Search similar:
|
uniqs 5534 |
|
|
|
1 edit |
[Virus] My browsers were HijackedDidn't matter which Browser I used - IE, Firefox, Chrome I would google something, then when I tried to follow the link I was redirected to a spammy site. I followed all the steps in the "before you post" FAQ. So I will now post those logs below.
So my question is did I get everything cleaned out? | actions · 2012-Sep-26 6:06 pm · (locked) | Majawba |
Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org
Database version: v2012.09.26.02
Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Steve :: MININT-219G9RR [administrator]
9/25/2012 10:53:14 PM mbam-log-2012-09-25 (22-53-14).txt
Scan type: Full scan (C:\|D:\|Q:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 426038 Time elapsed: 52 minute(s), 33 second(s)
Memory Processes Detected: 0 (No malicious items detected)
Memory Modules Detected: 0 (No malicious items detected)
Registry Keys Detected: 0 (No malicious items detected)
Registry Values Detected: 0 (No malicious items detected)
Registry Data Items Detected: 0 (No malicious items detected)
Folders Detected: 0 (No malicious items detected)
Files Detected: 11 C:\$Recycle.Bin\S-1-5-18\$897557db40356dc477bcd07a7131fdbe\n (Trojan.0Access) -> Delete on reboot. C:\$Recycle.Bin\S-1-5-18\$897557db40356dc477bcd07a7131fdbe\U\00000004.@ (Trojan.0Access) -> Quarantined and deleted successfully. C:\$Recycle.Bin\S-1-5-18\$897557db40356dc477bcd07a7131fdbe\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully. C:\$Recycle.Bin\S-1-5-18\$897557db40356dc477bcd07a7131fdbe\U\000000cb.@ (Trojan.0Access) -> Quarantined and deleted successfully. C:\$Recycle.Bin\S-1-5-18\$897557db40356dc477bcd07a7131fdbe\U\80000000.@ (Trojan.0Access) -> Quarantined and deleted successfully. C:\$Recycle.Bin\S-1-5-18\$897557db40356dc477bcd07a7131fdbe\U\80000032.@ (Rootkit.0Access) -> Quarantined and deleted successfully. C:\$Recycle.Bin\S-1-5-18\$897557db40356dc477bcd07a7131fdbe\U\80000064.@ (Trojan.0Access) -> Quarantined and deleted successfully. C:\$Recycle.Bin\S-1-5-21-943956546-1219100726-2847664145-1002\$897557db40356dc477bcd07a7131fdbe\n (Trojan.0Access) -> Delete on reboot. C:\Users\Steve\Downloads\7zip_installer_d154745.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully. C:\Users\Steve\Downloads\IWantThis.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully. C:\Users\Steve\Downloads\Softango_VideoConverter_Multi.exe (PUP.BundleInstaller.IB) -> Quarantined and deleted successfully.
(end) | actions · 2012-Sep-26 6:10 pm · (locked) | | lilhurricaneCrunchin' For Cures Numquam oblita join:2003-01-11 Purple Zone |
otlOTL logfile created on: 9/26/2012 6:29:20 AM - Run 1 OTL by OldTimer - Version 3.2.68.0 Folder = C:\Users\Steve\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.87 Gb Total Physical Memory | 6.09 Gb Available Physical Memory | 77.39% Memory free 15.73 Gb Paging File | 13.76 Gb Available in Paging File | 87.46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 917.84 Gb Total Space | 466.08 Gb Free Space | 50.78% Space Free | Partition Type: NTFS Drive D: | 13.67 Gb Total Space | 7.50 Gb Free Space | 54.89% Space Free | Partition Type: NTFS Drive E: | 139.53 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: MININT-219G9RR | User Name: Steve | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2012/09/25 21:33:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Steve\Desktop\OTL.exe PRC - [2012/07/30 22:25:29 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2010/07/23 18:11:43 | 000,162,032 | ---- | M] (Sophos Plc) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe PRC - [2010/06/14 18:42:37 | 001,530,608 | ---- | M] (Sophos Plc) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe PRC - [2010/06/14 18:42:36 | 000,097,520 | ---- | M] (Sophos Plc) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV:64bit: - [2012/09/07 20:53:56 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE) SRV:64bit: - [2009/12/01 15:22:58 | 000,063,488 | ---- | M] (ASUSTeK COMPUTER INC.) [On_Demand | Stopped] -- C:\Windows\SysNative\ATKFUSService.exe -- (ATKFUSService) SRV - [2012/09/05 21:26:40 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/08/15 12:44:44 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService) SRV - [2012/07/30 22:25:29 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/04/01 10:06:44 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011/04/24 16:09:00 | 004,164,600 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc) SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010/11/20 08:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2010/11/20 08:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2010/11/20 08:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2010/07/23 18:11:43 | 000,162,032 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe -- (SAVAdminService) SRV - [2010/06/14 18:42:37 | 001,530,608 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe -- (swi_service) SRV - [2010/06/14 18:42:36 | 000,097,520 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe -- (SAVService) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/07/27 12:13:28 | 000,061,440 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\ASDR.exe -- (ASDR) SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/01/17 08:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2011/11/18 11:30:18 | 000,016,384 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EIO64.sys -- (EIO64) DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV:64bit: - [2011/05/12 15:07:19 | 000,038,536 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv) DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135) DRV:64bit: - [2010/03/02 22:34:09 | 000,141,304 | ---- | M] (Sophos Plc) [File_System | System | Running] -- C:\Windows\SysNative\drivers\savonaccess.sys -- (SAVOnAccess) DRV:64bit: - [2010/03/02 22:34:09 | 000,025,608 | ---- | M] (Sophos Plc) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\SophosBootDriver.sys -- (SophosBootDriver) DRV:64bit: - [2009/11/21 17:31:18 | 007,778,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/10/30 07:56:34 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2009/10/26 16:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009/10/16 04:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2009/09/18 04:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009/07/24 19:28:52 | 000,036,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo) DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/02/17 19:22:22 | 000,039,424 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys -- (atkdisplf) DRV:64bit: - [2009/02/17 19:22:22 | 000,017,792 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asusgsb.sys -- (asusgsb) DRV:64bit: - [2007/07/23 07:57:04 | 000,052,992 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Alpham164.sys -- (Alpham1) DRV:64bit: - [2007/03/20 09:51:04 | 000,021,760 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Alpham264.sys -- (Alpham2) DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2005/01/03 20:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-943956546-1219100726-2847664145-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-943956546-1219100726-2847664145-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-943956546-1219100726-2847664145-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/ IE - HKU\S-1-5-21-943956546-1219100726-2847664145-1002\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found IE - HKU\S-1-5-21-943956546-1219100726-2847664145-1002\..\SearchScopes,DefaultScope = {7414309B-E4C4-41DF-909F-8D7581005AE7} IE - HKU\S-1-5-21-943956546-1219100726-2847664145-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-943956546-1219100726-2847664145-1002\..\SearchScopes\{7414309B-E4C4-41DF-909F-8D7581005AE7}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKU\S-1-5-21-943956546-1219100726-2847664145-1002\..\SearchScopes\{CE3A3FD1-0A27-07DC-3FED-9D0FBEBC1CD0}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z131&form=ZGAIDF&install_date=20111003&iesrc={referrer:source} IE - HKU\S-1-5-21-943956546-1219100726-2847664145-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-943956546-1219100726-2847664145-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=#E56717]========== FireFox ==========[/color]
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media ) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Steve\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Steve\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Steve\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/09/25 01:43:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/25 01:44:05 | 000,000,000 | ---D | M]
[2012/09/21 21:00:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions [2012/09/25 01:44:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/07/13 20:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/07/13 20:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/07/13 20:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[color=#E56717]========== Chrome ==========[/color]
CHR - homepage: http://www.msn.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}, CHR - homepage: http://www.msn.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Steve\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Steve\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Steve\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Unity Player (Enabled) = C:\Users\Steve\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: Angry Birds = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: YouTube = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Fruity Annie = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbacnfobpliffdmiickfhceamljbcnjf\1.0.4_0\ CHR - Extension: Gmail = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/09/25 22:06:59 | 000,444,411 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 www.123fporn.info O1 - Hosts: 15262 more lines... O2:64bit: - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHOX64.dll (Sophos Plc) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-943956546-1219100726-2847664145-1002\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-943956546-1219100726-2847664145-1002\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found. O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKU\S-1-5-21-943956546-1219100726-2847664145-1002..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-943956546-1219100726-2847664145-1002..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-943956546-1219100726-2847664145-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000014 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object) O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab (Scanner.SysScanner) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner) O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.64.2.cab (Battlefield Play4Free Updater) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab (SysInfo Class) O16 - DPF: {E1B26101-23FB-4855-9171-F79F29CC7728} http://192.168.1.107/UltraCamX.cab (UltraCamX Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2D9EC0F7-1EFA-42EF-A7C9-013E4D01474C}: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL) - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll (Sophos Plc) O20 - AppInit_DLLs: (C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL) - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll (Sophos Plc) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/03/17 08:50:21 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ] O32 - AutoRun File - [2010/03/17 08:50:06 | 003,108,864 | R--- | M] () - E:\autorun.exe -- [ CDFS ] O32 - AutoRun File - [2010/03/17 08:50:07 | 000,000,048 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{6aee6c4d-7786-11e0-9dbe-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{6aee6c4d-7786-11e0-9dbe-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2010/03/17 08:50:06 | 003,108,864 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) | actions · 2012-Sep-26 6:11 pm · (locked) | |
Re: [Virus] My browsers were HijackedOTL Extras logfile created on: 9/26/2012 6:29:20 AM - Run 1 OTL by OldTimer - Version 3.2.68.0 Folder = C:\Users\Steve\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.87 Gb Total Physical Memory | 6.09 Gb Available Physical Memory | 77.39% Memory free 15.73 Gb Paging File | 13.76 Gb Available in Paging File | 87.46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 917.84 Gb Total Space | 466.08 Gb Free Space | 50.78% Space Free | Partition Type: NTFS Drive D: | 13.67 Gb Total Space | 7.50 Gb Free Space | 54.89% Space Free | Partition Type: NTFS Drive E: | 139.53 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: MININT-219G9RR | User Name: Steve | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] "" = "DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[color=#E56717]========== Firewall Settings ==========[/color]
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.12.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "CPUID CPU-Z_is1" = CPUID CPU-Z 1.57.1 "CutePDF Writer Installation" = CutePDF Writer 2.8 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "WinRAR archiver" = WinRAR 4.01 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.0 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic "{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}" = Tribes Ascend "{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD "{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}" = Thrustmaster Force Feedback Driver "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}" = Sophos Anti-Virus "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A1683CA7-4850-4A21-982B-C6D853C79AF7}" = Mass Effect 3 Demo "{A2AA1000-7C41-4BBB-A4DE-C728BC104106}" = IPSetup "{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn "{A760067A-C07E-1033-0000-A764AC000003}" = Avery Template - U_0088_01_P "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4) "{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR "{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3 "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{CA328CDF-A284-445E-AAE7-B24A11E97201}" = MechWarrior Online "{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype 5.10 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "8461-7759-5462-8226" = Vuze "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ATC_is1" = Advanced Tactical Center 1.0 "Battlelog Web Plugins" = Battlelog Web Plugins "BFGC" = Big Fish Games: Game Manager "Compare It!_is1" = Compare It! "Diablo III" = Diablo III "ESN Sonar-0.70.4" = ESN Sonar "GFWL_{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight "HijackThis" = HijackThis 1.99.1 "InstallShield_{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400 "mIRC" = mIRC "Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "Office14.Click2Run" = Microsoft Office Click-to-Run 2010 "OpenAL" = OpenAL "Origin" = Origin "PunkBusterSvc" = PunkBuster Services "Raptr" = Raptr "RealPlayer 15.0" = RealPlayer "RegInOut System Utilities 3.0.0.2" = RegInOut System Utilities 3.0.0.2 "RER Video Converter_is1" = RER Video Converter "Snood 4_is1" = Snood 4 "Steam App 13140" = America's Army 3 "Steam App 202610" = Risen 2 Demo "Steam App 208030" = Moon Breakers "Steam App 8930" = Sid Meier's Civilization V "Steam App 97330" = Magic: The Gathering - Duels of the Planeswalkers 2013 "The Ur-Quan Masters" = The Ur-Quan Masters 0.7.0 "VLC media player" = VLC media player 1.1.11 "WinGimp-2.0_is1" = GIMP 2.6.11 "WinLiveSuite_Wave3" = Windows Live Essentials "World of Warcraft" = World of Warcraft "Xfire" = Xfire (remove only) "xvid" = XviD MPEG-4 Video Codec "YTdetect" = Yahoo! Detect
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-943956546-1219100726-2847664145-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{4f004f4a-1930-4b55-83e6-61660211787f}" = MechWarrior Online "Google Chrome" = Google Chrome "UnityWebPlayer" = Unity Web Player
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ] Error - 9/25/2012 11:53:28 PM | Computer Name = MININT-219G9RR | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 12417
Error - 9/25/2012 11:53:29 PM | Computer Name = MININT-219G9RR | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second
Error - 9/25/2012 11:53:29 PM | Computer Name = MININT-219G9RR | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 13416
Error - 9/25/2012 11:53:29 PM | Computer Name = MININT-219G9RR | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 13416
Error - 9/25/2012 11:53:30 PM | Computer Name = MININT-219G9RR | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second
Error - 9/25/2012 11:53:30 PM | Computer Name = MININT-219G9RR | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 14414
Error - 9/25/2012 11:53:30 PM | Computer Name = MININT-219G9RR | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 14414
Error - 9/26/2012 6:27:30 AM | Computer Name = MININT-219G9RR | Source = CVHSVC | ID = 100 Description = Information only. Too many failures while downloading ranges: 2
Error - 9/26/2012 6:28:01 AM | Computer Name = MININT-219G9RR | Source = CVHSVC | ID = 100 Description = Information only. (Stream product id=0x0066): Streaming Failed
Error - 9/26/2012 6:36:09 AM | Computer Name = MININT-219G9RR | Source = CVHSVC | ID = 100 Description = Information only. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.
[ System Events ] Error - 9/26/2012 6:22:07 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7023 Description = The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
Error - 9/26/2012 6:22:07 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7001 Description = The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
Error - 9/26/2012 6:25:52 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7023 Description = The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
Error - 9/26/2012 6:25:54 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7003 Description = The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
Error - 9/26/2012 6:25:55 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7023 Description = The Computer Browser service terminated with the following error: %%1060
Error - 9/26/2012 6:26:00 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7003 Description = The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
Error - 9/26/2012 6:26:00 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7003 Description = The SBSD Security Center Service service depends the following service: wscsvc. This service might not be installed.
