Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Many Symptoms - AV Security reinstalling itself, browser redirects, sl


  • This topic is locked This topic is locked

#16
SkittleServal

SkittleServal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Hello. :)

Alright. Got it to run in safe mode then tried combo fix, no dice. :( Proceeding where you said to, will be posting results in the next reply. Thanks.
  • 0

Advertisements


#17
SkittleServal

SkittleServal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Alright. Here's the disk management screenshot. :)

Attached Thumbnails

  • diskmanagementgtg.png

  • 0

#18
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)


Step 1

If you have Malwarebytes 1.6 or later installed, please disable it for the duration of this run.

Run OTL.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    :OTL 
    MOD - [2009/07/13 17:15:51 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
    MOD - [2009/07/13 17:15:51 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
    O1 - Hosts: 66.197.194.231 www.google-analytics.com.
    O1 - Hosts: 66.197.194.231 ad-emea.doubleclick.net.
    O1 - Hosts: 66.197.194.231 www.statcounter.com.
    O1 - Hosts: 69.72.252.254 www.google-analytics.com.
    O1 - Hosts: 69.72.252.254 ad-emea.doubleclick.net.
    O1 - Hosts: 69.72.252.254 www.statcounter.com.
    O4 - HKU\S-1-5-21-606387608-774257337-4196163694-1001..\Run: [Windows™ Updater] C:\Users\Ani\AppData\Local\Temp\smtp.gmail.com.exe File not found
    
    :Files
    ipconfig /flushdns /c
    
    :Commands 
    [purity]
    [emptytemp]
    [CREATERESTOREPOINT] 
    [Reboot]

  • Then click the Run Fix button at the top.
  • Let the program run unhindered, reboot the PC when it is done.
  • Post the log that appears upon reboot in your next reply.
  • If no log appears upon reboot, the OTL Fix log should be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.
  • Open OTL again and select the "Scan All Users" box.
  • Click the Quick Scan button. Post the log it produces in your next reply.

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Double-click on TDSSKiller.exe to run the application, then click on Change Parameters.

    Posted Image

  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image

  • Click the Start Scan button.

    Posted Image

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image

  • If malicious objects are found, they will show in the Scan results and offer 3 options.
  • Ensure Cure is selected, then click Continue --> Reboot Computer to finish the cleaning process.

    Posted Image

  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents in your next reply.


Step 3

Please download MBRCheck.exe to your Desktop. Run the application.

If no infection is found, it will produce a report on the desktop. Post that report in your next reply.

If an infection is found, you will be presented with the following dialog:

Enter 'Y' and hit ENTER for more options, or 'N' to exit:



Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.


Step 4

Delete your current copy of ComboFix.
Download a fresh copy and run it.


Things I want to see in your next reply

  • OTL Fix Log
  • OTL Log
  • TDSSKiller.[Version]_[Date]_[Time]_log.txt
  • MBRCheck Report
  • ComboFix.txt

  • 0

#19
SkittleServal

SkittleServal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Hello

Upon attempting to run the OTL fix, I once again got an error.

I managed to save it this time - it appears right after starting the scan, even if I run as administrator. "Cannot create file C:\windows\system32\drivers\etc\hosts."

I'm going to continue letting it try to run until you say otherwise, but I thought it'd be good to update.
  • 0

#20
SkittleServal

SkittleServal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Ok. I moved OTL.exe to desktop, clicked the 'unblock' button in properties and ran as administrator. It went all the way through, so I followed the rest of the steps (Logs at end of post)

Despite downloading a fresh copy of combofix, and saving it as all file types to the desktop, it still stopped at stage 48 and didn't move on from there.


15:12:03.0271 4024 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
15:12:04.0121 4024 ============================================================
15:12:04.0121 4024 Current date / time: 2012/02/16 15:12:04.0121
15:12:04.0121 4024 SystemInfo:
15:12:04.0121 4024
15:12:04.0121 4024 OS Version: 6.1.7600 ServicePack: 0.0
15:12:04.0121 4024 Product type: Workstation
15:12:04.0121 4024 ComputerName: ANI-PC
15:12:04.0121 4024 UserName: Ani
15:12:04.0121 4024 Windows directory: C:\windows
15:12:04.0121 4024 System windows directory: C:\windows
15:12:04.0121 4024 Running under WOW64
15:12:04.0121 4024 Processor architecture: Intel x64
15:12:04.0121 4024 Number of processors: 4
15:12:04.0121 4024 Page size: 0x1000
15:12:04.0121 4024 Boot type: Normal boot
15:12:04.0121 4024 ============================================================
15:12:06.0040 4024 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:12:06.0042 4024 Drive \Device\Harddisk1\DR1 - Size: 0x7446E00000 (465.11 Gb), SectorSize: 0x200, Cylinders: 0xED2B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:12:06.0492 4024 Drive \Device\Harddisk2\DR2 - Size: 0x3AE00000 (0.92 Gb), SectorSize: 0x200, Cylinders: 0x78, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:12:06.0494 4024 \Device\Harddisk0\DR0:
15:12:06.0509 4024 MBR used
15:12:06.0509 4024 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:12:06.0509 4024 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x714AE800
15:12:06.0509 4024 \Device\Harddisk1\DR1:
15:12:06.0510 4024 MBR used
15:12:06.0510 4024 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A236800
15:12:06.0510 4024 \Device\Harddisk2\DR2:
15:12:06.0511 4024 MBR used
15:12:06.0511 4024 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x1D6F79
15:12:06.0558 4024 Initialize success
15:12:06.0559 4024 ============================================================
15:12:33.0615 4620 ============================================================
15:12:33.0615 4620 Scan started
15:12:33.0615 4620 Mode: Manual; SigCheck; TDLFS;
15:12:33.0615 4620 ============================================================
15:12:34.0473 4620 1394ohci (e25dc567bae6199f5cc608be2d695b65) C:\windows\system32\DRIVERS\1394ohci.sys
15:12:34.0532 4620 1394ohci - ok
15:12:34.0591 4620 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys
15:12:34.0602 4620 ACPI - ok
15:12:34.0680 4620 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys
15:12:34.0706 4620 AcpiPmi - ok
15:12:34.0773 4620 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
15:12:34.0786 4620 adp94xx - ok
15:12:34.0795 4620 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
15:12:34.0806 4620 adpahci - ok
15:12:34.0915 4620 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
15:12:34.0923 4620 adpu320 - ok
15:12:34.0974 4620 AE1000 (e005682ae8f8ec4eb05f2a70a16ea1c5) C:\windows\system32\DRIVERS\ae1000w7.sys
15:12:34.0990 4620 AE1000 - ok
15:12:35.0055 4620 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\windows\system32\drivers\afd.sys
15:12:35.0083 4620 AFD - ok
15:12:35.0091 4620 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys
15:12:35.0098 4620 agp440 - ok
15:12:35.0128 4620 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys
15:12:35.0133 4620 aliide - ok
15:12:35.0145 4620 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys
15:12:35.0151 4620 amdide - ok
15:12:35.0170 4620 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
15:12:35.0200 4620 AmdK8 - ok
15:12:35.0208 4620 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
15:12:35.0221 4620 AmdPPM - ok
15:12:35.0264 4620 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys
15:12:35.0271 4620 amdsata - ok
15:12:35.0300 4620 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
15:12:35.0308 4620 amdsbs - ok
15:12:35.0364 4620 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys
15:12:35.0369 4620 amdxata - ok
15:12:35.0378 4620 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys
15:12:35.0411 4620 AppID - ok
15:12:35.0508 4620 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
15:12:35.0515 4620 arc - ok
15:12:35.0541 4620 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
15:12:35.0548 4620 arcsas - ok
15:12:35.0609 4620 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys
15:12:35.0619 4620 ArcSoftKsUFilter - ok
15:12:35.0662 4620 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
15:12:35.0705 4620 AsyncMac - ok
15:12:35.0773 4620 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys
15:12:35.0778 4620 atapi - ok
15:12:35.0862 4620 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\windows\system32\DRIVERS\atikmdag.sys
15:12:35.0972 4620 atikmdag - ok
15:12:36.0047 4620 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
15:12:36.0098 4620 b06bdrv - ok
15:12:36.0164 4620 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
15:12:36.0197 4620 b57nd60a - ok
15:12:36.0239 4620 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
15:12:36.0263 4620 Beep - ok
15:12:36.0296 4620 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
15:12:36.0327 4620 blbdrive - ok
15:12:36.0367 4620 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys
15:12:36.0404 4620 bowser - ok
15:12:36.0411 4620 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
15:12:36.0420 4620 BrFiltLo - ok
15:12:36.0427 4620 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
15:12:36.0436 4620 BrFiltUp - ok
15:12:36.0531 4620 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
15:12:36.0580 4620 BridgeMP - ok
15:12:36.0590 4620 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
15:12:36.0602 4620 Brserid - ok
15:12:36.0609 4620 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
15:12:36.0631 4620 BrSerWdm - ok
15:12:36.0659 4620 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
15:12:36.0704 4620 BrUsbMdm - ok
15:12:36.0769 4620 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
15:12:36.0796 4620 BrUsbSer - ok
15:12:36.0807 4620 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
15:12:36.0873 4620 BTHMODEM - ok
15:12:36.0907 4620 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
15:12:36.0933 4620 cdfs - ok
15:12:36.0975 4620 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys
15:12:37.0005 4620 cdrom - ok
15:12:37.0076 4620 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
15:12:37.0086 4620 circlass - ok
15:12:37.0144 4620 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
15:12:37.0154 4620 CLFS - ok
15:12:37.0168 4620 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
15:12:37.0176 4620 CmBatt - ok
15:12:37.0199 4620 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys
15:12:37.0205 4620 cmdide - ok
15:12:37.0258 4620 CNG (937beb186a735aca91d717044a49d17e) C:\windows\system32\Drivers\cng.sys
15:12:37.0287 4620 CNG - ok
15:12:37.0295 4620 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
15:12:37.0300 4620 Compbatt - ok
15:12:37.0323 4620 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys
15:12:37.0357 4620 CompositeBus - ok
15:12:37.0425 4620 cpudrv64 (3ca734ce373e5675fbc15ca2c45228e5) C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
15:12:37.0431 4620 cpudrv64 - ok
15:12:37.0437 4620 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
15:12:37.0443 4620 crcdisk - ok
15:12:37.0475 4620 cywiwabo - ok
15:12:37.0541 4620 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys
15:12:37.0568 4620 DfsC - ok
15:12:37.0615 4620 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
15:12:37.0666 4620 discache - ok
15:12:37.0707 4620 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
15:12:37.0714 4620 Disk - ok
15:12:37.0739 4620 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
15:12:37.0782 4620 drmkaud - ok
15:12:37.0829 4620 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\windows\system32\DRIVERS\dtsoftbus01.sys
15:12:37.0836 4620 dtsoftbus01 - ok
15:12:37.0879 4620 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\windows\System32\drivers\dxgkrnl.sys
15:12:37.0894 4620 DXGKrnl - ok
15:12:37.0918 4620 e1cexpress (6bafd9819d9fec2edbaebc8493c711a4) C:\windows\system32\DRIVERS\e1c62x64.sys
15:12:37.0926 4620 e1cexpress - ok
15:12:37.0934 4620 EagleX64 - ok
15:12:37.0998 4620 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
15:12:38.0096 4620 ebdrv - ok
15:12:38.0193 4620 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
15:12:38.0206 4620 elxstor - ok
15:12:38.0213 4620 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys
15:12:38.0246 4620 ErrDev - ok
15:12:38.0297 4620 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
15:12:38.0341 4620 exfat - ok
15:12:38.0380 4620 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
15:12:38.0405 4620 fastfat - ok
15:12:38.0414 4620 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
15:12:38.0444 4620 fdc - ok
15:12:38.0484 4620 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
15:12:38.0491 4620 FileInfo - ok
15:12:38.0503 4620 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
15:12:38.0565 4620 Filetrace - ok
15:12:38.0589 4620 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
15:12:38.0597 4620 flpydisk - ok
15:12:38.0613 4620 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys
15:12:38.0623 4620 FltMgr - ok
15:12:38.0637 4620 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
15:12:38.0643 4620 FsDepends - ok
15:12:38.0711 4620 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\windows\system32\DRIVERS\fssfltr.sys
15:12:38.0717 4620 fssfltr - ok
15:12:38.0743 4620 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
15:12:38.0748 4620 Fs_Rec - ok
15:12:38.0775 4620 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys
15:12:38.0784 4620 fvevol - ok
15:12:38.0791 4620 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
15:12:38.0798 4620 gagp30kx - ok
15:12:38.0859 4620 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\windows\system32\DRIVERS\hamachi.sys
15:12:38.0863 4620 hamachi - ok
15:12:38.0894 4620 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
15:12:38.0931 4620 hcw85cir - ok
15:12:38.0941 4620 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys
15:12:38.0963 4620 HdAudAddService - ok
15:12:38.0996 4620 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys
15:12:39.0040 4620 HDAudBus - ok
15:12:39.0047 4620 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
15:12:39.0064 4620 HidBatt - ok
15:12:39.0072 4620 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
15:12:39.0091 4620 HidBth - ok
15:12:39.0098 4620 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
15:12:39.0108 4620 HidIr - ok
15:12:39.0180 4620 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys
15:12:39.0188 4620 HidUsb - ok
15:12:39.0199 4620 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys
15:12:39.0205 4620 HpSAMD - ok
15:12:39.0225 4620 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys
15:12:39.0259 4620 HTTP - ok
15:12:39.0282 4620 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys
15:12:39.0287 4620 hwpolicy - ok
15:12:39.0302 4620 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
15:12:39.0311 4620 i8042prt - ok
15:12:39.0369 4620 iaStorV (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys
15:12:39.0380 4620 iaStorV - ok
15:12:39.0569 4620 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\windows\system32\DRIVERS\igdkmd64.sys
15:12:39.0809 4620 igfx - ok
15:12:39.0861 4620 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
15:12:39.0867 4620 iirsp - ok
15:12:39.0922 4620 IntcAzAudAddService (9aa6a93852e36fe76c3f7fc2904f3b01) C:\windows\system32\drivers\RTKVHD64.sys
15:12:39.0947 4620 IntcAzAudAddService - ok
15:12:39.0977 4620 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
15:12:39.0987 4620 IntcDAud - ok
15:12:40.0008 4620 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys
15:12:40.0013 4620 intelide - ok
15:12:40.0030 4620 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
15:12:40.0058 4620 intelppm - ok
15:12:40.0102 4620 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys
15:12:40.0144 4620 IpFilterDriver - ok
15:12:40.0153 4620 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys
15:12:40.0163 4620 IPMIDRV - ok
15:12:40.0220 4620 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
15:12:40.0275 4620 IPNAT - ok
15:12:40.0308 4620 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
15:12:40.0319 4620 IRENUM - ok
15:12:40.0326 4620 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys
15:12:40.0331 4620 isapnp - ok
15:12:40.0357 4620 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys
15:12:40.0366 4620 iScsiPrt - ok
15:12:40.0398 4620 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
15:12:40.0404 4620 kbdclass - ok
15:12:40.0425 4620 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys
15:12:40.0464 4620 kbdhid - ok
15:12:40.0503 4620 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\windows\system32\Drivers\ksecdd.sys
15:12:40.0538 4620 KSecDD - ok
15:12:40.0558 4620 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\windows\system32\Drivers\ksecpkg.sys
15:12:40.0565 4620 KSecPkg - ok
15:12:40.0583 4620 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
15:12:40.0629 4620 ksthunk - ok
15:12:40.0698 4620 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
15:12:40.0753 4620 lltdio - ok
15:12:40.0810 4620 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
15:12:40.0817 4620 LSI_FC - ok
15:12:40.0825 4620 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
15:12:40.0832 4620 LSI_SAS - ok
