Motherboard: Gigabyte Technology Co., Ltd. | | G1.Sniper 3

Processor: Intel® Core i5-3570K CPU @ 3.40GHz | Intel® Core i5-3570K CPU @ 3.40GHz | 4201/103mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 238 GiB total, 67.447 GiB free.

D: is FIXED (NTFS) - 447 GiB total, 48.159 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP30: 2/12/2013 6:45:51 PM - Windows Update

RP31: 2/19/2013 7:11:50 PM - Installed AIVIA GHOST.

RP32: 2/27/2013 3:01:09 AM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

@BIOS

3DMark 11

Adobe Reader XI (11.0.02)

AIVIA GHOST

Amazon MP3 Downloader 1.0.17

ARMA 2

ARMA 2: British Armed Forces

ARMA 2: Operation Arrowhead

ARMA 2: Operation Arrowhead Beta

ARMA 2: Private Military Company

Assassin’s Creed® III

Batman: Arkham City GOTY

Battlefield 3™

Battlefield: Bad Company™ 2

Battlelog Web Plugins

BattlEye Uninstall

Borderlands 2

Call of Duty: Black Ops II

Call of Duty: Black Ops II - Zombies

Call of Duty: World at War

CameraHelperMsi

CCleaner

Counter-Strike: Global Offensive

CPUID CPU-Z G1 1.61.3

Crysis

Crysis 2 Maximum Edition

Crysis Warhead

Crysis Wars

Dead Island

Dead Rising 2

Dead Space

Dead Space 2

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dishonored

Easy Tune 6 B12.1012.1

erLT

ESN Sonar

Fallout 3 - Game of the Year Edition

Fallout: New Vegas

Far Cry 2

Far Cry 3

FIFA 13

Fraps (remove only)

Futuremark SystemInfo

Gears of War for Windows

Google Chrome

Google Update Helper

Grand Theft Auto IV

Grand Theft Auto: Episodes from Liberty City

Grand Theft Auto: Vice City

Hitman: Absolution

HP Photosmart 6510 series Basic Device Software

HP Photosmart 6510 series Help

HP Update

Intel® Network Connections 17.4.95.0

Intel® Processor Graphics

Just Cause 2

Kaspersky Internet Security 2013

Kaspersky Password Manager 5.0.0.169

Logitech Webcam Software

LWS Facebook

LWS Gallery

LWS Help_main

LWS Launcher

LWS Motion Detection

LWS Pictures And Video

LWS Twitter

LWS Webcam Software

LWS WLM Plugin

LWS YouTube Plugin

Malwarebytes Anti-Malware version 1.70.0.1100

Mass Effect

Max Payne 3

Media Center 18

MediaMonkey 4.0

Metro 2033

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MSI Afterburner 2.3.0

Music Manager

NVIDIA 3D Vision Controller Driver 314.07

NVIDIA 3D Vision Driver 314.07

NVIDIA Control Panel 314.07

NVIDIA GeForce Experience 1.0.1 (BETA)

NVIDIA Graphics Driver 314.07

NVIDIA HD Audio Driver 1.3.23.1

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX System Software 9.12.1031

NVIDIA Stereoscopic 3D Driver

NVIDIA Update 2.47.62

NVIDIA Update Components

OpenAL

Origin

PunkBuster Services

Qualcomm Atheros Killer Network Manager

RAGE

Samsung SSD Magician

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Sid Meier's Civilization V

Sniper Elite

Sniper Elite V2

Sound Blaster Recon3Di

Star Wars: Knights of the Old Republic

Star Wars: Knights of the Old Republic II

Steam

TechPowerUp GPU-Z

The Elder Scrolls V: Skyrim

The Sims™ 3

The Walking Dead

The Witcher 2: Assassins of Kings Enhanced Edition

Total War: SHOGUN 2

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Uplay

XCOM: Enemy Unknown

.

==== Event Viewer Messages From Past Week ========

.

2/26/2013 5:07:26 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

2/26/2013 5:07:26 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2/25/2013 9:50:52 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: Microsoft.WindowsLive.ModernPhotos.AppXsjk229593yvkhw8w13eans3t0eh9strp.wwa as Unavailable/Unavailable. The error: "5" Happened while starting this command: "C:\WINDOWS\system32\wwahost.exe" -ServerName:Microsoft.WindowsLive.ModernPhotos.wwa

2/25/2013 8:55:29 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: Microsoft.WindowsLive.ModernPhotos.wwa as Unavailable/Unavailable. The error: "5" Happened while starting this command: "C:\WINDOWS\system32\wwahost.exe" -ServerName:Microsoft.WindowsLive.ModernPhotos.wwa

2/23/2013 7:15:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Qualcomm Atheros Killer Service service.

.

==== End Of File ===========================

Link to post
Share on other sites

Hello ja2913 and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please download Malwarebytes Anti-Rootkit from here.

  1. Unzip the contents to a folder in a convenient location.
  2. Open the folder where the contents were unzipped and run mbar.exe ( right click and select Run as adminsistrator for Vista and Windows 7)
  3. Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  4. Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  5. Wait while the system shuts down and the cleanup process is performed.
  6. Please post the two logs produced.

In your next reply, post the following log files:

  • Malwarebytes Anti-Rootkit log
  • a new fresh DDS log

Link to post
Share on other sites

Thanks for your help, no threats were found, however when I first started (started it twice, it came back it came up with this error message

Malwarebytes Anti-Rootkit BETA 1.01.0.1021

www.malwarebytes.org

Database version: v2013.03.02.11

Windows 8 x64 NTFS

Internet Explorer 10.0.9200.16484

airso_000 :: JACOB [administrator]

3/2/2013 2:24:54 PM

mbar-log-2013-03-02 (14-24-54).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 34566

Time elapsed: 5 minute(s), 49 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.01.0.1021

© Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16484

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 3.501000 GHz

Memory total: 16993746944, free: 11810353152

------------ Kernel report ------------

03/02/2013 07:13:18

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kd.dll

\SystemRoot\system32\mcupdate_GenuineIntel.dll

\SystemRoot\System32\drivers\CLFS.SYS

\SystemRoot\System32\drivers\tm.sys

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\BOOTVID.dll

\SystemRoot\system32\CI.dll

\SystemRoot\System32\drivers\msrpc.sys

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\System32\Drivers\acpiex.sys

\SystemRoot\System32\Drivers\WppRecorder.sys

\SystemRoot\System32\drivers\ACPI.sys

\SystemRoot\System32\drivers\WMILIB.SYS

\SystemRoot\System32\drivers\msisadrv.sys

\SystemRoot\System32\drivers\pci.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\system32\drivers\tpm.sys

\SystemRoot\System32\drivers\vdrvroot.sys

\SystemRoot\system32\drivers\pdc.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\DRIVERS\kl1.sys

\SystemRoot\System32\drivers\spaceport.sys

\SystemRoot\System32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\System32\drivers\storahci.sys

\SystemRoot\System32\drivers\storport.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\System32\drivers\fileinfo.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\DRIVERS\wfplwfs.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\System32\drivers\volsnap.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\disk.sys

\SystemRoot\System32\drivers\CLASSPNP.SYS

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\drivers\cdrom.sys

\SystemRoot\system32\DRIVERS\klif.sys

\SystemRoot\system32\DRIVERS\klflt.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\BasicRender.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\System32\drivers\BasicDisplay.sys

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\system32\DRIVERS\klwfp.sys

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\drivers\ws2ifsl.sys

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\klim6.sys

\SystemRoot\system32\DRIVERS\bwcW8x64.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\csc.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\System32\drivers\npsvctrig.sys

\SystemRoot\System32\drivers\mssmbios.sys

\SystemRoot\system32\DRIVERS\kneps.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\System32\drivers\CompositeBus.sys

\SystemRoot\system32\DRIVERS\serscan.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\DRIVERS\kdnic.sys

\SystemRoot\System32\drivers\umbus.sys

\SystemRoot\system32\DRIVERS\nvlddmkm.sys

\SystemRoot\System32\drivers\HDAudBus.sys

\SystemRoot\system32\DRIVERS\igdkmd64.sys

\SystemRoot\System32\drivers\USBXHCI.SYS

\SystemRoot\System32\drivers\ucx01000.sys

\SystemRoot\System32\drivers\HECIx64.sys

\SystemRoot\system32\DRIVERS\e1c63x64.sys

\SystemRoot\System32\drivers\usbehci.sys

\SystemRoot\System32\drivers\USBPORT.SYS

\SystemRoot\System32\drivers\1394ohci.sys

\SystemRoot\system32\DRIVERS\e22w8x64.sys

\SystemRoot\System32\drivers\wmiacpi.sys

\SystemRoot\System32\drivers\intelppm.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\System32\drivers\swenum.sys

\SystemRoot\System32\drivers\rdpbus.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\System32\drivers\usbhub.sys

\SystemRoot\System32\drivers\USBD.SYS

\SystemRoot\system32\drivers\nvhda64v.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\System32\drivers\UsbHub3.sys

\SystemRoot\system32\drivers\cthda.sys

\SystemRoot\system32\drivers\HdAudio.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\HIDPARSE.SYS

\SystemRoot\System32\Drivers\dump_diskdump.sys

\SystemRoot\System32\Drivers\dump_storahci.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\System32\drivers\usbccgp.sys

\SystemRoot\System32\drivers\hidusb.sys

\SystemRoot\System32\drivers\HIDCLASS.SYS

\SystemRoot\System32\drivers\kbdhid.sys

\SystemRoot\system32\DRIVERS\klkbdflt.sys

\SystemRoot\System32\drivers\kbdclass.sys

\SystemRoot\System32\drivers\mouhid.sys

\SystemRoot\system32\DRIVERS\klmouflt.sys

\SystemRoot\System32\drivers\mouclass.sys

\SystemRoot\system32\drivers\usbaudio.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\system32\drivers\luafv.sys

\??\C:\WINDOWS\system32\drivers\mbam.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\system32\drivers\Ndu.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\System32\drivers\condrv.sys

\SystemRoot\system32\DRIVERS\mslldp.sys

\??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\drivers\qwavedrv.sys

\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys

\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys

----------- End -----------

<<<1>>>

Upper Device Name: \Device\Harddisk1\DR1

Upper Device Object: 0xfffffa800da38060

Upper Device Driver Name: \Driver\disk\

Lower Device Name: \Device\0000003c\

Lower Device Object: 0xfffffa800d8507f0

Lower Device Driver Name: \Driver\storahci\

Driver name found: storahci

Initialization returned 0x0

Port sub-driver loaded: \??\C:\Windows\System32\Drivers\storport.sys (0x0)

Load Function returned 0x0

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xfffffa800da39060

Upper Device Driver Name: \Driver\disk\

Lower Device Name: \Device\0000003b\

Lower Device Object: 0xfffffa800d7827f0

Lower Device Driver Name: \Driver\storahci\

Driver name found: storahci

Downloaded database version: v2013.03.02.05

Initializing...

Done!

<<<2>>>

Device number: 1, partition: 2

Physical Sector Size: 512

Drive: 1, DevicePointer: 0xfffffa800da38060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa800da38b10, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa800da38060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\

DevicePointer: 0xfffffa800d84f7e0, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xfffffa800d8507f0, DeviceName: \Device\0000003c\, DriverName: \Driver\storahci\

------------ End ----------

Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\

Upper DeviceData: 0xfffff8a01e94fed0, 0xfffffa800da38060, 0xfffffa807863b740

Lower DeviceData: 0xfffff8a02aed38a0, 0xfffffa800d8507f0, 0xfffffa8077f65310

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning directory: C:\WINDOWS\system32\drivers...