Error - 9/26/2012 6:26:37 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7023 Description = The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
Error - 9/26/2012 6:26:37 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7001 Description = The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
Error - 9/26/2012 6:27:26 AM | Computer Name = MININT-219G9RR | Source = DCOM | ID = 10016 Description = | actions · 2012-Sep-26 6:11 pm · (locked) | lilhurricaneCrunchin' For Cures Numquam oblita join:2003-01-11 Purple Zone |
Re: otl[color=#E56717]========== Files/Folders - Created Within 360 Days ==========[/color]
[2012/09/25 22:51:42 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Malwarebytes [2012/09/25 22:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/09/25 22:50:10 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/09/25 22:50:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/09/25 22:50:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/09/25 21:33:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Steve\Desktop\OTL.exe [2012/09/25 21:32:11 | 010,524,080 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Steve\Desktop\mbam-setup-1.65.0.1400.exe [2012/09/25 21:31:32 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Steve\Desktop\TFC.exe [2012/09/25 21:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2012/09/25 21:12:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012/09/25 21:12:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2012/09/25 18:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TRENDnet [2012/09/25 18:46:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TRENDnet [2012/09/25 01:43:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared [2012/09/25 01:43:02 | 000,198,864 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll [2012/09/25 01:42:56 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll [2012/09/25 01:42:56 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll [2012/09/25 01:42:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks [2012/09/25 01:42:55 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2012/09/24 06:14:34 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\Wizards of the Coast [2012/09/23 21:38:44 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Risen2 [2012/09/23 21:38:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2012/09/23 21:08:09 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\Shiner [2012/09/23 17:36:42 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\Secret Files 3 [2012/09/23 17:22:24 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Dynamite Jack [2012/09/23 09:32:52 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\Book of Unwritten Tales - Demo [2012/09/23 09:19:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA [2012/09/23 09:01:17 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\uqm [2012/09/23 09:01:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Ur-Quan Masters [2012/09/22 18:28:47 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Windows Live [2012/09/22 16:25:37 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA% [2012/09/22 03:00:35 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/09/22 03:00:35 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/09/22 03:00:34 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/09/22 03:00:34 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/09/22 03:00:34 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/09/22 03:00:34 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/09/22 03:00:34 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012/09/22 03:00:34 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/09/22 03:00:33 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/09/22 03:00:33 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012/09/22 03:00:33 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/09/22 03:00:33 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012/09/22 03:00:32 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/09/22 03:00:32 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/09/22 03:00:32 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012/09/21 21:00:21 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Mozilla [2012/09/21 21:00:21 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Mozilla [2012/09/21 21:00:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012/09/21 21:00:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012/09/21 21:00:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012/09/11 20:04:32 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys [2012/09/11 20:04:31 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2012/09/11 20:04:30 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2012/09/11 20:04:30 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2012/09/06 22:33:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 3 Demo [2012/09/05 03:00:32 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012/09/05 03:00:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012/09/05 03:00:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012/08/30 00:16:46 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Subversion [2012/08/29 23:58:02 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\fltk.org [2012/08/29 23:58:02 | 000,000,000 | ---D | C] -- C:\ProgramData\fltk.org [2012/08/29 23:56:07 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\flightgear.org [2012/08/29 23:56:07 | 000,000,000 | ---D | C] -- C:\ProgramData\flightgear.org [2012/08/29 23:56:05 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2012/08/29 23:56:04 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2012/08/29 23:56:04 | 000,122,904 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2012/08/29 23:56:04 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2012/08/29 23:56:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL [2012/08/29 23:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\FlightGear [2012/08/29 23:32:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! [2012/08/29 23:32:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo! [2012/08/29 15:46:43 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\Games for Windows - LIVE Demos [2012/08/29 04:02:03 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Chromium [2012/08/29 03:25:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games [2012/08/29 03:24:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2012/08/29 03:24:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2012/08/29 03:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2012/08/29 02:37:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios [2012/08/29 02:37:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Hi-Rez Studios [2012/08/29 02:37:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hi-Rez Studios [2012/08/14 13:19:12 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2012/08/14 13:19:07 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2012/08/14 13:19:06 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2012/08/14 13:19:06 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe [2012/08/14 13:19:02 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012/08/14 13:19:02 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012/08/14 13:19:02 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2012/08/14 13:18:57 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2012/08/08 04:13:03 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Package Cache [2012/07/30 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\America's Army 3 [2012/07/30 11:27:34 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\My Games [2012/07/30 11:27:33 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\My Games [2012/07/30 10:38:29 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2012/07/30 10:33:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2012/07/30 10:33:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2012/07/30 10:33:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2012/07/11 08:15:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012/07/11 08:15:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012/07/11 08:14:59 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012/07/11 08:14:55 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012/07/11 08:14:54 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012/07/09 17:36:57 | 006,151,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2012/07/09 17:36:57 | 003,149,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2012/07/09 17:36:57 | 000,118,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2012/07/09 17:36:57 | 000,063,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2012/07/09 17:36:51 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012/07/09 17:36:51 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012/07/09 17:36:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012/07/08 16:58:32 | 000,295,936 | ---- | C] (Thrustmaster) -- C:\Windows\SysNative\tmffbcpl.dll [2012/07/08 16:58:32 | 000,208,304 | ---- | C] (Macrovision Corporation) -- C:\Windows\SysNative\isrt.dll [2012/07/08 16:58:32 | 000,102,832 | ---- | C] (Macrovision Corporation) -- C:\Windows\SysNative\_IsRes.dll [2012/07/08 16:58:32 | 000,041,984 | ---- | C] (Thrustmaster) -- C:\Windows\SysNative\tmffbdrv.dll [2012/07/08 16:58:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thrustmaster [2012/07/08 16:58:18 | 000,253,952 | ---- | C] (Thrustmaster) -- C:\Windows\SysWow64\tmffbcpl.dll [2012/07/08 16:58:18 | 000,034,304 | ---- | C] (Thrustmaster) -- C:\Windows\SysWow64\tmffbdrv.dll [2012/07/08 16:58:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Thrustmaster [2012/07/08 16:58:03 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\InstallShield [2012/07/06 21:46:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012/07/06 21:45:27 | 025,743,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2012/07/06 21:45:27 | 019,607,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012/07/06 21:45:27 | 008,105,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2012/07/06 21:45:27 | 000,818,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2012/07/06 21:45:27 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll [2012/07/06 21:45:27 | 000,301,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll [2012/07/06 21:45:27 | 000,246,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2012/07/06 21:45:27 | 000,202,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2012/07/06 21:45:26 | 025,248,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012/07/06 21:45:26 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012/07/06 21:45:26 | 008,139,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012/07/06 21:45:26 | 005,982,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012/07/06 21:45:26 | 002,881,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012/07/06 21:45:26 | 002,681,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012/07/06 21:45:26 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2012/07/06 21:45:26 | 002,445,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012/07/06 21:45:26 | 002,368,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2012/06/26 17:26:33 | 000,000,000 | ---D | C] -- C:\Program Files\HijackThis [2012/06/25 20:04:36 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\SUPERAntiSpyware.com [2012/06/25 20:04:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2012/06/25 20:04:17 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2012/06/25 20:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2012/06/23 22:01:56 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\RealNetworks [2012/06/23 21:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real [2012/06/23 21:55:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2012/06/23 21:55:35 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Real [2012/06/21 07:45:49 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012/06/21 07:45:49 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012/06/21 07:45:49 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012/06/21 07:45:45 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012/06/21 07:45:45 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012/06/21 07:45:45 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012/06/21 07:45:41 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012/06/21 07:45:41 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012/06/12 21:57:05 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012/06/12 21:57:05 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012/06/12 21:57:05 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012/06/12 21:56:57 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012/06/12 21:56:56 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012/06/12 21:56:56 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012/06/12 21:56:49 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012/06/12 21:56:45 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012/06/12 21:56:45 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012/06/10 22:12:56 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\CyberLink [2012/06/10 22:12:56 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\CyberLink [2012/06/10 22:12:56 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Cyberlink [2012/06/10 22:12:54 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink [2012/05/24 21:00:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net [2012/05/17 18:10:33 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\Diablo III [2012/05/17 05:25:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III [2012/05/17 05:25:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III [2012/05/14 09:52:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012/05/14 09:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012/05/14 09:51:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012/05/09 00:05:27 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012/04/30 23:04:00 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Phantasmat_bf_se1 [2012/04/30 22:47:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bfgclient [2012/04/26 05:30:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012/04/26 05:29:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2012/04/14 10:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compare It! [2012/04/14 10:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Compare It! [2012/04/14 09:48:47 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\registry [2012/04/12 03:00:25 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012/04/12 03:00:25 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2012/04/12 03:00:25 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [2012/04/01 10:06:44 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/03/31 20:01:35 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\BioWare [2012/03/31 18:34:47 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Apple Computer [2012/03/31 18:34:47 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Apple Computer [2012/03/31 18:34:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012/03/31 18:34:43 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll [2012/03/31 18:34:43 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll [2012/03/31 18:34:43 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2012/03/31 18:34:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012/03/31 18:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012/03/31 18:34:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012/03/31 18:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012/03/31 18:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012/03/31 18:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2012/03/31 18:34:33 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Apple [2012/03/31 18:34:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2012/03/31 18:34:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2012/03/31 18:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012/03/31 18:34:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2012/03/31 18:33:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2012/03/31 18:33:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2012/03/17 12:00:55 | 010,194,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2012/03/17 12:00:55 | 001,451,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll [2012/03/17 12:00:55 | 000,949,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll [2012/03/17 12:00:55 | 000,188,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys [2012/03/17 12:00:55 | 000,031,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2012/03/17 11:58:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012/03/17 11:57:57 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012/03/17 11:57:57 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012/03/17 11:57:57 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012/03/17 11:57:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012/03/14 06:27:46 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2012/03/14 06:27:46 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll [2012/03/07 22:22:54 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\gtk-2.0 [2012/03/07 22:22:48 | 000,000,000 | ---D | C] -- C:\Users\Steve\.thumbnails [2012/03/07 22:14:23 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\gegl-0.0 [2012/03/07 22:14:23 | 000,000,000 | ---D | C] -- C:\Users\Steve\.gimp-2.6 [2012/03/07 22:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP [2012/03/07 22:13:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0 [2012/02/28 00:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs [2012/02/27 23:52:01 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\.minecraft [2012/02/15 20:24:41 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2012/02/15 20:24:40 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2012/02/15 20:24:40 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2012/02/15 20:24:34 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2012/02/15 11:01:50 | 004,547,944 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\usbaaplrc.dll [2012/02/15 11:01:50 | 000,052,736 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys [2012/01/15 11:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012/01/15 11:29:29 | 003,074,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2012/01/15 11:29:01 | 001,452,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420102.dll [2012/01/15 10:54:47 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012/01/15 10:54:47 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012/01/15 10:54:47 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012/01/15 10:54:47 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012/01/15 10:54:47 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012/01/15 10:54:47 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012/01/15 10:29:54 | 018,044,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2012/01/15 10:29:54 | 015,322,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2012/01/15 10:29:54 | 002,741,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2012/01/15 10:29:54 | 001,738,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll [2012/01/15 10:29:54 | 001,468,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll [2012/01/11 14:07:34 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012/01/11 14:07:34 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012/01/11 14:07:34 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012/01/11 14:07:34 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012/01/11 14:07:32 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012/01/11 14:07:31 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012/01/11 14:07:31 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2011/12/20 22:49:48 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\SWTOR [2011/12/20 22:49:48 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\HeroBlade Logs [2011/12/20 20:35:13 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Unity [2011/12/20 19:34:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA [2011/12/20 19:34:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare [2011/12/14 19:45:36 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2011/12/14 19:45:30 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2011/12/14 19:45:30 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2011/12/09 10:44:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2011/12/09 10:34:19 | 000,000,000 | ---D | C] -- C:\NVIDIA [2011/12/09 10:23:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Phyxion.net [2011/11/22 07:29:34 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2011/11/22 07:29:34 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2011/11/21 17:36:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins [2011/11/21 09:10:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3 [2011/11/21 09:09:43 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2011/11/21 09:09:43 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2011/11/21 09:09:43 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2011/11/21 09:09:43 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2011/11/21 09:09:43 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2011/11/21 09:09:43 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2011/11/21 09:09:42 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2011/11/21 09:09:42 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2011/11/21 09:09:42 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2011/11/21 09:09:42 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2011/11/21 09:09:42 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2011/11/21 09:09:42 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2011/11/21 09:09:42 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2011/11/21 09:09:41 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2011/11/21 09:09:41 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2011/11/21 09:09:41 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2011/11/21 09:09:41 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2011/11/21 09:09:41 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2011/11/21 09:09:41 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2011/11/21 09:09:41 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2011/11/21 09:09:41 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2011/11/21 09:09:41 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2011/11/21 09:09:41 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2011/11/21 09:09:41 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2011/11/21 09:09:41 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2011/11/21 09:09:41 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2011/11/21 09:09:40 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2011/11/21 09:09:40 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2011/11/21 09:09:40 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2011/11/21 09:09:40 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2011/11/21 