15:12:40.0846 4620 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
15:12:40.0853 4620 LSI_SAS2 - ok
15:12:40.0861 4620 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
15:12:40.0868 4620 LSI_SCSI - ok
15:12:40.0887 4620 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
15:12:40.0940 4620 luafv - ok
15:12:41.0007 4620 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\windows\system32\drivers\mbam.sys
15:12:41.0013 4620 MBAMProtector - ok
15:12:41.0042 4620 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
15:12:41.0048 4620 megasas - ok
15:12:41.0077 4620 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
15:12:41.0092 4620 MegaSR - ok
15:12:41.0114 4620 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\windows\system32\DRIVERS\HECIx64.sys
15:12:41.0119 4620 MEIx64 - ok
15:12:41.0127 4620 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
15:12:41.0169 4620 Modem - ok
15:12:41.0202 4620 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
15:12:41.0234 4620 monitor - ok
15:12:41.0242 4620 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
15:12:41.0249 4620 mouclass - ok
15:12:41.0286 4620 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
15:12:41.0319 4620 mouhid - ok
15:12:41.0357 4620 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys
15:12:41.0364 4620 mountmgr - ok
15:12:41.0385 4620 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys
15:12:41.0393 4620 mpio - ok
15:12:41.0413 4620 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
15:12:41.0457 4620 mpsdrv - ok
15:12:41.0510 4620 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys
15:12:41.0547 4620 MRxDAV - ok
15:12:41.0628 4620 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys
15:12:41.0658 4620 mrxsmb - ok
15:12:41.0707 4620 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys
15:12:41.0735 4620 mrxsmb10 - ok
15:12:41.0776 4620 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys
15:12:41.0804 4620 mrxsmb20 - ok
15:12:41.0835 4620 msahci (94a5023d130bf79a4e54875f6e88a69f) C:\windows\system32\DRIVERS\msahci.sys
15:12:41.0841 4620 msahci - ok
15:12:41.0850 4620 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys
15:12:41.0857 4620 msdsm - ok
15:12:41.0901 4620 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
15:12:41.0925 4620 Msfs - ok
15:12:41.0948 4620 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
15:12:41.0997 4620 mshidkmdf - ok
15:12:42.0024 4620 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys
15:12:42.0029 4620 msisadrv - ok
15:12:42.0057 4620 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
15:12:42.0102 4620 MSKSSRV - ok
15:12:42.0132 4620 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
15:12:42.0179 4620 MSPCLOCK - ok
15:12:42.0209 4620 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
15:12:42.0273 4620 MSPQM - ok
15:12:42.0321 4620 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys
15:12:42.0332 4620 MsRPC - ok
15:12:42.0348 4620 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
15:12:42.0353 4620 mssmbios - ok
15:12:42.0379 4620 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
15:12:42.0437 4620 MSTEE - ok
15:12:42.0464 4620 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
15:12:42.0494 4620 MTConfig - ok
15:12:42.0526 4620 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
15:12:42.0532 4620 Mup - ok
15:12:42.0566 4620 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
15:12:42.0597 4620 NativeWifiP - ok
15:12:42.0657 4620 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys
15:12:42.0675 4620 NDIS - ok
15:12:42.0690 4620 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
15:12:42.0738 4620 NdisCap - ok
15:12:42.0789 4620 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
15:12:42.0832 4620 NdisTapi - ok
15:12:42.0915 4620 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys
15:12:42.0969 4620 Ndisuio - ok
15:12:43.0007 4620 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys
15:12:43.0032 4620 NdisWan - ok
15:12:43.0115 4620 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys
15:12:43.0199 4620 NDProxy - ok
15:12:43.0227 4620 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
15:12:43.0270 4620 NetBIOS - ok
15:12:43.0308 4620 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys
15:12:43.0359 4620 NetBT - ok
15:12:43.0418 4620 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
15:12:43.0424 4620 nfrd960 - ok
15:12:43.0446 4620 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
15:12:43.0472 4620 Npfs - ok
15:12:43.0488 4620 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
15:12:43.0512 4620 nsiproxy - ok
15:12:43.0592 4620 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys
15:12:43.0634 4620 Ntfs - ok
15:12:43.0644 4620 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
15:12:43.0689 4620 Null - ok
15:12:43.0772 4620 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys
15:12:43.0779 4620 nvraid - ok
15:12:43.0827 4620 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys
15:12:43.0835 4620 nvstor - ok
15:12:43.0843 4620 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys
15:12:43.0850 4620 nv_agp - ok
15:12:43.0858 4620 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys
15:12:43.0889 4620 ohci1394 - ok
15:12:43.0964 4620 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
15:12:43.0973 4620 Parport - ok
15:12:44.0001 4620 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys
15:12:44.0008 4620 partmgr - ok
15:12:44.0027 4620 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys
15:12:44.0035 4620 pci - ok
15:12:44.0049 4620 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
15:12:44.0054 4620 pciide - ok
15:12:44.0084 4620 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
15:12:44.0093 4620 pcmcia - ok
15:12:44.0122 4620 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
15:12:44.0128 4620 pcw - ok
15:12:44.0147 4620 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
15:12:44.0200 4620 PEAUTH - ok
15:12:44.0266 4620 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys
15:12:44.0291 4620 PptpMiniport - ok
15:12:44.0298 4620 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
15:12:44.0329 4620 Processor - ok
15:12:44.0372 4620 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys
15:12:44.0414 4620 Psched - ok
15:12:44.0494 4620 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
15:12:44.0535 4620 ql2300 - ok
15:12:44.0543 4620 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
15:12:44.0551 4620 ql40xx - ok
15:12:44.0576 4620 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
15:12:44.0616 4620 QWAVEdrv - ok
15:12:44.0643 4620 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
15:12:44.0684 4620 RasAcd - ok
15:12:44.0720 4620 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
15:12:44.0767 4620 RasAgileVpn - ok
15:12:44.0808 4620 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys
15:12:44.0852 4620 Rasl2tp - ok
15:12:44.0891 4620 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
15:12:44.0916 4620 RasPppoe - ok
15:12:44.0928 4620 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
15:12:44.0982 4620 RasSstp - ok
15:12:45.0015 4620 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys
15:12:45.0066 4620 rdbss - ok
15:12:45.0094 4620 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
15:12:45.0139 4620 rdpbus - ok
15:12:45.0176 4620 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
15:12:45.0232 4620 RDPCDD - ok
15:12:45.0267 4620 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
15:12:45.0314 4620 RDPENCDD - ok
15:12:45.0350 4620 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
15:12:45.0374 4620 RDPREFMP - ok
15:12:45.0383 4620 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys
15:12:45.0430 4620 RDPWD - ok
15:12:45.0459 4620 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys
15:12:45.0468 4620 rdyboost - ok
15:12:45.0523 4620 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
15:12:45.0548 4620 rspndr - ok
15:12:45.0582 4620 RSUSBSTOR (b1d04ed92d148b54169499d9568a3c55) C:\windows\system32\Drivers\RtsUStor.sys
15:12:45.0613 4620 RSUSBSTOR - ok
15:12:45.0623 4620 RTL8023x64 (68dd0457d18fccef7384ae84022f0c86) C:\windows\system32\DRIVERS\Rtnic64.sys
15:12:45.0640 4620 RTL8023x64 - ok
15:12:45.0646 4620 RtsUIR - ok
15:12:45.0657 4620 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys
15:12:45.0664 4620 sbp2port - ok
15:12:45.0711 4620 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys
15:12:45.0768 4620 scfilter - ok
15:12:45.0815 4620 ScreamBAudioSvc (490b0b68bb938d5c628ec4a67277be75) C:\windows\system32\drivers\ScreamingBAudio64.sys
15:12:45.0820 4620 ScreamBAudioSvc - ok
15:12:45.0885 4620 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
15:12:45.0957 4620 secdrv - ok
15:12:45.0969 4620 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
15:12:45.0983 4620 Serenum - ok
15:12:46.0005 4620 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
15:12:46.0015 4620 Serial - ok
15:12:46.0035 4620 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
15:12:46.0067 4620 sermouse - ok
15:12:46.0095 4620 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys
15:12:46.0120 4620 sffdisk - ok
15:12:46.0145 4620 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys
15:12:46.0152 4620 sffp_mmc - ok
15:12:46.0159 4620 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys
15:12:46.0194 4620 sffp_sd - ok
15:12:46.0225 4620 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
15:12:46.0232 4620 sfloppy - ok
15:12:46.0254 4620 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
15:12:46.0260 4620 SiSRaid2 - ok
15:12:46.0289 4620 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
15:12:46.0296 4620 SiSRaid4 - ok
15:12:46.0307 4620 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
15:12:46.0363 4620 Smb - ok
15:12:46.0400 4620 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
15:12:46.0405 4620 spldr - ok
15:12:46.0469 4620 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys
15:12:46.0505 4620 srv - ok
15:12:46.0547 4620 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys
15:12:46.0558 4620 srv2 - ok
15:12:46.0611 4620 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys
15:12:46.0645 4620 srvnet - ok
15:12:46.0695 4620 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
15:12:46.0701 4620 stexstor - ok
15:12:46.0726 4620 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
15:12:46.0736 4620 swenum - ok
15:12:46.0826 4620 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\drivers\tcpip.sys
15:12:46.0852 4620 Tcpip - ok
15:12:46.0893 4620 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\DRIVERS\tcpip.sys
15:12:46.0918 4620 TCPIP6 - ok
15:12:46.0933 4620 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys
15:12:46.0958 4620 tcpipreg - ok
15:12:46.0973 4620 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
15:12:47.0018 4620 TDPIPE - ok
15:12:47.0044 4620 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
15:12:47.0088 4620 TDTCP - ok
15:12:47.0119 4620 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys
15:12:47.0174 4620 tdx - ok
15:12:47.0233 4620 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys
15:12:47.0240 4620 TermDD - ok
15:12:47.0271 4620 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys
15:12:47.0296 4620 tssecsrv - ok
15:12:47.0309 4620 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys
15:12:47.0334 4620 tunnel - ok
15:12:47.0359 4620 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
15:12:47.0365 4620 uagp35 - ok
15:12:47.0395 4620 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys
15:12:47.0446 4620 udfs - ok
15:12:47.0492 4620 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys
15:12:47.0499 4620 uliagpkx - ok
15:12:47.0522 4620 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys
15:12:47.0553 4620 umbus - ok
15:12:47.0582 4620 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
15:12:47.0617 4620 UmPass - ok
15:12:47.0687 4620 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\windows\system32\drivers\usbaudio.sys
15:12:47.0734 4620 usbaudio - ok
15:12:47.0777 4620 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\windows\system32\DRIVERS\usbccgp.sys
15:12:47.0804 4620 usbccgp - ok
15:12:47.0804 4620 USBCCID - ok
15:12:47.0857 4620 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys
15:12:47.0869 4620 usbcir - ok
15:12:47.0914 4620 usbehci (92969ba5ac44e229c55a332864f79677) C:\windows\system32\drivers\usbehci.sys
15:12:47.0948 4620 usbehci - ok
15:12:47.0998 4620 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\windows\system32\DRIVERS\usbhub.sys
15:12:48.0027 4620 usbhub - ok
15:12:48.0066 4620 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\windows\system32\drivers\usbohci.sys
15:12:48.0098 4620 usbohci - ok
15:12:48.0124 4620 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
15:12:48.0134 4620 usbprint - ok
15:12:48.0181 4620 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS
15:12:48.0208 4620 USBSTOR - ok
15:12:48.0241 4620 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\windows\system32\drivers\usbuhci.sys
15:12:48.0265 4620 usbuhci - ok
15:12:48.0350 4620 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\system32\Drivers\usbvideo.sys
15:12:48.0378 4620 usbvideo - ok
15:12:48.0454 4620 VCSVADHWSer (3a4b01c2bdb07dfef29b0b369487503a) C:\windows\system32\DRIVERS\vcsvad.sys
15:12:48.0485 4620 VCSVADHWSer - ok
15:12:48.0562 4620 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys
15:12:48.0568 4620 vdrvroot - ok
15:12:48.0599 4620 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
15:12:48.0608 4620 vga - ok
15:12:48.0631 4620 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
15:12:48.0673 4620 VgaSave - ok
15:12:48.0707 4620 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys
15:12:48.0715 4620 vhdmp - ok
15:12:48.0729 4620 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys
15:12:48.0735 4620 viaide - ok
15:12:48.0743 4620 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys
15:12:48.0749 4620 volmgr - ok
15:12:48.0770 4620 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys
15:12:48.0781 4620 volmgrx - ok
15:12:48.0802 4620 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys
15:12:48.0812 4620 volsnap - ok
15:12:48.0853 4620 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
15:12:48.0861 4620 vsmraid - ok
15:12:48.0878 4620 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
15:12:48.0918 4620 vwifibus - ok
15:12:48.0956 4620 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
15:12:48.0985 4620 vwififlt - ok
15:12:49.0012 4620 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
15:12:49.0035 4620 WacomPen - ok
15:12:49.0084 4620 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
15:12:49.0110 4620 WANARP - ok
15:12:49.0122 4620 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
15:12:49.0147 4620 Wanarpv6 - ok
15:12:49.0173 4620 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
15:12:49.0180 4620 Wd - ok
15:12:49.0241 4620 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys
15:12:49.0248 4620 WDC_SAM - ok
15:12:49.0267 4620 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
15:12:49.0282 4620 Wdf01000 - ok
15:12:49.0308 4620 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
15:12:49.0333 4620 WfpLwf - ok
15:12:49.0365 4620 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
15:12:49.0371 4620 WIMMount - ok
15:12:49.0463 4620 WinUSB (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUSB.sys
15:12:49.0504 4620 WinUSB - ok
15:12:49.0641 4620 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
15:12:49.0671 4620 WmiAcpi - ok
15:12:49.0715 4620 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
15:12:49.0739 4620 ws2ifsl - ok
15:12:49.0777 4620 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
15:12:49.0783 4620 wsvd - ok
15:12:49.0807 4620 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys
15:12:49.0856 4620 WudfPf - ok
15:12:49.0905 4620 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys
15:12:49.0931 4620 WUDFRd - ok
15:12:50.0026 4620 X5XSEx (8c6413d62c891d8da084a31da53a09e6) C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys
15:12:50.0031 4620 X5XSEx - ok
15:12:50.0057 4620 X6va005 - ok
15:12:50.0079 4620 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\windows\system32\DRIVERS\yk62x64.sys
15:12:50.0115 4620 yukonw7 - ok
15:12:50.0160 4620 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:12:50.0263 4620 \Device\Harddisk0\DR0 - ok
15:12:50.0266 4620 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
15:12:50.0813 4620 \Device\Harddisk1\DR1 - ok
15:12:50.0818 4620 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
15:12:50.0998 4620 \Device\Harddisk2\DR2 - ok
15:12:51.0025 4620 Boot (0x1200) (5fc0b3005a3ad6d27853241dda791f02) \Device\Harddisk0\DR0\Partition0
15:12:51.0026 4620 \Device\Harddisk0\DR0\Partition0 - ok
15:12:51.0030 4620 Boot (0x1200) (93e7c3a3cf67b169f71e469a1e92641e) \Device\Harddisk0\DR0\Partition1
15:12:51.0031 4620 \Device\Harddisk0\DR0\Partition1 - ok
15:12:51.0034 4620 Boot (0x1200) (12465cb012d0ff36e8a8e89b655ef92a) \Device\Harddisk1\DR1\Partition0
15:12:51.0035 4620 \Device\Harddisk1\DR1\Partition0 - ok
15:12:51.0039 4620 Boot (0x1200) (4b1425494ee89def42333c0a3d2d4fc4) \Device\Harddisk2\DR2\Partition0
15:12:51.0040 4620 \Device\Harddisk2\DR2\Partition0 - ok
15:12:51.0040 4620 ============================================================
15:12:51.0040 4620 Scan finished
15:12:51.0040 4620 ============================================================
15:12:51.0044 4908 Detected object count: 0
15:12:51.0044 4908 Actual detected object count: 0
15:13:49.0958 4408 Deinitialize success
  • 0