<<<2>>>

Device number: 1, partition: 2

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xfffffa800da39060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa800da39b10, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa800da39060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

DevicePointer: 0xfffffa800d84f9e0, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xfffffa800d7827f0, DeviceName: \Device\0000003b\, DriverName: \Driver\storahci\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

Upper DeviceData: 0xfffff8a024c8ddb0, 0xfffffa800da39060, 0xfffffa807861a740

Lower DeviceData: 0xfffff8a000c93ea0, 0xfffffa800d7827f0, 0xfffffa8075b853e0

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 3CE1CBFD

Partition information:

Partition 0 type is Primary (0x7)

Partition is NOT ACTIVE.

Partition starts at LBA: 2048 Numsec = 937697280

Partition 1 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 480103981056 bytes

Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-937683088-937703088)...

Drive 1

Scanning MBR on drive 1...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: E630913E

Partition information:

Partition 0 type is Primary (0x7)

Partition is ACTIVE.

Partition starts at LBA: 2048 Numsec = 204800

Partition file system is NTFS

Partition is bootable

Partition 1 type is Primary (0x7)

Partition is NOT ACTIVE.

Partition starts at LBA: 206848 Numsec = 499908608

Partition 2 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 256060514304 bytes

Sector size: 512 bytes

Done!

Performing system, memory and registry scan...

Done!

Scan finished

=======================================

DDs Logs

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16482

Run by airso_000 at 14:27:33 on 2013-03-02

Microsoft Windows 8 Pro with Media Center 6.2.9200.0.1252.1.1033.18.16206.11583 [GMT -5:00]

.

AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\WINDOWS\system32\svchost.exe -k RPCSS

C:\WINDOWS\system32\atiesrxx.exe

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\system32\dwm.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\WINDOWS\system32\atieclxx.exe

C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\WINDOWS\system32\nvvsvc.exe

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\System32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe

C:\WINDOWS\sysWow64\CtHdaSvc.exe

C:\WINDOWS\system32\IProsetMonitor.exe

C:\WINDOWS\system32\dashost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\WINDOWS\SysWOW64\PnkBstrA.exe

C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe

C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\taskhostex.exe

C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe

C:\Windows\System32\WWAHost.exe

C:\Windows\System32\RuntimeBroker.exe

C:\WINDOWS\WinStore\WSHost.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe

C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\MusicManager.exe

C:\Program Files (x86)\Origin\Origin.exe

C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe

C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe

C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Users\airso_000\Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe

C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe

D:\Steam\steam.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\WINDOWS\system32\wwahost.exe

C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe\LiveComm.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll

uRun: [steam] "D:\Steam\steam.exe" -silent

uRun: [KasperskyPasswordManager] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe

uRun: [Google Update] "C:\Users\airso_000\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [MusicManager] "C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"

uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart

uRun: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN278521PD05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1

mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe"

mRun: [sound Blaster Recon3Di Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe" /r

mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [ghost] C:\Users\airso_000\Documents\GIGABYTE\AIVIA GHOST\ghostopen.exe

mRunOnce: [Z1] cmd /c "C:\Users\airso_000\Downloads\mbar-1.01.0.1021\mbar\mbar.exe" /cleanup /s

StartupFolder: C:\Users\AIRSO_~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SAMSUN~1.LNK - C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\QUALCO~1.LNK - C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe

IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll

LSP: %SYSTEMROOT%\system32\BfLLR.dll

DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab

DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{A7939EEC-125A-4D78-9471-DF5ABD644C2D} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{C5F6885D-1307-4019-B255-6D2284AAA4F4} : DHCPNameServer = 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll,C:\WINDOWS\SysWOW64\nvinit.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings

x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll

x64-Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe

x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" -f "C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat"

x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R1 BfLwf;Qualcomm Atheros Bandwidth Control;C:\WINDOWS\System32\Drivers\bwcW8x64.sys [2012-8-1 73072]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\WINDOWS\System32\Drivers\klim6.sys [2012-8-2 28504]

R1 klwfp;klwfp;C:\WINDOWS\System32\Drivers\klwfp.sys [2012-8-3 50088]

R1 kneps;kneps;C:\WINDOWS\System32\Drivers\kneps.sys [2012-8-13 178008]

R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2012-11-15 240640]

R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-8-17 356376]

R2 CtHdaSvc;SB Recon3D Service;C:\Windows\SysWOW64\CtHdaSvc.exe [2012-8-22 103424]

R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\WINDOWS\System32\IPROSetMonitor.exe [2012-9-6 170824]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-30 398184]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-30 682344]

R2 Qualcomm Atheros Killer Service;Qualcomm Atheros Killer Service;C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [2012-8-1 490496]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-2-9 383264]

R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848]

R3 cthda;SB Recon3D HDAudio;C:\WINDOWS\System32\Drivers\cthda.sys [2012-8-22 1044320]

R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2012-11-11 160256]

R3 Ke2200;NDIS Miniport Driver for the Killer e2200 Gigabit Ethernet Controller;C:\WINDOWS\System32\Drivers\e22w8x64.sys [2012-8-1 164720]

R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\WINDOWS\System32\Drivers\klkbdflt.sys [2012-5-25 29016]

R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\WINDOWS\System32\Drivers\klmouflt.sys [2012-7-25 29528]

R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\Drivers\mbam.sys [2012-11-30 24176]

R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2012-11-19 13368]

S0 klelam;klelam;C:\WINDOWS\System32\Drivers\klelam.sys [2012-7-27 29616]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\Drivers\AtihdW86.sys [2012-8-21 91648]

S3 etdrv;etdrv;C:\Windows\etdrv.sys [2012-11-11 25640]

S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-12-9 150464]

S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2012-11-11 30528]

S3 LVRS64;Logitech RightSound Filter Driver;C:\WINDOWS\System32\Drivers\lvrs64.sys [2012-10-26 351520]

S3 LVUVC64;@oem13.inf,%PID_082D_DD%(UVC);Logitech HD Pro Webcam C920(UVC);C:\WINDOWS\System32\Drivers\lvuvc64.sys [2012-10-26 4758176]

S3 Media Center 18 Service;Media Center 18 Service;C:\Program Files (x86)\J River\Media Center 18\JRService.exe [2013-2-24 488704]

S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-25 117248]

S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\Drivers\WUDFRd.sys [2012-7-25 198656]

S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\WINDOWS\System32\Drivers\xusb22.sys [2012-7-25 89088]

.

=============== Created Last 30 ================

.

2013-03-01 23:12:44 443392 ----a-w- C:\WINDOWS\System32\ReAgent.dll

2013-03-01 23:12:44 375808 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll

2013-03-01 23:12:44 1010688 ----a-w- C:\WINDOWS\System32\reseteng.dll

2013-02-25 02:25:54 76 ----a-w- C:\WINDOWS\SysWow64\netjr32.dll

2013-02-25 02:25:54 585728 ------w- C:\WINDOWS\SysWow64\AReadyLB.dll

2013-02-25 02:25:54 585728 ------w- C:\WINDOWS\System32\AReadyLB.dll

2013-02-25 02:25:54 521472 ------w- C:\WINDOWS\SysWow64\MC18.exe

2013-02-25 02:25:54 521472 ------w- C:\WINDOWS\System32\MC18.exe

2013-02-25 02:25:54 229376 ------w- C:\WINDOWS\SysWow64\AudDevicePlugin.dll

2013-02-25 02:25:54 229376 ------w- C:\WINDOWS\System32\AudDevicePlugin.dll

2013-02-25 02:25:54 -------- d-----w- C:\Program Files (x86)\J River

2013-02-25 02:25:31 -------- d-----w- C:\Users\airso_000\AppData\Roaming\J River

2013-02-24 21:40:15 -------- d-----w- C:\Fraps

2013-02-23 06:08:51 -------- d-----w- C:\Users\airso_000\AppData\Roaming\NVIDIA

2013-02-19 02:10:07 -------- d-----w- C:\WINDOWS\SysWow64\NV

2013-02-19 02:10:07 -------- d-----w- C:\WINDOWS\System32\NV

2013-02-19 02:10:05 877856 ----a-w- C:\WINDOWS\System32\nvvsvc.exe

2013-02-19 02:10:05 6393120 ----a-w- C:\WINDOWS\System32\nvcpl.dll

2013-02-19 02:10:05 63776 ----a-w- C:\WINDOWS\System32\nvshext.dll

2013-02-19 02:10:05 3472672 ----a-w- C:\WINDOWS\System32\nvsvc64.dll

2013-02-19 02:10:05 3035306 ----a-w- C:\WINDOWS\System32\nvcoproc.bin

2013-02-19 02:10:05 237856 ----a-w- C:\WINDOWS\System32\nvmctray.dll

2013-02-19 02:09:55 -------- d-----w- C:\ProgramData\NVIDIA Corporation

2013-02-19 02:09:37 31672 ----a-w- C:\WINDOWS\System32\nvhdap64.dll

2013-02-19 02:09:37 194488 ----a-w- C:\WINDOWS\System32\drivers\nvhda64v.sys

2013-02-19 02:09:37 1807136 ----a-w- C:\WINDOWS\System32\nvdispco6420294.dll

2013-02-19 02:09:37 1510328 ----a-w- C:\WINDOWS\System32\nvhdagenco6420103.dll

2013-02-19 02:09:37 1510176 ----a-w- C:\WINDOWS\System32\nvdispgenco6420162.dll

2013-02-12 23:44:04 4055552 ----a-w- C:\WINDOWS\System32\win32k.sys

2013-02-09 23:43:52 555808 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe

2013-02-05 05:28:00 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

.

==================== Find3M ====================

.

2013-02-26 04:56:58 50088 ----a-w- C:\WINDOWS\System32\drivers\klwfp.sys

2013-02-21 07:29:31 78168 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl

2013-02-21 07:29:30 692568 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe

2013-01-31 03:29:52 2226408 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys

2013-01-16 00:35:49 44032 ----a-w- C:\WINDOWS\SysWow64\UXInit.dll

2013-01-16 00:31:26 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll

2013-01-16 00:25:17 1437696 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll

2013-01-16 00:23:19 1690624 ----a-w- C:\WINDOWS\System32\GdiPlus.dll

2013-01-14 03:56:14 6967016 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe

2013-01-10 01:53:32 28904 ----a-w- C:\WINDOWS\System32\drivers\msgpiowin32.sys

2013-01-10 01:40:39 1448168 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys

2013-01-10 01:40:38 303848 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys

2013-01-10 01:39:29 194280 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys

2013-01-10 01:39:22 124648 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys

2013-01-10 01:29:56 91880 ----a-w- C:\WINDOWS\System32\drivers\partmgr.sys

2013-01-10 01:29:54 1934056 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys

2013-01-10 01:29:21 785504 ----a-w- C:\WINDOWS\System32\drivers\Wdf01000.sys

2013-01-09 23:26:53 83968 ----a-w- C:\WINDOWS\SysWow64\wiaacmgr.exe

2013-01-09 23:26:46 1611776 ----a-w- C:\WINDOWS\SysWow64\mmc.exe

2013-01-09 23:26:35 410624 ----a-w- C:\WINDOWS\SysWow64\Windows.Networking.dll

2013-01-09 23:26:35 261120 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll

2013-01-09 23:26:25 278528 ----a-w- C:\WINDOWS\SysWow64\srm.dll

2013-01-09 23:26:25 202752 ----a-w- C:\WINDOWS\SysWow64\srmstormod.dll

2013-01-09 23:26:23 1752064 ----a-w- C:\WINDOWS\SysWow64\setupapi.dll

2013-01-09 23:26:20 67584 ----a-w- C:\WINDOWS\SysWow64\samlib.dll

2013-01-09 23:26:08 115712 ----a-w- C:\WINDOWS\SysWow64\netprofm.dll

2013-01-09 23:26:04 890880 ----a-w- C:\WINDOWS\SysWow64\msctf.dll

2013-01-09 23:26:03 436736 ----a-w- C:\WINDOWS\SysWow64\MP4SDECD.DLL

2013-01-09 23:25:55 582144 ----a-w- C:\WINDOWS\SysWow64\gpprefcl.dll

2013-01-09 23:23:32 95232 ----a-w- C:\WINDOWS\System32\wiaacmgr.exe

2013-01-09 23:23:25 2094592 ----a-w- C:\WINDOWS\System32\mmc.exe

2013-01-09 23:23:18 256000 ----a-w- C:\WINDOWS\System32\WSDMon.dll

2013-01-09 23:23:16 1964544 ----a-w- C:\WINDOWS\System32\wlidsvc.dll

2013-01-09 23:23:14 594944 ----a-w- C:\WINDOWS\System32\Windows.Networking.dll

2013-01-09 23:23:14 406016 ----a-w- C:\WINDOWS\System32\Windows.Media.dll

2013-01-09 23:23:09 274432 ----a-w- C:\WINDOWS\System32\srmstormod.dll

2013-01-09 23:23:08 279040 ----a-w- C:\WINDOWS\System32\srm.dll

2013-01-09 23:23:07 1886208 ----a-w- C:\WINDOWS\System32\setupapi.dll

2013-01-09 23:23:05 728064 ----a-w- C:\WINDOWS\System32\samsrv.dll

2013-01-09 23:22:53 464384 ----a-w- C:\WINDOWS\System32\netprofmsvc.dll

2013-01-09 23:22:53 151040 ----a-w- C:\WINDOWS\System32\netprofm.dll

2013-01-09 23:22:43 1120768 ----a-w- C:\WINDOWS\System32\msctf.dll

2013-01-09 23:22:41 666112 ----a-w- C:\WINDOWS\System32\MP4SDECD.DLL

2013-01-09 23:22:35 438272 ----a-w- C:\WINDOWS\System32\lsm.dll

2013-01-09 23:22:29 894464 ----a-w- C:\WINDOWS\System32\iphlpsvc.dll

2013-01-09 23:22:29 159232 ----a-w- C:\WINDOWS\System32\inetpp.dll

2013-01-09 23:22:26 49152 ----a-w- C:\WINDOWS\System32\drivers\UMDF\HidBthLE.dll

2013-01-09 23:22:25 820736 ----a-w- C:\WINDOWS\System32\gpprefcl.dll

2013-01-09 23:22:05 1918464 ----a-w- C:\WINDOWS\System32\wbem\cimwin32.dll

2013-01-09 03:59:47 341504 ----a-w- C:\WINDOWS\System32\drivers\HdAudio.sys

2013-01-06 15:32:20 30528 ----a-w- C:\WINDOWS\GVTDrv64.sys

2013-01-06 15:32:12 25640 ----a-w- C:\WINDOWS\gdrv.sys

2013-01-04 05:32:36 2706432 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb

2013-01-04 04:19:53 2706432 ----a-w- C:\WINDOWS\System32\mshtml.tlb

2012-12-26 22:18:06 76888 ----a-w- C:\WINDOWS\SysWow64\PnkBstrA.exe

2012-12-26 22:16:35 281688 ----a-w- C:\WINDOWS\SysWow64\PnkBstrB.exe

2012-12-20 00:37:37 1775616 ----a-w- C:\WINDOWS\SysWow64\wininet.dll

2012-12-20 00:37:04 2881536 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll

2012-12-20 00:37:02 61440 ----a-w- C:\WINDOWS\SysWow64\iesetup.dll

2012-12-20 00:37:02 109056 ----a-w- C:\WINDOWS\SysWow64\iesysprep.dll

2012-12-20 00:36:50 431616 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll

2012-12-20 00:29:16 2246656 ----a-w- C:\WINDOWS\System32\wininet.dll

2012-12-20 00:29:11 907776 ----a-w- C:\WINDOWS\System32\uxtheme.dll

2012-12-20 00:28:29 3966464 ----a-w- C:\WINDOWS\System32\jscript9.dll

2012-12-20 00:28:26 136704 ----a-w- C:\WINDOWS\System32\iesysprep.dll

2012-12-20 00:28:04 39936 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll

2012-12-19 11:34:48 2250024 ----a-w- C:\WINDOWS\SysWow64\pbsvc.exe

2012-12-19 01:27:13 281688 ----a-w- C:\WINDOWS\SysWow64\PnkBstrB.xtr

2012-12-19 01:20:07 281688 ----a-w- C:\WINDOWS\SysWow64\PnkBstrB.ex0

2012-12-18 01:56:27 534528 ----a-w- C:\WINDOWS\SysWow64\uxtheme.dll

2012-12-16 08:28:20 46080 ----a-w- C:\WINDOWS\System32\atmlib.dll

2012-12-16 08:20:01 35328 ----a-w- C:\WINDOWS\SysWow64\atmlib.dll

2012-12-16 08:08:33 362496 ----a-w- C:\WINDOWS\System32\atmfd.dll

2012-12-16 07:57:09 300032 ----a-w- C:\WINDOWS\SysWow64\atmfd.dll

2012-12-14 21:49:28 24176 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys

2012-12-06 04:23:00 170496 ----a-w- C:\WINDOWS\System32\TimeBrokerServer.dll

2012-12-06 04:22:59 178176 ----a-w- C:\WINDOWS\System32\SystemEventsBrokerServer.dll

2012-12-05 12:03:59 29016 ----a-w- C:\WINDOWS\System32\drivers\klkbdflt.sys

2012-12-04 23:25:44 0 ----a-w- C:\WINDOWS\ativpsrm.bin

2012-12-04 04:21:42 368640 ----a-w- C:\WINDOWS\System32\sppwinob.dll

.

============= FINISH: 14:27:50.92 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 8 Pro with Media Center

Boot Device: \Device\HarddiskVolume2

Install Date: 10/26/2012 7:47:48 AM

System Uptime: 2/24/2013 4:49:31 PM (142 hours ago)

.

Motherboard: Gigabyte Technology Co., Ltd. | | G1.Sniper 3

Processor: Intel® Core™ i5-3570K CPU @ 3.40GHz | Intel® Core™ i5-3570K CPU @ 3.40GHz | 4201/103mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 238 GiB total, 67.232 GiB free.

D: is FIXED (NTFS) - 447 GiB total, 48.159 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP30: 2/12/2013 6:45:51 PM - Windows Update

RP31: 2/19/2013 7:11:50 PM - Installed AIVIA GHOST.

RP32: 2/27/2013 3:01:09 AM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

@BIOS

3DMark 11

Adobe Reader XI (11.0.02)

AIVIA GHOST

Amazon MP3 Downloader 1.0.17

ARMA 2

ARMA 2: British Armed Forces

ARMA 2: Operation Arrowhead

ARMA 2: Operation Arrowhead Beta

ARMA 2: Private Military Company

Assassin’s Creed® III

Batman: Arkham City GOTY

Battlefield 3™

Battlefield: Bad Company™ 2

Battlelog Web Plugins

BattlEye Uninstall

Borderlands 2

Call of Duty: Black Ops II

Call of Duty: Black Ops II - Zombies

Call of Duty: World at War

CameraHelperMsi

CCleaner

Counter-Strike: Global Offensive

CPUID CPU-Z G1 1.61.3

Crysis

Crysis 2 Maximum Edition

Crysis Warhead

Crysis Wars

Dead Island

Dead Rising 2

Dead Space

Dead Space 2

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dishonored

Easy Tune 6 B12.1012.1

erLT

ESN Sonar

Fallout 3 - Game of the Year Edition

Fallout: New Vegas

Far Cry 2

Far Cry 3

FIFA 13

Fraps (remove only)

Futuremark SystemInfo

Gears of War for Windows

Google Chrome

Google Update Helper

Grand Theft Auto IV

Grand Theft Auto: Episodes from Liberty City

Grand Theft Auto: Vice City

Hitman: Absolution

HP Photosmart 6510 series Basic Device Software

HP Photosmart 6510 series Help

HP Update

Intel® Network Connections 17.4.95.0

Intel® Processor Graphics

Just Cause 2

Kaspersky Internet Security 2013

Kaspersky Password Manager 5.0.0.169

Logitech Webcam Software

LWS Facebook

LWS Gallery

LWS Help_main

LWS Launcher

LWS Motion Detection

LWS Pictures And Video

LWS Twitter

LWS Webcam Software

LWS WLM Plugin

LWS YouTube Plugin

Malwarebytes Anti-Malware version 1.70.0.1100

Mass Effect

Max Payne 3

Media Center 18

MediaMonkey 4.0

Metro 2033

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MSI Afterburner 2.3.0

Music Manager

NVIDIA 3D Vision Controller Driver 314.07

NVIDIA 3D Vision Driver 314.07

NVIDIA Control Panel 314.07

NVIDIA GeForce Experience 1.0.1 (BETA)

NVIDIA Graphics Driver 314.07

NVIDIA HD Audio Driver 1.3.23.1

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX System Software 9.12.1031

NVIDIA Stereoscopic 3D Driver

NVIDIA Update 2.47.62

NVIDIA Update Components

OpenAL

Origin

PunkBuster Services

Qualcomm Atheros Killer Network Manager

RAGE

Samsung SSD Magician

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Sid Meier's Civilization V

Sniper Elite

Sniper Elite V2

Sound Blaster Recon3Di

Star Wars: Knights of the Old Republic

Star Wars: Knights of the Old Republic II

Steam

TechPowerUp GPU-Z

The Elder Scrolls V: Skyrim

The Sims™ 3

The Walking Dead

The Witcher 2: Assassins of Kings Enhanced Edition

Total War: SHOGUN 2

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Uplay

XCOM: Enemy Unknown

.

==== Event Viewer Messages From Past Week ========

.

2/26/2013 5:07:26 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

2/26/2013 5:07:26 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2/25/2013 9:50:52 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: Microsoft.WindowsLive.ModernPhotos.AppXsjk229593yvkhw8w13eans3t0eh9strp.wwa as Unavailable/Unavailable. The error: "5" Happened while starting this command: "C:\WINDOWS\system32\wwahost.exe" -ServerName:Microsoft.WindowsLive.ModernPhotos.wwa

2/25/2013 8:55:29 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: Microsoft.WindowsLive.ModernPhotos.wwa as Unavailable/Unavailable. The error: "5" Happened while starting this command: "C:\WINDOWS\system32\wwahost.exe" -ServerName:Microsoft.WindowsLive.ModernPhotos.wwa

2/23/2013 7:15:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Qualcomm Atheros Killer Service service.

.