09:09:39 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2011/11/21 09:09:39 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2011/11/21 09:09:39 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2011/11/21 09:09:39 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2011/11/21 09:09:39 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2011/11/21 09:09:39 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2011/11/21 09:09:38 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2011/11/21 09:09:38 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2011/11/21 09:09:38 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2011/11/21 09:09:38 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2011/11/21 09:09:37 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2011/11/21 09:09:37 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2011/11/21 09:09:37 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2011/11/21 09:09:37 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2011/11/21 09:09:37 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2011/11/21 09:09:37 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2011/11/21 09:09:37 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2011/11/21 09:09:37 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2011/11/21 09:09:37 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2011/11/21 09:09:37 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2011/11/21 09:09:36 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2011/11/21 09:09:36 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2011/11/21 09:09:36 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2011/11/21 09:09:36 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2011/11/21 09:09:35 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2011/11/21 09:09:35 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2011/11/21 09:09:35 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2011/11/21 09:09:35 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2011/11/21 09:09:35 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2011/11/21 09:09:35 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2011/11/21 09:09:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2011/11/21 09:09:35 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2011/11/21 09:09:35 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2011/11/21 09:09:35 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2011/11/21 09:09:35 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2011/11/21 09:09:35 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2011/11/21 09:09:35 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2011/11/21 09:09:35 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2011/11/21 09:09:35 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2011/11/21 09:09:35 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2011/11/21 09:09:34 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2011/11/21 09:09:34 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2011/11/21 09:09:34 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2011/11/21 09:09:33 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2011/11/21 09:09:33 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2011/11/21 09:09:33 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2011/11/21 09:09:33 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2011/11/21 09:09:33 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2011/11/21 09:09:33 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2011/11/21 09:09:33 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2011/11/21 09:09:33 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2011/11/21 09:09:32 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2011/11/21 09:09:32 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2011/11/21 09:09:32 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2011/11/21 09:09:32 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2011/11/21 09:09:32 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2011/11/21 09:09:32 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2011/11/21 09:09:32 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2011/11/21 09:09:32 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2011/11/21 09:09:32 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2011/11/21 09:09:32 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2011/11/21 09:09:32 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2011/11/21 09:09:32 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2011/11/21 09:09:31 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2011/11/21 09:09:31 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2011/11/21 09:09:31 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2011/11/21 09:09:31 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2011/11/21 09:09:30 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2011/11/21 09:09:30 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2011/11/21 09:09:30 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2011/11/21 09:09:30 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2011/11/21 09:09:30 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2011/11/21 09:09:30 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2011/11/21 09:09:30 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2011/11/21 09:09:30 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2011/11/21 09:09:29 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2011/11/21 09:09:29 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2011/11/21 09:09:29 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2011/11/21 09:09:29 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2011/11/21 09:09:28 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2011/11/21 09:09:28 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2011/11/21 09:09:28 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2011/11/21 09:09:28 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2011/11/21 09:09:27 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2011/11/21 09:09:27 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2011/11/21 09:09:27 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2011/11/21 09:09:27 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2011/11/21 09:09:27 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2011/11/21 09:09:27 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2011/11/21 09:09:26 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2011/11/21 09:09:26 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2011/11/21 09:09:26 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2011/11/21 09:09:26 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2011/11/21 09:09:26 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2011/11/21 09:09:26 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2011/11/21 09:09:26 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2011/11/21 09:09:26 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2011/11/21 09:09:26 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2011/11/21 09:09:26 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2011/11/21 09:09:25 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2011/11/21 09:09:25 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2011/11/21 09:09:25 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2011/11/21 09:09:25 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2011/11/21 09:09:25 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2011/11/21 09:09:25 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2011/11/21 09:09:25 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2011/11/21 09:09:25 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2011/11/21 09:09:24 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2011/11/21 09:09:24 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2011/11/21 09:09:24 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2011/11/21 09:09:24 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2011/11/21 09:09:24 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2011/11/21 09:09:24 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2011/11/21 09:09:24 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2011/11/21 09:09:24 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2011/11/21 09:09:23 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2011/11/21 09:09:23 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2011/11/21 09:09:23 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2011/11/21 09:09:23 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2011/11/21 09:09:23 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2011/11/21 09:09:23 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2011/11/21 09:09:23 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2011/11/21 09:09:23 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2011/11/21 09:09:23 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2011/11/21 09:09:23 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2011/11/21 09:09:23 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2011/11/21 09:09:23 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2011/11/21 09:09:19 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2011/11/21 09:09:19 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2011/11/21 09:09:18 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2011/11/21 09:09:18 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2011/11/21 09:09:18 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2011/11/21 09:09:18 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2011/11/21 09:09:18 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2011/11/21 09:09:18 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2011/11/21 09:09:18 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2011/11/21 09:09:18 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2011/11/21 09:09:17 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2011/11/21 09:09:17 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2011/11/21 09:09:16 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2011/11/21 09:09:16 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2011/11/21 09:09:16 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2011/11/21 09:09:16 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2011/11/21 09:09:15 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2011/11/21 09:09:15 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2011/11/21 07:35:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games [2011/11/18 12:53:18 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\ASUS [2011/11/18 12:51:54 | 005,473,280 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysNative\ATKOSDX64.dll [2011/11/18 12:51:54 | 005,463,552 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysWow64\ATKOSDX32.dll [2011/11/18 12:51:54 | 002,212,864 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysNative\ATKDispCPL.dll [2011/11/18 12:51:54 | 001,354,240 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\atklumdispx.dll [2011/11/18 12:51:54 | 000,151,040 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\atkdx11dispx.dll [2011/11/18 12:51:54 | 000,150,528 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\atkdx10dispx.dll [2011/11/18 12:51:54 | 000,102,400 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysWow64\NetVideo_SBS.ax [2011/11/18 12:51:54 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devcon.exe [2011/11/18 12:51:54 | 000,063,488 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysNative\ATKFUSService.exe [2011/11/18 12:51:54 | 000,039,424 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys [2011/11/18 12:51:54 | 000,039,424 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\ATKDispLowFilter.sys [2011/11/18 12:51:54 | 000,017,792 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\asusgsb.sys [2011/11/18 12:51:54 | 000,017,792 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\asusgsb.sys [2011/11/18 12:51:54 | 000,016,896 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysNative\ATKOGL64.dll [2011/11/18 12:51:54 | 000,015,360 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysWow64\ATKOGL32.dll [2011/11/18 12:51:54 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS [2011/11/18 12:51:53 | 001,336,320 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysWow64\ATKLUMDISP.dll [2011/11/18 12:51:53 | 000,135,168 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysWow64\atkdx11disp.dll [2011/11/18 12:51:53 | 000,135,168 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysWow64\atkdx10disp.dll [2011/11/18 12:51:53 | 000,102,400 | ---- | C] (ASMedia Techonology) -- C:\Windows\ASMT_CE.dll [2011/11/18 12:51:53 | 000,071,680 | ---- | C] (ASMedia Technology) -- C:\Windows\i2c.dll [2011/11/18 12:51:53 | 000,069,632 | ---- | C] (ASMedia Technology) -- C:\Windows\i2c_i.dll [2011/11/18 12:51:53 | 000,068,608 | ---- | C] (ASMedia Technology) -- C:\Windows\nVGA_i2c.dll [2011/11/18 11:51:01 | 000,023,680 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\IOMap64.sys [2011/11/18 11:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS [2011/11/18 11:31:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS [2011/11/18 11:30:59 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS [2011/11/18 11:30:18 | 000,016,384 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\EIO64.sys [2011/11/11 14:54:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2011/11/10 19:49:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2011/11/10 19:16:20 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\ElevatedDiagnostics [2011/11/04 21:13:18 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011/11/02 00:29:08 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\ESN Sonar [2011/10/28 19:03:22 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\PunkBuster [2011/10/28 19:03:18 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\Battlefield 3 [2011/10/28 19:00:07 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2011/10/26 00:51:38 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller [2011/10/25 19:50:08 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Origin [2011/10/25 19:49:56 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Origin [2011/10/25 19:47:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2011/10/25 19:47:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2011/10/25 19:47:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2011/10/25 19:47:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin [2011/10/25 19:20:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2011/10/25 19:19:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2011/10/24 14:29:02 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx [2011/10/24 14:29:02 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts [2011/10/16 08:59:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Backup [2011/10/16 08:57:38 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RegInOut [2011/10/16 08:57:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegInOut [2011/10/16 08:51:16 | 000,000,000 | ---D | C] -- C:\Users\Steve\.swt [2011/10/16 08:49:50 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Conduit [2011/10/16 08:43:24 | 000,000,000 | ---D | C] -- C:\ProgramData\RegInOut [2011/10/16 08:43:17 | 000,000,000 | ---D | C] -- C:\Windows\RegInOut System Utilities [2011/10/12 14:51:57 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2011/10/12 14:51:57 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2011/10/12 14:51:57 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax [2011/10/12 14:51:56 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax [2011/10/12 14:51:48 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll [2011/10/12 14:51:47 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2011/10/02 22:11:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snood 4 [2011/10/02 22:11:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Snood 4 [2011/10/02 15:57:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe | actions · 2012-Sep-26 6:11 pm · (locked) | lilhurricane |
[color=#E56717]========== Files - Modified Within 360 Days ==========[/color]
[2012/09/26 06:33:19 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/09/26 06:33:19 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/09/26 06:30:15 | 000,194,466 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/09/26 06:30:15 | 000,151,486 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/09/26 06:30:15 | 000,049,634 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/09/26 06:26:27 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/09/26 06:25:49 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/09/26 06:25:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/09/26 06:25:34 | 2039,832,575 | -HS- | M] () -- C:\hiberfil.sys [2012/09/26 06:22:11 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-943956546-1219100726-2847664145-1002UA.job [2012/09/26 06:22:11 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/09/25 22:06:59 | 000,444,411 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/09/25 21:34:24 | 000,881,724 | ---- | M] () -- C:\Users\Steve\Desktop\SecurityCheck.exe [2012/09/25 21:33:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Steve\Desktop\OTL.exe [2012/09/25 21:32:19 | 010,524,080 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Steve\Desktop\mbam-setup-1.65.0.1400.exe [2012/09/25 21:31:33 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Steve\Desktop\TFC.exe [2012/09/25 21:12:45 | 000,001,288 | ---- | M] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2012/09/25 21:06:09 | 000,002,277 | ---- | M] () -- C:\ProgramData\SYSTEM_CLEANER_HISTORY.xml [2012/09/25 17:42:10 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-943956546-1219100726-2847664145-1002Core.job [2012/09/25 01:43:02 | 000,198,864 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll [2012/09/25 01:42:56 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll [2012/09/25 01:42:56 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll [2012/09/25 01:42:55 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2012/09/23 09:40:17 | 000,001,059 | ---- | M] () -- C:\Users\Steve\Desktop\The Ur-Quan Masters.lnk [2012/09/15 12:58:44 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012/09/15 12:58:44 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012/09/15 12:58:35 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012/09/07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/09/06 22:33:54 | 000,001,514 | ---- | M] () -- C:\Users\Public\Desktop\Mass Effect 3 Demo.lnk [2012/09/03 15:54:53 | 000,000,015 | ---- | M] () -- C:\Users\Steve\AppData\Local\X-Plane_drm.prf [2012/08/30 10:16:33 | 000,000,080 | ---- | M] () -- C:\Users\Steve\AppData\Local\X-Plane Installer.prf [2012/08/29 23:56:05 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2012/08/29 23:56:04 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2012/08/29 23:56:04 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2012/08/29 23:56:04 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2012/08/29 16:05:46 | 000,001,752 | ---- | M] () -- C:\Users\Steve\Desktop\Flight.exe - Shortcut.lnk [2012/08/29 04:00:59 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/08/29 02:37:21 | 000,002,039 | ---- | M] () -- C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk [2012/08/29 02:37:21 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Tribes Ascend.lnk [2012/08/24 06:31:32 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/08/24 06:20:11 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012/08/24 06:18:46 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/08/24 06:14:45 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012/08/24 06:14:34 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/08/24 06:13:29 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012/08/24 06:11:57 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012/08/24 06:10:14 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/08/24 06:04:06 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/08/24 02:51:02 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/08/24 02:49:57 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/08/24 02:47:36 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/08/24 02:47:26 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/08/24 02:44:10 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/08/24 02:40:11 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/08/22 14:12:40 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2012/08/22 14:12:33 | 000,288,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2012/08/15 03:21:54 | 000,275,768 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/08/08 04:13:06 | 000,001,903 | ---- | M] () -- C:\Users\Steve\Desktop\MechWarrior Online.lnk [2012/08/02 13:58:52 | 000,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2012/07/30 22:25:29 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012/07/30 11:56:32 | 003,360,624 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe [2012/07/30 11:06:09 | 000,000,775 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk [2012/07/30 10:39:09 | 000,000,220 | ---- | M] () -- C:\Users\Steve\Desktop\Sid Meier's Civilization V.url [2012/07/30 10:38:29 | 000,000,221 | ---- | M] () -- C:\Users\Steve\Desktop\America's Army 3.url [2012/07/30 10:33:39 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2012/07/04 18:16:43 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012/07/04 18:13:27 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012/07/04 17:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2012/07/04 16:26:03 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys [2012/06/25 20:04:19 | 000,001,814 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2012/06/06 02:02:54 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012/06/06 01:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012/06/02 18:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012/06/02 18:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012/06/02 18:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012/06/02 18:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012/06/02 18:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012/06/02 18:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012/06/02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012/06/02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012/06/02 01:44:21 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012/05/17 05:26:03 | 000,001,195 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk [2012/05/15 06:48:00 | 025,743,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2012/05/15 06:48:00 | 025,248,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012/05/15 06:48:00 | 019,607,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012/05/15 06:48:00 | 018,044,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2012/05/15 06:48:00 | 017,551,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012/05/15 06:48:00 | 015,322,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2012/05/15 06:48:00 | 010,194,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2012/05/15 