#21
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)

Please post the logs from OTL and MBRCheck.
  • 0

#22
SkittleServal

SkittleServal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Hello.

Hm. Could have sworn I had.. Sorry about that.

All processes killed
Error: Unable to interpret <MOD - [2009/07/13 17:15:51 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL> in the current context!
Error: Unable to interpret <MOD - [2009/07/13 17:15:51 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll> in the current context!
Error: Unable to interpret <O1 - Hosts: 66.197.194.231 www.google-analytics.com.> in the current context!
Error: Unable to interpret <O1 - Hosts: 66.197.194.231 ad-emea.doubleclick.net.> in the current context!
Error: Unable to interpret <O1 - Hosts: 66.197.194.231 www.statcounter.com.> in the current context!
Error: Unable to interpret <O1 - Hosts: 69.72.252.254 www.google-analytics.com.> in the current context!
Error: Unable to interpret <O1 - Hosts: 69.72.252.254 ad-emea.doubleclick.net.> in the current context!
Error: Unable to interpret <O1 - Hosts: 69.72.252.254 www.statcounter.com.> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-606387608-774257337-4196163694-1001..\Run: [Windows™ Updater] C:\Users\Ani\AppData\Local\Temp\smtp.gmail.com.exe File not found> in the current context!
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Ani\Desktop\cmd.bat deleted successfully.
C:\Users\Ani\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Ani
->Temp folder emptied: 1698325 bytes
->Temporary Internet Files folder emptied: 12697522 bytes
->Java cache emptied: 1825898 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 375179349 bytes
->Flash cache emptied: 5491 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19771849 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 738168 bytes

Total Files Cleaned = 393.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.31.0 log created on 02162012_145808

Files\Folders moved on Reboot...
C:\Users\Ani\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...



OTL logfile created on: 2/16/2012 3:04:01 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Ani\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.85 Gb Total Physical Memory | 6.03 Gb Available Physical Memory | 76.83% Memory free
15.70 Gb Paging File | 13.90 Gb Available in Paging File | 88.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 906.34 Gb Total Space | 536.16 Gb Free Space | 59.16% Space Free | Partition Type: NTFS
Drive G: | 665.70 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive H: | 465.11 Gb Total Space | 348.87 Gb Free Space | 75.01% Space Free | Partition Type: NTFS
Drive I: | 941.69 Mb Total Space | 842.78 Mb Free Space | 89.50% Space Free | Partition Type: FAT

Computer Name: ANI-PC | User Name: Ani | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/12 11:52:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Ani\Desktop\OTL.exe
PRC - [2012/02/08 15:50:56 | 000,043,944 | ---- | M] (Raptr, Inc) -- C:\Program Files (x86)\Raptr\raptr_im.exe
PRC - [2012/02/08 15:50:54 | 000,065,448 | ---- | M] (Raptr, Inc) -- C:\Program Files (x86)\Raptr\raptr.exe
PRC - [2012/02/07 13:18:30 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011/12/21 07:01:38 | 001,242,448 | ---- | M] (Valve Corporation) -- H:\Programs\Steam\Steam.exe
PRC - [2011/03/28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/20 01:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
PRC - [2009/07/16 09:05:10 | 000,114,688 | ---- | M] (JME) -- C:\Program Files (x86)\jmesoft\hotkey.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/15 18:12:26 | 014,415,144 | ---- | M] () -- H:\Programs\Steam\bin\libcef.dll
MOD - [2012/02/15 18:12:25 | 000,857,896 | ---- | M] () -- H:\Programs\Steam\bin\chromehtml.dll
MOD - [2012/02/15 18:12:24 | 000,914,216 | ---- | M] () -- H:\Programs\Steam\bin\avcodec-52.dll
MOD - [2012/02/15 18:12:24 | 000,155,432 | ---- | M] () -- H:\Programs\Steam\bin\avformat-52.dll
MOD - [2012/02/15 18:12:24 | 000,091,432 | ---- | M] () -- H:\Programs\Steam\bin\avutil-50.dll
MOD - [2012/02/06 12:28:48 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Raptr\Crypto.Util._counter.pyd
MOD - [2012/02/06 12:28:42 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pyd
MOD - [2012/02/06 12:28:34 | 000,010,752 | ---- | M] () -- C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pyd
MOD - [2012/01/27 00:49:31 | 000,429,040 | ---- | M] () -- C:\Users\Ani\AppData\Local\Google\Chrome\Application\17.0.963.46\ppgooglenaclpluginchrome.dll
MOD - [2012/01/27 00:49:29 | 003,772,912 | ---- | M] () -- C:\Users\Ani\AppData\Local\Google\Chrome\Application\17.0.963.46\pdf.dll
MOD - [2012/01/27 00:48:06 | 000,122,880 | ---- | M] () -- C:\Users\Ani\AppData\Local\Google\Chrome\Application\17.0.963.46\avutil-51.dll
MOD - [2012/01/27 00:48:05 | 000,222,208 | ---- | M] () -- C:\Users\Ani\AppData\Local\Google\Chrome\Application\17.0.963.46\avformat-53.dll
MOD - [2012/01/27 00:48:03 | 001,746,944 | ---- | M] () -- C:\Users\Ani\AppData\Local\Google\Chrome\Application\17.0.963.46\avcodec-53.dll
MOD - [2012/01/26 21:41:13 | 008,593,056 | ---- | M] () -- C:\Users\Ani\AppData\Local\Google\Chrome\Application\17.0.963.46\gcswf32.dll
MOD - [2011/11/21 16:47:46 | 000,468,992 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
MOD - [2011/11/21 16:47:44 | 001,609,728 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
MOD - [2011/11/21 16:47:44 | 000,302,592 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
MOD - [2011/11/21 16:47:42 | 005,694,976 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
MOD - [2011/11/21 16:46:28 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Raptr\sip.pyd
MOD - [2011/10/24 10:50:38 | 000,079,360 | ---- | M] () -- C:\Program Files (x86)\Raptr\easyhook32.dll
MOD - [2011/10/24 10:49:56 | 002,717,595 | ---- | M] () -- C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
MOD - [2011/10/10 20:52:14 | 000,070,424 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2011/09/08 15:47:40 | 001,183,699 | ---- | M] () -- C:\Program Files (x86)\Raptr\liboscar.dll
MOD - [2011/09/08 15:47:36 | 001,640,221 | ---- | M] () -- C:\Program Files (x86)\Raptr\libjabber.dll
MOD - [2011/09/08 15:47:32 | 001,052,194 | ---- | M] () -- C:\Program Files (x86)\Raptr\libymsg.dll
MOD - [2011/09/08 15:47:22 | 000,495,680 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libaim.dll
MOD - [2011/09/08 15:47:22 | 000,483,306 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libicq.dll
MOD - [2011/09/08 15:47:16 | 000,655,356 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libirc.dll
MOD - [2011/09/08 15:47:16 | 000,603,326 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
MOD - [2011/09/08 15:47:14 | 000,497,782 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
MOD - [2011/09/08 15:47:14 | 000,474,199 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\ssl.dll
MOD - [2011/09/08 15:47:10 | 001,306,387 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libmsn.dll
MOD - [2011/09/08 15:47:04 | 000,565,461 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
MOD - [2011/09/08 15:46:56 | 000,506,276 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
MOD - [2011/02/15 10:17:28 | 001,213,633 | ---- | M] () -- C:\Program Files (x86)\Raptr\libxml2-2.dll
MOD - [2011/02/15 10:17:28 | 000,417,501 | ---- | M] () -- C:\Program Files (x86)\Raptr\sqlite3.dll
MOD - [2010/11/22 15:06:22 | 000,055,808 | ---- | M] () -- C:\Program Files (x86)\Raptr\zlib1.dll
MOD - [2010/11/22 14:57:36 | 002,042,368 | ---- | M] () -- C:\Program Files (x86)\Raptr\libtorrent.pyd
MOD - [2010/11/22 14:57:34 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32gui.pyd
MOD - [2010/11/22 14:57:34 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32file.pyd
MOD - [2010/11/22 14:57:34 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32api.pyd
MOD - [2010/11/22 14:57:34 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32process.pyd
MOD - [2010/11/22 14:57:18 | 000,141,312 | ---- | M] () -- C:\Program Files (x86)\Raptr\gobject._gobject.pyd
MOD - [2010/11/22 14:57:06 | 000,263,168 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
MOD - [2010/11/22 14:56:56 | 000,354,304 | ---- | M] () -- C:\Program Files (x86)\Raptr\pythoncom26.dll
MOD - [2010/11/22 14:56:56 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\Raptr\pywintypes26.dll
MOD - [2010/11/22 14:56:26 | 000,324,608 | ---- | M] () -- C:\Program Files (x86)\Raptr\PIL._imaging.pyd
MOD - [2010/11/22 14:56:02 | 000,805,376 | ---- | M] () -- C:\Program Files (x86)\Raptr\_ssl.pyd
MOD - [2010/11/22 14:56:02 | 000,583,680 | ---- | M] () -- C:\Program Files (x86)\Raptr\unicodedata.pyd
MOD - [2010/11/22 14:56:02 | 000,356,864 | ---- | M] () -- C:\Program Files (x86)\Raptr\_hashlib.pyd
MOD - [2010/11/22 14:56:02 | 000,127,488 | ---- | M] () -- C:\Program Files (x86)\Raptr\pyexpat.pyd
MOD - [2010/11/22 14:56:02 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\Raptr\_ctypes.pyd
MOD - [2010/11/22 14:56:02 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Raptr\_sqlite3.pyd
MOD - [2010/11/22 14:56:02 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Raptr\_socket.pyd
MOD - [2010/11/22 14:56:02 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\Raptr\winsound.pyd
MOD - [2009/07/16 09:20:38 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\jmesoft\KeyHook.dll
MOD - [2009/07/13 17:15:51 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
MOD - [2009/07/13 17:15:51 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
MOD - [2007/12/31 10:27:42 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\jmesoft\VistaVolume.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/05/05 12:36:05 | 000,022,528 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe -- (DAZContentManagementService)
SRV:64bit: - [2010/11/11 13:00:32 | 000,467,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2010/11/11 13:00:32 | 000,306,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2010/11/11 12:59:36 | 008,251,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/02/07 13:18:30 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/01/04 19:55:08 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/08/31 16:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/31 10:20:38 | 000,415,072 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe -- (Dyyno Launcher)
SRV - [2011/04/01 10:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/03/18 07:50:58 | 002,271,608 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/10/05 05:08:46 | 002,655,768 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/10/05 05:08:42 | 000,325,656 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/08/31 18:53:22 | 012,306,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/08/31 16:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/08/01 18:25:29 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/05/13 14:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011/03/10 22:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/10/14 08:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010/09/20 22:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel®
DRV:64bit: - [2010/09/20 17:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/03/22 22:53:04 | 001,101,600 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ae1000w7.sys -- (AE1000)
DRV:64bit: - [2009/12/01 14:49:52 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009/07/21 14:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 13:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/25 18:34:24 | 000,219,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/06/10 12:35:53 | 000,051,712 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64)
DRV:64bit: - [2009/06/10 12:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 13:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/12/26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2010/11/22 08:25:12 | 000,055,400 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Free Ride Games\X5XSEx.sys -- (X5XSEx)
DRV - [2009/12/18 09:58:52 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-606387608-774257337-4196163694-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-606387608-774257337-4196163694-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-606387608-774257337-4196163694-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-606387608-774257337-4196163694-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: ""
FF - prefs.js..network.proxy.type: ""


FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files (x86)\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@SparkplayMedia.com/Earth Eternal: C:\Users\Ani\Documents\Earth Eternal\Earth Eternal\npSparkPlayerNS.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Ani\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Ani\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/06/08 01:52:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/06/08 01:52:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/08/30 22:45:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/14 15:25:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/10 17:28:43 | 000,000,000 | ---D | M]

[2011/11/14 15:26:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ani\AppData\Roaming\Mozilla\Extensions
[2011/12/10 09:26:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\925ffmb8.default\extensions
[2011/12/10 09:26:49 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\925ffmb8.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2012/01/10 17:28:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/01/10 17:28:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011/11/04 22:53:18 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/26 10:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011/11/04 19:21:03 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/04 19:21:03 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: facemoods (Enabled)
CHR - default_search_provider: search_url = http://start.facemoo...earchTerms}&f=4
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Ani\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Ani\AppData\Local\Google\Chrome\Application\17.0.963.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Ani\AppData\Local\Google\Chrome\Application\17.0.963.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Ani\AppData\Local\Google\Chrome\Application\17.0.963.46\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Exent\u00AE AOD Gecko Plugin (Enabled) = C:\Program Files (x86)\Free Ride Games\npExentCtl.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Best Buy pc app Detector (Enabled) = C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Earth Eternal (Enabled) = C:\Users\Ani\Documents\Earth Eternal\Earth Eternal\npSparkPlayerNS.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.4_0\
CHR - Extension: Google Search = C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: DivX HiQ = C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
CHR - Extension: Fantapper = C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgcjecomkebbohfjgmncelbhogbbokf\1.0.6_0\
CHR - Extension: Gmail = C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011/12/19 03:12:00 | 000,001,398 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 66.197.194.231 www.google-analytics.com.
O1 - Hosts: 66.197.194.231 ad-emea.doubleclick.net.
O1 - Hosts: 66.197.194.231 www.statcounter.com.
O1 - Hosts: 69.72.252.254 www.google-analytics.com.
O1 - Hosts: 69.72.252.254 ad-emea.doubleclick.net.
O1 - Hosts: 69.72.252.254 www.statcounter.com.
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3:64bit: - HKU\S-1-5-21-606387608-774257337-4196163694-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-606387608-774257337-4196163694-1001\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe (JME)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKU\.DEFAULT..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKU\S-1-5-18..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKU\S-1-5-21-606387608-774257337-4196163694-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-606387608-774257337-4196163694-1001..\Run: [NCsoft] File not found
O4 - HKU\S-1-5-21-606387608-774257337-4196163694-1001..\Run: [Raptr] C:\Program Files (x86)\Raptr\raptrstub.exe (Raptr, Inc)
O4 - HKU\S-1-5-21-606387608-774257337-4196163694-1001..\Run: [Speech Recognition] C:\windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-606387608-774257337-4196163694-1001..\Run: [Steam] H:\Programs\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-606387608-774257337-4196163694-1001..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED File not found
O4 - HKU\S-1-5-21-606387608-774257337-4196163694-1001..\Run: [Windows™ Updater] C:\Users\Ani\AppData\Local\Temp\smtp.gmail.com.exe File not found
O4 - HKU\.DEFAULT..\RunOnce: [Shockwave Updater] C:\windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1160626.exe (Adobe Systems, Inc.)
O4 - HKU\S-1-5-18..\RunOnce: [Shockwave Updater] C:\windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1160626.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Ani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Ani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-606387608-774257337-4196163694-1001\..Trusted Domains: mabinogi.or.tl ([]https in Trusted sites)
O15 - HKU\S-1-5-21-606387608-774257337-4196163694-1001\..Trusted Ranges: Range1979 ([http] in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} http://avatar.mabino....2010.05.24.cab (MabinogiWebAvatarRenderer Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...tel_4.5.3.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2AC4BD4D-D948-48EF-91EE-A114C86D30A1}: DhcpNameServer = 172.16.1.1 172.16.1.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C05C367-425E-4F1C-865C-4DFCECB7CD61}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{919082B8-F2AF-4D2B-8EDE-8F218E295C27}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96B50468-3ED7-4023-92A2-CF68DD7872AD}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA3B474C-5248-4A19-AD88-1CCFAFE0E8B2}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/29 14:44:07 | 000,000,088 | ---- | M] () - G:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/16 11:31:42 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/02/15 20:26:22 | 000,000,000 | ---D | C] -- C:\Users\Ani\AppData\Local\{10F3CD2E-660C-43FF-88BD-9F3A4CFA3787}
[2012/02/15 20:26:11 | 000,000,000 | ---D | C] -- C:\Users\Ani\AppData\Local\{2DFBD986-6322-4EBE-A12A-C3209E202B61}
[2012/02/14 13:56:06 | 000,000,000 | ---D | C] -- C:\windows\_ISTMP4.DIR
[2012/02/14 13:56:06 | 000,000,000 | ---D | C] -- C:\windows\_ISTMP3.DIR
[2012/02/14 13:56:06 | 000,000,000 | ---D | C] -- C:\windows\_ISTMP2.DIR
[2012/02/14 13:56:06 | 000,000,000 | ---D | C] -- C:\_ISTMP1.DIR
[2012/02/14 13:49:46 | 000,000,000 | ---D | C] -- C:\windows\solcache
[2012/02/14 13:46:52 | 000,118,784 | ---- | C] (Blizzard Entertainment) -- C:\windows\DiabUnin.exe
[2012/02/14 13:46:52 | 000,000,000 | ---D | C] -- C:\Users\Ani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo
[2012/02/14 13:46:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo
[2012/02/14 13:46:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo
[2012/02/13 16:06:29 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2012/02/13 16:06:29 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2012/02/13 16:06:29 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2012/02/13 16:06:22 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/13 16:05:29 | 004,403,246 | R--- | C] (Swearware) -- C:\Users\Ani\Desktop\ComboFix.exe
[2012/02/13 14:22:13 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/13 14:19:48 | 000,000,000 | ---D | C] -- C:\Users\Ani\Desktop\GooredFix Backups
[2012/02/13 14:19:26 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Users\Ani\Desktop\GooredFix.exe
[2012/02/13 14:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2012/02/13 14:18:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda USB Vaccine
[2012/02/13 14:18:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2012/02/12 14:10:13 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Users\Ani\Desktop\aswMBR.exe
[2012/02/12 11:52:31 | 000,000,000 | ---D | C] -- C:\Users\Ani\Desktop\AMW
[2012/02/12 11:52:12 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Ani\Desktop\OTL.exe
[2012/02/12 11:51:05 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2012/02/12 11:50:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/02/12 11:50:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012/02/09 20:06:57 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\windows\SysNative\hamachi.sys
[2012/02/09 20:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012/02/09 20:06:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012/02/09 19:54:24 | 000,000,000 | ---D | C] -- C:\Users\Ani\AppData\Roaming\ThuumicShouter
[2012/02/09 07:05:58 | 000,000,000 | ---D | C] -- C:\New folder
[2012/02/07 09:57:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ThuumicShouter
[2012/02/06 01:24:01 | 000,000,000 | ---D | C] -- C:\Users\Ani\Documents\majesty2
[2012/02/05 16:45:12 | 000,000,000 | ---D | C] -- C:\Users\Ani\AppData\Roaming\ExodusViewer
[2012/02/05 16:45:11 | 000,000,000 | ---D | C] -- C:\Users\Ani\AppData\Local\ExodusViewer
[2012/02/05 16:17:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exodus Viewer Beta
[2012/02/05 16:15:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ExodusViewerBeta
[2012/02/05 13:31:14 | 000,000,000 | ---D | C] -- C:\Users\Ani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1C
[2012/02/05 13:31:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C
[2012/02/05 13:31:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1C
[2012/01/31 04:49:17 | 000,000,000 | ---D | C] -- C:\Users\Ani\Desktop\alduins fos_data
[2012/01/31 04:46:19 | 000,000,000 | ---D | C] -- C:\Users\Ani\Desktop\Alduins yol_data
[2012/01/31 04:43:47 | 000,000,000 | ---D | C] -- C:\Users\Ani\Desktop\Alduin's shadow voice_data
[2012/01/27 19:22:06 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\gidget_you_creepy_puppy
[2012/01/27 19:08:10 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\gidgetandamber_withboy
[2012/01/27 19:02:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\storage dogs
[2012/01/27 19:00:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\poor amber derp
[2012/01/25 01:11:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infogrames Interactive
[2012/01/25 01:11:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Infogrames Interactive
[2012/01/25 00:45:54 | 000,000,000 | ---D | C] -- C:\Users\Ani\Documents\Downloads
[2012/01/21 19:52:33 | 000,000,000 | ---D | C] -- C:\Users\Ani\AppData\Roaming\Mumble
[2012/01/21 19:52:32 | 000,000,000 | ---D | C] -- C:\Users\Ani\AppData\Local\Mumble
[2012/01/21 19:52:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
[2012/01/21 19:52:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mumble

========== Files - Modified Within 30 Days ==========

[2012/02/16 15:07:33 | 000,017,952 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/16 15:07:33 | 000,017,952 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/16 15:06:09 | 000,792,890 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/02/16 15:06:09 | 000,669,210 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/02/16 15:06:09 | 000,125,396 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/02/16 15:00:15 | 000,000,888 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/16 15:00:00 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/02/16 14:59:55 | 2028,277,759 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/16 14:36:00 | 000,000,892 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/16 14:23:00 | 000,000,900 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-606387608-774257337-4196163694-1001UA.job
[2012/02/16 11:28:14 | 000,000,024 | ---- | M] () -- C:\Users\Ani\jagexappletviewer.preferences
[2012/02/16 11:27:24 | 000,000,040 | ---- | M] () -- C:\Users\Ani\jagex_cl_runescape_LIVE.dat
[2012/02/16 10:29:19 | 000,204,192 | ---- | M] () -- C:\Users\Public\Documents\Cruentus Badge 2.jpg
[2012/02/16 03:25:48 | 000,320,640 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/02/15 18:00:00 | 000,000,496 | ---- | M] () -- C:\windows\tasks\PC Unleashed Registration3.job
[2012/02/15 16:23:00 | 000,000,848 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-606387608-774257337-4196163694-1001Core.job
[2012/02/15 11:31:46 | 000,000,402 | ---- | M] () -- C:\windows\tasks\PC Unleashed.job
[2012/02/15 11:31:36 | 000,000,398 | -H-- | M] () -- C:\windows\tasks\Norton Security Scan for Ani.job
[2012/02/15 02:46:02 | 000,000,458 | ---- | M] () -- C:\windows\tasks\PC Unleashed Update Version3.job
[2012/02/14 18:18:07 | 000,007,044 | ---- | M] () -- C:\windows\DiabUnin.dat
[2012/02/14 13:46:52 | 000,118,784 | ---- | M] (Blizzard Entertainment) -- C:\windows\DiabUnin.exe
[2012/02/14 13:46:52 | 000,002,829 | ---- | M] () -- C:\windows\DiabUnin.pif
[2012/02/14 12:24:37 | 000,730,496 | ---- | M] () -- C:\Users\Public\Documents\screenshot_120130-10-47-13.jpg
[2012/02/13 22:09:22 | 000,002,285 | ---- | M] () -- C:\Users\Ani\Desktop\blip.jpg
[2012/02/13 22:08:40 | 000,000,087 | ---- | M] () -- C:\Users\Ani\Desktop\blip.png
[2012/02/13 21:29:21 | 000,001,182 | ---- | M] () -- C:\Users\Ani\Desktop\ Mabinogi .lnk
[2012/02/13 16:05:32 | 004,403,246 | R--- | M] (Swearware) -- C:\Users\Ani\Desktop\ComboFix.exe
[2012/02/13 14:21:48 | 000,457,734 | ---- | M] () -- C:\Users\Ani\AppData\Roaming\Java
[2012/02/13 14:19:21 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Users\Ani\Desktop\GooredFix.exe
[2012/02/13 14:17:21 | 000,823,346 | ---- | M] () -- C:\Users\Ani\Desktop\USBVaccine.zip
[2012/02/12 14:12:52 | 689,869,768 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/02/12 14:10:48 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Users\Ani\Desktop\aswMBR.exe
[2012/02/12 11:52:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Ani\Desktop\OTL.exe
[2012/02/12 11:50:50 | 000,001,104 | ---- | M] () -- C:\Users\Ani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/02/12 11:50:45 | 000,000,924 | ---- | M] () -- C:\Users\Ani\Desktop\NTREGOPT.lnk
[2012/02/12 11:50:45 | 000,000,905 | ---- | M] () -- C:\Users\Ani\Desktop\ERUNT.lnk
[2012/02/10 04:08:39 | 000,000,420 | ---- | M] () -- C:\windows\tasks\PC Unleashed Defrag.job
[2012/02/09 20:04:17 | 000,514,183 | ---- | M] () -- C:\Users\Ani\AppData\Roaming\key
[2012/02/09 19:54:25 | 000,001,099 | ---- | M] () -- C:\Users\Public\Desktop\ThuumicShouter.lnk
[2012/02/09 05:23:43 | 000,002,349 | ---- | M] () -- C:\Users\Ani\Desktop\Google Chrome.lnk
[2012/02/08 08:14:41 | 000,000,211 | ---- | M] () -- C:\Users\Ani\Desktop\Creation Kit.url
[2012/02/06 16:06:43 | 001,399,109 | ---- | M] () -- C:\Users\Ani\Desktop\CrescentJulian.png
[2012/02/06 11:16:51 | 000,707,487 | ---- | M] () -- C:\Users\Ani\Desktop\Dream.png
[2012/02/05 16:17:35 | 000,001,163 | ---- | M] () -- C:\Users\Public\Desktop\Exodus Viewer Beta.lnk
[2012/02/05 16:12:44 | 001,525,803 | ---- | M] () -- C:\Users\Public\Documents\Dark Dru_001.png
[2012/02/05 13:31:14 | 000,000,876 | ---- | M] () -- C:\Users\Ani\Desktop\Majesty 2.lnk
[2012/02/05 12:25:58 | 002,663,996 | ---- | M] () -- C:\Users\Public\Documents\uhm_001.png
[2012/01/31 04:49:17 | 000,001,342 | ---- | M] () -- C:\Users\Ani\Desktop\alduins fos.aup
[2012/01/31 04:49:09 | 000,166,796 | ---- | M] () -- C:\Users\Ani\Desktop\Alduin's shadow 'Fo' Test.wav
[2012/01/31 04:47:11 | 000,228,556 | ---- | M] () -- C:\Users\Ani\Desktop\Alduin's Shadow 'Yol' Test.wav
[2012/01/31 04:46:19 | 000,001,340 | ---- | M] () -- C:\Users\Ani\Desktop\Alduins yol.aup
[2012/01/31 04:43:47 | 000,000,899 | ---- | M] () -- C:\Users\Ani\Desktop\Alduin's shadow voice.aup
[2012/01/31 04:39:57 | 000,197,676 | ---- | M] () -- C:\Users\Ani\Desktop\Alduin's shadow 'Fus' Test.wav
[2012/01/31 04:23:49 | 000,395,360 | ---- | M] () -- C:\Users\Ani\Desktop\monstertest.wav
[2012/01/31 03:12:37 | 000,786,614 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/01/30 05:20:06 | 000,002,369 | ---- | M] () -- C:\Users\Public\Desktop\Shortcut to MajX.exe.lnk
[2012/01/28 03:31:02 | 000,005,830 | ---- | M] () -- C:\Users\Public\Documents\New Skyrim Monsters Mod - Documentation.rtf
[2012/01/27 19:21:32 | 001,295,162 | ---- | M] () -- C:\Users\Public\Documents\gidget_you_creepy_puppy.zip
[2012/01/27 19:21:21 | 000,135,510 | ---- | M] () -- C:\Users\Public\Documents\Picture 13.png
[2012/01/27 19:21:19 | 000,139,469 | ---- | M] () -- C:\Users\Ani\Picture 14.png
[2012/01/27 19:21:18 | 000,110,503 | ---- | M] () -- C:\Users\Ani\Picture 15.png
[2012/01/27 19:21:14 | 000,138,366 | ---- | M] () -- C:\Users\Ani\Picture 8.png
[2012/01/27 19:21:14 | 000,122,068 | ---- | M] () -- C:\Users\Ani\Picture 9.png
[2012/01/27 19:21:13 | 000,132,947 | ---- | M] () -- C:\Users\Ani\Picture 7.png
[2012/01/27 19:12:10 | 000,187,140 | ---- | M] () -- C:\Users\Public\Documents\sleepyscruff.png
[2012/01/27 19:11:16 | 000,166,221 | ---- | M] () -- C:\Users\Public\Documents\omg epic face jerr.png
[2012/01/27 19:11:07 | 000,164,889 | ---- | M] () -- C:\Users\Ani\a boy with eyes full of character 2.png
[2012/01/27 19:11:06 | 000,145,402 | ---- | M] () -- C:\Users\Ani\a boy with eyes full of character1.png
[2012/01/27 19:11:04 | 000,147,660 | ---- | M] () -- C:\Users\Public\Documents\most_disatisfied_face_ever.png
[2012/01/27 19:09:13 | 000,167,792 | ---- | M] () -- C:\Users\Ani\goofball1.png
[2012/01/27 19:09:13 | 000,165,610 | ---- | M] () -- C:\Users\Ani\goofball2.png
[2012/01/27 19:08:40 | 000,109,595 | ---- | M] () -- C:\Users\Ani\gidget fluff x3.png
[2012/01/27 19:08:39 | 000,181,110 | ---- | M] () -- C:\Users\Ani\gidget on face 1.png
[2012/01/27 19:08:39 | 000,158,435 | ---- | M] () -- C:\Users\Ani\gidget on face 2.png
[2012/01/27 19:08:39 | 000,155,697 | ---- | M] () -- C:\Users\Ani\gidget8.png
[2012/01/27 19:08:39 | 000,154,501 | ---- | M] () -- C:\Users\Ani\gidgt attack1.png
[2012/01/27 19:08:39 | 000,152,600 | ---- | M] () -- C:\Users\Ani\gidget7.png
[2012/01/27 19:08:39 | 000,142,954 | ---- | M] () -- C:\Users\Ani\gidget2.png
[2012/01/27 19:08:39 | 000,134,673 | ---- | M] () -- C:\Users\Ani\gidget4.png
[2012/01/27 19:08:39 | 000,130,663 | ---- | M] () -- C:\Users\Ani\gidget on face 3.png
[2012/01/27 19:08:39 | 000,098,506 | ---- | M] () -- C:\Users\Ani\gidget like dead asleep.png
[2012/01/27 19:08:37 | 000,052,470 | ---- | M] () -- C:\Users\Ani\gidget1.png
[2012/01/27 19:07:49 | 000,544,900 | ---- | M] () -- C:\Users\Public\Documents\gidgetandamber_withboy.zip
[2012/01/27 19:07:46 | 000,153,193 | ---- | M] () -- C:\Users\Public\Documents\gidget 5.png
[2012/01/27 19:02:44 | 000,219,072 | ---- | M] () -- C:\Users\Public\Documents\1gidg.jpg
[2012/01/27 19:02:00 | 002,361,891 | ---- | M] () -- C:\Users\Public\Documents\storage dogs.zip
[2012/01/27 19:00:12 | 001,275,437 | ---- | M] () -- C:\Users\Public\Documents\poor amber derp.zip
[2012/01/27 18:59:44 | 000,137,614 | ---- | M] () -- C:\Users\Public\Documents\youre kidding me.png
[2012/01/27 18:59:39 | 000,122,305 | ---- | M] () -- C:\Users\Public\Documents\gidget hoagie.png
[2012/01/27 18:59:12 | 000,158,289 | ---- | M] () -- C:\Users\Public\Documents\how did that get inyour mouth.png
[2012/01/27 18:59:07 | 000,096,744 | ---- | M] () -- C:\Users\Public\Documents\amber says nothing.png
[2012/01/27 18:58:39 | 000,090,866 | ---- | M] () -- C:\Users\Public\Documents\gidget says shutup.png
[2012/01/27 18:57:58 | 000,082,973 | ---- | M] () -- C:\Users\Public\Documents\this is the face of a dog who just got hit on the head by a water bottle.png
[2012/01/27 18:57:56 | 000,158,604 | ---- | M] () -- C:\Users\Public\Documents\amber_belly.png
[2012/01/26 10:55:35 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/01/26 08:34:45 | 000,417,879 | ---- | M] () -- C:\Users\Ani\Desktop\lootz.png
[2012/01/26 06:07:00 | 000,013,963 | ---- | M] () -- C:\Users\Ani\.recently-used.xbel
[2012/01/25 01:23:13 | 000,000,000 | ---- | M] () -- C:\windows\PowerReg.dat
[2012/01/25 01:23:12 | 000,002,415 | ---- | M] () -- C:\Users\Public\Desktop\Shortcut to Majesty.exe.lnk
[2012/01/25 01:22:49 | 000,673,325 | ---- | M] () -- C:\Users\Public\Documents\Snapshot_018.png
[2012/01/24 22:45:44 | 000,530,763 | ---- | M] () -- C:\Users\Public\Documents\Snapshot_017.png
[2012/01/21 22:33:57 | 002,102,841 | ---- | M] () -- C:\Users\Public\Documents\Snapshot_016.png
[2012/01/21 22:33:51 | 002,179,901 | ---- | M] () -- C:\Users\Public\Documents\Snapshot_015.png
[2012/01/21 22:32:48 | 000,485,319 | ---- | M] () -- C:\Users\Public\Documents\Snapshot_014.png
[2012/01/21 22:32:37 | 000,453,072 | ---- | M] () -- C:\Users\Public\Documents\Snapshot_013.png
[2012/01/21 20:02:22 | 000,002,380 | ---- | M] () -- C:\Users\Ani\Documents\MumbleAutomaticCertificateBackup.p12
[2012/01/21 19:52:12 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Mumble.lnk
[2012/01/21 19:28:34 | 001,229,082 | ---- | M] () -- C:\Users\Public\Documents\Snapshot_011.png
[2012/01/21 19:28:13 | 002,174,747 | ---- | M] () -- C:\Users\Public\Documents\Snapshot_012.png
[2012/01/20 19:17:11 | 001,551,307 | ---- | M] () -- C:\Users\Public\Documents\Snapshot_008.png
[2012/01/20 14:19:29 | 000,046,546 | ---- | M] () -- C:\Users\Ani\Desktop\Spoutcraft (3).jar
[2012/01/18 23:44:31 | 001,649,157 | ---- | M] () -- C:\Users\Public\Documents\Snapshot_006.png
[2012/01/18 21:23:54 | 001,721,098 | ---- | M] () -- C:\Users\Public\Documents\Snapshot_003.png
[2012/01/18 21:23:13 | 001,255,433 | ---- | M] () -- C:\Users\Public\Documents\Snapshot_002.png