==== End Of File ===========================</orphaned></orphaned>

Link to post
Share on other sites

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Link to post
Share on other sites

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

Link to post
Share on other sites

Thanks again

OTL logfile created on: 3/3/2013 5:54:41 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\airso_000\Desktop

64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16484)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.83 Gb Total Physical Memory | 13.77 Gb Available Physical Memory | 87.02% Memory free

31.83 Gb Paging File | 29.57 Gb Available in Paging File | 92.92% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 238.37 Gb Total Space | 67.18 Gb Free Space | 28.18% Space Free | Partition Type: NTFS

Drive D: | 447.13 Gb Total Space | 48.16 Gb Free Space | 10.77% Space Free | Partition Type: NTFS

Computer Name: JACOB | User Name: airso_000 | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/03 17:52:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\airso_000\Desktop\OTL.exe

PRC - [2013/02/25 07:39:34 | 001,602,984 | ---- | M] (Valve Corporation) -- D:\Steam\steam.exe

PRC - [2013/02/25 07:39:32 | 000,543,144 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe

PRC - [2013/02/23 19:15:17 | 003,494,992 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe

PRC - [2013/02/09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2013/01/18 21:51:31 | 001,129,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

PRC - [2013/01/18 21:50:09 | 002,070,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

PRC - [2013/01/14 18:31:30 | 007,437,824 | ---- | M] (Google Inc.) -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\MusicManager.exe

PRC - [2012/12/26 17:18:06 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2012/12/18 14:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2012/11/19 03:57:28 | 000,166,968 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe

PRC - [2012/11/19 03:57:24 | 000,420,920 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe

PRC - [2012/11/15 11:21:58 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe

PRC - [2012/09/18 15:41:02 | 000,191,488 | ---- | M] () -- C:\Users\airso_000\My Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe

PRC - [2012/09/13 02:38:44 | 000,204,136 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

PRC - [2012/09/13 02:38:20 | 000,264,040 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

PRC - [2012/08/22 22:53:56 | 000,103,424 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CtHdaSvc.exe

PRC - [2012/08/22 03:55:04 | 000,964,096 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe

PRC - [2012/08/17 15:43:54 | 003,134,232 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe

PRC - [2012/07/11 04:16:36 | 002,014,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe

PRC - [2011/08/30 15:55:54 | 000,160,256 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

PRC - [2011/08/19 11:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

========== Modules (No Company Name) ==========

MOD - [2013/02/25 07:39:32 | 000,988,584 | ---- | M] () -- D:\Steam\bin\chromehtml.dll

MOD - [2013/02/23 19:15:17 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Origin\tufao.dll

MOD - [2013/02/19 11:48:10 | 020,340,648 | ---- | M] () -- D:\Steam\bin\libcef.dll

MOD - [2013/02/13 17:20:01 | 012,700,160 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\9c95779cc3d65cda80695cabc367476b\System.Windows.Forms.ni.dll

MOD - [2013/02/09 22:25:27 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll

MOD - [2013/01/14 18:19:36 | 000,344,064 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll

MOD - [2013/01/14 18:19:22 | 000,231,936 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll

MOD - [2013/01/14 18:18:54 | 000,253,440 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\libid3tag.dll

MOD - [2013/01/14 18:18:44 | 000,117,248 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\libaacdec.dll

MOD - [2013/01/10 20:49:47 | 007,561,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e1ec8b9a6d4f9af9d6065c4187fb1b5f\System.Xml.ni.dll

MOD - [2013/01/10 20:49:45 | 001,880,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\f641b786d36d1cc5a5531a746c96ce1b\System.Xaml.ni.dll

MOD - [2013/01/10 20:49:30 | 001,631,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\38638a559066bf7f2325a53ed53629bc\System.Drawing.ni.dll

MOD - [2013/01/10 20:49:26 | 018,542,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\8347ac8367f91309fa888d79a54c7450\PresentationFramework.ni.dll

MOD - [2013/01/10 20:49:20 | 010,926,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\1c7f4533b2b24c10a628793a8b93e1a7\PresentationCore.ni.dll

MOD - [2013/01/10 20:49:16 | 003,910,144 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\15cc4fff434f274c1f6ab56a385dcb54\WindowsBase.ni.dll

MOD - [2013/01/10 20:49:12 | 009,937,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\a7811936e59aaee26b1d9d467174d6d4\System.ni.dll

MOD - [2013/01/10 20:49:08 | 016,544,768 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\374a0cc6603f58864831897ef723bd4a\mscorlib.ni.dll

MOD - [2013/01/10 15:01:44 | 000,026,624 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll

MOD - [2013/01/10 15:01:26 | 010,683,392 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll

MOD - [2013/01/10 15:01:24 | 001,681,408 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll

MOD - [2013/01/10 15:01:22 | 007,741,952 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\QtGui4.dll

MOD - [2013/01/10 15:01:20 | 002,248,192 | ---- | M] () -- C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\QtCore4.dll

MOD - [2012/12/18 18:28:50 | 000,647,168 | ---- | M] () -- D:\Steam\sdl.dll

MOD - [2012/12/11 09:51:10 | 001,100,800 | ---- | M] () -- D:\Steam\bin\avcodec-53.dll

MOD - [2012/12/11 09:51:10 | 000,192,000 | ---- | M] () -- D:\Steam\bin\avformat-53.dll

MOD - [2012/12/11 09:51:10 | 000,124,416 | ---- | M] () -- D:\Steam\bin\avutil-51.dll

MOD - [2012/11/19 03:57:28 | 000,166,968 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe

MOD - [2012/11/19 03:57:24 | 000,420,920 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe

MOD - [2012/11/08 08:25:04 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll

MOD - [2012/11/08 08:23:26 | 000,339,968 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll

MOD - [2012/11/08 08:12:20 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll

MOD - [2012/11/08 08:08:28 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll

MOD - [2012/11/08 08:06:28 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll

MOD - [2012/11/08 07:56:16 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll

MOD - [2012/11/08 07:46:16 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTMUI.dll

MOD - [2012/11/08 07:24:12 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTUI.dll

MOD - [2012/11/08 07:21:52 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTFC.dll

MOD - [2012/09/18 15:41:02 | 000,191,488 | ---- | M] () -- C:\Users\airso_000\My Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe

MOD - [2012/09/13 02:39:18 | 000,336,232 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll

MOD - [2012/09/13 02:38:52 | 007,955,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll

MOD - [2012/09/13 02:38:52 | 000,341,352 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll

MOD - [2012/09/13 02:38:52 | 000,127,336 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll

MOD - [2012/09/13 02:38:52 | 000,028,008 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll

MOD - [2012/09/13 02:38:44 | 002,144,104 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll

MOD - [2012/09/13 02:38:20 | 000,264,040 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

MOD - [2012/08/17 20:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll

MOD - [2011/04/30 10:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll

MOD - [2011/04/30 10:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTTSH.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/01/09 18:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)

SRV:64bit: - [2013/01/09 18:22:53 | 000,464,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)

SRV:64bit: - [2013/01/09 18:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)

SRV:64bit: - [2012/12/05 23:23:00 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)

SRV:64bit: - [2012/12/05 23:22:59 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)

SRV:64bit: - [2012/11/15 12:22:04 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2012/11/05 23:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)

SRV:64bit: - [2012/11/05 23:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)

SRV:64bit: - [2012/09/20 04:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)

SRV:64bit: - [2012/09/20 01:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)

SRV:64bit: - [2012/09/20 01:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)

SRV:64bit: - [2012/09/06 01:53:46 | 000,170,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel®

SRV:64bit: - [2012/08/01 16:11:36 | 000,490,496 | ---- | M] () [Auto | Running] -- C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe -- (Qualcomm Atheros Killer Service)

SRV:64bit: - [2012/07/25 22:17:59 | 000,015,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)

SRV:64bit: - [2012/07/25 22:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)

SRV:64bit: - [2012/07/25 22:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)

SRV:64bit: - [2012/07/25 22:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)

SRV:64bit: - [2012/07/25 22:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)

SRV:64bit: - [2012/07/25 22:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)

SRV:64bit: - [2012/07/25 22:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)

SRV:64bit: - [2012/07/25 22:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)

SRV:64bit: - [2012/07/25 22:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)

SRV:64bit: - [2012/07/25 22:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)

SRV:64bit: - [2012/07/25 22:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)

SRV:64bit: - [2012/07/25 22:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)

SRV:64bit: - [2012/07/25 22:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)

SRV:64bit: - [2012/07/25 22:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)

SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)

SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)

SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)

SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)

SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)

SRV - [2013/03/02 17:59:38 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2013/03/02 17:59:36 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)

SRV - [2013/02/25 07:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2013/02/09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2013/01/18 21:50:09 | 002,070,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2013/01/03 15:47:43 | 000,488,704 | ---- | M] (JRiver, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\J River\Media Center 18\JRService.exe -- (Media Center 18 Service)

SRV - [2012/12/26 17:18:06 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2012/12/18 14:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2012/11/15 11:21:58 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP)

SRV - [2012/11/05 23:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)

SRV - [2012/10/10 02:22:26 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)

SRV - [2012/08/22 22:53:56 | 000,103,424 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Windows\SysWOW64\CtHdaSvc.exe -- (CtHdaSvc)

SRV - [2012/08/10 12:42:54 | 000,150,464 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)

SRV - [2012/07/25 22:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)

SRV - [2011/08/30 15:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)

SRV - [2011/08/19 11:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/02/25 23:56:58 | 000,050,088 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\klwfp.sys -- (klwfp)

DRV:64bit: - [2013/01/09 20:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)

DRV:64bit: - [2013/01/09 20:39:29 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2012/12/19 00:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012/12/05 07:03:59 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\klkbdflt.sys -- (klkbdflt)

DRV:64bit: - [2012/11/26 22:56:29 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)

DRV:64bit: - [2012/11/26 22:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)

DRV:64bit: - [2012/11/19 23:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)

DRV:64bit: - [2012/11/15 13:13:32 | 011,270,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2012/11/15 11:57:48 | 000,546,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2012/11/15 11:22:26 | 000,612,696 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\klif.sys -- (KLIF)

DRV:64bit: - [2012/11/06 02:52:07 | 000,445,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)

DRV:64bit: - [2012/11/06 02:36:23 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)

DRV:64bit: - [2012/11/05 22:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)

DRV:64bit: - [2012/10/26 15:42:22 | 004,758,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lvuvc64.sys -- (LVUVC64)

DRV:64bit: - [2012/10/26 15:42:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lvrs64.sys -- (LVRS64)

DRV:64bit: - [2012/10/26 09:11:57 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\klmouflt.sys -- (klmouflt)

DRV:64bit: - [2012/10/12 03:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/10/11 02:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)

DRV:64bit: - [2012/10/11 02:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)

DRV:64bit: - [2012/10/10 22:51:49 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\serscan.sys -- (StillCam)

DRV:64bit: - [2012/10/10 02:22:28 | 005,343,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2012/09/20 02:55:33 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)

DRV:64bit: - [2012/09/20 02:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)

DRV:64bit: - [2012/09/20 02:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)

DRV:64bit: - [2012/09/20 02:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2012/09/20 02:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2012/09/20 02:03:08 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)

DRV:64bit: - [2012/08/22 22:58:48 | 001,044,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\cthda.sys -- (cthda)

DRV:64bit: - [2012/08/21 11:56:38 | 000,091,648 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)

DRV:64bit: - [2012/08/13 15:49:40 | 000,178,008 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\kneps.sys -- (kneps)

DRV:64bit: - [2012/08/10 02:40:54 | 000,452,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\e1c63x64.sys -- (e1cexpress)

DRV:64bit: - [2012/08/02 14:09:32 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\klim6.sys -- (KLIM6)

DRV:64bit: - [2012/08/01 16:12:40 | 000,164,720 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\e22w8x64.sys -- (Ke2200)

DRV:64bit: - [2012/08/01 16:12:40 | 000,073,072 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\bwcW8x64.sys -- (BfLwf)

DRV:64bit: - [2012/07/27 17:38:24 | 000,029,616 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\klelam.sys -- (klelam)

DRV:64bit: - [2012/07/26 00:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012/07/26 00:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)

DRV:64bit: - [2012/07/26 00:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)

DRV:64bit: - [2012/07/26 00:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)

DRV:64bit: - [2012/07/26 00:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)

DRV:64bit: - [2012/07/26 00:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)

DRV:64bit: - [2012/07/26 00:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)

DRV:64bit: - [2012/07/26 00:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)

DRV:64bit: - [2012/07/26 00:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)