06:48:00 | 008,139,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012/05/15 06:48:00 | 008,105,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2012/05/15 06:48:00 | 005,982,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012/05/15 06:48:00 | 002,881,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012/05/15 06:48:00 | 002,741,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2012/05/15 06:48:00 | 002,681,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012/05/15 06:48:00 | 002,524,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2012/05/15 06:48:00 | 002,445,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012/05/15 06:48:00 | 002,368,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2012/05/15 06:48:00 | 001,738,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll [2012/05/15 06:48:00 | 001,468,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll [2012/05/15 06:48:00 | 000,949,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll [2012/05/15 06:48:00 | 000,818,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2012/05/15 06:48:00 | 000,364,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll [2012/05/15 06:48:00 | 000,301,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll [2012/05/15 06:48:00 | 000,246,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2012/05/15 06:48:00 | 000,202,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2012/05/15 06:48:00 | 000,068,928 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012/05/15 06:48:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012/05/15 06:48:00 | 000,014,324 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2012/05/15 05:29:46 | 000,118,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2012/05/15 05:29:46 | 000,063,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2012/05/15 05:29:45 | 002,621,723 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin [2012/05/15 05:29:25 | 003,149,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2012/05/15 05:28:42 | 006,151,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2012/05/15 02:21:50 | 000,423,744 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe [2012/05/14 01:26:34 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2012/05/09 23:15:17 | 000,007,605 | ---- | M] () -- C:\Users\Steve\AppData\Local\resmon.resmoncfg [2012/05/05 04:36:55 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2012/05/04 07:06:22 | 005,559,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012/05/04 06:03:53 | 003,968,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012/05/04 06:03:50 | 003,913,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012/04/26 01:41:56 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012/04/26 01:41:55 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012/04/26 01:34:27 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012/04/24 01:37:37 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012/04/24 01:37:36 | 001,462,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012/04/07 08:31:40 | 003,216,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012/04/01 10:06:44 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/03/17 11:57:54 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2012/03/17 11:57:54 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012/03/17 11:57:54 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012/03/17 11:57:54 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012/03/07 23:09:39 | 000,261,582 | ---- | M] () -- C:\Users\Steve\Documents\cuteFM_Pet-Care-Contract2.pdf [2012/03/07 22:54:58 | 000,001,504 | ---- | M] () -- C:\Users\Steve\.recently-used.xbel [2012/03/07 22:35:16 | 000,261,189 | ---- | M] () -- C:\Users\Steve\Documents\cuteFM_Pet-Care-Contract.pdf [2012/03/07 22:21:58 | 001,428,745 | ---- | M] () -- C:\Users\Steve\Documents\FM_Pet-Care-Contract.pdf [2012/03/03 02:35:38 | 001,544,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [2012/03/01 02:38:27 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012/03/01 02:33:50 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2012/02/29 04:04:32 | 000,188,364 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/02/17 02:38:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2012/02/17 01:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll [2012/02/15 11:01:50 | 004,547,944 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\usbaaplrc.dll [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys [2012/02/11 02:43:47 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2012/02/11 02:36:01 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\splwow64.exe [2012/02/11 01:43:49 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2012/01/17 08:46:01 | 000,031,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2012/01/17 08:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys [2012/01/17 08:45:55 | 001,451,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll [2012/01/04 06:44:20 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2011/12/30 02:26:08 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2011/12/30 01:27:56 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2011/12/27 11:39:01 | 492,519,764 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011/12/16 04:46:06 | 000,634,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2011/12/06 19:22:44 | 000,001,176 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk [2011/11/19 10:58:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2011/11/19 10:01:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2011/11/18 11:30:18 | 000,016,384 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\EIO64.sys [2011/11/17 02:41:18 | 001,731,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2011/11/17 02:35:28 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2011/11/17 02:35:26 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2011/11/17 02:35:26 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2011/11/17 02:35:25 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2011/11/17 02:35:19 | 001,447,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2011/11/17 01:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2011/11/11 20:55:10 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk [2011/10/26 01:25:16 | 001,572,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2011/10/26 01:25:15 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2011/10/26 01:21:20 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2011/10/26 00:32:11 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2011/10/26 00:32:11 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2011/10/24 14:29:02 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx [2011/10/24 14:29:02 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts [2011/10/20 18:50:00 | 003,074,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2011/10/16 09:18:12 | 000,000,240 | ---- | M] () -- C:\Users\Steve\Desktop\Age of Conan.lnk [2011/10/16 08:50:36 | 000,001,854 | ---- | M] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk [2011/10/15 02:31:56 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2011/10/15 01:38:59 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2011/10/02 22:11:28 | 000,000,043 | ---- | M] () -- C:\END [2011/10/02 20:12:09 | 000,000,336 | ---- | M] () -- C:\Windows\game.ini
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012/09/25 21:34:24 | 000,881,724 | ---- | C] () -- C:\Users\Steve\Desktop\SecurityCheck.exe [2012/09/25 21:12:45 | 000,001,288 | ---- | C] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2012/09/23 09:40:17 | 000,001,059 | ---- | C] () -- C:\Users\Steve\Desktop\The Ur-Quan Masters.lnk [2012/09/21 21:00:15 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012/09/06 22:33:54 | 000,001,514 | ---- | C] () -- C:\Users\Public\Desktop\Mass Effect 3 Demo.lnk [2012/08/30 10:17:00 | 000,000,015 | ---- | C] () -- C:\Users\Steve\AppData\Local\X-Plane_drm.prf [2012/08/30 10:16:33 | 000,000,080 | ---- | C] () -- C:\Users\Steve\AppData\Local\X-Plane Installer.prf [2012/08/29 16:05:46 | 000,001,752 | ---- | C] () -- C:\Users\Steve\Desktop\Flight.exe - Shortcut.lnk [2012/08/29 03:24:25 | 000,001,344 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk [2012/08/29 02:37:21 | 000,002,039 | ---- | C] () -- C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk [2012/08/29 02:37:21 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Tribes Ascend.lnk [2012/08/08 04:13:06 | 000,001,903 | ---- | C] () -- C:\Users\Steve\Desktop\MechWarrior Online.lnk [2012/07/30 10:39:09 | 000,000,220 | ---- | C] () -- C:\Users\Steve\Desktop\Sid Meier's Civilization V.url [2012/07/30 10:38:29 | 000,000,221 | ---- | C] () -- C:\Users\Steve\Desktop\America's Army 3.url [2012/07/30 10:33:39 | 000,000,923 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2012/07/09 17:36:57 | 002,621,723 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin [2012/06/25 20:04:19 | 000,001,814 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2012/05/17 05:25:50 | 000,001,195 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk [2012/05/15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012/04/30 22:47:13 | 000,001,933 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk [2012/04/30 22:47:13 | 000,001,248 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk [2012/04/01 10:06:54 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/03/31 18:34:32 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012/03/07 23:09:50 | 000,261,582 | ---- | C] () -- C:\Users\Steve\Documents\cuteFM_Pet-Care-Contract2.pdf [2012/03/07 22:54:58 | 000,001,504 | ---- | C] () -- C:\Users\Steve\.recently-used.xbel [2012/03/07 22:35:33 | 000,261,189 | ---- | C] () -- C:\Users\Steve\Documents\cuteFM_Pet-Care-Contract.pdf [2012/03/07 22:22:06 | 001,428,745 | ---- | C] () -- C:\Users\Steve\Documents\FM_Pet-Care-Contract.pdf [2012/01/15 10:29:54 | 000,014,324 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2011/11/21 09:10:06 | 000,001,176 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk [2011/11/18 12:51:54 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax [2011/11/18 12:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asrussian.dll [2011/11/18 12:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\askorean.dll [2011/11/18 12:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asjapan.dll [2011/11/18 12:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asgerman.dll [2011/11/18 12:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asfrench.dll [2011/11/18 12:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\aseng.dll [2011/11/18 12:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\ASCHT.dll [2011/11/18 12:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\aschs.dll [2011/11/18 12:51:54 | 000,010,766 | ---- | C] () -- C:\Windows\SysNative\asusgsb.cat [2011/11/18 12:51:54 | 000,010,733 | ---- | C] () -- C:\Windows\SysNative\ATKDispLowFilter.cat [2011/11/18 12:51:54 | 000,002,109 | ---- | C] () -- C:\Windows\SysNative\asusgsb.inf [2011/11/18 12:51:54 | 000,001,849 | ---- | C] () -- C:\Windows\SysNative\ATKDispLowFilter.inf [2011/11/18 12:51:53 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011/11/18 12:51:53 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011/11/18 12:51:53 | 000,002,963 | ---- | C] () -- C:\Windows\SysWow64\xvid.inf [2011/11/18 11:28:49 | 000,013,416 | ---- | C] () -- C:\Windows\SysNative\drivers\nvflash.sys [2011/10/29 11:35:23 | 000,007,605 | ---- | C] () -- C:\Users\Steve\AppData\Local\resmon.resmoncfg [2011/10/28 19:03:25 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011/10/26 06:22:05 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011/10/25 19:47:10 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk [2011/10/25 19:20:05 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011/10/16 09:18:12 | 000,000,240 | ---- | C] () -- C:\Users\Steve\Desktop\Age of Conan.lnk [2011/10/16 09:08:11 | 000,002,277 | ---- | C] () -- C:\ProgramData\SYSTEM_CLEANER_HISTORY.xml [2011/10/16 08:50:36 | 000,001,854 | ---- | C] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk [2011/10/02 22:10:15 | 000,000,043 | ---- | C] () -- C:\END [2011/10/02 20:12:09 | 000,000,336 | ---- | C] () -- C:\Windows\game.ini [2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011/09/04 18:46:54 | 000,000,131 | ---- | C] () -- C:\Users\Steve\DeletePrintJobs.cmd [2011/08/26 18:22:30 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2011/08/21 20:30:13 | 002,484,592 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_p4f.exe [2011/08/21 19:03:12 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011/08/21 19:03:11 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/05/12 16:38:20 | 000,188,364 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/05/05 23:02:07 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2011/05/05 23:02:07 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2011/05/05 23:02:07 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2011/05/05 23:02:07 | 000,050,036 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2011/05/05 23:02:06 | 006,060,032 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011/05/05 23:02:06 | 004,069,888 | ---- | C] () -- C:\Windows\SysWow64\ig4dev32.dll [2011/05/05 23:02:06 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2011/05/05 22:15:46 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2011/05/05 22:15:46 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2011/05/05 20:19:25 | 000,000,051 | ---- | C] () -- C:\Windows\smsts.ini
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2012/09/22 16:19:57 | 000,002,048 | -HS- | M] () -- C:\$Recycle.Bin\S-1-5-18\$897557db40356dc477bcd07a7131fdbe\@ [2012/09/22 16:46:28 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$897557db40356dc477bcd07a7131fdbe\L [2012/09/26 06:24:23 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$897557db40356dc477bcd07a7131fdbe\U [2012/09/25 22:48:46 | 000,000,804 | ---- | M] () -- C:\$Recycle.Bin\S-1-5-18\$897557db40356dc477bcd07a7131fdbe\L\00000004.@ [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [2012/09/25 22:48:46 | 000,005,120 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini [2012/09/25 22:48:45 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 "ThreadingModel" = Both "" = C:\$Recycle.Bin\S-1-5-21-943956546-1219100726-2847664145-1002\$897557db40356dc477bcd07a7131fdbe\n.
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\$Recycle.Bin\S-1-5-18\$897557db40356dc477bcd07a7131fdbe\n. "ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
[color=#E56717]========== LOP Check ==========[/color]
[2012/02/27 23:52:01 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\.minecraft [2012/04/05 20:11:04 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Azureus [2012/09/23 17:35:07 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Dynamite Jack [2011/09/19 22:29:08 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\EleFun Games [2011/09/18 09:56:20 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Enki Games [2012/08/30 00:20:00 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\flightgear.org [2012/08/29 23:58:18 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\fltk.org [2012/03/07 22:54:58 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\gtk-2.0 [2011/08/30 22:17:59 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\LolClient [2011/07/24 22:04:02 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Mumble [2011/09/19 22:52:14 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\NevoSoft [2011/09/18 10:59:38 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Oberon Media [2012/07/19 21:46:32 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Origin [2012/04/30 23:06:33 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Phantasmat_bf_se1 [2011/10/04 20:11:09 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Raptr [2012/03/31 22:42:48 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\RIFT [2012/05/21 20:14:09 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\SoftGrid Client [2012/08/30 00:16:46 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Subversion [2011/08/04 20:56:15 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\TP [2012/09/23 13:06:36 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\uqm [2011/05/12 14:26:14 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\wargaming.net
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:F06079A3 @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:06C34166 @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:0BBF232A @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:ADE91125 @Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:F21CB906 | actions · 2012-Sep-26 6:12 pm · (locked) | lilhurricane |
extrasOTL Extras logfile created on: 9/26/2012 6:29:20 AM - Run 1 OTL by OldTimer - Version 3.2.68.0 Folder = C:\Users\Steve\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.87 Gb Total Physical Memory | 6.09 Gb Available Physical Memory | 77.39% Memory free 15.73 Gb Paging File | 13.76 Gb Available in Paging File | 87.46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 917.84 Gb Total Space | 466.08 Gb Free Space | 50.78% Space Free | Partition Type: NTFS Drive D: | 13.67 Gb Total Space | 7.50 Gb Free Space | 54.89% Space Free | Partition Type: NTFS Drive E: | 139.53 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: MININT-219G9RR | User Name: Steve | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] "" = "DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[color=#E56717]========== Firewall Settings ==========[/color]
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.12.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "CPUID CPU-Z_is1" = CPUID CPU-Z 1.57.1 "CutePDF Writer Installation" = CutePDF Writer 2.8 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "WinRAR archiver" = WinRAR 4.01 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.0 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic "{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}" = Tribes Ascend "{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD "{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}" = Thrustmaster Force Feedback Driver "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}" = Sophos Anti-Virus "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A1683CA7-4850-4A21-982B-C6D853C79AF7}" = Mass Effect 3 Demo "{A2AA1000-7C41-4BBB-A4DE-C728BC104106}" = IPSetup "{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn "{A760067A-C07E-1033-0000-A764AC000003}" = Avery Template - U_0088_01_P "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4) "{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR "{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3 "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{CA328CDF-A284-445E-AAE7-B24A11E97201}" = MechWarrior Online "{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype 5.10 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "8461-7759-5462-8226" = Vuze "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ATC_is1" = Advanced Tactical Center 1.0 "Battlelog Web Plugins" = Battlelog Web Plugins "BFGC" = Big Fish Games: Game Manager "Compare It!_is1" = Compare It! "Diablo III" = Diablo III "ESN Sonar-0.70.4" = ESN Sonar "GFWL_{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight "HijackThis" = HijackThis 1.99.1 "InstallShield_{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400 "mIRC" = mIRC "Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "Office14.Click2Run" = Microsoft Office Click-to-Run 2010 "OpenAL" = OpenAL "Origin" = Origin "PunkBusterSvc" = PunkBuster Services "Raptr" = Raptr "RealPlayer 15.0" = RealPlayer "RegInOut System Utilities 3.0.0.2" = RegInOut System Utilities 3.0.0.2 "RER Video Converter_is1" = RER Video Converter "Snood 4_is1" = Snood 4 "Steam App 13140" = America's Army 3 "Steam App 202610" = Risen 2 Demo "Steam App 208030" = Moon Breakers "Steam App 8930" = Sid Meier's Civilization V "Steam App 97330" = Magic: The Gathering - Duels of the Planeswalkers 2013 "The Ur-Quan Masters" = The Ur-Quan Masters 0.7.0 "VLC media player" = VLC media player 1.1.11 "WinGimp-2.0_is1" = GIMP 2.6.11 "WinLiveSuite_Wave3" = Windows Live Essentials "World of Warcraft" = World of Warcraft "Xfire" = Xfire (remove only) "xvid" = XviD MPEG-4 Video Codec "YTdetect" = Yahoo! Detect
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-943956546-1219100726-2847664145-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{4f004f4a-1930-4b55-83e6-61660211787f}" = MechWarrior Online "Google Chrome" = Google Chrome "UnityWebPlayer" = Unity Web Player
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ] Error - 9/25/2012 11:53:28 PM | Computer Name = MININT-219G9RR | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 12417
Error - 9/25/2012 11:53:29 PM | Computer Name = MININT-219G9RR | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second
Error - 9/25/2012 11:53:29 PM | Computer Name = MININT-219G9RR | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 13416
Error - 9/25/2012 11:53:29 PM | Computer Name = MININT-219G9RR | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 13416
Error - 9/25/2012 11:53:30 PM | Computer Name = MININT-219G9RR | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second
Error - 9/25/2012 11:53:30 PM | Computer Name = MININT-219G9RR | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 14414
Error - 9/25/2012 11:53:30 PM | Computer Name = MININT-219G9RR | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 14414
Error - 9/26/2012 6:27:30 AM | Computer Name = MININT-219G9RR | Source = CVHSVC | ID = 100 Description = Information only. Too many failures while downloading ranges: 2
Error - 9/26/2012 6:28:01 AM | Computer Name = MININT-219G9RR | Source = CVHSVC | ID = 100 Description = Information only. (Stream product id=0x0066): Streaming Failed
Error - 9/26/2012 6:36:09 AM | Computer Name = MININT-219G9RR | Source = CVHSVC | ID = 100 Description = Information only. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.
[ System Events ] Error - 9/26/2012 6:22:07 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7023 Description = The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
Error - 9/26/2012 6:22:07 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7001 Description = The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
Error - 9/26/2012 6:25:52 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7023 Description = The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
Error - 9/26/2012 6:25:54 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7003 Description = The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
Error - 9/26/2012 6:25:55 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7023 Description = The Computer Browser service terminated with the following error: %%1060
Error - 9/26/2012 6:26:00 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7003 Description = The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
Error - 9/26/2012 6:26:00 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7003 Description = The SBSD Security Center Service service depends the following service: wscsvc. This service might not be installed.