========== Files Created - No Company Name ==========

[2012/02/16 10:29:08 | 000,204,192 | ---- | C] () -- C:\Users\Public\Documents\Cruentus Badge 2.jpg
[2012/02/14 13:46:52 | 000,002,829 | ---- | C] () -- C:\windows\DiabUnin.pif
[2012/02/14 13:46:46 | 000,007,044 | ---- | C] () -- C:\windows\DiabUnin.dat
[2012/02/14 12:24:22 | 000,730,496 | ---- | C] () -- C:\Users\Public\Documents\screenshot_120130-10-47-13.jpg
[2012/02/13 22:09:21 | 000,002,285 | ---- | C] () -- C:\Users\Ani\Desktop\blip.jpg
[2012/02/13 22:08:40 | 000,000,087 | ---- | C] () -- C:\Users\Ani\Desktop\blip.png
[2012/02/13 16:06:29 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012/02/13 16:06:29 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012/02/13 16:06:29 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012/02/13 16:06:29 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012/02/13 16:06:29 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012/02/13 14:17:20 | 000,823,346 | ---- | C] () -- C:\Users\Ani\Desktop\USBVaccine.zip
[2012/02/12 11:50:50 | 000,001,104 | ---- | C] () -- C:\Users\Ani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/02/12 11:50:45 | 000,000,924 | ---- | C] () -- C:\Users\Ani\Desktop\NTREGOPT.lnk
[2012/02/12 11:50:45 | 000,000,905 | ---- | C] () -- C:\Users\Ani\Desktop\ERUNT.lnk
[2012/02/08 08:14:41 | 000,000,211 | ---- | C] () -- C:\Users\Ani\Desktop\Creation Kit.url
[2012/02/07 11:13:07 | 000,514,183 | ---- | C] () -- C:\Users\Ani\AppData\Roaming\key
[2012/02/07 09:57:31 | 000,001,099 | ---- | C] () -- C:\Users\Public\Desktop\ThuumicShouter.lnk
[2012/02/06 16:06:33 | 001,399,109 | ---- | C] () -- C:\Users\Ani\Desktop\CrescentJulian.png
[2012/02/06 11:16:45 | 000,707,487 | ---- | C] () -- C:\Users\Ani\Desktop\Dream.png
[2012/02/05 16:17:35 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\Exodus Viewer Beta.lnk
[2012/02/05 16:11:50 | 001,525,803 | ---- | C] () -- C:\Users\Public\Documents\Dark Dru_001.png
[2012/02/05 13:31:14 | 000,000,876 | ---- | C] () -- C:\Users\Ani\Desktop\Majesty 2.lnk
[2012/02/05 12:25:10 | 002,663,996 | ---- | C] () -- C:\Users\Public\Documents\uhm_001.png
[2012/02/04 04:13:02 | 000,457,734 | ---- | C] () -- C:\Users\Ani\AppData\Roaming\Java
[2012/01/31 04:49:17 | 000,001,342 | ---- | C] () -- C:\Users\Ani\Desktop\alduins fos.aup
[2012/01/31 04:49:09 | 000,166,796 | ---- | C] () -- C:\Users\Ani\Desktop\Alduin's shadow 'Fo' Test.wav
[2012/01/31 04:46:30 | 000,228,556 | ---- | C] () -- C:\Users\Ani\Desktop\Alduin's Shadow 'Yol' Test.wav
[2012/01/31 04:46:19 | 000,001,340 | ---- | C] () -- C:\Users\Ani\Desktop\Alduins yol.aup
[2012/01/31 04:43:47 | 000,000,899 | ---- | C] () -- C:\Users\Ani\Desktop\Alduin's shadow voice.aup
[2012/01/31 04:35:35 | 000,197,676 | ---- | C] () -- C:\Users\Ani\Desktop\Alduin's shadow 'Fus' Test.wav
[2012/01/31 04:23:49 | 000,395,360 | ---- | C] () -- C:\Users\Ani\Desktop\monstertest.wav
[2012/01/27 20:11:44 | 000,005,830 | ---- | C] () -- C:\Users\Public\Documents\New Skyrim Monsters Mod - Documentation.rtf
[2012/01/27 19:21:22 | 001,295,162 | ---- | C] () -- C:\Users\Public\Documents\gidget_you_creepy_puppy.zip
[2012/01/27 19:21:19 | 000,135,510 | ---- | C] () -- C:\Users\Public\Documents\Picture 13.png
[2012/01/27 19:21:16 | 000,139,469 | ---- | C] () -- C:\Users\Ani\Picture 14.png
[2012/01/27 19:21:16 | 000,110,503 | ---- | C] () -- C:\Users\Ani\Picture 15.png
[2012/01/27 19:21:12 | 000,138,366 | ---- | C] () -- C:\Users\Ani\Picture 8.png
[2012/01/27 19:21:12 | 000,132,947 | ---- | C] () -- C:\Users\Ani\Picture 7.png
[2012/01/27 19:21:12 | 000,122,068 | ---- | C] () -- C:\Users\Ani\Picture 9.png
[2012/01/27 19:12:09 | 000,187,140 | ---- | C] () -- C:\Users\Public\Documents\sleepyscruff.png
[2012/01/27 19:11:14 | 000,166,221 | ---- | C] () -- C:\Users\Public\Documents\omg epic face jerr.png
[2012/01/27 19:11:05 | 000,164,889 | ---- | C] () -- C:\Users\Ani\a boy with eyes full of character 2.png
[2012/01/27 19:11:05 | 000,145,402 | ---- | C] () -- C:\Users\Ani\a boy with eyes full of character1.png
[2012/01/27 19:11:02 | 000,147,660 | ---- | C] () -- C:\Users\Public\Documents\most_disatisfied_face_ever.png
[2012/01/27 19:09:11 | 000,167,792 | ---- | C] () -- C:\Users\Ani\goofball1.png
[2012/01/27 19:09:11 | 000,165,610 | ---- | C] () -- C:\Users\Ani\goofball2.png
[2012/01/27 19:08:36 | 000,181,110 | ---- | C] () -- C:\Users\Ani\gidget on face 1.png
[2012/01/27 19:08:36 | 000,158,435 | ---- | C] () -- C:\Users\Ani\gidget on face 2.png
[2012/01/27 19:08:36 | 000,155,697 | ---- | C] () -- C:\Users\Ani\gidget8.png
[2012/01/27 19:08:36 | 000,154,501 | ---- | C] () -- C:\Users\Ani\gidgt attack1.png
[2012/01/27 19:08:36 | 000,152,600 | ---- | C] () -- C:\Users\Ani\gidget7.png
[2012/01/27 19:08:36 | 000,142,954 | ---- | C] () -- C:\Users\Ani\gidget2.png
[2012/01/27 19:08:36 | 000,134,673 | ---- | C] () -- C:\Users\Ani\gidget4.png
[2012/01/27 19:08:36 | 000,130,663 | ---- | C] () -- C:\Users\Ani\gidget on face 3.png
[2012/01/27 19:08:36 | 000,109,595 | ---- | C] () -- C:\Users\Ani\gidget fluff x3.png
[2012/01/27 19:08:36 | 000,098,506 | ---- | C] () -- C:\Users\Ani\gidget like dead asleep.png
[2012/01/27 19:08:36 | 000,052,470 | ---- | C] () -- C:\Users\Ani\gidget1.png
[2012/01/27 19:07:46 | 000,544,900 | ---- | C] () -- C:\Users\Public\Documents\gidgetandamber_withboy.zip
[2012/01/27 19:07:44 | 000,153,193 | ---- | C] () -- C:\Users\Public\Documents\gidget 5.png
[2012/01/27 19:02:42 | 000,219,072 | ---- | C] () -- C:\Users\Public\Documents\1gidg.jpg
[2012/01/27 19:01:51 | 002,361,891 | ---- | C] () -- C:\Users\Public\Documents\storage dogs.zip
[2012/01/27 19:00:05 | 001,275,437 | ---- | C] () -- C:\Users\Public\Documents\poor amber derp.zip
[2012/01/27 18:59:41 | 000,137,614 | ---- | C] () -- C:\Users\Public\Documents\youre kidding me.png
[2012/01/27 18:59:38 | 000,122,305 | ---- | C] () -- C:\Users\Public\Documents\gidget hoagie.png
[2012/01/27 18:59:11 | 000,158,289 | ---- | C] () -- C:\Users\Public\Documents\how did that get inyour mouth.png
[2012/01/27 18:59:06 | 000,096,744 | ---- | C] () -- C:\Users\Public\Documents\amber says nothing.png
[2012/01/27 18:58:37 | 000,090,866 | ---- | C] () -- C:\Users\Public\Documents\gidget says shutup.png
[2012/01/27 18:57:58 | 000,082,973 | ---- | C] () -- C:\Users\Public\Documents\this is the face of a dog who just got hit on the head by a water bottle.png
[2012/01/27 18:57:54 | 000,158,604 | ---- | C] () -- C:\Users\Public\Documents\amber_belly.png
[2012/01/26 08:34:43 | 000,417,879 | ---- | C] () -- C:\Users\Ani\Desktop\lootz.png
[2012/01/26 06:07:00 | 000,013,963 | ---- | C] () -- C:\Users\Ani\.recently-used.xbel
[2012/01/25 01:23:13 | 000,000,000 | ---- | C] () -- C:\windows\PowerReg.dat
[2012/01/25 01:23:12 | 000,002,415 | ---- | C] () -- C:\Users\Public\Desktop\Shortcut to Majesty.exe.lnk
[2012/01/25 01:23:12 | 000,002,369 | ---- | C] () -- C:\Users\Public\Desktop\Shortcut to MajX.exe.lnk
[2012/01/25 01:22:36 | 000,673,325 | ---- | C] () -- C:\Users\Public\Documents\Snapshot_018.png
[2012/01/24 22:45:32 | 000,530,763 | ---- | C] () -- C:\Users\Public\Documents\Snapshot_017.png
[2012/01/21 22:32:31 | 002,102,841 | ---- | C] () -- C:\Users\Public\Documents\Snapshot_016.png
[2012/01/21 22:32:28 | 002,179,901 | ---- | C] () -- C:\Users\Public\Documents\Snapshot_015.png
[2012/01/21 22:32:26 | 000,485,319 | ---- | C] () -- C:\Users\Public\Documents\Snapshot_014.png
[2012/01/21 22:32:24 | 000,453,072 | ---- | C] () -- C:\Users\Public\Documents\Snapshot_013.png
[2012/01/21 20:02:22 | 000,002,380 | ---- | C] () -- C:\Users\Ani\Documents\MumbleAutomaticCertificateBackup.p12
[2012/01/21 19:52:12 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Mumble.lnk
[2012/01/21 19:28:09 | 001,229,082 | ---- | C] () -- C:\Users\Public\Documents\Snapshot_011.png
[2012/01/21 19:27:33 | 002,174,747 | ---- | C] () -- C:\Users\Public\Documents\Snapshot_012.png
[2012/01/20 14:19:28 | 000,046,546 | ---- | C] () -- C:\Users\Ani\Desktop\Spoutcraft (3).jar
[2012/01/04 07:17:59 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/10/17 05:30:21 | 000,000,091 | ---- | C] () -- C:\Users\Ani\AppData\Local\fusioncache.dat
[2011/10/16 19:42:43 | 000,786,614 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/10/05 06:21:58 | 000,233,472 | ---- | C] () -- C:\windows\SysWow64\lame_enc.dll
[2011/09/30 04:47:40 | 000,000,024 | ---- | C] () -- C:\windows\SysWow64\sysogg.dll
[2011/09/26 15:45:52 | 000,175,616 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
[2011/09/22 09:08:56 | 003,902,976 | ---- | C] () -- C:\windows\SysWow64\ffmpeg.dll
[2011/09/01 14:46:06 | 000,123,752 | -H-- | C] () -- C:\windows\SysWow64\mlfcache.dat
[2011/09/01 14:26:01 | 000,230,752 | ---- | C] () -- C:\windows\patchw32.dll
[2011/09/01 14:26:00 | 000,118,176 | ---- | C] () -- C:\windows\patchw.dll
[2011/09/01 14:01:36 | 000,000,064 | ---- | C] () -- C:\windows\GPlrLanc.dat
[2011/08/31 20:10:39 | 000,000,268 | ---- | C] () -- C:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/08/31 18:51:16 | 000,216,000 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2011/08/31 18:46:00 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2011/08/22 11:07:48 | 000,074,752 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
[2011/08/22 11:07:02 | 000,158,208 | ---- | C] () -- C:\windows\SysWow64\ff_unrar.dll
[2011/08/22 11:07:00 | 000,259,584 | ---- | C] () -- C:\windows\SysWow64\TomsMoComp_ff.dll
[2011/08/22 11:06:30 | 001,524,224 | ---- | C] () -- C:\windows\SysWow64\ff_samplerate.dll
[2011/08/22 11:06:30 | 000,211,456 | ---- | C] () -- C:\windows\SysWow64\ff_libdts.dll
[2011/08/22 11:06:30 | 000,097,280 | ---- | C] () -- C:\windows\SysWow64\ff_wmv9.dll
[2011/08/22 11:06:28 | 000,327,680 | ---- | C] () -- C:\windows\SysWow64\ff_libfaad2.dll
[2011/08/22 11:06:28 | 000,113,664 | ---- | C] () -- C:\windows\SysWow64\ff_liba52.dll
[2011/08/22 11:06:26 | 000,145,920 | ---- | C] () -- C:\windows\SysWow64\ff_libmad.dll
[2011/08/22 11:06:26 | 000,136,704 | ---- | C] () -- C:\windows\SysWow64\libmpeg2_ff.dll
[2011/08/11 03:02:51 | 000,004,096 | ---- | C] () -- C:\windows\d3dx.dat
[2011/08/01 18:30:08 | 000,000,285 | ---- | C] () -- C:\windows\EReg072.dat
[2011/07/06 22:16:28 | 000,012,288 | ---- | C] () -- C:\Users\Ani\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/30 05:42:50 | 000,240,640 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
[2011/05/22 23:46:30 | 000,645,632 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2011/04/28 01:43:03 | 000,000,193 | ---- | C] () -- C:\windows\WORDPAD.INI
[2011/04/10 18:04:11 | 000,000,020 | ---- | C] () -- C:\windows\SysWow64\EDAT.INI
[2011/03/20 21:13:39 | 000,000,023 | ---- | C] () -- C:\windows\BlendSettings.ini
[2011/03/19 02:16:26 | 000,000,056 | -H-- | C] () -- C:\windows\SysWow64\ezsidmv.dat
[2011/03/06 20:50:36 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2011/03/06 20:25:44 | 013,903,872 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2011/03/03 03:40:08 | 000,150,528 | ---- | C] () -- C:\windows\SysWow64\mkx.dll
[2011/03/03 03:39:56 | 000,109,568 | ---- | C] () -- C:\windows\SysWow64\avi.dll
[2011/03/03 03:39:46 | 000,141,824 | ---- | C] () -- C:\windows\SysWow64\mp4.dll
[2011/03/03 03:39:34 | 000,123,392 | ---- | C] () -- C:\windows\SysWow64\ogm.dll
[2011/03/03 03:39:02 | 000,113,152 | ---- | C] () -- C:\windows\SysWow64\dsmux.exe
[2011/03/03 03:38:54 | 000,154,112 | ---- | C] () -- C:\windows\SysWow64\ts.dll
[2011/03/03 03:38:40 | 000,249,856 | ---- | C] () -- C:\windows\SysWow64\dxr.dll
[2011/03/03 03:38:10 | 000,097,792 | ---- | C] () -- C:\windows\SysWow64\avs.dll
[2011/03/03 03:38:04 | 000,137,728 | ---- | C] () -- C:\windows\SysWow64\mkv2vfr.exe
[2011/03/03 03:37:50 | 000,093,184 | ---- | C] () -- C:\windows\SysWow64\avss.dll
[2011/03/03 03:37:40 | 000,358,400 | ---- | C] () -- C:\windows\SysWow64\gdsmux.exe
[2011/03/03 03:35:32 | 000,080,384 | ---- | C] () -- C:\windows\SysWow64\mkzlib.dll
[2011/03/03 03:35:26 | 000,024,576 | ---- | C] () -- C:\windows\SysWow64\mkunicode.dll
[2011/01/19 06:16:55 | 000,000,023 | ---- | C] () -- C:\windows\SysWow64\drivers\psn.dat
[2011/01/17 16:15:41 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/01/17 16:09:45 | 000,201,728 | ---- | C] () -- C:\windows\SetDrive.exe
[2011/01/17 16:09:45 | 000,036,864 | ---- | C] () -- C:\windows\WinWait.exe
[2010/11/19 02:22:29 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2010/08/18 11:56:38 | 000,000,151 | ---- | C] () -- C:\windows\SysWow64\Registration.ini
[2009/08/11 13:21:26 | 000,087,552 | ---- | C] () -- C:\windows\SysWow64\ac3config.exe
[2009/08/11 13:21:20 | 001,021,440 | ---- | C] () -- C:\windows\SysWow64\ac3filter_intl.dll
[2009/07/26 13:07:52 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2009/07/13 21:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/13 18:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009/07/13 18:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009/07/13 16:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009/06/10 13:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2008/10/22 04:29:06 | 000,173,550 | ---- | C] () -- C:\windows\SysWow64\xlive.dll.cat
[2006/03/03 20:52:00 | 000,088,576 | ---- | C] () -- C:\windows\SysWow64\OptimFROG.dll