DRV:64bit: - [2012/07/26 00:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2012/07/26 00:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2012/07/26 00:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)

DRV:64bit: - [2012/07/26 00:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2012/07/26 00:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)

DRV:64bit: - [2012/07/26 00:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)

DRV:64bit: - [2012/07/26 00:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2012/07/26 00:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)

DRV:64bit: - [2012/07/26 00:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2012/07/26 00:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2012/07/25 23:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)

DRV:64bit: - [2012/07/25 23:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)

DRV:64bit: - [2012/07/25 23:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)

DRV:64bit: - [2012/07/25 23:44:30 | 000,258,288 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)

DRV:64bit: - [2012/07/25 23:36:15 | 000,034,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)

DRV:64bit: - [2012/07/25 22:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)

DRV:64bit: - [2012/07/25 21:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV:64bit: - [2012/07/25 21:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)

DRV:64bit: - [2012/07/25 21:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)

DRV:64bit: - [2012/07/25 21:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)

DRV:64bit: - [2012/07/25 21:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)

DRV:64bit: - [2012/07/25 21:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)

DRV:64bit: - [2012/07/25 21:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)

DRV:64bit: - [2012/07/25 21:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)

DRV:64bit: - [2012/07/25 21:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)

DRV:64bit: - [2012/07/25 21:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)

DRV:64bit: - [2012/07/25 21:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)

DRV:64bit: - [2012/07/25 21:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)

DRV:64bit: - [2012/07/25 21:26:57 | 000,089,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\xusb22.sys -- (xusb22)

DRV:64bit: - [2012/07/25 21:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)

DRV:64bit: - [2012/07/25 21:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)

DRV:64bit: - [2012/07/25 21:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012/07/25 21:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)

DRV:64bit: - [2012/07/25 21:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)

DRV:64bit: - [2012/07/25 21:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012/07/25 21:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid)

DRV:64bit: - [2012/07/25 21:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp)

DRV:64bit: - [2012/07/25 21:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)

DRV:64bit: - [2012/07/25 21:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr)

DRV:64bit: - [2012/07/25 21:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp)

DRV:64bit: - [2012/07/25 21:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)

DRV:64bit: - [2012/07/25 21:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)

DRV:64bit: - [2012/07/25 21:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)

DRV:64bit: - [2012/07/17 17:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)

DRV:64bit: - [2012/06/19 16:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\kl1.sys -- (kl1)

DRV:64bit: - [2012/06/02 09:31:38 | 000,333,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1i63x64.sys -- (e1iexpress)

DRV - [2013/01/06 10:32:20 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)

DRV - [2013/01/06 10:32:12 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)

DRV - [2012/11/19 03:57:24 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)

DRV - [2012/11/11 23:32:57 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/

IE - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

IE - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C1 23 6D A4 47 11 CE 01 [binary data]

IE - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR

IE - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@kaspersky.com/Password Manager: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\npkpmAutofill.dll (Kaspersky Lab)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\airso_000\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\airso_000\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)

FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012/12/20 17:43:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012/12/20 17:43:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012/12/20 17:43:11 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012/12/20 17:43:11 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012/12/20 17:43:12 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}

CHR - homepage:

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\pdf.dll

CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\plugin/npUrlAdvisor.dll

CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\plugin/online_banking_npapi.dll

CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\plugin/npVKPlugin.dll

CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\plugin/npABPlugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

CHR - Extension: YouTube = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

CHR - Extension: Google Search = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

CHR - Extension: Kaspersky URL Advisor = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\

CHR - Extension: Password Manager Autofill Engine = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddagfbbgmdhmolnjoaghlapikdcahbbl\5.0.0.169\

CHR - Extension: Safe Money = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\

CHR - Extension: Virtual Keyboard = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\

CHR - Extension: Gmail = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

CHR - Extension: Anti-Banner = C:\Users\airso_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\

O1 HOSTS File: ([2012/07/26 00:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts

O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe (Kaspersky Lab ZAO)

O4 - HKLM..\Run: [ghost] C:\Users\airso_000\My Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe ()

O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)

O4 - HKLM..\Run: [sound Blaster Recon3Di Control Panel] C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [updReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)

O4 - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)

O4 - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001..\Run: [HP Photosmart 6510 series (NET)] C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)

O4 - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001..\Run: [KasperskyPasswordManager] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe (Kaspersky Lab)

O4 - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001..\Run: [MusicManager] C:\Users\airso_000\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)

O4 - HKU\S-1-5-21-2300135977-2110550730-3846344849-1001..\Run: [steam] D:\Steam\steam.exe (Valve Corporation)

O4 - Startup: C:\Users\airso_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk = C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()

O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()

O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab (Creative Software AutoUpdate)

O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab (Creative Software AutoUpdate Support Package)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A7939EEC-125A-4D78-9471-DF5ABD644C2D}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5F6885D-1307-4019-B255-6D2284AAA4F4}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL) - File not found

O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll) - File not found

O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O30 - LSA: Security Packages - (livessp) - File not found

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/03 17:52:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\airso_000\Desktop\OTL.exe

[2013/03/03 11:32:58 | 005,036,301 | ---- | C] (Swearware) -- C:\Users\airso_000\Desktop\ComboFix.exe

[2013/03/02 17:59:37 | 002,906,590 | ---- | C] (Creative) -- C:\WINDOWS\SysWow64\Sens_oal.dll

[2013/03/02 17:59:37 | 001,944,064 | ---- | C] (Creative) -- C:\WINDOWS\SysNative\Sens_oal.dll

[2013/03/02 17:59:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared

[2013/03/02 17:59:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative

[2013/03/02 15:26:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro

[2013/03/02 15:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro

[2013/03/02 15:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro

[2013/02/25 12:11:33 | 000,000,000 | ---D | C] -- C:\Users\airso_000\Documents\JRiver

[2013/02/24 21:26:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JRiver Media Center 18

[2013/02/24 21:25:54 | 000,585,728 | ---- | C] (Audible Inc.) -- C:\WINDOWS\SysWow64\AReadyLB.dll

[2013/02/24 21:25:54 | 000,585,728 | ---- | C] (Audible Inc.) -- C:\WINDOWS\SysNative\AReadyLB.dll

[2013/02/24 21:25:54 | 000,521,472 | ---- | C] (JRiver, Inc.) -- C:\WINDOWS\SysWow64\MC18.exe

[2013/02/24 21:25:54 | 000,521,472 | ---- | C] (JRiver, Inc.) -- C:\WINDOWS\SysNative\MC18.exe

[2013/02/24 21:25:54 | 000,229,376 | ---- | C] (Audible Inc.) -- C:\WINDOWS\SysWow64\AudDevicePlugin.dll

[2013/02/24 21:25:54 | 000,229,376 | ---- | C] (Audible Inc.) -- C:\WINDOWS\SysNative\AudDevicePlugin.dll

[2013/02/24 21:25:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\J River

[2013/02/24 21:25:31 | 000,000,000 | ---D | C] -- C:\Users\airso_000\AppData\Roaming\J River

[2013/02/24 16:40:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps

[2013/02/24 16:40:15 | 000,000,000 | ---D | C] -- C:\Fraps

[2013/02/23 01:08:51 | 000,000,000 | ---D | C] -- C:\Users\airso_000\AppData\Roaming\NVIDIA

[2013/02/19 19:12:03 | 000,000,000 | ---D | C] -- C:\Users\airso_000\Documents\GIGABYTE

[2013/02/19 18:55:35 | 000,000,000 | ---D | C] -- C:\Users\airso_000\Documents\New folder

[2013/02/18 21:10:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\NV

[2013/02/18 21:10:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\NV

[2013/02/18 21:09:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\Users\airso_000\Documents\*.tmp files -> C:\Users\airso_000\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/03 17:52:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\airso_000\Desktop\OTL.exe

[2013/03/03 17:40:00 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2013/03/03 17:09:00 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2300135977-2110550730-3846344849-1001UA.job

[2013/03/03 15:51:06 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2013/03/03 15:44:06 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/03/03 11:33:04 | 005,036,301 | ---- | M] (Swearware) -- C:\Users\airso_000\Desktop\ComboFix.exe

[2013/03/02 21:09:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2300135977-2110550730-3846344849-1001Core.job

[2013/03/02 18:04:55 | 000,848,230 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI

[2013/03/02 18:04:55 | 000,718,176 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat

[2013/03/02 18:04:55 | 000,132,542 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat

[2013/03/02 18:00:41 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys

[2013/03/02 18:00:38 | 710,094,845 | -HS- | M] () -- C:\hiberfil.sys

[2013/03/02 17:59:39 | 000,466,520 | ---- | M] (Creative Labs) -- C:\WINDOWS\SysNative\wrap_oal.dll

[2013/03/02 17:59:39 | 000,445,016 | ---- | M] (Creative Labs) -- C:\WINDOWS\SysWow64\wrap_oal.dll

[2013/03/02 17:59:22 | 000,000,078 | RH-- | M] () -- C:\WINDOWS\ctfile.rfc

[2013/02/27 19:00:21 | 000,608,386 | ---- | M] () -- C:\Users\airso_000\Desktop\Puppy.png

[2013/02/25 23:56:58 | 000,050,088 | ---- | M] (Kaspersky Lab ZAO) -- C:\WINDOWS\SysNative\drivers\klwfp.sys

[2013/02/25 21:00:54 | 000,871,124 | ---- | M] () -- C:\Users\airso_000\Documents\Scan.tif

[2013/02/25 20:54:45 | 000,101,276 | ---- | M] () -- C:\Users\airso_000\Documents\Scan0001.jpg

[2013/02/24 21:25:54 | 000,000,076 | ---- | M] () -- C:\WINDOWS\SysWow64\netjr32.dll

[2013/02/24 16:40:15 | 000,000,562 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk

[2013/02/19 19:12:03 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\AIVIA Ghost.lnk

[2013/02/18 21:10:31 | 000,002,137 | ---- | M] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk

[2013/02/18 17:07:40 | 000,430,736 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT

[2013/02/18 17:07:35 | 2044,614,785 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP

[2013/02/09 22:25:27 | 000,017,738 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb

[2013/02/09 08:25:36 | 003,035,306 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\Users\airso_000\Documents\*.tmp files -> C:\Users\airso_000\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/02/27 19:00:21 | 000,608,386 | ---- | C] () -- C:\Users\airso_000\Desktop\Puppy.png

[2013/02/25 21:00:53 | 000,871,124 | ---- | C] () -- C:\Users\airso_000\Documents\Scan.tif

[2013/02/25 20:54:45 | 000,101,276 | ---- | C] () -- C:\Users\airso_000\Documents\Scan0001.jpg

[2013/02/24 21:25:54 | 000,183,129 | ---- | C] () -- C:\WINDOWS\SysWow64\AM Install1.INF

[2013/02/24 21:25:54 | 000,183,129 | ---- | C] () -- C:\WINDOWS\SysNative\AM Install1.INF

[2013/02/24 21:25:54 | 000,000,076 | ---- | C] () -- C:\WINDOWS\SysWow64\netjr32.dll

[2013/02/24 16:40:15 | 000,000,562 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk

[2013/02/19 19:12:03 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\AIVIA Ghost.lnk

[2013/02/18 21:10:31 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk

[2013/02/18 21:10:05 | 003,035,306 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin

[2013/02/18 17:07:38 | 000,430,736 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT

[2013/02/12 18:45:44 | 000,386,577 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml

[2012/12/04 18:25:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin

[2012/11/20 21:02:40 | 002,250,024 | ---- | C] () -- C:\WINDOWS\SysWow64\pbsvc.exe