Error - 9/26/2012 6:26:37 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7023 Description = The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
Error - 9/26/2012 6:26:37 AM | Computer Name = MININT-219G9RR | Source = Service Control Manager | ID = 7001 Description = The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
Error - 9/26/2012 6:27:26 AM | Computer Name = MININT-219G9RR | Source = DCOM | ID = 10016 Description = | actions · 2012-Sep-26 6:12 pm · (locked) | |
Re: [Virus] My browsers were Hijacked Results of screen317's Security Check version 0.99.51 Windows 7 Service Pack 1 x64 [color=red](UAC is disabled!)[/color] Internet Explorer 9 [u]``````````````Antivirus/Firewall Check:``````````````[/u] [color=red]Windows Security Center service is not running! This report may not be accurate![/color] [size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size] [u]`````````Anti-malware/Other Utilities Check:`````````[/u] MVPS Hosts File [color=red]Out of date HijackThis installed![/color] Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.65.0.1400 HijackThis 1.99.1 Java(TM) 6 Update 31 [color=red]Java version out of Date![/color] Adobe Flash Player 10 [color=red]Flash Player out of Date![/color] Adobe Reader X (10.1.4) Mozilla Firefox 14.0.1 [color=red]Firefox out of Date![/color] Google Chrome 21.0.1180.83 Google Chrome 21.0.1180.89 [u]````````Process Check: objlist.exe by Laurent````````[/u] Sophos Sophos Anti-Virus SavService.exe Sophos Sophos Anti-Virus SAVAdminService.exe Sophos Sophos Anti-Virus Web Intelligence swi_service.exe [u]`````````````````System Health check`````````````````[/u] Total Fragmentation on Drive C: 1% [u]````````````````````End of Log``````````````````````[/u] | actions · 2012-Sep-26 6:13 pm · (locked) | lilhurricaneCrunchin' For Cures Numquam oblita join:2003-01-11 Purple Zone |
sec chk Results of screen317's Security Check version 0.99.51 Windows 7 Service Pack 1 x64 [color=red](UAC is disabled!)[/color] Internet Explorer 9 [u]``````````````Antivirus/Firewall Check:``````````````[/u] [color=red]Windows Security Center service is not running! This report may not be accurate![/color] [size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size] [u]`````````Anti-malware/Other Utilities Check:`````````[/u] MVPS Hosts File [color=red]Out of date HijackThis installed![/color] Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.65.0.1400 HijackThis 1.99.1 Java(TM) 6 Update 31 [color=red]Java version out of Date![/color] Adobe Flash Player 10 [color=red]Flash Player out of Date![/color] Adobe Reader X (10.1.4) Mozilla Firefox 14.0.1 [color=red]Firefox out of Date![/color] Google Chrome 21.0.1180.83 Google Chrome 21.0.1180.89 [u]````````Process Check: objlist.exe by Laurent````````[/u] Sophos Sophos Anti-Virus SavService.exe Sophos Sophos Anti-Virus SAVAdminService.exe Sophos Sophos Anti-Virus Web Intelligence swi_service.exe [u]`````````````````System Health check`````````````````[/u] Total Fragmentation on Drive C: 1% [u]````````````````````End of Log``````````````````````[/u] | actions · 2012-Sep-26 6:13 pm · (locked) | |
Re: [Virus] My browsers were HijackedC:\Program Files (x86)\RegInOut\engine.dll a variant of Win32/Adware.AntiMalwarePro.AD application cleaned by deleting - quarantined C:\Program Files (x86)\RegInOut\RegInOut.exe a variant of Win32/Adware.PCFresher.A application cleaned by deleting - quarantined C:\Program Files (x86)\Vuze\.install4j\i4j_extf_32_5p83tu.dll a variant of Win32/Bunndle application cleaned by deleting - quarantined C:\Users\Steve\Downloads\DriverSweeper_3.2.0.exe Win32/OpenCandy application cleaned by deleting - quarantined C:\Users\Steve\Downloads\RegInOut_Setup_CNET.exe multiple threats cleaned by deleting - quarantined | actions · 2012-Sep-26 6:13 pm · (locked) | lilhurricaneCrunchin' For Cures Numquam oblita join:2003-01-11 Purple Zone |
esetYou're missing the entire ESET log (with headers) Can you repost please? Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt ---or for 64bit Windows: C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt Copy and paste that log as a reply to your topic, along with a description of any remaining problems | actions · 2012-Sep-26 6:14 pm · (locked) | lilhurricane |
.... if you could also download and run TDSS Killer (#4), posting the log in your next reply We'll need the entire log, even if you 'think/see' nothing detected. » Security Cleanup FAQ » Rootkit Detection Applications | actions · 2012-Sep-26 6:15 pm · (locked) | |
That log does not exist for eset. I could run it again, but of course it will come up clean now.
I am off to run TDSS now
P.S. Crunchin' for Cures as in Cancer? | actions · 2012-Sep-26 6:18 pm · (locked) | lilhurricaneCrunchin' For Cures Numquam oblita join:2003-01-11 Purple Zone |
said by Majawba:That log does not exist for eset. I could run it again, but of course it will come up clean now.
I am off to run TDSS now
P.S. Crunchin' for Cures as in Cancer? The logs should still remain in the folder..no need to re-run ..and yes, crunchin' for cancer cures. » Team Discovery | actions · 2012-Sep-26 6:22 pm · (locked) | |
The TDSS report was too long so I will attach it. My wife has stage 4 metastatic breast cancer. It is throughout her whole skeletal system. It is still progressing, though the treatments appear to be beginning to work. | actions · 2012-Sep-26 6:31 pm · (locked) | lilhurricaneCrunchin' For Cures Numquam oblita join:2003-01-11 Purple Zone |
Thanks for adding..and keep the faith..
Advancements are being made all the time. That's why Team Discovery does what it does...we want to win the battle
..we will one day too..I really believe that. If you have any questions, feel free to contact me by PM..or post to our TD forum..loads of folks there ready to assist
18:20:22.0031 3416 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24 18:20:22.0273 3416 ============================================================ 18:20:22.0273 3416 Current date / time: 2012/09/26 18:20:22.0273 18:20:22.0273 3416 SystemInfo: 18:20:22.0273 3416 18:20:22.0273 3416 OS Version: 6.1.7601 ServicePack: 1.0 18:20:22.0273 3416 Product type: Workstation 18:20:22.0273 3416 ComputerName: MININT-219G9RR 18:20:22.0274 3416 UserName: Steve 18:20:22.0274 3416 Windows directory: C:\Windows 18:20:22.0274 3416 System windows directory: C:\Windows 18:20:22.0274 3416 Running under WOW64 18:20:22.0274 3416 Processor architecture: Intel x64 18:20:22.0274 3416 Number of processors: 4 18:20:22.0274 3416 Page size: 0x1000 18:20:22.0274 3416 Boot type: Normal boot 18:20:22.0274 3416 ============================================================ 18:20:23.0156 3416 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:20:23.0170 3416 ============================================================ 18:20:23.0170 3416 \Device\Harddisk0\DR0: 18:20:23.0170 3416 MBR partitions: 18:20:23.0170 3416 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x72BAD800 18:20:23.0170 3416 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72BAE000, BlocksNum 0x1B58000 18:20:23.0170 3416 ============================================================ 18:20:23.0189 3416 C: \Device\Harddisk0\DR0\Partition1 18:20:23.0229 3416 D: \Device\Harddisk0\DR0\Partition2 18:20:23.0229 3416 ============================================================ 18:20:23.0229 3416 Initialize success 18:20:23.0229 3416 ============================================================ 18:20:52.0866 4272 ============================================================ 18:20:52.0866 4272 Scan started 18:20:52.0866 4272 Mode: Manual; 18:20:52.0866 4272 ============================================================ 18:20:53.0286 4272 ================ Scan system memory ======================== 18:20:53.0286 4272 System memory - ok 18:20:53.0286 4272 ================ Scan services ============================= 18:20:53.0337 4272 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE 18:20:53.0338 4272 !SASCORE - ok 18:20:53.0450 4272 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 18:20:53.0460 4272 1394ohci - ok 18:20:53.0479 4272 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 18:20:53.0480 4272 ACPI - ok 18:20:53.0491 4272 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 18:20:53.0502 4272 AcpiPmi - ok 18:20:53.0589 4272 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 18:20:53.0590 4272 AdobeARMservice - ok 18:20:53.0646 4272 [ 0D4C486A24A711A45FD83ACDF4D18506 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 18:20:53.0647 4272 AdobeFlashPlayerUpdateSvc - ok 18:20:53.0675 4272 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 18:20:53.0688 4272 adp94xx - ok 18:20:53.0700 4272 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 18:20:53.0710 4272 adpahci - ok 18:20:53.0726 4272 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 18:20:53.0735 4272 adpu320 - ok 18:20:53.0754 4272 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 18:20:53.0760 4272 AeLookupSvc - ok 18:20:53.0810 4272 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 18:20:53.0824 4272 AFD - ok 18:20:53.0840 4272 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 18:20:53.0847 4272 agp440 - ok 18:20:53.0858 4272 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 18:20:53.0873 4272 ALG - ok 18:20:53.0884 4272 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 18:20:53.0895 4272 aliide - ok 18:20:53.0918 4272 [ B3E801135E0C81733542C14D9AA8120A ] Alpham1 C:\Windows\system32\DRIVERS\Alpham164.sys 18:20:53.0925 4272 Alpham1 - ok 18:20:53.0948 4272 [ 6493983FEDBC49D9112703ECE9B251FE ] Alpham2 C:\Windows\system32\DRIVERS\Alpham264.sys 18:20:53.0955 4272 Alpham2 - ok 18:20:53.0968 4272 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 18:20:53.0978 4272 amdide - ok 18:20:53.0989 4272 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 18:20:53.0997 4272 AmdK8 - ok 18:20:54.0009 4272 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 18:20:54.0020 4272 AmdPPM - ok 18:20:54.0043 4272 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 18:20:54.0050 4272 amdsata - ok 18:20:54.0078 4272 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 18:20:54.0088 4272 amdsbs - ok 18:20:54.0105 4272 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 18:20:54.0105 4272 amdxata - ok 18:20:54.0158 4272 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll 18:20:54.0160 4272 AppHostSvc - ok 18:20:54.0191 4272 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 18:20:54.0197 4272 AppID - ok 18:20:54.0210 4272 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 18:20:54.0222 4272 AppIDSvc - ok 18:20:54.0244 4272 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 18:20:54.0246 4272 Appinfo - ok 18:20:54.0301 4272 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 18:20:54.0302 4272 Apple Mobile Device - ok 18:20:54.0314 4272 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 18:20:54.0323 4272 arc - ok 18:20:54.0334 4272 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 18:20:54.0342 4272 arcsas - ok 18:20:54.0363 4272 [ 4B720CC508B4FB999A7BF0E6D84F73E1 ] ASDR C:\Windows\SysWOW64\ASDR.exe 18:20:54.0363 4272 ASDR - ok 18:20:54.0435 4272 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 18:20:54.0435 4272 aspnet_state - ok 18:20:54.0468 4272 [ A4398A8914C32F18EC2AB562CBA3CAAF ] asusgsb C:\Windows\system32\drivers\asusgsb.sys 18:20:54.0475 4272 asusgsb - ok 18:20:54.0491 4272 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 18:20:54.0498 4272 AsyncMac - ok 18:20:54.0513 4272 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 18:20:54.0513 4272 atapi - ok 18:20:54.0532 4272 [ FB4187C282CB467E5E606913A1FA79A3 ] atkdisplf C:\Windows\system32\drivers\ATKDispLowFilter.sys 18:20:54.0539 4272 atkdisplf - ok 18:20:54.0561 4272 [ 86D873FD396FA6708A99A1BDF104D120 ] ATKFUSService C:\Windows\system32\ATKFUSService.exe 18:20:54.0569 4272 ATKFUSService - ok 18:20:54.0597 4272 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 18:20:54.0603 4272 AudioEndpointBuilder - ok 18:20:54.0611 4272 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 18:20:54.0613 4272 AudioSrv - ok 18:20:54.0655 4272 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 18:20:54.0663 4272 AxInstSV - ok 18:20:54.0681 4272 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 18:20:54.0694 4272 b06bdrv - ok 18:20:54.0718 4272 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 18:20:54.0728 4272 b57nd60a - ok 18:20:54.0767 4272 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 18:20:54.0776 4272 BDESVC - ok 18:20:54.0788 4272 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 18:20:54.0796 4272 Beep - ok 18:20:54.0805 4272 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 18:20:54.0812 4272 blbdrive - ok 18:20:54.0844 4272 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 18:20:54.0846 4272 Bonjour Service - ok 18:20:54.0879 4272 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 18:20:54.0880 4272 bowser - ok 18:20:54.0891 4272 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 18:20:54.0898 4272 BrFiltLo - ok 18:20:54.0907 4272 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 18:20:54.0915 4272 BrFiltUp - ok 18:20:54.0930 4272 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 18:20:54.0932 4272 Browser - ok 18:20:54.0953 4272 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 18:20:54.0964 4272 Brserid - ok 18:20:54.0981 4272 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 18:20:54.0989 4272 BrSerWdm - ok 18:20:54.0992 4272 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 18:20:54.0998 4272 BrUsbMdm - ok 18:20:55.0010 4272 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 18:20:55.0017 4272 BrUsbSer - ok 18:20:55.0029 4272 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 18:20:55.0037 4272 BTHMODEM - ok 18:20:55.0050 4272 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 18:20:55.0063 4272 bthserv - ok 18:20:55.0073 4272 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 18:20:55.0073 4272 cdfs - ok 18:20:55.0095 4272 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 18:20:55.0106 4272 cdrom - ok 18:20:55.0138 4272 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 18:20:55.0140 4272 CertPropSvc - ok 18:20:55.0150 4272 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 18:20:55.0158 4272 circlass - ok 18:20:55.0176 4272 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 18:20:55.0180 4272 CLFS - ok 18:20:55.0228 4272 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:20:55.0229 4272 clr_optimization_v2.0.50727_32 - ok 18:20:55.0277 4272 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:20:55.0278 4272 clr_optimization_v2.0.50727_64 - ok 18:20:55.0338 4272 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:20:55.0340 4272 clr_optimization_v4.0.30319_32 - ok 18:20:55.0348 4272 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:20:55.0349 4272 clr_optimization_v4.0.30319_64 - ok 18:20:55.0368 4272 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 18:20:55.0375 4272 CmBatt - ok 18:20:55.0384 4272 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 18:20:55.0394 4272 cmdide - ok 18:20:55.0423 4272 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 18:20:55.0425 4272 CNG - ok 18:20:55.0440 4272 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 18:20:55.0447 4272 Compbatt - ok 18:20:55.0465 4272 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 18:20:55.0474 4272 CompositeBus - ok 18:20:55.0477 4272 COMSysApp - ok 18:20:55.0525 4272 [ 262969A3FAB32B9E17E63E2D17A57744 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys 18:20:55.0532 4272 cpuz135 - ok 18:20:55.0543 4272 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 18:20:55.0550 4272 crcdisk - ok 18:20:55.0578 4272 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll 18:20:55.0580 4272 CryptSvc - ok 18:20:55.0658 4272 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 18:20:55.0662 4272 cvhsvc - ok 18:20:55.0691 4272 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 18:20:55.0696 4272 DcomLaunch - ok 18:20:55.0718 4272 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 18:20:55.0719 4272 defragsvc - ok 18:20:55.0743 4272 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 18:20:55.0744 4272 DfsC - ok 18:20:55.0777 4272 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 18:20:55.0780 4272 Dhcp - ok 18:20:55.0792 4272 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 18:20:55.0799 4272 discache - ok 18:20:55.0831 4272 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 18:20:55.0831 4272 Disk - ok 18:20:55.0858 4272 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 18:20:55.0860 4272 Dnscache - ok 18:20:55.0881 4272 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 18:20:55.0933 4272 dot3svc - ok 18:20:55.0966 4272 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 18:20:55.0969 4272 DPS - ok 18:20:56.0003 4272 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 18:20:56.0010 4272 drmkaud - ok 18:20:56.0024 4272 dump_wmimmc - ok 18:20:56.0048 4272 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 18:20:56.0067 4272 DXGKrnl - ok 18:20:56.0090 4272 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 18:20:56.0092 4272 EapHost - ok 18:20:56.0142 4272 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 18:20:56.0207 4272 ebdrv - ok 18:20:56.0228 4272 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 18:20:56.0232 4272 EFS - ok 18:20:56.0275 4272 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 18:20:56.0278 4272 ehRecvr - ok 18:20:56.0299 4272 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 18:20:56.0300 4272 ehSched - ok 18:20:56.0320 4272 [ 343ADA10D948DB29251F2D9C809AF204 ] EIO64 C:\Windows\system32\DRIVERS\EIO64.sys 18:20:56.0327 4272 EIO64 - ok 18:20:56.0343 4272 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 18:20:56.0356 4272 elxstor - ok 18:20:56.0383 4272 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 18:20:56.0391 4272 ErrDev - ok 18:20:56.0417 4272 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 18:20:56.0421 4272 EventSystem - ok 18:20:56.0442 4272 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 18:20:56.0452 4272 exfat - ok 18:20:56.0464 4272 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 18:20:56.0473 4272 fastfat - ok 18:20:56.0493 4272 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 18:20:56.0499 4272 Fax - ok 18:20:56.0509 4272 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 18:20:56.0515 4272 fdc - ok 18:20:56.0526 4272 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 18:20:56.0527 4272 fdPHost - ok 18:20:56.0537 4272 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 18:20:56.0539 4272 FDResPub - ok 18:20:56.0549 4272 