========== LOP Check ==========

[2012/01/20 19:30:58 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\.minecraft
[2011/12/23 08:41:10 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\.purple
[2012/02/03 02:25:33 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\.spoutcraft
[2011/09/02 06:18:11 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\.spoutcraftLogs
[2011/12/10 16:57:53 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\AtomZombieData
[2012/02/01 09:19:18 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\Audacity
[2011/12/30 15:17:55 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\Avnex
[2011/09/23 15:10:13 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\Blender Foundation
[2011/12/13 17:59:34 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\Braid
[2011/08/11 03:02:52 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\Broken Rules
[2011/09/01 14:45:08 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\com.w3i.fliptoast
[2011/08/08 21:22:49 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\Crayon Physics Deluxe
[2011/08/01 18:25:50 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\DAEMON Tools Lite
[2011/09/19 12:32:57 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\DAZ 3D
[2011/10/18 07:41:54 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\DriverCure
[2011/03/25 10:02:21 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\DVDVideoSoft
[2011/09/26 14:34:07 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\Dyyno
[2011/09/01 14:04:43 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\Exent Technologies
[2012/02/05 16:45:28 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\ExodusViewer
[2011/11/16 02:18:33 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\Firestorm
[2012/01/14 11:04:00 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\foobar2000
[2012/01/25 00:46:20 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\GetRightToGo
[2011/07/13 06:20:50 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\go
[2012/01/26 06:07:00 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\gtk-2.0
[2011/10/08 20:05:55 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\IMVU
[2011/09/14 11:38:02 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\IMVUClient
[2012/02/16 12:50:31 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\Mumble
[2011/05/11 02:59:28 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\OpenOffice.org
[2011/07/20 18:06:19 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\Paltalk
[2011/10/18 07:41:54 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\PC Unleashed Online
[2012/02/16 15:01:57 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\Raptr
[2011/09/19 13:03:30 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\Screaming Bee
[2011/12/14 20:24:28 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\ScummVM
[2012/02/16 10:09:23 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\SecondLife
[2011/03/14 01:02:17 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\Subversion
[2012/02/15 18:23:22 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\SystemRequirementsLab
[2011/06/27 19:13:50 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\TeamViewer
[2012/02/09 19:54:25 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\ThuumicShouter
[2012/02/16 12:17:54 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\uTorrent
[2011/09/01 14:44:53 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\W3i, LLC
[2011/09/06 04:59:34 | 000,000,000 | ---D | M] -- C:\Users\Ani\AppData\Roaming\Windows Live Writer
[2012/02/10 04:08:39 | 000,000,420 | ---- | M] () -- C:\windows\Tasks\PC Unleashed Defrag.job
[2012/02/15 18:00:00 | 000,000,496 | ---- | M] () -- C:\windows\Tasks\PC Unleashed Registration3.job
[2012/02/15 02:46:02 | 000,000,458 | ---- | M] () -- C:\windows\Tasks\PC Unleashed Update Version3.job
[2012/02/15 11:31:46 | 000,000,402 | ---- | M] () -- C:\windows\Tasks\PC Unleashed.job
[2012/01/31 03:04:21 | 000,032,572 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >





MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Lenovo
BIOS Manufacturer: LENOVO
System Manufacturer: Lenovo
System Product Name: Ideacentre K330A
Logical Drives Mask: 0x000001fc

Kernel Drivers (total 156):
0x03650000 \SystemRoot\system32\ntoskrnl.exe
0x03607000 \SystemRoot\system32\hal.dll
0x00BC5000 \SystemRoot\system32\kdcom.dll
0x00CF4000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D38000 \SystemRoot\system32\PSHED.dll
0x00D4C000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00E0F000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EB3000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00EC2000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00F19000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00F22000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00F2C000 \SystemRoot\system32\DRIVERS\pci.sys
0x00F5F000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00F6C000 \SystemRoot\System32\drivers\partmgr.sys
0x00F81000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00F96000 \SystemRoot\System32\drivers\volmgrx.sys
0x00CC0000 \SystemRoot\System32\drivers\mountmgr.sys
0x00FF2000 \SystemRoot\system32\DRIVERS\atapi.sys
0x00DAA000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x00E00000 \SystemRoot\system32\DRIVERS\msahci.sys
0x00DD4000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x00DE4000 \SystemRoot\system32\drivers\amdxata.sys
0x01017000 \SystemRoot\system32\drivers\fltmgr.sys
0x01063000 \SystemRoot\system32\drivers\fileinfo.sys
0x01221000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01077000 \SystemRoot\System32\Drivers\msrpc.sys
0x013C3000 \SystemRoot\System32\Drivers\ksecdd.sys
0x010D5000 \SystemRoot\System32\Drivers\cng.sys
0x013DD000 \SystemRoot\System32\drivers\pcw.sys
0x013EE000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x0145C000 \SystemRoot\system32\drivers\ndis.sys
0x0154E000 \SystemRoot\system32\drivers\NETIO.SYS
0x015AE000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01400000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x0144C000 \SystemRoot\System32\Drivers\spldr.sys
0x01148000 \SystemRoot\System32\drivers\rdyboost.sys
0x015D9000 \SystemRoot\System32\Drivers\mup.sys
0x015EB000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01182000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01200000 \SystemRoot\system32\DRIVERS\disk.sys
0x011BC000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x0281A000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x02844000 \SystemRoot\System32\Drivers\Null.SYS
0x0284D000 \SystemRoot\System32\Drivers\Beep.SYS
0x02854000 \SystemRoot\System32\drivers\vga.sys
0x02862000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x02887000 \SystemRoot\System32\drivers\watchdog.sys
0x02897000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x028A0000 \SystemRoot\system32\drivers\rdpencdd.sys
0x028A9000 \SystemRoot\system32\drivers\rdprefmp.sys
0x028B2000 \SystemRoot\System32\Drivers\Msfs.SYS
0x028BD000 \SystemRoot\System32\Drivers\Npfs.SYS
0x03601000 \SystemRoot\System32\drivers\tcpip.sys
0x028CE000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x02918000 \SystemRoot\system32\DRIVERS\tdx.sys
0x02936000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x02943000 \SystemRoot\System32\DRIVERS\netbt.sys
0x0382B000 \SystemRoot\system32\drivers\afd.sys
0x038B4000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x038BF000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x038C8000 \SystemRoot\system32\DRIVERS\pacer.sys
0x038EE000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x03904000 \SystemRoot\system32\DRIVERS\netbios.sys
0x03913000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
0x03956000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x03971000 \SystemRoot\system32\DRIVERS\termdd.sys
0x03985000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x039D6000 \SystemRoot\system32\drivers\nsiproxy.sys
0x039E2000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x039ED000 \SystemRoot\System32\drivers\discache.sys
0x03800000 \SystemRoot\System32\Drivers\dfsc.sys
0x02988000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x02999000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x06E2D000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x03EA1000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x03F95000 \SystemRoot\System32\drivers\dxgmms1.sys
0x03FDB000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x03FEC000 \SystemRoot\system32\drivers\usbehci.sys
0x03E00000 \SystemRoot\system32\drivers\USBPORT.SYS
0x03E56000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x03E7A000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x079EA000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x06E00000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x06E16000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x0381E000 \SystemRoot\system32\DRIVERS\vcsvad.sys
0x029BF000 \SystemRoot\system32\DRIVERS\portcls.sys
0x06A74000 \SystemRoot\system32\DRIVERS\drmk.sys
0x06A96000 \SystemRoot\system32\DRIVERS\ks.sys
0x06AD9000 \SystemRoot\system32\drivers\ksthunk.sys
0x06ADF000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x06AF5000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x06B19000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x06B25000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x06B54000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x06B6F000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x06B90000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x06BAA000 \SystemRoot\system32\DRIVERS\hamachi.sys
0x06BB5000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x06BC4000 \SystemRoot\system32\DRIVERS\swenum.sys
0x06BC6000 \SystemRoot\system32\DRIVERS\umbus.sys
0x06A00000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x06A5A000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x0801D000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x082B3000 \SystemRoot\system32\DRIVERS\IntcDAud.sys
0x08306000 \SystemRoot\System32\Drivers\crashdmp.sys
0x08314000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x08320000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x0832B000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00000000 \SystemRoot\System32\win32k.sys
0x0833E000 \SystemRoot\System32\drivers\Dxapi.sys
0x0834A000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x08358000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x08371000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x0837A000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x0837C000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x08389000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x083A4000 \SystemRoot\system32\DRIVERS\wdcsam64.sys
0x083A8000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x083C5000 \SystemRoot\system32\drivers\usbaudio.sys
0x08200000 \SystemRoot\System32\Drivers\usbvideo.sys
0x0822E000 \SystemRoot\system32\DRIVERS\ArcSoftKsUFilter.sys
0x08238000 \SystemRoot\system32\DRIVERS\monitor.sys
0x0200C000 \SystemRoot\system32\DRIVERS\ae1000w7.sys
0x02121000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x0212E000 \SystemRoot\System32\Drivers\RtsUStor.sys
0x00450000 \SystemRoot\System32\TSDDD.dll
0x006B0000 \SystemRoot\System32\cdd.dll
0x02169000 \SystemRoot\system32\drivers\luafv.sys
0x0218C000 \SystemRoot\system32\drivers\WudfPf.sys
0x021AD000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x08246000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x021C2000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x021D5000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x03427000 \SystemRoot\System32\Drivers\fastfat.SYS
0x0345D000 \SystemRoot\system32\drivers\HTTP.sys
0x03525000 \SystemRoot\system32\DRIVERS\udfs.sys
0x03579000 \SystemRoot\system32\DRIVERS\bowser.sys
0x035AF000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x02419000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x02467000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0248A000 \SystemRoot\system32\drivers\peauth.sys
0x02530000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0253B000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x02568000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0257A000 \??\C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys
0x0258C000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0428E000 \SystemRoot\System32\DRIVERS\srv.sys
0x04323000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x779B0000 \Windows\System32\ntdll.dll
0x480F0000 \Windows\System32\smss.exe
0xFFCD0000 \Windows\System32\apisetschema.dll
0xFF1D0000 \Windows\System32\autochk.exe
0xFFC20000 \Windows\System32\clbcatq.dll
0xFFAF0000 \Windows\System32\wininet.dll
0xFF9C0000 \Windows\System32\rpcrt4.dll

Processes (total 68):
0 System Idle Process
4 System
280 C:\Windows\System32\smss.exe
412 csrss.exe
552 C:\Windows\System32\wininit.exe
580 csrss.exe
612 C:\Windows\System32\services.exe
628 C:\Windows\System32\lsass.exe
636 C:\Windows\System32\lsm.exe
760 C:\Windows\System32\winlogon.exe
796 C:\Windows\System32\svchost.exe
860 C:\Windows\System32\svchost.exe
968 C:\Windows\System32\svchost.exe
1000 C:\Windows\System32\svchost.exe
120 C:\Windows\System32\svchost.exe
456 C:\Windows\System32\audiodg.exe
440 C:\Windows\System32\svchost.exe
1100 C:\Windows\System32\svchost.exe
1348 C:\Windows\System32\dwm.exe
1372 C:\Windows\explorer.exe
1420 C:\Windows\System32\spoolsv.exe
1452 C:\Windows\System32\svchost.exe
1572 C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
1640 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
1664 C:\Windows\System32\taskhost.exe
1880 C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
2036 C:\Windows\System32\svchost.exe
1068 C:\Windows\System32\svchost.exe
1244 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
1608 C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
1524 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2084 C:\Windows\System32\SearchIndexer.exe
2300 C:\Windows\System32\rundll32.exe
2404 C:\Windows\System32\svchost.exe
2496 WUDFHost.exe
2628 C:\Windows\System32\hkcmd.exe
2636 C:\Windows\System32\igfxpers.exe
2644 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2780 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
2844 H:\Programs\Steam\Steam.exe
3044 C:\Program Files (x86)\jmesoft\hotkey.exe
3052 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
2064 C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
1192 C:\Windows\System32\svchost.exe
3096 C:\Program Files\Windows Media Player\wmpnetwk.exe
3608 C:\Users\Ani\AppData\Local\Google\Chrome\Application\chrome.exe
3408 C:\Windows\System32\svchost.exe
1184 C:\PROGRA~2\Raptr\raptr.exe
3956 C:\Windows\System32\SndVol.exe
3868 C:\PROGRA~2\Raptr\raptr_im.exe
2860 C:\Users\Ani\AppData\Local\Google\Chrome\Application\chrome.exe
3164 C:\Users\Ani\AppData\Local\Google\Chrome\Application\chrome.exe
3392 C:\Users\Ani\AppData\Local\Google\Chrome\Application\chrome.exe
2324 C:\Users\Ani\AppData\Local\Google\Chrome\Application\chrome.exe
3716 C:\Users\Ani\AppData\Local\Google\Chrome\Application\chrome.exe
3736 C:\Program Files (x86)\Raptr\raptr_ep64.exe
3988 C:\Windows\SysWOW64\rundll32.exe
3320 C:\Users\Ani\AppData\Local\Google\Chrome\Application\chrome.exe
4784 C:\Users\Ani\AppData\Local\Google\Chrome\Application\chrome.exe
4828 C:\Program Files\Windows NT\Accessories\wordpad.exe
5116 C:\Users\Ani\Desktop\OTL.exe
4152 C:\Windows\System32\wuauclt.exe
5036 <unknown>
2452 <unknown>
4904 C:\Program Files\Windows NT\Accessories\wordpad.exe
4364 C:\Users\Ani\Desktop\MBRCheck.exe
2076 C:\Windows\System32\conhost.exe
4488 C:\Windows\System32\taskeng.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS)
\\.\H: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000 (NTFS)

PhysicalDrive0 Model Number: ST31000528AS, Rev: CC68
PhysicalDrive1 Model Number: WDMy Book 1110, Rev: 2003

Size Device Name MBR Status
--------------------------------------------
931 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
465 GB \\.\PhysicalDrive1 RE: Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!
  • 0

#23
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)


Step 1

  • Save this file to your desktop: Attached File  fix.txt   460bytes   48 downloads
  • Run OTL.
  • Drag and drop fix.txt into the Custom Scans and Fixes box.
  • If you cannot drag and drop for some reason then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your desktop.
  • Then click the Run Fix button at the top.
  • Let the program run unhindered.
  • The OTL Fix log should be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.

Step 2

Straight after the OTL fix:

  • Double-click on TDSSKiller.exe, then click on Change Parameters.

    Posted Image

  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image

  • Click the Start Scan button.

    Posted Image

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image

  • If malicious objects are found, they will show in the Scan results and offer 3 options.
  • Ensure Cure is selected, then click Continue --> Reboot Computer to finish the cleaning process.

    Posted Image

  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents in your next reply.


Things I want to see in your next reply

  • OTL Fix Log
  • TDSSKiller.[Version]_[Date]_[Time]_log.txt

Edited by Nedklaw, 18 February 2012 - 09:07 AM.

  • 0

#24
SkittleServal

SkittleServal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Hello - Sorry about the delay, again.

Unfortunately, I encountered the unable to create host file error with OTL again, even after running it the same way I did last time it worked.