[2012/11/17 17:56:13 | 000,200,704 | ---- | C] () -- C:\WINDOWS\SysWow64\HsMgr.exe

[2012/11/15 12:17:54 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat

[2012/11/15 12:17:54 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat

[2012/11/11 23:31:24 | 000,030,528 | ---- | C] () -- C:\WINDOWS\GVTDrv64.sys

[2012/11/07 22:48:44 | 000,281,688 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe

[2012/11/07 22:48:44 | 000,076,888 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe

[2012/11/02 17:44:27 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini

[2012/10/26 15:42:24 | 000,336,232 | ---- | C] () -- C:\WINDOWS\SysWow64\DevManagerCore.dll

[2012/10/26 15:42:22 | 010,919,784 | ---- | C] () -- C:\WINDOWS\SysWow64\LogiDPP.dll

[2012/10/26 15:42:22 | 000,103,272 | ---- | C] () -- C:\WINDOWS\SysWow64\LogiDPPApp.exe

[2012/10/26 06:53:06 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll

[2012/10/10 02:22:34 | 000,064,512 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll

[2012/10/10 02:22:32 | 000,598,780 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin

[2012/10/10 02:22:16 | 000,755,048 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin

[2012/09/28 10:45:06 | 000,247,296 | ---- | C] () -- C:\WINDOWS\SysWow64\rtvcvfw32.dll

[2012/07/26 03:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat

[2012/07/26 03:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT

[2012/07/26 02:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2012/07/25 21:20:08 | 000,018,109 | ---- | C] () -- C:\WINDOWS\SysWow64\netpmm32.dll

[2012/07/25 20:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll

[2012/07/25 15:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin

[2012/07/25 15:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll

[2012/06/02 09:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat

[2011/09/28 16:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\SysWow64\xlive.dll.cat

[2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2012/10/27 16:38:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013/01/09 18:23:07 | 019,791,360 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013/01/09 18:26:23 | 017,560,576 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 22:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 22:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 22:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/11/12 07:10:00 | 000,000,000 | ---D | M] -- C:\Users\airso_000\AppData\Roaming\Amazon

[2013/02/24 21:25:31 | 000,000,000 | ---D | M] -- C:\Users\airso_000\AppData\Roaming\J River

[2012/10/26 19:38:38 | 000,000,000 | ---D | M] -- C:\Users\airso_000\AppData\Roaming\Leadertech

[2013/03/03 16:29:31 | 000,000,000 | ---D | M] -- C:\Users\airso_000\AppData\Roaming\MediaMonkey

[2012/12/02 10:39:06 | 000,000,000 | ---D | M] -- C:\Users\airso_000\AppData\Roaming\Origin

========== Purity Check ==========

< End of report >

Link to post
Share on other sites

I just noticed mbam wasn't running, I disabled it before when I went to run combofix, however it must have not restarted the protection module when I restarted the pc. Here is the other log

OTL Extras logfile created on: 3/3/2013 5:54:41 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\airso_000\Desktop

64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16484)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.83 Gb Total Physical Memory | 13.77 Gb Available Physical Memory | 87.02% Memory free

31.83 Gb Paging File | 29.57 Gb Available in Paging File | 92.92% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 238.37 Gb Total Space | 67.18 Gb Free Space | 28.18% Space Free | Partition Type: NTFS

Drive D: | 447.13 Gb Total Space | 48.16 Gb Free Space | 10.77% Space Free | Partition Type: NTFS

Computer Name: JACOB | User Name: airso_000 | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2300135977-2110550730-3846344849-1001\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)

Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)

Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)

Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)

Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{014713BB-B8DC-4FF9-9328-E134DB512629}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{164F1C69-7343-4888-B010-C2B4C9CDBB84}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{360CB297-0C45-4531-A442-23AEEDAA0786}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{4F9C6706-A546-461D-B234-F8B70AAB3281}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{501EB75B-7853-4B55-A01F-C6C98D27A921}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{526A6FFA-A633-406A-B380-65912CE2D594}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{567852DC-5655-4AFC-AF7A-F9A5E6C43599}" = lport=445 | protocol=6 | dir=in | app=system |

"{6FC6C90C-8317-43C6-B483-500668F4577D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{7907244F-8485-4DF3-A0DD-DA966FDD0251}" = lport=138 | protocol=17 | dir=in | app=system |

"{8CD06A8E-1737-4CCC-9CD3-A07732D651EE}" = lport=137 | protocol=17 | dir=in | app=system |

"{9690BB0B-EF52-4A01-981D-5836E87114C8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{99436F12-F301-41C4-8C54-1B242233CF89}" = rport=139 | protocol=6 | dir=out | app=system |

"{9B61B91E-EA69-40EB-9A41-868655B838F7}" = lport=2869 | protocol=6 | dir=in | app=system |

"{A0EAFA52-50C0-4A73-8E34-BB7DAED097E7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{A2CE23BE-D36C-4812-8213-5C4FEB94501C}" = lport=10243 | protocol=6 | dir=in | app=system |

"{BE6C83F0-9E34-4F29-BF50-0F94453CC2BC}" = rport=10243 | protocol=6 | dir=out | app=system |

"{C5A69E4D-597E-45F9-A5B7-5B8F53633CE2}" = lport=139 | protocol=6 | dir=in | app=system |

"{DBF9C5AC-7159-47F8-8158-C32FC8B4FD5C}" = rport=137 | protocol=17 | dir=out | app=system |

"{E907E55B-FBA4-43F8-AA25-03AA3F32CB26}" = rport=445 | protocol=6 | dir=out | app=system |

"{F87580F1-BD55-4874-8292-5A81644E91D8}" = rport=138 | protocol=17 | dir=out | app=system |

"{F8FF2FED-133A-4D98-B1D2-12F45FD224B2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{00ECADB8-B611-497A-A6D5-7F997A81053B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\grand theft auto vice city\gta-vc.exe |

"{0409D1F0-3CC1-4526-9C7A-A1E29B2052A9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |

"{057E1070-AF07-49E7-8A7A-43343FEBD6EA}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\skyrim\skyrimlauncher.exe |

"{05AF649C-659F-4FB0-819D-F7649CDD4A27}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty black ops ii\t6sp.exe |

"{07720575-F1D7-44ED-8FCA-93B62173E983}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{0A1B549C-A9DF-40EC-9AED-DA6267C74037}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |

"{0E343BB4-E7E9-4123-B4A8-D399951EAEFF}" = protocol=17 | dir=in | app=d:\steam\steam.exe |

"{0F6E7594-8B5E-4DEE-AD4A-3CE6224DDCE6}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |

"{0FFCD7A7-7836-4F79-A817-B0040480C33F}" = dir=out | name=netflix |

"{10CAC544-B17B-4684-8C0D-ECF799420D0C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\metro 2033\metro2033.exe |

"{122D3BCF-FE27-4CF2-B09F-AD6A2ED8BC97}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe |

"{140EE0AD-C3F6-4E8A-93D9-4B90DC3E8393}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |

"{15D57799-363D-4D95-AAF7-7C99E6DB6A01}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |

"{16B52004-E043-4C39-897C-293DA37216D2}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |

"{176ACCAC-BFC2-4F7B-9263-68A8E6AC45EB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |

"{18C5DF40-38E9-4531-B32D-8F7B504E9214}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe |

"{196F8793-1DB9-4164-9610-BFF6E5C6B574}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\grand theft auto vice city\gta-vc.exe |

"{1A4D7B0C-89B4-4547-9352-CDA970C8084B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{1A53AC98-2EFC-4B2A-9284-4AD62DE12698}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{1EB7F433-A8A9-4894-B77C-9A6C82F9504C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\mass effect\binaries\masseffect.exe |

"{209702E4-961E-49A9-A861-1D6B618FA104}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |

"{219F16EA-7371-4892-BBF2-BF042192E529}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\just cause 2\justcause2.exe |

"{224F8708-D65A-488E-8D7A-A08034437C31}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty world at war\codwaw.exe |

"{23208220-145B-4322-9E7B-A5CB83A33ACA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dead island\deadislandgame.exe |

"{2537ACA1-65D7-45ED-9BA6-0A78A8A43B98}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty black ops ii\t6zm.exe |

"{2620CA60-0A97-4D0B-A0FE-289FC0608E6B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty black ops ii\t6sp.exe |

"{262614BF-1A52-482D-8378-1618D03CD198}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sniper elite\sniperelite.exe |

"{28691890-7B94-46B7-A787-6F5F6231CE5C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |

"{28CC1569-E44C-45B3-A19A-6BD790C6BADE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |

"{2B1FD5B2-94E0-4E38-8881-9C67DCDA5F0C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |

"{2CE2A104-0BB1-4503-9493-B82801EB5BA2}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |

"{2DC34C77-9FC7-422E-A63C-5EF79D60904D}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |

"{2FF8D77C-ABB7-47AC-8E71-75651C9C7D20}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |

"{30C3A7D6-7D3B-460A-95B0-EC8C19574B77}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |

"{31ACC498-BEE6-46C3-89D9-E91CEC4F5CAB}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\mass effect\binaries\masseffect.exe |

"{32CA9011-F34B-4097-B568-37B342E41ABF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{36DF582C-8094-4E5D-8F97-9170E30CA5FA}" = dir=out | name=youtube player |

"{38CBB009-548B-414E-86A1-0993793DE855}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{397280FC-24CF-4C41-96C9-E11E8086151C}" = protocol=6 | dir=in | app=d:\origin download\fifa 13\game\fifa13.exe |

"{3A326284-F840-4094-B767-19597E13E686}" = protocol=6 | dir=out | app=system |

"{3A8CD769-DFE7-4B93-AE92-4A77B425B9A1}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |

"{3B874AE5-7BE0-4D5F-952B-A42DBF6874B4}" = dir=in | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |

"{3CCCFF4E-64B4-4E13-B948-2F52464DA115}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\knights of the old republic ii\swkotor2.exe |

"{3EB81B10-641D-4B0E-8BED-023E7846828D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe |

"{3FFB49DA-0AE9-409B-A697-9BD90F4AA366}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{404FCDFE-FC04-4894-8735-276FCA2C8BC2}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\hitman absolution\hma.exe |

"{43DFAD85-E1B6-4E14-B21C-57DFE787E498}" = protocol=17 | dir=in | app=d:\origin download\fifa 13\game\fifa13.exe |

"{4526B0AA-3F38-4AC0-BF1F-C438C823C35A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |

"{4764E14D-05FA-4D15-9593-65A57BF7D265}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |

"{4BDF32BA-8D71-4C9F-A1EA-CE9A939BA4DD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\assassin's creed 3\ac3sp.exe |

"{4BF9BA37-86EC-43D5-B180-AA1A27C6751E}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |

"{4EA6EEB3-DCD9-4C3D-8523-958D740C411C}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |

"{4F137511-8322-4C44-B6AE-2E232492C22E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe |

"{5176DF8A-970B-4EC5-A149-255DFBEE3CCE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |

"{5A7D0DC6-9765-4B02-BA5B-0268BDC6F2CA}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\batman arkham city goty\runlauncher.bat |

"{5B1DDC43-ABAA-4660-BF31-CDE90D6E0740}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\knights of the old republic ii\swkotor2.exe |

"{5B596978-8574-4A96-A79C-80D7704CD187}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\3dmark 11\3dmarklauncher.exe |

"{5D4FCD18-D7AE-43F3-90DC-F2ED08DA9231}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sid meier's civilization v\launcher.exe |

"{5DEF0C08-4C1D-4BA0-8F03-8FAFDA65C59B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |

"{5E751E27-3DF6-4566-A60B-538C149A4296}" = dir=out | name=google search |

"{61A3F8B5-CCCC-4C60-B31E-E876AE5C951A}" = dir=out | name=microsoft solitaire collection |