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 18:20:56.0549 4272 FileInfo - ok 18:20:56.0554 4272 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 18:20:56.0561 4272 Filetrace - ok 18:20:56.0571 4272 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 18:20:56.0578 4272 flpydisk - ok 18:20:56.0599 4272 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 18:20:56.0600 4272 FltMgr - ok 18:20:56.0635 4272 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 18:20:56.0652 4272 FontCache - ok 18:20:56.0701 4272 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:20:56.0702 4272 FontCache3.0.0.0 - ok 18:20:56.0715 4272 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 18:20:56.0723 4272 FsDepends - ok 18:20:56.0750 4272 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 18:20:56.0758 4272 Fs_Rec - ok 18:20:56.0767 4272 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 18:20:56.0768 4272 fvevol - ok 18:20:56.0785 4272 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 18:20:56.0792 4272 gagp30kx - ok 18:20:56.0808 4272 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 18:20:56.0815 4272 GEARAspiWDM - ok 18:20:56.0847 4272 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 18:20:56.0854 4272 gpsvc - ok 18:20:56.0922 4272 GPU-Z - ok 18:20:56.0981 4272 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:20:56.0982 4272 gupdate - ok 18:20:56.0996 4272 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:20:56.0997 4272 gupdatem - ok 18:20:57.0005 4272 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 18:20:57.0013 4272 hcw85cir - ok 18:20:57.0044 4272 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 18:20:57.0055 4272 HdAudAddService - ok 18:20:57.0077 4272 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 18:20:57.0088 4272 HDAudBus - ok 18:20:57.0112 4272 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 18:20:57.0120 4272 HECIx64 - ok 18:20:57.0135 4272 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 18:20:57.0142 4272 HidBatt - ok 18:20:57.0151 4272 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 18:20:57.0159 4272 HidBth - ok 18:20:57.0165 4272 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 18:20:57.0172 4272 HidIr - ok 18:20:57.0192 4272 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 18:20:57.0194 4272 hidserv - ok 18:20:57.0215 4272 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 18:20:57.0221 4272 HidUsb - ok 18:20:57.0328 4272 [ 5350AEF38CA2D8885F47D4455E7EF4EE ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe 18:20:57.0328 4272 HiPatchService - ok 18:20:57.0349 4272 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 18:20:57.0352 4272 hkmsvc - ok 18:20:57.0375 4272 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 18:20:57.0378 4272 HomeGroupListener - ok 18:20:57.0403 4272 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 18:20:57.0406 4272 HomeGroupProvider - ok 18:20:57.0435 4272 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 18:20:57.0442 4272 HpSAMD - ok 18:20:57.0465 4272 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 18:20:57.0483 4272 HTTP - ok 18:20:57.0502 4272 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 18:20:57.0502 4272 hwpolicy - ok 18:20:57.0521 4272 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 18:20:57.0529 4272 i8042prt - ok 18:20:57.0569 4272 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 18:20:57.0581 4272 iaStorV - ok 18:20:57.0625 4272 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 18:20:57.0625 4272 IDriverT - ok 18:20:57.0666 4272 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:20:57.0669 4272 idsvc - ok 18:20:57.0795 4272 [ 31D1AFF484D8A0906CF8D44251EC390F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 18:20:57.0931 4272 igfx - ok 18:20:57.0956 4272 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 18:20:57.0963 4272 iirsp - ok 18:20:58.0001 4272 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 18:20:58.0009 4272 IKEEXT - ok 18:20:58.0036 4272 [ 36FDF367A1DABFF903E2214023D71368 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys 18:20:58.0045 4272 Impcd - ok 18:20:58.0108 4272 [ 26407A11D7E222AFB7CE32700ABBD9D1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 18:20:58.0166 4272 IntcAzAudAddService - ok 18:20:58.0190 4272 [ 408B401CD7CDB075C7470B0FF7BA8D0B ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 18:20:58.0200 4272 IntcDAud - ok 18:20:58.0215 4272 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 18:20:58.0225 4272 intelide - ok 18:20:58.0246 4272 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 18:20:58.0255 4272 intelppm - ok 18:20:58.0273 4272 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 18:20:58.0307 4272 IPBusEnum - ok 18:20:58.0362 4272 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:20:58.0402 4272 IpFilterDriver - ok 18:20:58.0443 4272 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 18:20:58.0475 4272 IPMIDRV - ok 18:20:58.0493 4272 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 18:20:58.0501 4272 IPNAT - ok 18:20:58.0528 4272 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 18:20:58.0532 4272 iPod Service - ok 18:20:58.0558 4272 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM | actions · 2012-Sep-26 7:04 pm · (locked) | lilhurricane |
C:\Windows\system32\drivers\irenum.sys 18:20:58.0565 4272 IRENUM - ok 18:20:58.0576 4272 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 18:20:58.0583 4272 isapnp - ok 18:20:58.0601 4272 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:20:58.0611 4272 iScsiPrt - ok 18:20:58.0635 4272 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys 18:20:58.0646 4272 k57nd60a - ok 18:20:58.0663 4272 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 18:20:58.0671 4272 kbdclass - ok 18:20:58.0680 4272 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 18:20:58.0688 4272 kbdhid - ok 18:20:58.0700 4272 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 18:20:58.0701 4272 KeyIso - ok 18:20:58.0720 4272 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 18:20:58.0721 4272 KSecDD - ok 18:20:58.0747 4272 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 18:20:58.0747 4272 KSecPkg - ok 18:20:58.0759 4272 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 18:20:58.0766 4272 ksthunk - ok 18:20:58.0796 4272 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 18:20:58.0809 4272 KtmRm - ok 18:20:58.0829 4272 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 18:20:58.0832 4272 LanmanServer - ok 18:20:58.0851 4272 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 18:20:58.0853 4272 LanmanWorkstation - ok 18:20:58.0883 4272 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 18:20:58.0890 4272 lltdio - ok 18:20:58.0909 4272 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 18:20:58.0928 4272 lltdsvc - ok 18:20:58.0940 4272 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 18:20:58.0942 4272 lmhosts - ok 18:20:58.0967 4272 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 18:20:58.0975 4272 LSI_FC - ok 18:20:58.0988 4272 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 18:20:58.0995 4272 LSI_SAS - ok 18:20:59.0006 4272 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 18:20:59.0013 4272 LSI_SAS2 - ok 18:20:59.0028 4272 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 18:20:59.0036 4272 LSI_SCSI - ok 18:20:59.0052 4272 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 18:20:59.0053 4272 luafv - ok 18:20:59.0072 4272 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 18:20:59.0091 4272 Mcx2Svc - ok 18:20:59.0102 4272 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 18:20:59.0110 4272 megasas - ok 18:20:59.0128 4272 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 18:20:59.0139 4272 MegaSR - ok 18:20:59.0155 4272 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 18:20:59.0157 4272 MMCSS - ok 18:20:59.0167 4272 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 18:20:59.0174 4272 Modem - ok 18:20:59.0196 4272 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 18:20:59.0203 4272 monitor - ok 18:20:59.0212 4272 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 18:20:59.0219 4272 mouclass - ok 18:20:59.0240 4272 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 18:20:59.0247 4272 mouhid - ok 18:20:59.0269 4272 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 18:20:59.0270 4272 mountmgr - ok 18:20:59.0337 4272 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 18:20:59.0337 4272 MozillaMaintenance - ok 18:20:59.0357 4272 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 18:20:59.0368 4272 mpio - ok 18:20:59.0383 4272 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 18:20:59.0391 4272 mpsdrv - ok 18:20:59.0412 4272 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 18:20:59.0420 4272 MRxDAV - ok 18:20:59.0443 4272 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 18:20:59.0445 4272 mrxsmb - ok 18:20:59.0470 4272 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:20:59.0473 4272 mrxsmb10 - ok 18:20:59.0485 4272 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:20:59.0487 4272 mrxsmb20 - ok 18:20:59.0499 4272 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 18:20:59.0506 4272 msahci - ok 18:20:59.0520 4272 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 18:20:59.0528 4272 msdsm - ok 18:20:59.0540 4272 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 18:20:59.0553 4272 MSDTC - ok 18:20:59.0577 4272 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 18:20:59.0577 4272 Msfs - ok 18:20:59.0593 4272 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 18:20:59.0604 4272 mshidkmdf - ok 18:20:59.0641 4272 [ 0BBE794E0C54621CFA8ED9B5850BAAAE ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys 18:20:59.0648 4272 MSHUSBVideo - ok 18:20:59.0666 4272 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 18:20:59.0666 4272 msisadrv - ok 18:20:59.0679 4272 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 18:20:59.0708 4272 MSiSCSI - ok 18:20:59.0710 4272 msiserver - ok 18:20:59.0732 4272 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 18:20:59.0738 4272 MSKSSRV - ok 18:20:59.0749 4272 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 18:20:59.0755 4272 MSPCLOCK - ok 18:20:59.0764 4272 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 18:20:59.0771 4272 MSPQM - ok 18:20:59.0795 4272 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 18:20:59.0796 4272 MsRPC - ok 18:20:59.0806 4272 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 18:20:59.0813 4272 mssmbios - ok 18:20:59.0826 4272 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 18:20:59.0833 4272 MSTEE - ok 18:20:59.0844 4272 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 18:20:59.0852 4272 MTConfig - ok 18:20:59.0863 4272 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 18:20:59.0864 4272 Mup - ok 18:20:59.0890 4272 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 18:20:59.0895 4272 napagent - ok 18:20:59.0917 4272 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 18:20:59.0928 4272 NativeWifiP - ok 18:20:59.0969 4272 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 18:20:59.0977 4272 NDIS - ok 18:20:59.0994 4272 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 18:21:00.0002 4272 NdisCap - ok 18:21:00.0025 4272 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 18:21:00.0032 4272 NdisTapi - ok 18:21:00.0059 4272 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 18:21:00.0066 4272 Ndisuio - ok 18:21:00.0080 4272 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 18:21:00.0089 4272 NdisWan - ok 18:21:00.0119 4272 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 18:21:00.0127 4272 NDProxy - ok 18:21:00.0159 4272 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 18:21:00.0160 4272 NetBIOS - ok 18:21:00.0175 4272 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 18:21:00.0185 4272 NetBT - ok 18:21:00.0198 4272 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 18:21:00.0199 4272 Netlogon - ok 18:21:00.0224 4272 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 18:21:00.0229 4272 Netman - ok 18:21:00.0256 4272 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:21:00.0257 4272 NetMsmqActivator - ok 18:21:00.0261 4272 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:21:00.0261 4272 NetPipeActivator - ok 18:21:00.0275 4272 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 18:21:00.0279 4272 netprofm - ok 18:21:00.0283 4272 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:21:00.0285 4272 NetTcpActivator - ok 18:21:00.0293 4272 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:21:00.0294 4272 NetTcpPortSharing - ok 18:21:00.0313 4272 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 18:21:00.0321 4272 nfrd960 - ok 18:21:00.0334 4272 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 18:21:00.0338 4272 NlaSvc - ok 18:21:00.0346 4272 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 18:21:00.0347 4272 Npfs - ok 18:21:00.0370 4272 npggsvc - ok 18:21:00.0373 4272 NPPTNT2 - ok 18:21:00.0381 4272 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 18:21:00.0382 4272 nsi - ok 18:21:00.0393 4272 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 18:21:00.0400 4272 nsiproxy - ok 18:21:00.0446 4272 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 18:21:00.0472 4272 Ntfs - ok 18:21:00.0480 4272 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 18:21:00.0490 4272 Null - ok 18:21:00.0515 4272 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 18:21:00.0524 4272 NVHDA - ok 18:21:00.0725 4272 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 18:21:00.0928 4272 nvlddmkm - ok 18:21:00.0959 4272 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 18:21:00.0967 4272 nvraid - ok 18:21:00.0992 4272 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 18:21:01.0001 4272 nvstor - ok 18:21:01.0046 4272 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe 18:21:01.0055 4272 nvsvc - ok 18:21:01.0067 4272 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 18:21:01.0075 4272 nv_agp - ok 18:21:01.0117 4272 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 18:21:01.0124 4272 ohci1394 - ok 18:21:01.0141 4272 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:21:01.0142 4272 ose - ok 18:21:01.0229 4272 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 18:21:01.0248 4272 osppsvc - ok 18:21:01.0278 4272 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 18:21:01.0281 4272 p2pimsvc - ok 18:21:01.0306 4272 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 18:21:01.0311 4272 p2psvc - ok 18:21:01.0331 4272 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 18:21:01.0338 4272 Parport - ok 18:21:01.0360 4272 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 18:21:01.0361 4272 partmgr - ok 18:21:01.0375 4272 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 18:21:01.0377 4272 PcaSvc - ok 18:21:01.0385 4272 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 18:21:01.0386 4272 pci - ok 18:21:01.0392 4272 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 18:21:01.0393 4272 pciide - ok 18:21:01.0411 4272 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 18:21:01.0422 4272 pcmcia - ok 18:21:01.0439 4272 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 18:21:01.0439 4272 pcw - ok 18:21:01.0458 4272 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 18:21:01.0472 4272 PEAUTH - ok 18:21:01.0529 4272 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 18:21:01.0530 4272 PerfHost - ok 18:21:01.0575 4272 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 18:21:01.0609 4272 pla - ok 18:21:01.0635 4272 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 18:21:01.0640 4272 PlugPlay - ok 18:21:01.0660 4272 [ 34BFC6ED31B4E8BE940C884B8AC7D9DF ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys 18:21:01.0667 4272 pmxdrv - ok 18:21:01.0679 4272 PnkBstrA - ok 18:21:01.0682 4272 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 18:21:01.0694 4272 PNRPAutoReg - ok 18:21:01.0700 4272 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 18:21:01.0702 4272 PNRPsvc - ok 18:21:01.0719 4272 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 18:21:01.0724 4272 PolicyAgent - ok 18:21:01.0750 4272 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 18:21:01.0752 4272 Power - ok 18:21:01.0775 4272 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 18:21:01.0783 4272 PptpMiniport - ok 18:21:01.0800 4272 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 18:21:01.0809 4272 Processor - ok 18:21:01.0831 4272 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 18:21:01.0834 4272 ProfSvc - ok 18:21:01.0847 4272 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 18:21:01.0847 4272 ProtectedStorage - ok 18:21:01.0883 4272 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 18:21:01.0891 4272 Psched - ok 18:21:01.0908 4272 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 18:21:01.0909 4272 PxHlpa64 - ok 18:21:01.0941 4272 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 18:21:01.0991 4272 ql2300 - ok 18:21:02.0003 4272 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 18:21:02.0011 4272 ql40xx - ok 18:21:02.0030 4272 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 18:21:02.0042 4272 QWAVE - ok 18:21:02.0053 4272 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 18:21:02.0060 4272 QWAVEdrv - ok 18:21:02.0070 4272 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 18:21:02.0078 4272 RasAcd - ok 18:21:02.0103 4272 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 18:21:02.0110 4272 RasAgileVpn - ok 18:21:02.0119 4272 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 18:21:02.0155 4272 RasAuto - ok 18:21:02.0188 4272 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 18:21:02.0196 4272 Rasl2tp - ok 18:21:02.0214 4272 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 18:21:02.0227 4272 RasMan - ok 18:21:02.0238 4272 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 18:21:02.0245 4272 RasPppoe - ok 18:21:02.0258 4272 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 18:21:02.0265 4272 RasSstp - ok 18:21:02.0274 4272 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 18:21:02.0276 4272 rdbss - ok 18:21:02.0286 4272 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 18:21:02.0294 4272 rdpbus - ok 18:21:02.0304 4272 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 18:21:02.0314 4272 RDPCDD - ok 18:21:02.0338 4272 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 18:21:02.0348 4272 RDPENCDD - ok 18:21:02.0362 4272 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 18:21:02.0373 4272 RDPREFMP - ok 18:21:02.0391 4272 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 18:21:02.0400 4272 RDPWD - ok 18:21:02.0427 4272 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 18:21:02.0428 4272 rdyboost - ok 18:21:02.0465 4272 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 18:21:02.0503 4272 RemoteAccess - ok 18:21:02.0513 4272 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 18:21:02.0522 4272 RemoteRegistry - ok 18:21:02.0536 4272 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 18:21:02.0538 4272 RpcEptMapper - ok 18:21:02.0551 4272 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 18:21:02.0558 4272 RpcLocator - ok 18:21:02.0584 4272 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 18:21:02.0587 4272 RpcSs - ok 18:21:02.0601 4272 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 18:21:02.0608 4272 rspndr - ok 18:21:02.0613 4272 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 18:21:02.0614 4272 SamSs - ok 18:21:02.0661 4272 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 18:21:02.0662 4272 SASDIFSV - ok 18:21:02.0702 4272 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 18:21:02.0702 4272 SASKUTIL - ok 18:21:02.0758 4272 [ C1BE4B13A9803AA9CFC768EC84501949 ] SAVAdminService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe 18:21:02.0759 4272 SAVAdminService - ok 18:21:02.0772 4272 [ 2BB45E1528EBB0F2A105ECDC0DD28333 ] SAVOnAccess C:\Windows\system32\DRIVERS\savonaccess.sys 18:21:02.0773 4272 SAVOnAccess - ok 18:21:02.0794 4272 [ 836AEC603665F6DB83965EE57B3DCF57 ] SAVService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe 18:21:02.0794 4272 SAVService - ok 18:21:02.0816 4272 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 18:21:02.0824 4272 sbp2port - ok 18:21:02.0902 4272 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 18:21:02.0906 4272 SBSDWSCService - ok 18:21:02.0926 4272 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 18:21:02.0937 4272 SCardSvr - ok 18:21:02.0962 4272 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 18:21:02.0971 4272 scfilter - ok 18:21:02.0998 4272 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 18:21:03.0015 4272 Schedule - ok 18:21:03.0039 4272 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 18:21:03.0040 4272 SCPolicySvc - ok 18:21:03.0061 4272 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 18:21:03.0072 4272 SDRSVC - ok 18:21:03.0092 4272 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 18:21:03.0099 4272 secdrv - ok 18:21:03.0118 4272 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 18:21:03.0120 4272 seclogon - ok 18:21:03.0129 4272 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 18:21:03.0131 4272 SENS - ok 18:21:03.0139 4272 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 18:21:03.0155 4272 SensrSvc - ok 18:21:03.0164 4272 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 18:21:03.0172 4272 Serenum - ok 18:21:03.0199 4272 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 18:21:03.0206 4272 Serial - ok 18:21:03.0235 4272 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 18:21:03.0242 4272 sermouse - ok 18:21:03.0270 4272 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 18:21:03.0273 4272 SessionEnv - ok 18:21:03.0296 4272 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 18:21:03.0303 4272 sffdisk - ok 18:21:03.0315 4272 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 18:21:03.0322 4272 sffp_mmc - ok 18:21:03.0325 4272 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 18:21:03.0332 4272 sffp_sd - ok 18:21:03.0340 4272 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 18:21:03.0347 4272 sfloppy - ok 18:21:03.0378 4272 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 18:21:03.0394 4272 Sftfs - ok 18:21:03.0435 4272 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 18:21:03.0437 4272 sftlist - ok 18:21:03.0446 4272 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 18:21:03.0457 4272 Sftplay - ok 18:21:03.0466 4272 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 18:21:03.0466 4272 Sftredir - ok 18:21:03.0476 4272 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 18:21:03.0493 4272 Sftvol - ok 18:21:03.0497 4272 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 18:21:03.0498 4272 sftvsa - ok 18:21:03.0517 4272 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 18:21:03.0521 4272 ShellHWDetection - ok 18:21:03.0529 4272 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 18:21:03.0536 4272 SiSRaid2 - ok 18:21:03.0552 4272 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 18:21:03.0560 4272 SiSRaid4 - ok 18:21:03.0597 4272 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 18:21:03.0598 4272 SkypeUpdate - ok 18:21:03.0618 4272 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 18:21:03.0626 4272 Smb - ok 18:21:03.0649 4272 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 18:21:03.0651 4272 SNMPTRAP - ok 18:21:03.0671 4272 [ 69FBE35A8165ADBC313AA7F64B868CA1 ] SophosBootDriver C:\Windows\system32\DRIVERS\SophosBootDriver.sys 18:21:03.0678 4272 SophosBootDriver - ok 18:21:03.0695 4272 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 18:21:03.0695 4272 spldr - ok 18:21:03.0718 4272 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 18:21:03.0724 4272 Spooler - ok 18:21:03.0786 4272 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 18:21:03.0837 4272 sppsvc - ok 18:21:03.0850 4272 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 18:21:03.0880 4272 sppuinotify - ok 18:21:03.0900 4272 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 18:21:03.0904 4272 srv - ok 18:21:03.0918 4272 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 18:21:03.0922 4272 srv2 - ok 18:21:03.0932 4272 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 18:21:03.0934 4272 srvnet - ok 18:21:03.0955 4272 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 18:21:03.0958 4272 SSDPSRV - ok 18:21:03.0968 4272 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 18:21:03.0978 4272 SstpSvc - ok 18:21:04.0003 4272 Steam Client Service - ok 18:21:04.0016 4272 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 18:21:04.0027 4272 stexstor - ok 18:21:04.0060 4272 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 18:21:04.0066 4272 stisvc - ok 18:21:04.0091 4272 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 18:21:04.0098 4272 swenum - ok 18:21:04.0158 4272 [ 9AD184004DEE07DF9A99F801E2C80EB0 ] swi_service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe 18:21:04.0163 4272 swi_service - ok 18:21:04.0193 4272 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 18:21:04.0196 4272 swprv - ok 18:21:04.0236 4272 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 18:21:04.0262 4272 SysMain - ok 18:21:04.0287 4272 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 18:21:04.0322 4272 TabletInputService - ok 18:21:04.0356 4272 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 18:21:04.0369 4272 TapiSrv - ok 18:21:04.0377 4272 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 18:21:04.0394 4272 TBS - ok 18:21:04.0433 4272 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys 18:21:04.0459 4272 Tcpip - ok 18:21:04.0492 4272 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 18:21:04.0498 4272 TCPIP6 - ok 18:21:04.0516 4272 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 18:21:04.0523 4272 tcpipreg - ok 18:21:04.0540 4272 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 18:21:04.0548 4272 TDPIPE - ok 18:21:04.0569 4272 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 18:21:04.0576 4272 TDTCP - ok 18:21:04.0600 4272 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 18:21:04.0608 4272 tdx - ok 18:21:04.0620 4272 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 18:21:04.0628 4272 TermDD - ok 18:21:04.0645 4272 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 18:21:04.0652 4272 TermService - ok 18:21:04.0661 4272 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 18:21:04.0663 4272 Themes - ok 18:21:04.0683 4272 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 18:21:04.0685 4272 THREADORDER - ok 18:21:04.0707 4272 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 18:21:04.0710 4272 TrkWks - ok 18:21:04.0731 4272 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 18:21:04.0732 4272 TrustedInstaller - ok 18:21:04.0743 4272 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 18:21:04.0750 4272 tssecsrv - ok 18:21:04.0790 4272 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 18:21:04.0799 4272 TsUsbFlt - ok 18:21:04.0824 4272 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 18:21:04.0832 4272 tunnel - ok 18:21:04.0845 4272 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 18:21:04.0853 4272 uagp35 - ok 18:21:04.0882 4272 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 18:21:04.0894 4272 udfs - ok 18:21:04.0919 4272 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 18:21:04.0921 4272 UI0Detect - ok 18:21:04.0937 4272 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 18:21:04.0944 4272 uliagpkx - ok 18:21:04.0978 4272 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 18:21:04.0986 4272 umbus - ok 18:21:05.0000 4272 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 18:21:05.0008 4272 UmPass - ok 18:21:05.0022 4272 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 18:21:05.0027 4272 upnphost - ok 18:21:05.0044 4272 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 18:21:05.0051 4272 USBAAPL64 - ok 18:21:05.0075 4272 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 18:21:05.0083 4272 usbaudio - ok 18:21:05.0110 4272 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 18:21:05.0118 4272 usbccgp - ok 18:21:05.0137 4272 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 18:21:05.0145 4272 usbcir - ok 18:21:05.0161 4272 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys 18:21:05.0168 4272 usbehci - ok 18:21:05.0179 4272 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 18:21:05.0180 4272 usbhub - ok 18:21:05.0201 4272 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 18:21:05.0208 4272 usbohci - ok 18:21:05.0216 4272 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 18:21:05.0224 4272 usbprint - ok 18:21:05.0235 4272 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:21:05.0243 4272 USBSTOR - ok 18:21:05.0258 4272 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 18:21:05.0264 4272 usbuhci - ok 18:21:05.0295 4272 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 18:21:05.0305 4272 usbvideo - ok 18:21:05.0316 4272 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 18:21:05.0318 4272 UxSms - ok 18:21:05.0327 4272 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 18:21:05.0328 4272 VaultSvc - ok 18:21:05.0331 4272 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 18:21:05.0331 4272 vdrvroot - ok 18:21:05.0355 4272 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 18:21:05.0361 4272 vds - ok 18:21:05.0380 4272 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 18:21:05.0387 4272 vga - ok 18:21:05.0404 4272 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 18:21:05.0412 4272 VgaSave - ok 18:21:05.0432 4272 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 18:21:05.0442 4272 vhdmp - ok 18:21:05.0455 4272 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 18:21:05.0465 4272 viaide - ok 18:21:05.0483 4272 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 18:21:05.0483 4272 volmgr - ok 18:21:05.0496 4272 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 18:21:05.0498 4272 volmgrx - ok 18:21:05.0508 4272 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 18:21:05.0509 4272 volsnap - ok 18:21:05.0534 4272 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 18:21:05.0543 4272 vsmraid - ok 18:21:05.0588 4272 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 18:21:05.0614 4272 VSS - ok 18:21:05.0621 4272 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 18:21:05.0630 4272 vwifibus - ok 18:21:05.0654 4272 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 18:21:05.0658 4272 W32Time - ok 18:21:05.0701 4272 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll 18:21:05.0706 4272 W3SVC - ok 18:21:05.0719 4272 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 18:21:05.0726 4272 WacomPen - ok 18:21:05.0740 4272 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 18:21:05.0748 4272 WANARP - ok 18:21:05.0751 4272 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 18:21:05.0751 4272 Wanarpv6 - ok 18:21:05.0774 4272 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll 18:21:05.0776 4272 WAS - ok 18:21:05.0819 4272 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 18:21:05.0922 4272 WatAdminSvc - ok 18:21:05.0973 4272 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 18:21:06.0006 4272 wbengine - ok 18:21:06.0021 4272 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 18:21:06.0032 4272 WbioSrvc - ok 18:21:06.0045 4272 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 18:21:06.0098 4272 wcncsvc - ok 18:21:06.0110 4272 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 18:21:06.0120 4272 WcsPlugInService - ok 18:21:06.0131 4272 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 18:21:06.0138 4272 Wd - ok 18:21:06.0162 4272 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 18:21:06.0167 4272 Wdf01000 - ok 18:21:06.0175 4272 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 18:21:06.0178 4272 WdiServiceHost - ok 18:21:06.0181 4272 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 18:21:06.0182 4272 WdiSystemHost - ok 18:21:06.0193 4272 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 18:21:06.0205 4272 WebClient - ok 18:21:06.0210 4272 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 18:21:06.0250 4272 Wecsvc - ok 18:21:06.0266 4272 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 18:21:06.0268 4272 wercplsupport - ok 18:21:06.0283 4272 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 18:21:06.0298 4272 WerSvc - ok 18:21:06.0310 4272 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 18:21:06.0317 4272 WfpLwf - ok 18:21:06.0330 4272 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 18:21:06.0337 4272 WIMMount - ok 18:21:06.0342 4272 WinHttpAutoProxySvc - ok 18:21:06.0378 4272 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 18:21:06.0381 4272 Winmgmt - ok 18:21:06.0427 4272 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 18:21:06.0466 4272 WinRM - ok 18:21:06.0504 4272 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 18:21:06.0512 4272 WinUsb - ok 18:21:06.0543 4272 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 18:21:06.0562 4272 Wlansvc - ok 18:21:06.0658 4272 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:21:06.0666 4272 wlidsvc - ok 18:21:06.0681 4272 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 18:21:06.0689 4272 WmiAcpi - ok 18:21:06.0706 4272 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 18:21:06.0708 4272 wmiApSrv - ok 18:21:06.0737 4272 WMPNetworkSvc - ok 18:21:06.0746 4272 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 18:21:06.0755 4272 WPCSvc - ok 18:21:06.0777 4272 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 18:21:06.0780 4272 WPDBusEnum - ok 18:21:06.0788 4272 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 18:21:06.0796 4272 ws2ifsl - ok 18:21:06.0817 4272 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 18:21:06.0824 4272 WSDPrintDevice - ok 18:21:06.0826 4272 WSearch - ok 18:21:06.0846 4272 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 18:21:06.0854 4272 WudfPf - ok 18:21:06.0869 4272 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 18:21:06.0878 4272 WUDFRd - ok 18:21:06.0899 4272 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 18:21:06.0902 4272 wudfsvc - ok 18:21:06.0918 4272 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 18:21:06.0953 4272 WwanSvc - ok 18:21:06.0956 4272 ================ Scan global =============================== 18:21:06.0973 4272 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 18:21:06.0997 4272 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 18:21:07.0004 4272 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 18:21:07.0026 4272 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 18:21:07.0036 4272 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 18:21:07.0038 4272 [Global] - ok 18:21:07.0039 4272 ================ Scan MBR ================================== 18:21:07.0043 4272 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 18:21:07.0189 4272 \Device\Harddisk0\DR0 - ok 18:21:07.0190 4272 ================ Scan VBR ================================== 18:21:07.0192 4272 [ 87C6AB0AB826D98A6E88EA5B41A80021 ] \Device\Harddisk0\DR0\Partition1 18:21:07.0193 4272 \Device\Harddisk0\DR0\Partition1 - ok 18:21:07.0230 4272 [ 1F8742E1184B3C3AC01B5F98232675A9 ] \Device\Harddisk0\DR0\Partition2 18:21:07.0231 4272 \Device\Harddisk0\DR0\Partition2 - ok 18:21:07.0233 4272 ============================================================ 18:21:07.0233 4272 Scan finished 18:21:07.0233 4272 ============================================================ 18:21:07.0238 2328 Detected object count: 0 18:21:07.0238 2328 Actual detected object count: 0 | actions · 2012-Sep-26 7:04 pm · (locked) | |
NEW eset log. I had the uninstall button checked and it stole my log ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=6acf8a5fe6f3a84e879cd9986598fd70 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-09-26 11:49:42 # local_time=2012-09-26 07:49:42 (-0500, Eastern Daylight Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776574 66 94 0 100242151 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # compatibility_mode=8449 16774141 50 96 42235284 80197070 0 0 # scanned=214301 # found=0 # cleaned=0 # scan_time=4681 | actions · 2012-Sep-26 8:07 pm · (locked) |
1 recommendation |
to Majawba
Re: [Virus] My browsers were HijackedThanks for the TDSS and ESET logs. Nothing in TDSS but with a mention of ZeroAcess in MBAM, I want to check further. Download ComboFix from one of these locations: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.infospyware.net/antimalware/combofix/
* IMPORTANT !!! Save ComboFix.exe to your Desktop[*]Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools [*]Double click on ComboFix.exe & follow the prompts. [*]As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. [*]Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console. **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1.Do not mouse-click Combofix's window while it is running. That may cause it to stall. 2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser. 3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper. 4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Give it at least 20-30 minutes to finish if needed.