10:31:31.0044 12128 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
10:31:31.0552 12128 ============================================================
10:31:31.0552 12128 Current date / time: 2012/02/21 10:31:31.0552
10:31:31.0552 12128 SystemInfo:
10:31:31.0552 12128
10:31:31.0552 12128 OS Version: 6.1.7600 ServicePack: 0.0
10:31:31.0552 12128 Product type: Workstation
10:31:31.0552 12128 ComputerName: ANI-PC
10:31:31.0552 12128 UserName: Ani
10:31:31.0552 12128 Windows directory: C:\windows
10:31:31.0552 12128 System windows directory: C:\windows
10:31:31.0552 12128 Running under WOW64
10:31:31.0552 12128 Processor architecture: Intel x64
10:31:31.0552 12128 Number of processors: 4
10:31:31.0552 12128 Page size: 0x1000
10:31:31.0552 12128 Boot type: Normal boot
10:31:31.0552 12128 ============================================================
10:31:32.0811 12128 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:31:32.0813 12128 Drive \Device\Harddisk1\DR1 - Size: 0x7446E00000 (465.11 Gb), SectorSize: 0x200, Cylinders: 0xED2B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:31:33.0282 12128 Drive \Device\Harddisk2\DR2 - Size: 0x3AE00000 (0.92 Gb), SectorSize: 0x200, Cylinders: 0x78, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:31:33.0285 12128 \Device\Harddisk0\DR0:
10:31:33.0285 12128 MBR used
10:31:33.0285 12128 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:31:33.0285 12128 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x714AE800
10:31:33.0285 12128 \Device\Harddisk1\DR1:
10:31:33.0285 12128 MBR used
10:31:33.0285 12128 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A236800
10:31:33.0285 12128 \Device\Harddisk2\DR2:
10:31:33.0286 12128 MBR used
10:31:33.0286 12128 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x1D6F79
10:31:33.0373 12128 Initialize success
10:31:33.0373 12128 ============================================================
10:31:46.0162 2976 ============================================================
10:31:46.0162 2976 Scan started
10:31:46.0162 2976 Mode: Manual; SigCheck; TDLFS;
10:31:46.0162 2976 ============================================================
10:31:48.0742 2976 1394ohci (e25dc567bae6199f5cc608be2d695b65) C:\windows\system32\DRIVERS\1394ohci.sys
10:31:49.0122 2976 1394ohci - ok
10:31:49.0292 2976 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys
10:31:49.0303 2976 ACPI - ok
10:31:49.0311 2976 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys
10:31:49.0393 2976 AcpiPmi - ok
10:31:49.0426 2976 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
10:31:49.0442 2976 adp94xx - ok
10:31:49.0472 2976 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
10:31:49.0499 2976 adpahci - ok
10:31:49.0541 2976 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
10:31:49.0550 2976 adpu320 - ok
10:31:49.0600 2976 AE1000 (e005682ae8f8ec4eb05f2a70a16ea1c5) C:\windows\system32\DRIVERS\ae1000w7.sys
10:31:49.0631 2976 AE1000 - ok
10:31:49.0723 2976 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\windows\system32\drivers\afd.sys
10:31:49.0769 2976 AFD - ok
10:31:49.0801 2976 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys
10:31:49.0807 2976 agp440 - ok
10:31:49.0837 2976 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys
10:31:49.0845 2976 aliide - ok
10:31:49.0871 2976 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys
10:31:49.0877 2976 amdide - ok
10:31:49.0896 2976 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
10:31:49.0943 2976 AmdK8 - ok
10:31:49.0950 2976 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
10:31:49.0980 2976 AmdPPM - ok
10:31:50.0030 2976 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys
10:31:50.0040 2976 amdsata - ok
10:31:50.0067 2976 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
10:31:50.0076 2976 amdsbs - ok
10:31:50.0122 2976 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys
10:31:50.0129 2976 amdxata - ok
10:31:50.0137 2976 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys
10:31:50.0221 2976 AppID - ok
10:31:50.0242 2976 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
10:31:50.0250 2976 arc - ok
10:31:50.0258 2976 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
10:31:50.0266 2976 arcsas - ok
10:31:50.0326 2976 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys
10:31:50.0339 2976 ArcSoftKsUFilter - ok
10:31:50.0379 2976 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
10:31:50.0483 2976 AsyncMac - ok
10:31:50.0506 2976 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys
10:31:50.0512 2976 atapi - ok
10:31:50.0598 2976 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\windows\system32\DRIVERS\atikmdag.sys
10:31:50.0712 2976 atikmdag - ok
10:31:50.0780 2976 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
10:31:50.0835 2976 b06bdrv - ok
10:31:50.0898 2976 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
10:31:50.0931 2976 b57nd60a - ok
10:31:50.0989 2976 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
10:31:51.0032 2976 Beep - ok
10:31:51.0105 2976 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
10:31:51.0137 2976 blbdrive - ok
10:31:51.0192 2976 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys
10:31:51.0265 2976 bowser - ok
10:31:51.0272 2976 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
10:31:51.0303 2976 BrFiltLo - ok
10:31:51.0311 2976 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
10:31:51.0321 2976 BrFiltUp - ok
10:31:51.0397 2976 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
10:31:51.0448 2976 BridgeMP - ok
10:31:51.0458 2976 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
10:31:51.0508 2976 Brserid - ok
10:31:51.0515 2976 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
10:31:51.0549 2976 BrSerWdm - ok
10:31:51.0609 2976 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
10:31:51.0637 2976 BrUsbMdm - ok
10:31:51.0661 2976 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
10:31:51.0690 2976 BrUsbSer - ok
10:31:51.0698 2976 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
10:31:51.0714 2976 BTHMODEM - ok
10:31:51.0765 2976 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
10:31:51.0829 2976 cdfs - ok
10:31:51.0875 2976 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys
10:31:51.0911 2976 cdrom - ok
10:31:51.0921 2976 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
10:31:51.0931 2976 circlass - ok
10:31:51.0969 2976 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
10:31:51.0980 2976 CLFS - ok
10:31:52.0005 2976 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
10:31:52.0016 2976 CmBatt - ok
10:31:52.0032 2976 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys
10:31:52.0038 2976 cmdide - ok
10:31:52.0092 2976 CNG (937beb186a735aca91d717044a49d17e) C:\windows\system32\Drivers\cng.sys
10:31:52.0139 2976 CNG - ok
10:31:52.0146 2976 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
10:31:52.0154 2976 Compbatt - ok
10:31:52.0189 2976 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys
10:31:52.0225 2976 CompositeBus - ok
10:31:52.0300 2976 cpudrv64 (3ca734ce373e5675fbc15ca2c45228e5) C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
10:31:52.0307 2976 cpudrv64 - ok
10:31:52.0314 2976 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
10:31:52.0321 2976 crcdisk - ok
10:31:52.0341 2976 cywiwabo - ok
10:31:52.0399 2976 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys
10:31:52.0450 2976 DfsC - ok
10:31:52.0482 2976 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
10:31:52.0533 2976 discache - ok
10:31:52.0574 2976 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
10:31:52.0581 2976 Disk - ok
10:31:52.0614 2976 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
10:31:52.0657 2976 drmkaud - ok
10:31:52.0704 2976 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\windows\system32\DRIVERS\dtsoftbus01.sys
10:31:52.0712 2976 dtsoftbus01 - ok
10:31:52.0745 2976 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\windows\System32\drivers\dxgkrnl.sys
10:31:52.0769 2976 DXGKrnl - ok
10:31:52.0801 2976 e1cexpress (6bafd9819d9fec2edbaebc8493c711a4) C:\windows\system32\DRIVERS\e1c62x64.sys
10:31:52.0810 2976 e1cexpress - ok
10:31:52.0858 2976 EagleX64 - ok
10:31:52.0923 2976 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
10:31:53.0050 2976 ebdrv - ok
10:31:53.0110 2976 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
10:31:53.0123 2976 elxstor - ok
10:31:53.0131 2976 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys
10:31:53.0166 2976 ErrDev - ok
10:31:53.0247 2976 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
10:31:53.0273 2976 exfat - ok
10:31:53.0288 2976 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
10:31:53.0320 2976 fastfat - ok
10:31:53.0327 2976 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
10:31:53.0361 2976 fdc - ok
10:31:53.0393 2976 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
10:31:53.0399 2976 FileInfo - ok
10:31:53.0412 2976 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
10:31:53.0474 2976 Filetrace - ok
10:31:53.0497 2976 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
10:31:53.0506 2976 flpydisk - ok
10:31:53.0538 2976 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys
10:31:53.0548 2976 FltMgr - ok
10:31:53.0562 2976 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
10:31:53.0569 2976 FsDepends - ok
10:31:53.0636 2976 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\windows\system32\DRIVERS\fssfltr.sys
10:31:53.0642 2976 fssfltr - ok
10:31:53.0668 2976 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
10:31:53.0675 2976 Fs_Rec - ok
10:31:53.0750 2976 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys
10:31:53.0760 2976 fvevol - ok
10:31:53.0768 2976 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
10:31:53.0774 2976 gagp30kx - ok
10:31:53.0867 2976 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\windows\system32\DRIVERS\hamachi.sys
10:31:53.0874 2976 hamachi - ok
10:31:53.0902 2976 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
10:31:53.0999 2976 hcw85cir - ok
10:31:54.0010 2976 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys
10:31:54.0046 2976 HdAudAddService - ok
10:31:54.0079 2976 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys
10:31:54.0114 2976 HDAudBus - ok
10:31:54.0122 2976 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
10:31:54.0132 2976 HidBatt - ok
10:31:54.0141 2976 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
10:31:54.0157 2976 HidBth - ok
10:31:54.0165 2976 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
10:31:54.0176 2976 HidIr - ok
10:31:54.0205 2976 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys
10:31:54.0232 2976 HidUsb - ok
10:31:54.0243 2976 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys
10:31:54.0250 2976 HpSAMD - ok
10:31:54.0291 2976 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys
10:31:54.0324 2976 HTTP - ok
10:31:54.0340 2976 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys
10:31:54.0349 2976 hwpolicy - ok
10:31:54.0360 2976 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
10:31:54.0368 2976 i8042prt - ok
10:31:54.0427 2976 iaStorV (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys
10:31:54.0439 2976 iaStorV - ok
10:31:54.0637 2976 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\windows\system32\DRIVERS\igdkmd64.sys
10:31:54.0885 2976 igfx - ok
10:31:54.0896 2976 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
10:31:54.0905 2976 iirsp - ok
10:31:54.0972 2976 IntcAzAudAddService (9aa6a93852e36fe76c3f7fc2904f3b01) C:\windows\system32\drivers\RTKVHD64.sys
10:31:55.0022 2976 IntcAzAudAddService - ok
10:31:55.0052 2976 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
10:31:55.0105 2976 IntcDAud - ok
10:31:55.0116 2976 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys
10:31:55.0123 2976 intelide - ok
10:31:55.0146 2976 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
10:31:55.0199 2976 intelppm - ok
10:31:55.0251 2976 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys
10:31:55.0294 2976 IpFilterDriver - ok
10:31:55.0303 2976 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys
10:31:55.0324 2976 IPMIDRV - ok
10:31:55.0353 2976 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
10:31:55.0403 2976 IPNAT - ok
10:31:55.0449 2976 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
10:31:55.0527 2976 IRENUM - ok
10:31:55.0534 2976 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys
10:31:55.0540 2976 isapnp - ok
10:31:55.0573 2976 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys
10:31:55.0582 2976 iScsiPrt - ok
10:31:55.0614 2976 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
10:31:55.0621 2976 kbdclass - ok
10:31:55.0641 2976 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys
10:31:55.0682 2976 kbdhid - ok
10:31:55.0728 2976 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\windows\system32\Drivers\ksecdd.sys
10:31:55.0738 2976 KSecDD - ok
10:31:55.0749 2976 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\windows\system32\Drivers\ksecpkg.sys
10:31:55.0756 2976 KSecPkg - ok
10:31:55.0774 2976 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
10:31:55.0826 2976 ksthunk - ok
10:31:55.0881 2976 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
10:31:55.0953 2976 lltdio - ok
10:31:56.0012 2976 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
10:31:56.0021 2976 LSI_FC - ok
10:31:56.0030 2976 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
10:31:56.0037 2976 LSI_SAS - ok
10:31:56.0063 2976 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
10:31:56.0069 2976 LSI_SAS2 - ok
10:31:56.0097 2976 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
10:31:56.0105 2976 LSI_SCSI - ok
10:31:56.0129 2976 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
10:31:56.0190 2976 luafv - ok
10:31:56.0223 2976 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\windows\system32\drivers\mbam.sys
10:31:56.0233 2976 MBAMProtector - ok
10:31:56.0256 2976 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
10:31:56.0263 2976 megasas - ok
10:31:56.0293 2976 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
10:31:56.0304 2976 MegaSR - ok
10:31:56.0339 2976 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\windows\system32\DRIVERS\HECIx64.sys
10:31:56.0344 2976 MEIx64 - ok
10:31:56.0352 2976 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
10:31:56.0402 2976 Modem - ok
10:31:56.0435 2976 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
10:31:56.0467 2976 monitor - ok
10:31:56.0495 2976 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
10:31:56.0503 2976 mouclass - ok
10:31:56.0527 2976 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
10:31:56.0561 2976 mouhid - ok
10:31:56.0590 2976 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys
10:31:56.0598 2976 mountmgr - ok
10:31:56.0618 2976 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys
10:31:56.0627 2976 mpio - ok
10:31:56.0646 2976 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
10:31:56.0713 2976 mpsdrv - ok
10:31:56.0723 2976 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys
10:31:56.0747 2976 MRxDAV - ok
10:31:56.0821 2976 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys
10:31:56.0886 2976 mrxsmb - ok
10:31:56.0940 2976 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys
10:31:56.0977 2976 mrxsmb10 - ok
10:31:57.0042 2976 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys
10:31:57.0071 2976 mrxsmb20 - ok
10:31:57.0118 2976 msahci (94a5023d130bf79a4e54875f6e88a69f) C:\windows\system32\DRIVERS\msahci.sys
10:31:57.0125 2976 msahci - ok
10:31:57.0133 2976 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys
10:31:57.0141 2976 msdsm - ok
10:31:57.0159 2976 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
10:31:57.0189 2976 Msfs - ok
10:31:57.0197 2976 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
10:31:57.0258 2976 mshidkmdf - ok
10:31:57.0282 2976 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys
10:31:57.0288 2976 msisadrv - ok
10:31:57.0307 2976 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
10:31:57.0352 2976 MSKSSRV - ok
10:31:57.0382 2976 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
10:31:57.0454 2976 MSPCLOCK - ok
10:31:57.0484 2976 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
10:31:57.0536 2976 MSPQM - ok
10:31:57.0571 2976 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys
10:31:57.0583 2976 MsRPC - ok
10:31:57.0597 2976 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
10:31:57.0605 2976 mssmbios - ok
10:31:57.0645 2976 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
10:31:57.0695 2976 MSTEE - ok
10:31:57.0722 2976 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
10:31:57.0769 2976 MTConfig - ok
10:31:57.0800 2976 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
10:31:57.0807 2976 Mup - ok
10:31:57.0849 2976 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
10:31:57.0889 2976 NativeWifiP - ok
10:31:57.0948 2976 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys
10:31:57.0966 2976 NDIS - ok
10:31:58.0051 2976 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
10:31:58.0162 2976 NdisCap - ok
10:31:58.0214 2976 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
10:31:58.0256 2976 NdisTapi - ok
10:31:58.0298 2976 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys
10:31:58.0359 2976 Ndisuio - ok
10:31:58.0389 2976 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys
10:31:58.0421 2976 NdisWan - ok
10:31:58.0431 2976 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys
10:31:58.0475 2976 NDProxy - ok
10:31:58.0502 2976 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
10:31:58.0547 2976 NetBIOS - ok
10:31:58.0575 2976 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys
10:31:58.0635 2976 NetBT - ok
10:31:58.0731 2976 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
10:31:58.0738 2976 nfrd960 - ok
10:31:58.0779 2976 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
10:31:58.0805 2976 Npfs - ok
10:31:58.0821 2976 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
10:31:58.0851 2976 nsiproxy - ok
10:31:58.0917 2976 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys
10:31:58.0959 2976 Ntfs - ok
10:31:58.0977 2976 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
10:31:59.0022 2976 Null - ok
10:31:59.0071 2976 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys
10:31:59.0080 2976 nvraid - ok
10:31:59.0168 2976 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys
10:31:59.0179 2976 nvstor - ok
10:31:59.0206 2976 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys
10:31:59.0213 2976 nv_agp - ok
10:31:59.0308 2976 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys
10:31:59.0391 2976 ohci1394 - ok
10:31:59.0480 2976 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
10:31:59.0490 2976 Parport - ok
10:31:59.0499 2976 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys
10:31:59.0507 2976 partmgr - ok
10:31:59.0726 2976 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys
10:31:59.0735 2976 pci - ok
10:31:59.0881 2976 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
10:31:59.0887 2976 pciide - ok
10:31:59.0925 2976 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
10:31:59.0934 2976 pcmcia - ok
10:31:59.0963 2976 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
10:31:59.0970 2976 pcw - ok
10:31:59.0995 2976 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
10:32:00.0053 2976 PEAUTH - ok
10:32:00.0115 2976 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys
10:32:00.0143 2976 PptpMiniport - ok
10:32:00.0150 2976 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
10:32:00.0179 2976 Processor - ok
10:32:00.0229 2976 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys
10:32:00.0273 2976 Psched - ok
10:32:00.0344 2976 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
10:32:00.0386 2976 ql2300 - ok
10:32:00.0395 2976 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
10:32:00.0403 2976 ql40xx - ok
10:32:00.0425 2976 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
10:32:00.0456 2976 QWAVEdrv - ok
10:32:00.0484 2976 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
10:32:00.0544 2976 RasAcd - ok
10:32:00.0577 2976 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
10:32:00.0626 2976 RasAgileVpn - ok
10:32:00.0657 2976 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys
10:32:00.0688 2976 Rasl2tp - ok
10:32:00.0723 2976 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
10:32:00.0751 2976 RasPppoe - ok
10:32:00.0761 2976 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
10:32:00.0819 2976 RasSstp - ok
10:32:00.0848 2976 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys
10:32:00.0916 2976 rdbss - ok
10:32:00.0960 2976 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
10:32:00.0988 2976 rdpbus - ok
10:32:01.0016 2976 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
10:32:01.0042 2976 RDPCDD - ok
10:32:01.0058 2976 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
10:32:01.0107 2976 RDPENCDD - ok
10:32:01.0132 2976 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
10:32:01.0159 2976 RDPREFMP - ok
10:32:01.0168 2976 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys
10:32:01.0212 2976 RDPWD - ok
10:32:01.0250 2976 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys
10:32:01.0259 2976 rdyboost - ok
10:32:01.0289 2976 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
10:32:01.0315 2976 rspndr - ok
10:32:01.0348 2976 RSUSBSTOR (b1d04ed92d148b54169499d9568a3c55) C:\windows\system32\Drivers\RtsUStor.sys
10:32:01.0404 2976 RSUSBSTOR - ok
10:32:01.0412 2976 RTL8023x64 (68dd0457d18fccef7384ae84022f0c86) C:\windows\system32\DRIVERS\Rtnic64.sys
10:32:01.0447 2976 RTL8023x64 - ok
10:32:01.0455 2976 RtsUIR - ok
10:32:01.0464 2976 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys
10:32:01.0472 2976 sbp2port - ok
10:32:01.0518 2976 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys
10:32:01.0571 2976 scfilter - ok
10:32:01.0639 2976 ScreamBAudioSvc (490b0b68bb938d5c628ec4a67277be75) C:\windows\system32\drivers\ScreamingBAudio64.sys
10:32:01.0644 2976 ScreamBAudioSvc - ok
10:32:01.0676 2976 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
10:32:01.0719 2976 secdrv - ok
10:32:01.0730 2976 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
10:32:01.0748 2976 Serenum - ok
10:32:01.0771 2976 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
10:32:01.0780 2976 Serial - ok
10:32:01.0820 2976 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
10:32:01.0849 2976 sermouse - ok
10:32:01.0894 2976 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys
10:32:01.0953 2976 sffdisk - ok
10:32:01.0977 2976 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys
10:32:01.0985 2976 sffp_mmc - ok
10:32:01.0992 2976 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys
10:32:01.0999 2976 sffp_sd - ok
10:32:02.0015 2976 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
10:32:02.0025 2976 sfloppy - ok
10:32:02.0061 2976 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
10:32:02.0068 2976 SiSRaid2 - ok
10:32:02.0113 2976 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
10:32:02.0127 2976 SiSRaid4 - ok
10:32:02.0135 2976 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
10:32:02.0193 2976 Smb - ok
10:32:02.0224 2976 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
10:32:02.0232 2976 spldr - ok
10:32:02.0293 2976 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys
10:32:02.0348 2976 srv - ok
10:32:02.0379 2976 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys
10:32:02.0413 2976 srv2 - ok
10:32:02.0460 2976 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys
10:32:02.0495 2976 srvnet - ok
10:32:02.0544 2976 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
10:32:02.0550 2976 stexstor - ok
10:32:02.0573 2976 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
10:32:02.0579 2976 swenum - ok
10:32:02.0659 2976 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\drivers\tcpip.sys
10:32:02.0702 2976 Tcpip - ok
10:32:02.0742 2976 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\DRIVERS\tcpip.sys
10:32:02.0768 2976 TCPIP6 - ok
10:32:02.0782 2976 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys
10:32:02.0808 2976 tcpipreg - ok
10:32:02.0830 2976 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
10:32:02.0883 2976 TDPIPE - ok
10:32:02.0910 2976 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
10:32:02.0980 2976 TDTCP - ok
10:32:03.0010 2976 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys
10:32:03.0057 2976 tdx - ok
10:32:03.0107 2976 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys
10:32:03.0115 2976 TermDD - ok
10:32:03.0137 2976 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys
10:32:03.0179 2976 tssecsrv - ok
10:32:03.0217 2976 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys
10:32:03.0242 2976 tunnel - ok
10:32:03.0266 2976 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
10:32:03.0273 2976 uagp35 - ok
10:32:03.0302 2976 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys
10:32:03.0364 2976 udfs - ok
10:32:03.0391 2976 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys
10:32:03.0401 2976 uliagpkx - ok
10:32:03.0429 2976 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys
10:32:03.0462 2976 umbus - ok
10:32:03.0489 2976 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
10:32:03.0516 2976 UmPass - ok
10:32:03.0586 2976 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\windows\system32\drivers\usbaudio.sys
10:32:03.0617 2976 usbaudio - ok
10:32:03.0659 2976 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\windows\system32\DRIVERS\usbccgp.sys
10:32:03.0719 2976 usbccgp - ok
10:32:03.0726 2976 USBCCID - ok
10:32:03.0756 2976 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys
10:32:03.0767 2976 usbcir - ok
10:32:03.0805 2976 usbehci (92969ba5ac44e229c55a332864f79677) C:\windows\system32\drivers\usbehci.sys
10:32:03.0838 2976 usbehci - ok
10:32:03.0889 2976 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\windows\system32\DRIVERS\usbhub.sys
10:32:03.0936 2976 usbhub - ok
10:32:03.0973 2976 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\windows\system32\drivers\usbohci.sys
10:32:04.0006 2976 usbohci - ok
10:32:04.0031 2976 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
10:32:04.0041 2976 usbprint - ok
10:32:04.0089 2976 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS
10:32:04.0102 2976 USBSTOR - ok
10:32:04.0148 2976 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\windows\system32\drivers\usbuhci.sys
10:32:04.0181 2976 usbuhci - ok
10:32:04.0257 2976 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\system32\Drivers\usbvideo.sys
10:32:04.0307 2976 usbvideo - ok
10:32:04.0369 2976 VCSVADHWSer (3a4b01c2bdb07dfef29b0b369487503a) C:\windows\system32\DRIVERS\vcsvad.sys
10:32:04.0435 2976 VCSVADHWSer - ok
10:32:04.0445 2976 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys
10:32:04.0451 2976 vdrvroot - ok
10:32:04.0489 2976 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
10:32:04.0502 2976 vga - ok
10:32:04.0522 2976 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
10:32:04.0567 2976 VgaSave - ok
10:32:04.0604 2976 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys
10:32:04.0613 2976 vhdmp - ok
10:32:04.0628 2976 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys
10:32:04.0635 2976 viaide - ok
10:32:04.0653 2976 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys
10:32:04.0660 2976 volmgr - ok
10:32:04.0677 2976 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys
10:32:04.0689 2976 volmgrx - ok
10:32:04.0709 2976 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys
10:32:04.0722 2976 volsnap - ok
10:32:04.0764 2976 vpcbus (abd9b4a7e2d0ae51a3b8df1af3152d61) C:\windows\system32\DRIVERS\vpchbus.sys
10:32:04.0824 2976 vpcbus - ok
10:32:04.0875 2976 vpcnfltr (8acda395841538ce9713a67fe8b2a3eb) C:\windows\system32\DRIVERS\vpcnfltr.sys
10:32:04.0882 2976 vpcnfltr - ok
10:32:04.0932 2976 vpcusb (31924e31bc315773e6d149b157db46d5) C:\windows\system32\DRIVERS\vpcusb.sys
10:32:04.0960 2976 vpcusb - ok
10:32:05.0034 2976 vpcvmm (c5b651e52540e6f46da66574c74b4898) C:\windows\system32\drivers\vpcvmm.sys
10:32:05.0046 2976 vpcvmm - ok
10:32:05.0094 2976 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
10:32:05.0102 2976 vsmraid - ok
10:32:05.0126 2976 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
10:32:05.0159 2976 vwifibus - ok
10:32:05.0181 2976 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
10:32:05.0218 2976 vwififlt - ok
10:32:05.0278 2976 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
10:32:05.0311 2976 WacomPen - ok
10:32:05.0350 2976 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
10:32:05.0377 2976 WANARP - ok
10:32:05.0382 2976 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
10:32:05.0411 2976 Wanarpv6 - ok
10:32:05.0440 2976 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
10:32:05.0447 2976 Wd - ok
10:32:05.0490 2976 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys
10:32:05.0543 2976 WDC_SAM - ok
10:32:05.0575 2976 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
10:32:05.0594 2976 Wdf01000 - ok
10:32:05.0640 2976 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
10:32:05.0667 2976 WfpLwf - ok
10:32:05.0689 2976 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
10:32:05.0695 2976 WIMMount - ok
10:32:05.0779 2976 WinUSB (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUSB.sys
10:32:05.0821 2976 WinUSB - ok
10:32:05.0849 2976 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
10:32:05.0880 2976 WmiAcpi - ok
10:32:05.0931 2976 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
10:32:05.0957 2976 ws2ifsl - ok
10:32:05.0993 2976 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
10:32:06.0001 2976 wsvd - ok
10:32:06.0031 2976 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys
10:32:06.0085 2976 WudfPf - ok
10:32:06.0121 2976 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys
10:32:06.0151 2976 WUDFRd - ok
10:32:06.0243 2976 X5XSEx (8c6413d62c891d8da084a31da53a09e6) C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys
10:32:06.0248 2976 X5XSEx - ok
10:32:06.0299 2976 X6va005 - ok
10:32:06.0320 2976 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\windows\system32\DRIVERS\yk62x64.sys
10:32:06.0373 2976 yukonw7 - ok
10:32:06.0426 2976 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:32:06.0521 2976 \Device\Harddisk0\DR0 - ok
10:32:06.0524 2976 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
10:32:07.0056 2976 \Device\Harddisk1\DR1 - ok
10:32:07.0062 2976 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
10:32:07.0251 2976 \Device\Harddisk2\DR2 - ok
10:32:07.0266 2976 Boot (0x1200) (5fc0b3005a3ad6d27853241dda791f02) \Device\Harddisk0\DR0\Partition0
10:32:07.0268 2976 \Device\Harddisk0\DR0\Partition0 - ok
10:32:07.0279 2976 Boot (0x1200) (93e7c3a3cf67b169f71e469a1e92641e) \Device\Harddisk0\DR0\Partition1
10:32:07.0280 2976 \Device\Harddisk0\DR0\Partition1 - ok
10:32:07.0283 2976 Boot (0x1200) (12465cb012d0ff36e8a8e89b655ef92a) \Device\Harddisk1\DR1\Partition0
10:32:07.0285 2976 \Device\Harddisk1\DR1\Partition0 - ok
10:32:07.0290 2976 Boot (0x1200) (4b1425494ee89def42333c0a3d2d4fc4) \Device\Harddisk2\DR2\Partition0
10:32:07.0292 2976 \Device\Harddisk2\DR2\Partition0 - ok
10:32:07.0292 2976 ============================================================
10:32:07.0292 2976 Scan finished
10:32:07.0292 2976 ============================================================
10:32:07.0301 10056 Detected object count: 0
10:32:07.0301 10056 Actual detected object count: 0
10:32:36.0062 7972 Deinitialize success
  • 0