"{62FFECF4-0356-4C9D-9E60-3970054BB55B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\crysis wars\bin32\crysis.exe |

"{6339A451-6CC7-463D-8955-C62CADAFFC8C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |

"{634179B4-EE4D-4F56-9087-BA92CCEB3A5C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\hitman absolution\hma.exe |

"{66001BBA-5035-4ACC-B669-67E8C86BAD27}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\crysis\bin32\crysis.exe |

"{66966081-9026-4206-877D-D0C33EB9445F}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |

"{6847099E-04D3-4CA8-B9F0-8339F54AD18C}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |

"{6898F4B6-D07E-497B-8010-E7B4CFA67C02}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\shogun2.exe |

"{69797DE8-8C8B-4133-B03B-267B0811041B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2\arma2.exe |

"{69811C23-755E-49E2-A8AF-141BF173EECC}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\crysis\bin32\crysis.exe |

"{6AF69232-A695-4CAC-BFB3-4FEB7A5C78CC}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty world at war\codwawmp.exe |

"{6EC0C50A-EFF7-4683-A431-CF07EC7851F9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |

"{6F62F994-D85D-46D8-8EC7-9E08EC3FB7FA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |

"{70604DF4-BE35-452E-99E9-4B37742854AB}" = dir=out | name=tunein radio |

"{70DF34D8-C795-4F35-AC8C-21068F87D2FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{72182DE8-DDB8-4F13-810C-FC31E53EE58F}" = dir=out | name=hp printer control |

"{72E7980B-109A-435E-99E6-B8B7691CFA75}" = protocol=6 | dir=in | app=d:\steam\steam.exe |

"{78552AE4-9586-4D5D-A02C-039C92D40EF3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2editor.exe |

"{7D467070-577E-4725-9A66-16CC750E3B42}" = protocol=6 | dir=in | app=d:\games for windows\microsoft games\gears of war\binaries\wargame-g4wlive.exe |

"{7D88C497-095D-43F7-A831-E58FA3849B34}" = dir=in | app=c:\program files\hp\hp photosmart 6510 series\bin\devicesetup.exe |

"{7DD35858-A025-43A1-B876-51CE0BF1A043}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\metro 2033\metro2033.exe |

"{7EB8FFAE-A1CE-4542-9E44-695BEE174905}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{7F82A2AB-2659-4F4B-ADA6-78099C68FF3D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\dlcsetup\baf\datacachepreprocessor.exe |

"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |

"{8199F12B-9A1C-42D4-93D0-69EA9AC67D59}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |

"{8342FF32-CF7B-4357-9911-E4A445AB7101}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |

"{8362EDBF-ACDA-4911-9B67-4EEC4C6BB730}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\farcry2.exe |

"{846ACD11-5DF2-4900-8CE0-97E205D42F51}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |

"{8621B56D-4104-4624-AC45-F4F249AC50D6}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the witcher 2\launcher.exe |

"{86B3FF01-CD7B-40C6-9482-68B87330C2CD}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |

"{88AF3069-1D49-4EB1-9BE4-50CE63A339E8}" = dir=out | name=@{microsoft.bingfinance_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |

"{88EB37BC-5D3D-4E1C-B8E7-6769DA501438}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dead island\deadislandgame.exe |

"{896BFAC7-B935-4A35-B7DB-F22A639E0A8A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\assassin's creed 3\ac3sp.exe |

"{8A1BC591-A495-440E-A0C7-A9CBEB6ECE63}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sniper elite\sniperelite.exe |

"{8A3B64EB-2C4A-4360-9A69-EE99042BEAFA}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\dlcsetup\pmc\datacachepreprocessor.exe |

"{8A80614F-9CC4-42E0-B6CB-1089572A3531}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\dlcsetup\pmc\datacachepreprocessor.exe |

"{8DBC72C7-F769-4E10-B653-8C2790586CBA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |

"{8E15DFB6-A375-42D5-A1B2-D72AB96D21FE}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |

"{8F322511-0B55-43B7-BB65-2BE12E4D9A39}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |

"{8FCC5056-1954-43C8-9E71-CB9C8018D2B1}" = protocol=17 | dir=in | app=d:\games for windows\microsoft games\gears of war\binaries\wargame-g4wlive.exe |

"{91805562-B931-4A89-97FC-3F8A05DF988D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\shogun2.exe |

"{92B6AC63-4BEA-4245-A6F3-5FB247DC5782}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty world at war\codwaw.exe |

"{9651230D-4375-4D00-B20C-6842EC8E1FB5}" = dir=out | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |

"{96D2536B-E6DE-47F2-872F-061AC2ADDE81}" = dir=in | app=c:\program files\hp\hp photosmart 6510 series\bin\hpnetworkcommunicatorcom.exe |

"{988769B8-F4A6-4162-91F4-34A42DFFF240}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\3dmark 11\3dmarklauncher.exe |

"{98CDB1A0-A093-4331-B5FA-4DB0FAF57B64}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe |

"{9A8667D1-14C2-436C-B42D-A9F75DFDD4E6}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |

"{9B21ED7F-3D9D-42CB-AB0A-9E1BA1380258}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |

"{9C8A9C95-108E-43BB-AAC5-602FBF22BCE6}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\assassin's creed 3\ac3mp.exe |

"{9CA27D3B-C51E-4E24-A7B9-D63D61B3C0ED}" = dir=out | name=@{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |

"{9D95DB02-52BF-4690-A9C3-7CA972951C65}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |

"{A1D23F47-5D9B-43FD-BE90-E75A87D84B0A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\dlcsetup\baf\datacachepreprocessor.exe |

"{A227237F-40A3-4CAB-A7D7-E93916017D66}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{A246503E-694D-414C-BA83-AECA2F908011}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |

"{A2BCBB34-1A59-4D7E-9425-878AAD170FD0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{A4B92D79-8CA5-438B-815B-71B26C10C884}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |

"{A540B702-B7D0-4E15-B70B-107AB6A18B8D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |

"{A7DD5525-AD0B-4D22-AA9F-0F7F8A3D2BAA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{A81216C6-460E-4ADB-BB5C-F8074BB01353}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |

"{A9026EFF-9326-4B65-BC2D-F5A801A1F0FC}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\farcry2.exe |

"{ABFB2918-CBA6-46E6-97AD-46409A399036}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |

"{AFB67986-6BD8-4B47-8E2F-BD8C28645C23}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |

"{B16E63DC-4F8D-42A1-8F3F-495E8658397C}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |

"{B263A69A-B686-48F5-BB41-F5FCE910D352}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\swkotor\swkotor.exe |

"{B3BFCF87-2B95-465B-BFFB-FD19F720B2FA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\skyrim\skyrimlauncher.exe |

"{B45348F0-15C7-40DB-9568-7066A768F6B8}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |

"{B461C791-302F-4D80-83CA-C6115CFE3548}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\assassin's creed 3\ac3mp.exe |

"{B5F55834-09D3-4119-A630-5D1AF9243FFB}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\batman arkham city goty\runlauncher.bat |

"{B61E0CA8-A82E-4846-9BA7-AC6160374432}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |

"{B7F15C31-CC2C-43EA-B489-9A39ED0233F0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |

"{B8693BAB-AA42-4E84-B468-E2070506711F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2\arma2.exe |

"{B9EE5E00-EB41-4F57-ACD1-C366F568BBD3}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sid meier's civilization v\launcher.exe |

"{BB946B05-7510-42E2-A235-72F29B0DC3FD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{BD376F8D-F847-43B4-8AE2-11BDAA8AC98A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{C06AB90F-A96B-49AF-B59B-B397B4EEB91B}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |

"{C0D320EC-ADF8-46B2-917E-F9542C43C26F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2editor.exe |

"{C1601441-3505-4B14-AA11-A2C0578A4C7F}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\swkotor\swkotor.exe |

"{C1B9E767-CFF7-4AF4-8FA5-9EC820F636E1}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |

"{C22E78CC-0056-40A1-9E09-BDF57D9B4172}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |

"{C2B777C9-2E87-4745-8FDF-6015520245EC}" = protocol=17 | dir=in | app=d:\origin download\battlefield 3\bf3.exe |

"{C2C5B15E-8E41-4E2C-ACA0-0E95260DE560}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |

"{C7936311-ABC5-4FCE-A221-A34237E37DD9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the witcher 2\launcher.exe |

"{CB9ECB4D-D6F6-4471-A833-A0C20AFECB47}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe |

"{CC14B16C-5707-490F-9019-BC0D983C0E60}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\crysis warhead\bin32\crysis.exe |

"{D2091D9D-0DE7-42F6-9420-C8CBBC59140E}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |

"{D3853519-2243-4066-A956-C7C00A6196CB}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe |

"{D4DBEC46-A8D1-490F-9701-921AFD96D002}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |

"{D52D37E5-B0D0-4779-A5F2-FD033135F9A9}" = dir=out | name=@{microsoft.xboxcompanion_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |

"{D5C9B7FC-EC9B-4E85-87F7-F68E1021CCF8}" = dir=out | name=@{microsoft.bingsports_1.8.0.51_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |

"{DED71E20-2B54-4481-A005-7C331B0FAF87}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\crysis wars\bin32\crysis.exe |

"{E02B9A14-3F64-4681-8024-0CB302539B97}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty black ops ii\t6zm.exe |

"{E062B435-1783-41E4-A502-8BE678134A64}" = protocol=6 | dir=in | app=d:\origin download\battlefield 3\bf3.exe |

"{E1D8E5B5-E42E-4A9E-BABB-C3005E5960D6}" = dir=out | name=@{microsoft.bingnews_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |

"{E2518325-F657-46A9-87F4-E60FA1557611}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{E5A5944C-0FC0-4F8E-9B19-27248FF9B7A3}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\crysis warhead\bin32\crysis.exe |

"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |

"{E83CDD4B-2902-476F-BF7A-69BCDD9EA91C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |

"{E9861278-CD35-4E5A-BF4D-90ACB1D9197C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |

"{EA3C58BC-C9F0-4ED4-85B3-7933F41FF3A8}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |

"{EAA1F7CA-4090-40DC-84BA-64E30C306AD6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{EB21FA6E-0D0E-4599-88D9-601B6FA50839}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{EEF918B6-A67F-4C83-9845-EAA9D1A01B7A}" = dir=in | name=hp printer control |

"{F1878AA7-7831-4E5A-A3F2-4943F5148377}" = dir=out | name=newegg |

"{F398D674-B528-470C-BACC-6765D1D46F49}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |

"{F408288E-75BE-443F-AFB5-B1DDD8110365}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{F5D065DF-4CFE-484A-BDF0-54DFDEA75C1D}" = dir=in | app=c:\program files\hp\hp photosmart 6510 series\bin\hpnetworkcommunicator.exe |

"{F82A6B9E-C10D-4880-97DC-B6D60C43AD9D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |

"{FA9E1800-33CC-46CD-BADE-CA7BD73BA192}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty world at war\codwawmp.exe |

"{FABAC1FB-D599-4A00-8ECB-9B703A701B8E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{FC17B737-3E65-41E2-82D7-D2B5A52F9A42}" = dir=in | name=@{microsoft.xboxcompanion_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |

"{FDD5A34E-F714-4151-8E67-9C5FC354D52B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\just cause 2\justcause2.exe |

"{FFF17436-B266-47B0-99EC-47616D17CF11}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{1952AED6-2908-418F-B9D8-AC359651F92D}" = HP Photosmart 6510 series Basic Device Software

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010

"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010

"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 314.07

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 314.07

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 314.07

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.0.1 (BETA)

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 314.07

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 2.47.62

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.23.1

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{D54ADF6B-2164-4394-AF70-2778422E9DD8}" = Intel® Network Connections 17.4.95.0

"{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager

"CCleaner" = CCleaner

"CPUID CPU-Z G1_is1" = CPUID CPU-Z G1 1.61.3

"HitmanPro37" = HitmanPro 3.7

"PROSetDX" = Intel® Network Connections 17.4.95.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video

"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi

"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main

"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter

"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin

"{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1" = Samsung SSD Magician

"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2

"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT

"{4343080E-448E-4E2C-B27F-B91000028201}" = Dead Rising 2

"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.1012.1

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{4D530842-77D5-42F3-BAD3-A2100D0D8400}" = Gears of War for Windows

"{4E711815-5F4E-47F2-B1E1-C0B43A8D57F3}" = AIVIA GHOST

"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013

"{5C12B035-6632-431F-93AA-E8CB8421E507}" = Sound Blaster Recon3Di Extras

"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update

"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™

"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher

"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX

"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010

"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010

"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010

"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010

"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010

"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010

"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010

"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010

"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010

"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010

"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010

"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010

"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin

"{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13

"{A2F95F8C-CDA9-4B08-BAD1-CA9656E4EC14}" = HP Photosmart 6510 series Help

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)

"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS

"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo

"{BFF68EA7-3873-4753-924C-152C67A3D745}" = Sound Blaster Recon3Di

"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3

"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software

"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics

"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook

"Afterburner" = MSI Afterburner 2.3.0

"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17

"Battlelog Web Plugins" = Battlelog Web Plugins

"BattlEye for A2" = BattlEye Uninstall

"ESN Sonar-0.70.4" = ESN Sonar

"Fraps" = Fraps (remove only)

"GFWL_{4D530842-77D5-42F3-BAD3-A2100D0D8400}" = Gears of War for Windows

"Google Chrome" = Google Chrome

"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.1012.1

"InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager

"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013

"Kaspersky Password Manager_is1" = Kaspersky Password Manager 5.0.0.169

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100

"Media Center 18" = Media Center 18

"MediaMonkey_is1" = MediaMonkey 4.0

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Office14.SingleImage" = Microsoft Office Professional 2010

"OpenAL" = OpenAL

"Origin" = Origin

"PunkBusterSvc" = PunkBuster Services

"Steam App 10090" = Call of Duty: World at War

"Steam App 108800" = Crysis 2 Maximum Edition

"Steam App 12110" = Grand Theft Auto: Vice City

"Steam App 12210" = Grand Theft Auto IV

"Steam App 12220" = Grand Theft Auto: Episodes from Liberty City

"Steam App 17300" = Crysis

"Steam App 17330" = Crysis Warhead

"Steam App 17340" = Crysis Wars

"Steam App 17460" = Mass Effect

"Steam App 17470" = Dead Space

"Steam App 19900" = Far Cry 2

"Steam App 200260" = Batman: Arkham City GOTY

"Steam App 200510" = XCOM: Enemy Unknown

"Steam App 202970" = Call of Duty: Black Ops II

"Steam App 203140" = Hitman: Absolution

"Steam App 204100" = Max Payne 3

"Steam App 205100" = Dishonored

"Steam App 205270" = 3DMark 11

"Steam App 207610" = The Walking Dead

"Steam App 208480" = Assassin’s Creed® III

"Steam App 208580" = Star Wars: Knights of the Old Republic II

"Steam App 20920" = The Witcher 2: Assassins of Kings Enhanced Edition

"Steam App 212910" = Call of Duty: Black Ops II - Zombies

"Steam App 219540" = ARMA 2: Operation Arrowhead Beta

"Steam App 22370" = Fallout 3 - Game of the Year Edition

"Steam App 22380" = Fallout: New Vegas

"Steam App 32370" = Star Wars: Knights of the Old Republic

"Steam App 33900" = ARMA 2

"Steam App 33930" = ARMA 2: Operation Arrowhead

"Steam App 34330" = Total War: SHOGUN 2

"Steam App 3700" = Sniper Elite

"Steam App 43110" = Metro 2033

"Steam App 45740" = Dead Rising 2

"Steam App 47780" = Dead Space 2

"Steam App 49520" = Borderlands 2

"Steam App 63380" = Sniper Elite V2

"Steam App 65700" = ARMA 2: British Armed Forces

"Steam App 65720" = ARMA 2: Private Military Company

"Steam App 72850" = The Elder Scrolls V: Skyrim

"Steam App 730" = Counter-Strike: Global Offensive

"Steam App 8190" = Just Cause 2

"Steam App 8930" = Sid Meier's Civilization V

"Steam App 91310" = Dead Island

"Steam App 9200" = RAGE

"TechPowerUp GPU-Z" = TechPowerUp GPU-Z

"Uplay" = Uplay

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2300135977-2110550730-3846344849-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"MusicManager" = Music Manager

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 2/25/2013 9:55:29 PM | Computer Name = Jacob | Source = Microsoft-Windows-Immersive-Shell | ID = 5973

Description = Activation of app microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos

failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log

for additional information.

Error - 2/25/2013 9:55:45 PM | Computer Name = Jacob | Source = Microsoft-Windows-Immersive-Shell | ID = 2486

Description = App microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos

did not launch within its allotted time.

Error - 2/25/2013 10:50:52 PM | Computer Name = Jacob | Source = Microsoft-Windows-Immersive-Shell | ID = 5973

Description = Activation of app microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos

failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log

for additional information.

Error - 2/25/2013 10:51:08 PM | Computer Name = Jacob | Source = Microsoft-Windows-Immersive-Shell | ID = 2486

Description = App microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos

did not launch within its allotted time.

Error - 2/26/2013 4:37:01 PM | Computer Name = Jacob | Source = MsiInstaller | ID = 1013

Description =

Error - 3/2/2013 8:17:35 AM | Computer Name = Jacob | Source = Microsoft-Windows-Immersive-Shell | ID = 2484

Description = Package windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy

was terminated because it took too long to suspend.

Error - 3/2/2013 8:17:37 AM | Computer Name = Jacob | Source = Application Hang | ID = 1002

Description = The program SystemSettings.exe version 6.2.9200.16420 stopped interacting

with Windows and was closed. To see if more information about the problem is available,

check the problem history in the Action Center control panel. Process ID: 5f60 Start

Time: 01ce16d20c56453c Termination Time: 4294967295 Application Path: C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe

Report

Id: 2a43fbb2-8333-11e2-beb5-902b343e2464 Faulting package full name: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy

Faulting

package-relative application ID: microsoft.windows.immersivecontrolpanel

Error - 3/2/2013 3:48:51 PM | Computer Name = Jacob | Source = MsiInstaller | ID = 1013

Description =

Error - 3/2/2013 5:32:47 PM | Computer Name = Jacob | Source = MsiInstaller | ID = 1013

Description =

Error - 3/3/2013 5:34:20 PM | Computer Name = Jacob | Source = MsiInstaller | ID = 1013

Description =

[ Media Center Events ]

Error - 3/1/2013 1:50:35 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0

Description = 12:50:35 PM - Error connecting to the internet. 12:50:35 PM - Unable

to contact server..

Error - 3/1/2013 1:50:42 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0

Description = 12:50:40 PM - Error connecting to the internet. 12:50:40 PM - Unable

to contact server..

Error - 3/1/2013 2:50:48 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0

Description = 1:50:48 PM - Error connecting to the internet. 1:50:48 PM - Unable

to contact server..

Error - 3/1/2013 2:50:53 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0

Description = 1:50:53 PM - Error connecting to the internet. 1:50:53 PM - Unable

to contact server..

Error - 3/1/2013 3:50:58 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0

Description = 2:50:58 PM - Error connecting to the internet. 2:50:58 PM - Unable

to contact server..

Error - 3/1/2013 3:51:03 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0

Description = 2:51:03 PM - Error connecting to the internet. 2:51:03 PM - Unable

to contact server..

Error - 3/1/2013 4:52:04 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0

Description = 3:52:04 PM - Error connecting to the internet. 3:52:04 PM - Unable

to contact server..

Error - 3/1/2013 4:52:09 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0

Description = 3:52:09 PM - Error connecting to the internet. 3:52:09 PM - Unable

to contact server..

Error - 3/2/2013 1:29:51 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0

Description = 12:29:49 PM - Error connecting to the internet. 12:29:49 PM - Unable

to contact server..

Error - 3/2/2013 2:29:57 PM | Computer Name = Jacob | Source = MCUpdate | ID = 0

Description = 1:29:56 PM - Error connecting to the internet. 1:29:56 PM - Unable

to contact server..

[ System Events ]

Error - 2/23/2013 8:15:41 PM | Computer Name = Jacob | Source = Service Control Manager | ID = 7000

Description = The Steam Client Service service failed to start due to the following

error: %%1053

Error - 2/24/2013 5:49:32 PM | Computer Name = Jacob | Source = EventLog | ID = 6008

Description = The previous system shutdown at 4:19:47 PM on ?2/?24/?2013 was unexpected.

Error - 2/24/2013 7:38:30 PM | Computer Name = Jacob | Source = Service Control Manager | ID = 7009

Description = A timeout was reached (30000 milliseconds) while waiting for the Steam

Client Service service to connect.

Error - 2/24/2013 7:38:30 PM | Computer Name = Jacob | Source = Service Control Manager | ID = 7000

Description = The Steam Client Service service failed to start due to the following

error: %%1053

Error - 2/25/2013 9:54:51 PM | Computer Name = Jacob | Source = DCOM | ID = 10001

Description =

Error - 2/25/2013 9:55:27 PM | Computer Name = Jacob | Source = DCOM | ID = 10001

Description =

Error - 2/25/2013 9:55:29 PM | Computer Name = Jacob | Source = DCOM | ID = 10001

Description =

Error - 2/25/2013 10:50:52 PM | Computer Name = Jacob | Source = DCOM | ID = 10001

Description =

Error - 2/26/2013 6:07:26 PM | Computer Name = Jacob | Source = Service Control Manager | ID = 7009

Description = A timeout was reached (30000 milliseconds) while waiting for the Steam

Client Service service to connect.

Error - 2/26/2013 6:07:26 PM | Computer Name = Jacob | Source = Service Control Manager | ID = 7000

Description = The Steam Client Service service failed to start due to the following

error: %%1053

< End of report >

Link to post
Share on other sites

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :files
    C:\WINDOWS\SysWow64\netjr32.dll
    ipconfig /flushdns /c
    :Commands
    [emptytemp]
    [clearallrestorepoints]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Please post the OTL fix log in your next reply.

Note: A copy of an OTL fix log is saved in a text file at C:\_OTL\MovedFiles

Link to post
Share on other sites

Thanks again here is the log

All processes killed

========== FILES ==========

C:\WINDOWS\SysWow64\netjr32.dll moved successfully.

< ipconfig /flushdns /c >

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\Users\airso_000\Desktop\cmd.bat deleted successfully.

C:\Users\airso_000\Desktop\cmd.txt deleted successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: airso_000

->Temp folder emptied: 1351924181 bytes

->Temporary Internet Files folder emptied: 218717569 bytes

->Google Chrome cache emptied: 33195519 bytes

->Flash cache emptied: 3631 bytes

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 200704 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 34232652 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 280994 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,563.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 03052013_075351

Files\Folders moved on Reboot...

C:\Users\airso_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Link to post
Share on other sites

Computer seems to be acting a little strange now believe it or not, it almost feels a little sluggish (started last night), also that file still is in my pc, should I manually delete it. Also I'm curious as to what virus caused that file?

Link to post
Share on other sites

  • 2 weeks later...

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.