| actions · 2012-Sep-27 10:43 am · (locked) | |
ComboFix 12-09-27.03 - Steve 09/27/2012 18:16:12.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8055.6674 [GMT -4:00] Running from: c:\users\Steve\Desktop\ComboFix.exe AV: Sophos Anti-Virus *Enabled/Outdated* {479CCF92-4960-B3E0-7373-BF453B467D2C} SP: Sophos Anti-Virus *Enabled/Outdated* {FCFD2E76-6F5A-BC6E-49C3-843740C13791} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Install.exe c:\users\Steve\AppData\Roaming\log.txt c:\users\Steve\AppData\Roaming\mIRC\logs\status.log c:\windows\assembly\GAC_32\Desktop.ini c:\windows\assembly\GAC_64\Desktop.ini . . ((((((((((((((((((((((((( Files Created from 2012-08-27 to 2012-09-27 ))))))))))))))))))))))))))))))) . . 2012-09-27 22:27 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3341AC26-AC2F-4A68-95F2-8793CE7A4CFA}\mpengine.dll 2012-09-27 11:32 . 2012-09-27 11:32 -------- d-----w- c:\users\Steve\AppData\Local\Macromedia 2012-09-26 21:45 . 2012-09-26 21:45 -------- d-----w- c:\users\Steve\AppData\Roaming\QuickScan 2012-09-26 10:54 . 2012-09-26 10:54 -------- d-----w- c:\program files (x86)\ESET 2012-09-26 02:51 . 2012-09-26 02:51 -------- d-----w- c:\users\Steve\AppData\Roaming\Malwarebytes 2012-09-26 02:50 . 2012-09-26 02:50 -------- d-----w- c:\programdata\Malwarebytes 2012-09-26 02:50 . 2012-09-07 21:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-26 02:50 . 2012-09-26 02:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-09-26 01:12 . 2012-09-26 02:02 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-09-26 01:12 . 2012-09-26 01:35 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2012-09-25 22:46 . 2012-09-25 22:46 -------- d-----w- c:\program files (x86)\TRENDnet 2012-09-25 05:43 . 2012-09-25 05:43 -------- d-----w- c:\program files (x86)\Common Files\xing shared 2012-09-25 05:42 . 2012-09-25 05:42 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll 2012-09-25 05:42 . 2012-09-25 05:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll 2012-09-24 01:38 . 2012-09-24 01:38 -------- d-----w- c:\users\Steve\AppData\Local\Risen2 2012-09-24 01:38 . 2012-09-24 01:38 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2012-09-23 21:22 . 2012-09-23 21:35 -------- d-----w- c:\users\Steve\AppData\Roaming\Dynamite Jack 2012-09-23 13:19 . 2012-09-23 13:19 -------- d-----w- c:\program files (x86)\Microsoft XNA 2012-09-23 13:01 . 2012-09-23 17:06 -------- d-----w- c:\users\Steve\AppData\Roaming\uqm 2012-09-23 13:01 . 2012-09-23 13:40 -------- d-----w- c:\program files (x86)\The Ur-Quan Masters 2012-09-22 22:31 . 2012-09-22 22:31 83249512 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\wlcCE09.tmp 2012-09-22 22:28 . 2012-09-22 22:28 -------- d-----w- c:\users\Steve\AppData\Local\Windows Live 2012-09-22 20:25 . 2012-09-22 20:25 -------- d-sh--w- c:\windows\SysWow64\%APPDATA% 2012-09-22 01:00 . 2012-09-22 01:00 -------- d-----w- c:\users\Steve\AppData\Local\Mozilla 2012-09-22 01:00 . 2012-09-25 22:02 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service 2012-09-12 00:04 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys 2012-09-12 00:04 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys 2012-09-12 00:04 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll 2012-09-12 00:04 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2012-09-12 00:04 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-09-12 00:04 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys 2012-09-12 00:04 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-09-05 07:00 . 2012-09-05 07:00 -------- d-----w- c:\program files (x86)\Common Files\Skype 2012-09-05 07:00 . 2012-09-05 07:00 -------- d-----r- c:\program files (x86)\Skype 2012-08-30 04:16 . 2012-08-30 04:16 -------- d-----w- c:\users\Steve\AppData\Roaming\Subversion 2012-08-30 03:58 . 2012-08-30 03:58 -------- d-----w- c:\users\Steve\AppData\Roaming\fltk.org 2012-08-30 03:58 . 2012-08-30 03:58 -------- d-----w- c:\programdata\fltk.org 2012-08-30 03:56 . 2012-08-30 04:20 -------- d-----w- c:\users\Steve\AppData\Roaming\flightgear.org 2012-08-30 03:56 . 2012-08-30 03:56 -------- d-----w- c:\programdata\flightgear.org 2012-08-30 03:56 . 2012-08-30 03:56 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2012-08-30 03:56 . 2012-08-30 03:56 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2012-08-30 03:56 . 2012-08-30 03:56 122904 ----a-w- c:\windows\system32\OpenAL32.dll 2012-08-30 03:56 . 2012-08-30 03:56 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2012-08-30 03:56 . 2012-08-30 03:56 -------- d-----w- c:\program files (x86)\OpenAL 2012-08-30 03:54 . 2012-09-03 19:50 -------- d-----w- c:\program files\FlightGear 2012-08-30 03:32 . 2012-09-05 14:38 -------- d-----w- c:\programdata\Yahoo! 2012-08-30 03:32 . 2012-09-05 14:38 -------- d-----w- c:\program files (x86)\Yahoo! 2012-08-29 08:02 . 2012-08-29 08:02 -------- d-----w- c:\users\Steve\AppData\Local\Chromium 2012-08-29 07:25 . 2012-08-29 07:25 -------- d-----w- c:\program files (x86)\Microsoft Games 2012-08-29 07:24 . 2012-08-29 07:24 -------- d-----w- c:\windows\SysWow64\xlive 2012-08-29 07:24 . 2012-08-29 07:24 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE 2012-08-29 06:37 . 2012-08-29 08:01 -------- d-----w- c:\programdata\Hi-Rez Studios 2012-08-29 06:37 . 2012-08-29 06:37 -------- d-----w- c:\program files (x86)\Hi-Rez Studios . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-27 11:00 . 2012-04-01 14:06 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-09-27 11:00 . 2011-06-02 10:23 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-09-15 16:58 . 2011-10-28 23:03 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2012-09-15 16:58 . 2011-08-21 23:03 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2012-09-15 16:58 . 2011-08-21 23:03 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2012-09-12 02:11 . 2011-05-12 17:37 64462936 ----a-w- c:\windows\system32\MRT.exe 2012-08-29 19:35 . 2009-08-18 16:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll 2012-08-29 19:35 . 2009-08-18 15:24 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-07-31 02:25 . 2011-08-21 23:03 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2012-07-30 15:56 . 2011-10-26 10:22 3360624 ----a-w- c:\windows\SysWow64\pbsvc.exe 2012-07-18 18:15 . 2012-08-14 17:18 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-04 22:16 . 2012-08-14 17:19 73216 ----a-w- c:\windows\system32\netapi32.dll 2012-07-04 22:13 . 2012-08-14 17:19 59392 ----a-w- c:\windows\system32\browcli.dll 2012-07-04 22:13 . 2012-08-14 17:19 136704 ----a-w- c:\windows\system32\browser.dll 2012-07-04 21:14 . 2012-08-14 17:19 41984 ----a-w- c:\windows\SysWow64\browcli.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-09-25 5664640] "Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-08-10 1353080] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-17 136176] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-27 250288] R3 dump_wmimmc;dump_wmimmc;c:\gamescampus\Heroes In the Sky\GameGuard\dump_wmimmc.sys [x] R3 GPU-Z;GPU-Z;c:\users\Steve\AppData\Local\Temp\GPU-Z.sys [x] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-17 136176] R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2009-07-24 36208] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [2011-05-12 38536] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-12 1255736] R4 SophosBootDriver;SophosBootDriver;c:\windows\system32\DRIVERS\SophosBootDriver.sys [2010-03-03 25608] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280] S1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [2011-11-18 16384] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368] S1 SAVOnAccess;SAVOnAccess;c:\windows\system32\DRIVERS\savonaccess.sys [2010-03-03 141304] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-09-08 140672] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 SAVAdminService;Sophos Anti-Virus status reporter;c:\program files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2010-07-23 162032] S2 SAVService;Sophos Anti-Virus;c:\program files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [2010-06-14 97520] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 swi_service;Sophos Web Intelligence Service;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2010-06-14 1530608] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-18 56344] S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-10-30 244736] S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-10-16 321064] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-01-17 188224] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] iissvcs REG_MULTI_SZ w3svc was apphost REG_MULTI_SZ apphostsvc . Contents of the 'Scheduled Tasks' folder . 2012-09-27 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 11:00] . 2012-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-17 23:30] . 2012-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-17 23:30] . 2012-09-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-943956546-1219100726-2847664145-1002Core.job - c:\users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-12 17:16] . 2012-09-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-943956546-1219100726-2847664145-1002UA.job - c:\users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-12 17:16] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-05-03 11842152] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured_x64.dll . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local LSP: c:\programdata\Sophos Web Intelligence\swi_lsp.dll TCP: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76 DPF: {E1B26101-23FB-4855-9171-F79F29CC7728} - hxxp://192.168.1.107/UltraCamX.cab FF - ProfilePath - c:\users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\1ykjuzrp.default\ . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file) Toolbar-Locked - (no file) SafeBoot-mcmscsvc SafeBoot-MCODS Toolbar-Locked - (no file) WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file) AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\SysWOW64\PnkBstrA.exe . ************************************************************************** . Completion time: 2012-09-27 19:38:16 - machine was rebooted ComboFix-quarantined-files.txt 2012-09-27 23:38 . Pre-Run: 499,645,067,264 bytes free Post-Run: 499,558,674,432 bytes free . - - End Of File - - 4E28F5181EFF16CB67B9952A1CB9E6DA | actions · 2012-Sep-27 7:43 pm · (locked) |
1 recommendation |
to Majawba
Both the TDSS and Combofix logs show no sign of a Zero Access trojan. MBAM seems to have removed it.
Are you still being redirected?
Are there any other issues not resolved? | actions · 2012-Sep-28 10:59 am · (locked) |
1 recommendation |
Everything appears to be fine. Thank you so much everyone! | actions · 2012-Oct-1 5:41 am · (locked) | |
to Majawba
Time for cleanup... First:The following will implement some cleanup procedures as well as reset System Restore points: Click Start, then Run and copy/paste the following bolded text into the Run box and click OK: ComboFix /Uninstall ( Note: There is a SPACE between ComboFix and /uninstall) Second:Cleaning Up:Delete TFC: - Delete the TFC icon on your Desktop
Delete OTL: - Double click the OTL icon on your Desktop
- Press the 'Cleanup' button
Delete Security Check: - Delete the SecurityCheck icon on your Desktop
Delete Malware Bytes: - We recommend that you keep MalwareBytes (MBAM) and run it every week. There is no charge to keep the program however the real time protection will stop after the trial period. Be sure to update the definitions before each use. If you decide not to keep MBAM, use Add/Remove Programs to uninstall it.
Delete Sophos AntiRootkit- If we asked you to run Sophos AntiRootkit program, uninstall it thru Add/Remove Programs.
Other Programs: - If we asked you to install any other programs that are not removed by the OTL cleanup procedure, we will provide separate removal instructions.
| actions · 2012-Oct-1 10:49 am · (locked) |
|