#25
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi.

Could you repeat my previous instructions but this time with the following file: Attached File  fix.txt   445bytes   46 downloads
  • 0

Advertisements


#26
SkittleServal

SkittleServal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Hello! Looks like things worked out this time.

========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-606387608-774257337-4196163694-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Windows™ Updater not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Ani\Desktop\cmd.bat deleted successfully.
C:\Users\Ani\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.31.0 log created on 02222012_214822





21:51:03.0889 5216 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
21:51:04.0385 5216 ============================================================
21:51:04.0385 5216 Current date / time: 2012/02/22 21:51:04.0385
21:51:04.0385 5216 SystemInfo:
21:51:04.0385 5216
21:51:04.0385 5216 OS Version: 6.1.7600 ServicePack: 0.0
21:51:04.0385 5216 Product type: Workstation
21:51:04.0385 5216 ComputerName: ANI-PC
21:51:04.0385 5216 UserName: Ani
21:51:04.0385 5216 Windows directory: C:\windows
21:51:04.0385 5216 System windows directory: C:\windows
21:51:04.0385 5216 Running under WOW64
21:51:04.0385 5216 Processor architecture: Intel x64
21:51:04.0385 5216 Number of processors: 4
21:51:04.0385 5216 Page size: 0x1000
21:51:04.0385 5216 Boot type: Normal boot
21:51:04.0385 5216 ============================================================
21:51:06.0485 5216 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:51:06.0487 5216 Drive \Device\Harddisk1\DR1 - Size: 0x7446E00000 (465.11 Gb), SectorSize: 0x200, Cylinders: 0xED2B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:51:06.0489 5216 Drive \Device\Harddisk2\DR2 - Size: 0x3AE00000 (0.92 Gb), SectorSize: 0x200, Cylinders: 0x78, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:51:06.0491 5216 \Device\Harddisk0\DR0:
21:51:06.0491 5216 MBR used
21:51:06.0491 5216 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:51:06.0491 5216 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x714AE800
21:51:06.0491 5216 \Device\Harddisk1\DR1:
21:51:06.0491 5216 MBR used
21:51:06.0491 5216 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A236800
21:51:06.0491 5216 \Device\Harddisk2\DR2:
21:51:06.0492 5216 MBR used
21:51:06.0492 5216 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x1D6F79
21:51:07.0013 5216 Initialize success
21:51:07.0013 5216 ============================================================
21:51:13.0645 21732 ============================================================
21:51:13.0645 21732 Scan started
21:51:13.0645 21732 Mode: Manual; SigCheck; TDLFS;
21:51:13.0645 21732 ============================================================
21:51:15.0939 21732 1394ohci (e25dc567bae6199f5cc608be2d695b65) C:\windows\system32\DRIVERS\1394ohci.sys
21:51:16.0194 21732 1394ohci - ok
21:51:16.0249 21732 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys
21:51:16.0262 21732 ACPI - ok
21:51:16.0270 21732 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys
21:51:16.0330 21732 AcpiPmi - ok
21:51:16.0355 21732 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
21:51:16.0370 21732 adp94xx - ok
21:51:16.0380 21732 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
21:51:16.0390 21732 adpahci - ok
21:51:16.0455 21732 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
21:51:16.0463 21732 adpu320 - ok
21:51:16.0514 21732 AE1000 (e005682ae8f8ec4eb05f2a70a16ea1c5) C:\windows\system32\DRIVERS\ae1000w7.sys
21:51:16.0543 21732 AE1000 - ok
21:51:16.0645 21732 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\windows\system32\drivers\afd.sys
21:51:16.0782 21732 AFD - ok
21:51:16.0818 21732 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys
21:51:16.0824 21732 agp440 - ok
21:51:16.0926 21732 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys
21:51:16.0935 21732 aliide - ok
21:51:17.0002 21732 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys
21:51:17.0008 21732 amdide - ok
21:51:17.0047 21732 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
21:51:17.0132 21732 AmdK8 - ok
21:51:17.0142 21732 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
21:51:17.0168 21732 AmdPPM - ok
21:51:17.0211 21732 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys
21:51:17.0223 21732 amdsata - ok
21:51:17.0297 21732 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
21:51:17.0311 21732 amdsbs - ok
21:51:17.0369 21732 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys
21:51:17.0378 21732 amdxata - ok
21:51:17.0407 21732 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys
21:51:17.0503 21732 AppID - ok
21:51:17.0530 21732 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
21:51:17.0537 21732 arc - ok
21:51:17.0558 21732 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
21:51:17.0565 21732 arcsas - ok
21:51:17.0631 21732 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys
21:51:17.0658 21732 ArcSoftKsUFilter - ok
21:51:17.0700 21732 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
21:51:17.0817 21732 AsyncMac - ok
21:51:17.0861 21732 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys
21:51:17.0869 21732 atapi - ok
21:51:17.0985 21732 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\windows\system32\DRIVERS\atikmdag.sys
21:51:18.0144 21732 atikmdag - ok
21:51:18.0185 21732 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
21:51:18.0250 21732 b06bdrv - ok
21:51:18.0286 21732 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
21:51:18.0337 21732 b57nd60a - ok
21:51:18.0385 21732 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
21:51:18.0453 21732 Beep - ok
21:51:18.0510 21732 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
21:51:18.0542 21732 blbdrive - ok
21:51:18.0597 21732 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys
21:51:18.0662 21732 bowser - ok
21:51:18.0704 21732 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
21:51:18.0714 21732 BrFiltLo - ok
21:51:18.0735 21732 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
21:51:18.0745 21732 BrFiltUp - ok
21:51:18.0869 21732 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
21:51:18.0936 21732 BridgeMP - ok
21:51:18.0949 21732 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
21:51:18.0996 21732 Brserid - ok
21:51:19.0003 21732 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
21:51:19.0052 21732 BrSerWdm - ok
21:51:19.0080 21732 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
21:51:19.0089 21732 BrUsbMdm - ok
21:51:19.0108 21732 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
21:51:19.0134 21732 BrUsbSer - ok
21:51:19.0142 21732 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
21:51:19.0161 21732 BTHMODEM - ok
21:51:19.0220 21732 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
21:51:19.0281 21732 cdfs - ok
21:51:19.0321 21732 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys
21:51:19.0357 21732 cdrom - ok
21:51:19.0391 21732 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
21:51:19.0401 21732 circlass - ok
21:51:19.0449 21732 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
21:51:19.0460 21732 CLFS - ok
21:51:19.0485 21732 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
21:51:19.0494 21732 CmBatt - ok
21:51:19.0512 21732 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys
21:51:19.0518 21732 cmdide - ok
21:51:19.0571 21732 CNG (937beb186a735aca91d717044a49d17e) C:\windows\system32\Drivers\cng.sys
21:51:19.0618 21732 CNG - ok
21:51:19.0625 21732 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
21:51:19.0632 21732 Compbatt - ok
21:51:19.0653 21732 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys
21:51:19.0687 21732 CompositeBus - ok
21:51:19.0747 21732 cpudrv64 (3ca734ce373e5675fbc15ca2c45228e5) C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
21:51:19.0752 21732 cpudrv64 - ok
21:51:19.0762 21732 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
21:51:19.0768 21732 crcdisk - ok
21:51:19.0789 21732 cywiwabo - ok
21:51:19.0854 21732 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys
21:51:19.0904 21732 DfsC - ok
21:51:19.0937 21732 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
21:51:19.0996 21732 discache - ok
21:51:20.0029 21732 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
21:51:20.0036 21732 Disk - ok
21:51:20.0069 21732 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
21:51:20.0104 21732 drmkaud - ok
21:51:20.0151 21732 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\windows\system32\DRIVERS\dtsoftbus01.sys
21:51:20.0158 21732 dtsoftbus01 - ok
21:51:20.0192 21732 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\windows\System32\drivers\dxgkrnl.sys
21:51:20.0211 21732 DXGKrnl - ok
21:51:20.0239 21732 e1cexpress (6bafd9819d9fec2edbaebc8493c711a4) C:\windows\system32\DRIVERS\e1c62x64.sys
21:51:20.0249 21732 e1cexpress - ok
21:51:20.0256 21732 EagleX64 - ok
21:51:20.0319 21732 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
21:51:20.0410 21732 ebdrv - ok
21:51:20.0481 21732 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
21:51:20.0494 21732 elxstor - ok
21:51:20.0503 21732 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys
21:51:20.0542 21732 ErrDev - ok
21:51:20.0555 21732 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
21:51:20.0582 21732 exfat - ok
21:51:20.0618 21732 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
21:51:20.0643 21732 fastfat - ok
21:51:20.0652 21732 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
21:51:20.0682 21732 fdc - ok
21:51:20.0739 21732 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
21:51:20.0746 21732 FileInfo - ok
21:51:20.0758 21732 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
21:51:20.0821 21732 Filetrace - ok
21:51:20.0927 21732 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
21:51:20.0936 21732 flpydisk - ok
21:51:21.0010 21732 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys
21:51:21.0022 21732 FltMgr - ok
21:51:21.0042 21732 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
21:51:21.0049 21732 FsDepends - ok
21:51:21.0116 21732 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\windows\system32\DRIVERS\fssfltr.sys
21:51:21.0124 21732 fssfltr - ok
21:51:21.0147 21732 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
21:51:21.0153 21732 Fs_Rec - ok
21:51:21.0188 21732 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys
21:51:21.0198 21732 fvevol - ok
21:51:21.0208 21732 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
21:51:21.0215 21732 gagp30kx - ok
21:51:21.0305 21732 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\windows\system32\DRIVERS\hamachi.sys
21:51:21.0310 21732 hamachi - ok
21:51:21.0343 21732 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
21:51:21.0411 21732 hcw85cir - ok
21:51:21.0424 21732 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys
21:51:21.0460 21732 HdAudAddService - ok
21:51:21.0492 21732 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys
21:51:21.0528 21732 HDAudBus - ok
21:51:21.0535 21732 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
21:51:21.0552 21732 HidBatt - ok
21:51:21.0560 21732 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
21:51:21.0579 21732 HidBth - ok
21:51:21.0586 21732 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
21:51:21.0597 21732 HidIr - ok
21:51:21.0668 21732 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys
21:51:21.0677 21732 HidUsb - ok
21:51:21.0689 21732 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys
21:51:21.0696 21732 HpSAMD - ok
21:51:21.0721 21732 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys
21:51:21.0754 21732 HTTP - ok
21:51:21.0779 21732 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys
21:51:21.0784 21732 hwpolicy - ok
21:51:21.0816 21732 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
21:51:21.0826 21732 i8042prt - ok
21:51:21.0907 21732 iaStorV (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys
21:51:21.0918 21732 iaStorV - ok
21:51:22.0108 21732 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\windows\system32\DRIVERS\igdkmd64.sys
21:51:22.0424 21732 igfx - ok
21:51:22.0483 21732 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
21:51:22.0489 21732 iirsp - ok
21:51:22.0542 21732 IntcAzAudAddService (9aa6a93852e36fe76c3f7fc2904f3b01) C:\windows\system32\drivers\RTKVHD64.sys
21:51:22.0595 21732 IntcAzAudAddService - ok
21:51:22.0632 21732 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
21:51:22.0650 21732 IntcDAud - ok
21:51:22.0680 21732 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys
21:51:22.0686 21732 intelide - ok
21:51:22.0702 21732 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
21:51:22.0730 21732 intelppm - ok
21:51:22.0774 21732 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys
21:51:22.0818 21732 IpFilterDriver - ok
21:51:22.0826 21732 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys
21:51:22.0844 21732 IPMIDRV - ok
21:51:22.0867 21732 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
21:51:22.0915 21732 IPNAT - ok
21:51:22.0955 21732 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
21:51:22.0998 21732 IRENUM - ok
21:51:23.0016 21732 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys
21:51:23.0022 21732 isapnp - ok
21:51:23.0046 21732 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys
21:51:23.0056 21732 iScsiPrt - ok
21:51:23.0087 21732 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
21:51:23.0094 21732 kbdclass - ok
21:51:23.0114 21732 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys
21:51:23.0145 21732 kbdhid - ok
21:51:23.0192 21732 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\windows\system32\Drivers\ksecdd.sys
21:51:23.0199 21732 KSecDD - ok
21:51:23.0213 21732 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\windows\system32\Drivers\ksecpkg.sys
21:51:23.0221 21732 KSecPkg - ok
21:51:23.0238 21732 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
21:51:23.0285 21732 ksthunk - ok
21:51:23.0329 21732 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
21:51:23.0376 21732 lltdio - ok
21:51:23.0443 21732 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
21:51:23.0450 21732 LSI_FC - ok
21:51:23.0458 21732 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
21:51:23.0466 21732 LSI_SAS - ok
21:51:23.0494 21732 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
21:51:23.0500 21732 LSI_SAS2 - ok
21:51:23.0528 21732 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
21:51:23.0535 21732 LSI_SCSI - ok
21:51:23.0559 21732 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
21:51:23.0621 21732 luafv - ok
21:51:23.0688 21732 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\windows\system32\drivers\mbam.sys
21:51:23.0694 21732 MBAMProtector - ok
21:51:23.0721 21732 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
21:51:23.0728 21732 megasas - ok
21:51:23.0737 21732 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
21:51:23.0748 21732 MegaSR - ok
21:51:23.0803 21732 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\windows\system32\DRIVERS\HECIx64.sys
21:51:23.0809 21732 MEIx64 - ok
21:51:23.0821 21732 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
21:51:23.0846 21732 Modem - ok
21:51:23.0865 21732 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
21:51:23.0897 21732 monitor - ok
21:51:23.0959 21732 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
21:51:23.0966 21732 mouclass - ok
21:51:23.0983 21732 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
21:51:24.0016 21732 mouhid - ok
21:51:24.0054 21732 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys
21:51:24.0061 21732 mountmgr - ok
21:51:24.0082 21732 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys
21:51:24.0090 21732 mpio - ok
21:51:24.0110 21732 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
21:51:24.0155 21732 mpsdrv - ok
21:51:24.0198 21732 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys
21:51:24.0236 21732 MRxDAV - ok
21:51:24.0275 21732 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys
21:51:24.0325 21732 mrxsmb - ok
21:51:24.0380 21732 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys
21:51:24.0407 21732 mrxsmb10 - ok
21:51:24.0448 21732 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys
21:51:24.0484 21732 mrxsmb20 - ok
21:51:24.0524 21732 msahci (94a5023d130bf79a4e54875f6e88a69f) C:\windows\system32\DRIVERS\msahci.sys
21:51:24.0530 21732 msahci - ok
21:51:24.0541 21732 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys
21:51:24.0549 21732 msdsm - ok
21:51:24.0565 21732 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
21:51:24.0590 21732 Msfs - ok
21:51:24.0603 21732 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
21:51:24.0654 21732 mshidkmdf - ok
21:51:24.0680 21732 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys
21:51:24.0686 21732 msisadrv - ok
21:51:24.0705 21732 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
21:51:24.0730 21732 MSKSSRV - ok
21:51:24.0746 21732 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
21:51:24.0801 21732 MSPCLOCK - ok
21:51:24.0831 21732 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
21:51:24.0880 21732 MSPQM - ok
21:51:24.0919 21732 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys
21:51:24.0932 21732 MsRPC - ok
21:51:24.0953 21732 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
21:51:24.0959 21732 mssmbios - ok
21:51:24.0985 21732 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
21:51:25.0042 21732 MSTEE - ok
21:51:25.0069 21732 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
21:51:25.0101 21732 MTConfig - ok
21:51:25.0140 21732 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
21:51:25.0146 21732 Mup - ok
21:51:25.0180 21732 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
21:51:25.0211 21732 NativeWifiP - ok
21:51:25.0262 21732 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys
21:51:25.0281 21732 NDIS - ok
21:51:25.0302 21732 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
21:51:25.0328 21732 NdisCap - ok
21:51:25.0362 21732 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
21:51:25.0404 21732 NdisTapi - ok
21:51:25.0454 21732 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys
21:51:25.0508 21732 Ndisuio - ok
21:51:25.0537 21732 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys
21:51:25.0562 21732 NdisWan - ok
21:51:25.0571 21732 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys
21:51:25.0615 21732 NDProxy - ok
21:51:25.0641 21732 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
21:51:25.0694 21732 NetBIOS - ok
21:51:25.0731 21732 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys
21:51:25.0784 21732 NetBT - ok
21:51:25.0841 21732 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
21:51:25.0846 21732 nfrd960 - ok
21:51:25.0961 21732 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
21:51:25.0985 21732 Npfs - ok
21:51:26.0011 21732 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
21:51:26.0036 21732 nsiproxy - ok
21:51:26.0400 21732 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys
21:51:26.0442 21732 Ntfs - ok
21:51:26.0707 21732 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
21:51:26.0753 21732 Null - ok
21:51:26.0785 21732 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys
21:51:26.0793 21732 nvraid - ok
21:51:26.0841 21732 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys
21:51:26.0850 21732 nvstor - ok
21:51:26.0876 21732 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys
21:51:26.0884 21732 nv_agp - ok
21:51:26.0891 21732 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys
21:51:26.0955 21732 ohci1394 - ok
21:51:26.0986 21732 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
21:51:26.0995 21732 Parport - ok
21:51:27.0023 21732 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys
21:51:27.0031 21732 partmgr - ok
21:51:27.0048 21732 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys
21:51:27.0057 21732 pci - ok
21:51:27.0079 21732 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
21:51:27.0084 21732 pciide - ok
21:51:27.0096 21732 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
21:51:27.0105 21732 pcmcia - ok
21:51:27.0127 21732 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
21:51:27.0133 21732 pcw - ok
21:51:27.0152 21732 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
21:51:27.0211 21732 PEAUTH - ok
21:51:27.0263 21732 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys
21:51:27.0295 21732 PptpMiniport - ok
21:51:27.0311 21732 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
21:51:27.0352 21732 Processor - ok
21:51:27.0402 21732 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys
21:51:27.0452 21732 Psched - ok
21:51:27.0533 21732 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
21:51:27.0575 21732 ql2300 - ok
21:51:27.0583 21732 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
21:51:27.0592 21732 ql40xx - ok
21:51:27.0614 21732 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
21:51:27.0664 21732 QWAVEdrv - ok
21:51:27.0731 21732 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
21:51:27.0789 21732 RasAcd - ok
21:51:27.0825 21732 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
21:51:27.0872 21732 RasAgileVpn - ok
21:51:27.0913 21732 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys
21:51:27.0938 21732 Rasl2tp - ok
21:51:27.0955 21732 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
21:51:27.0980 21732 RasPppoe - ok
21:51:27.0992 21732 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
21:51:28.0039 21732 RasSstp - ok
21:51:28.0071 21732 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys
21:51:28.0122 21732 rdbss - ok
21:51:28.0149 21732 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
21:51:28.0186 21732 rdpbus - ok
21:51:28.0222 21732 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
21:51:28.0270 21732 RDPCDD - ok
21:51:28.0297 21732 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
21:51:28.0354 21732 RDPENCDD - ok
21:51:28.0397 21732 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
21:51:28.0420 21732 RDPREFMP - ok
21:51:28.0429 21732 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys
21:51:28.0464 21732 RDPWD - ok
21:51:28.0523 21732 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys
21:51:28.0532 21732 rdyboost - ok
21:51:28.0603 21732 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
21:51:28.0668 21732 rspndr - ok
21:51:28.0712 21732 RSUSBSTOR (b1d04ed92d148b54169499d9568a3c55) C:\windows\system32\Drivers\RtsUStor.sys
21:51:28.0768 21732 RSUSBSTOR - ok
21:51:28.0778 21732 RTL8023x64 (68dd0457d18fccef7384ae84022f0c86) C:\windows\system32\DRIVERS\Rtnic64.sys
21:51:28.0803 21732 RTL8023x64 - ok
21:51:28.0812 21732 RtsUIR - ok
21:51:28.0826 21732 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys
21:51:28.0833 21732 sbp2port - ok
21:51:28.0916 21732 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys
21:51:28.0975 21732 scfilter - ok
21:51:29.0036 21732 ScreamBAudioSvc (490b0b68bb938d5c628ec4a67277be75) C:\windows\system32\drivers\ScreamingBAudio64.sys
21:51:29.0042 21732 ScreamBAudioSvc - ok
21:51:29.0090 21732 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
21:51:29.0134 21732 secdrv - ok
21:51:29.0146 21732 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
21:51:29.0162 21732 Serenum - ok
21:51:29.0185 21732 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
21:51:29.0194 21732 Serial - ok
21:51:29.0202 21732 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
21:51:29.0231 21732 sermouse - ok
21:51:29.0267 21732 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys
21:51:29.0316 21732 sffdisk - ok
21:51:29.0342 21732 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys
21:51:29.0350 21732 sffp_mmc - ok
21:51:29.0360 21732 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys
21:51:29.0367 21732 sffp_sd - ok
21:51:29.0388 21732 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
21:51:29.0397 21732 sfloppy - ok
21:51:29.0426 21732 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
21:51:29.0432 21732 SiSRaid2 - ok
21:51:29.0461 21732 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
21:51:29.0469 21732 SiSRaid4 - ok
21:51:29.0476 21732 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
21:51:29.0540 21732 Smb - ok
21:51:29.0572 21732 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
21:51:29.0577 21732 spldr - ok
21:51:29.0632 21732 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys
21:51:29.0655 21732 srv - ok
21:51:29.0685 21732 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys
21:51:29.0719 21732 srv2 - ok
21:51:29.0758 21732 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys
21:51:29.0792 21732 srvnet - ok
21:51:29.0859 21732 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
21:51:29.0865 21732 stexstor - ok
21:51:29.0912 21732 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
21:51:29.0918 21732 swenum - ok
21:51:30.0031 21732 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\drivers\tcpip.sys
21:51:30.0079 21732 Tcpip - ok
21:51:30.0123 21732 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\DRIVERS\tcpip.sys
21:51:30.0152 21732 TCPIP6 - ok
21:51:30.0180 21732 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys
21:51:30.0208 21732 tcpipreg - ok
21:51:30.0228 21732 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
21:51:30.0281 21732 TDPIPE - ok
21:51:30.0308 21732 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
21:51:30.0371 21732 TDTCP - ok
21:51:30.0408 21732 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys
21:51:30.0462 21732 tdx - ok
21:51:30.0513 21732 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys
21:51:30.0520 21732 TermDD - ok
21:51:30.0543 21732 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys
21:51:30.0569 21732 tssecsrv - ok
21:51:30.0581 21732 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys
21:51:30.0606 21732 tunnel - ok
21:51:30.0630 21732 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
21:51:30.0637 21732 uagp35 - ok
21:51:30.0666 21732 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys
21:51:30.0720 21732 udfs - ok
21:51:30.0772 21732 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys
21:51:30.0779 21732 uliagpkx - ok
21:51:30.0802 21732 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys
21:51:30.0833 21732 umbus - ok
21:51:30.0862 21732 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
21:51:30.0905 21732 UmPass - ok
21:51:30.0984 21732 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\windows\system32\drivers\usbaudio.sys
21:51:31.0031 21732 usbaudio - ok
21:51:31.0074 21732 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\windows\system32\DRIVERS\usbccgp.sys
21:51:31.0125 21732 usbccgp - ok
21:51:31.0131 21732 USBCCID - ok
21:51:31.0170 21732 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys
21:51:31.0182 21732 usbcir - ok
21:51:31.0235 21732 usbehci (92969ba5ac44e229c55a332864f79677) C:\windows\system32\drivers\usbehci.sys
21:51:31.0269 21732 usbehci - ok
21:51:31.0328 21732 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\windows\system32\DRIVERS\usbhub.sys
21:51:31.0357 21732 usbhub - ok
21:51:31.0446 21732 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\windows\system32\drivers\usbohci.sys
21:51:31.0478 21732 usbohci - ok
21:51:31.0504 21732 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
21:51:31.0513 21732 usbprint - ok
21:51:31.0561 21732 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS
21:51:31.0608 21732 USBSTOR - ok
21:51:31.0654 21732 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\windows\system32\drivers\usbuhci.sys
21:51:31.0679 21732 usbuhci - ok
21:51:31.0788 21732 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\system32\Drivers\usbvideo.sys
21:51:31.0838 21732 usbvideo - ok
21:51:31.0908 21732 VCSVADHWSer (3a4b01c2bdb07dfef29b0b369487503a) C:\windows\system32\DRIVERS\vcsvad.sys
21:51:31.0964 21732 VCSVADHWSer - ok
21:51:31.0976 21732 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys
21:51:31.0983 21732 vdrvroot - ok
21:51:32.0012 21732 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
21:51:32.0023 21732 vga - ok
21:51:32.0044 21732 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
21:51:32.0088 21732 VgaSave - ok
21:51:32.0118 21732 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys
21:51:32.0128 21732 vhdmp - ok
21:51:32.0142 21732 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys
21:51:32.0149 21732 viaide - ok
21:51:32.0175 21732 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys
21:51:32.0182 21732 volmgr - ok
21:51:32.0200 21732 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys
21:51:32.0211 21732 volmgrx - ok
21:51:32.0232 21732 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys
21:51:32.0243 21732 volsnap - ok
21:51:32.0286 21732 vpcbus (abd9b4a7e2d0ae51a3b8df1af3152d61) C:\windows\system32\DRIVERS\vpchbus.sys
21:51:32.0346 21732 vpcbus - ok
21:51:32.0381 21732 vpcnfltr (8acda395841538ce9713a67fe8b2a3eb) C:\windows\system32\DRIVERS\vpcnfltr.sys
21:51:32.0389 21732 vpcnfltr - ok
21:51:32.0429 21732 vpcusb (31924e31bc315773e6d149b157db46d5) C:\windows\system32\DRIVERS\vpcusb.sys
21:51:32.0458 21732 vpcusb - ok
21:51:32.0539 21732 vpcvmm (c5b651e52540e6f46da66574c74b4898) C:\windows\system32\drivers\vpcvmm.sys
21:51:32.0549 21732 vpcvmm - ok
21:51:32.0591 21732 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
21:51:32.0600 21732 vsmraid - ok
21:51:32.0622 21732 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
21:51:32.0656 21732 vwifibus - ok
21:51:32.0694 21732 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
21:51:32.0743 21732 vwififlt - ok
21:51:32.0774 21732 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
21:51:32.0815 21732 WacomPen - ok
21:51:32.0855 21732 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
21:51:32.0881 21732 WANARP - ok
21:51:32.0885 21732 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
21:51:32.0915 21732 Wanarpv6 - ok
21:51:32.0944 21732 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
21:51:32.0952 21732 Wd - ok
21:51:33.0020 21732 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys
21:51:33.0082 21732 WDC_SAM - ok
21:51:33.0113 21732 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
21:51:33.0130 21732 Wdf01000 - ok
21:51:33.0153 21732 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
21:51:33.0186 21732 WfpLwf - ok
21:51:33.0211 21732 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
21:51:33.0217 21732 WIMMount - ok
21:51:33.0300 21732 WinUSB (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUSB.sys
21:51:33.0351 21732 WinUSB - ok
21:51:33.0387 21732 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
21:51:33.0419 21732 WmiAcpi - ok
21:51:33.0461 21732 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
21:51:33.0488 21732 ws2ifsl - ok
21:51:33.0523 21732 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
21:51:33.0530 21732 wsvd - ok
21:51:33.0553 21732 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys
21:51:33.0602 21732 WudfPf - ok
21:51:33.0634 21732 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys
21:51:33.0661 21732 WUDFRd - ok
21:51:33.0756 21732 X5XSEx (8c6413d62c891d8da084a31da53a09e6) C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys
21:51:33.0761 21732 X5XSEx - ok
21:51:33.0805 21732 X6va005 - ok
21:51:33.0842 21732 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\windows\system32\DRIVERS\yk62x64.sys
21:51:33.0880 21732 yukonw7 - ok
21:51:33.0948 21732 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:51:34.0051 21732 \Device\Harddisk0\DR0 - ok
21:51:34.0054 21732 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
21:51:34.0599 21732 \Device\Harddisk1\DR1 - ok
21:51:34.0607 21732 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
21:51:34.0772 21732 \Device\Harddisk2\DR2 - ok
21:51:34.0788 21732 Boot (0x1200) (5fc0b3005a3ad6d27853241dda791f02) \Device\Harddisk0\DR0\Partition0
21:51:34.0789 21732 \Device\Harddisk0\DR0\Partition0 - ok
21:51:34.0801 21732 Boot (0x1200) (93e7c3a3cf67b169f71e469a1e92641e) \Device\Harddisk0\DR0\Partition1
21:51:34.0802 21732 \Device\Harddisk0\DR0\Partition1 - ok
21:51:34.0805 21732 Boot (0x1200) (12465cb012d0ff36e8a8e89b655ef92a) \Device\Harddisk1\DR1\Partition0
21:51:34.0806 21732 \Device\Harddisk1\DR1\Partition0 - ok
21:51:34.0811 21732 Boot (0x1200) (4b1425494ee89def42333c0a3d2d4fc4) \Device\Harddisk2\DR2\Partition0
21:51:34.0812 21732 \Device\Harddisk2\DR2\Partition0 - ok
21:51:34.0812 21732 ============================================================
21:51:34.0812 21732 Scan finished
21:51:34.0812 21732 ============================================================
21:51:34.0852 6036 Detected object count: 0
21:51:34.0852 6036 Actual detected object count: 0
21:53:00.0716 11360 Deinitialize success
  • 0

#27
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
What are your current problems?


Download AVPTool from Here to your desktop.

Run the programme you have just downloaded to your desktop (it will be randomly named).

First we will run a virus scan.

Click the cog in the upper right.

Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan.

Posted Image

Allow AVP to delete all infections found.
Once it has finished select report tab (last tab).
Select Detected threads report from the left and press Save button.
Save it to your desktop and attach to your next post.


Now the Analysis

Rerun AVP and select the Manual Disinfection tab and press Start Gathering System Information.

Posted Image


On completion click the link to locate the zip file to upload and attach to your next post.

Posted Image


Things I want to see in your next reply

  • Answer to my question
  • AVPTool Report
  • avptool_sysinfo.zip

  • 0

#28
NeonFx

NeonFx

    Malware Removal Dude

  • Expert
  • 3,797 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP