Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

suspect virus computer slow [Solved]

Started by Valkour , Jun 22 2012 07:36 PM

  • This topic is locked This topic is locked

#1
Valkour
Posted 22 June 2012 - 07:36 PM

Valkour

    Member

  • Member
  • PipPip
  • 23 posts
Computer has been slow to boot up and run programs. Had graphics drivers stop working a few times. My anti virus stopped loading itself at boot up (avast!). Graphics drivers keep shutting down.

OTL logfile created on: 6/22/2012 9:02:09 PM - Run 1
OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\Administrator\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 48.02% Memory free
8.16 Gb Paging File | 5.76 Gb Available in Paging File | 70.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298.09 Gb Total Space | 82.55 Gb Free Space | 27.69% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 781.52 Gb Free Space | 83.90% Space Free | Partition Type: NTFS

Computer Name: LEITHIAN | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/22 20:43:26 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Downloads\OTL.exe
PRC - [2012/06/17 10:51:23 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/05/30 16:38:43 | 000,038,744 | ---- | M] (NCSoft) -- C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe
PRC - [2012/05/25 10:14:23 | 003,407,496 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2012/05/15 06:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/04/16 17:49:06 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BBSvc.EXE
PRC - [2011/09/27 11:44:20 | 000,439,440 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2011/09/06 07:32:20 | 000,140,456 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2011/08/04 14:44:24 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
PRC - [2011/08/04 14:41:44 | 001,637,496 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2011/06/30 14:48:46 | 000,395,152 | ---- | M] (Seagate) -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
PRC - [2011/06/30 14:47:14 | 002,638,152 | ---- | M] (Seagate) -- C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
PRC - [2011/04/22 08:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/02/18 11:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2010/05/20 15:26:28 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2008/11/18 13:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2008/11/12 19:49:28 | 000,057,344 | ---- | M] (Ideazon, Inc.) -- C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe
PRC - [2008/10/15 16:47:00 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razertra.exe
PRC - [2008/10/14 11:46:14 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razerhid.exe
PRC - [2007/08/16 17:05:16 | 000,274,432 | ---- | M] (razercfg MFC Application) -- C:\Program Files (x86)\Razer\Lachesis\OSD.exe
PRC - [2007/06/05 10:37:12 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Lachesis\razerofa.exe
PRC - [2007/02/28 20:50:50 | 000,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/17 10:51:22 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/06/15 13:08:19 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2012/06/13 03:53:25 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012/06/13 03:52:42 | 010,683,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\02ccd8236a942b3f89411fab5d2b594a\System.Design.ni.dll
MOD - [2012/06/13 03:09:18 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012/05/25 10:14:26 | 000,312,320 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff4.dll
MOD - [2012/05/25 10:14:26 | 000,264,192 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng4.dll
MOD - [2012/05/25 10:14:26 | 000,211,456 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg4.dll
MOD - [2012/05/25 10:14:26 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico4.dll
MOD - [2012/05/25 10:14:26 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif4.dll
MOD - [2012/05/25 10:14:25 | 003,564,544 | ---- | M] () -- C:\Program Files (x86)\Origin\QtXmlPatterns4.dll
MOD - [2012/05/25 10:14:24 | 018,604,544 | ---- | M] () -- C:\Program Files (x86)\Origin\QtWebKit4.dll
MOD - [2012/05/25 10:14:24 | 009,440,256 | ---- | M] () -- C:\Program Files (x86)\Origin\QtGui4.dll
MOD - [2012/05/25 10:14:24 | 002,694,144 | ---- | M] () -- C:\Program Files (x86)\Origin\QtCore4.dll
MOD - [2012/05/25 10:14:24 | 001,152,512 | ---- | M] () -- C:\Program Files (x86)\Origin\QtNetwork4.dll
MOD - [2012/05/25 10:14:24 | 000,413,184 | ---- | M] () -- C:\Program Files (x86)\Origin\QtXml4.dll
MOD - [2012/05/15 02:21:26 | 000,368,448 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2012/05/10 00:07:08 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/05/10 00:07:06 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4b5eaa70d2900b98ccf6fd9915f34d69\System.EnterpriseServices.ni.dll
MOD - [2012/05/10 00:07:06 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4b5eaa70d2900b98ccf6fd9915f34d69\System.EnterpriseServices.Wrapper.dll
MOD - [2012/05/10 00:07:05 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b6d83a652c94b32fc8f99a6df0acd7f4\System.Transactions.ni.dll
MOD - [2012/05/10 00:06:45 | 000,679,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\442135bc0b503b42ab2d752c23bea631\System.Security.ni.dll
MOD - [2012/05/10 00:06:42 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012/05/10 00:06:37 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll
MOD - [2012/05/09 22:04:10 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\6cc7aca81a3abfc1ab90b0c72f302702\System.Xml.ni.dll
MOD - [2012/05/09 22:03:31 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\bfdd10e0a0aacf46bac557ffc5d55ba5\System.Data.ni.dll
MOD - [2012/05/09 22:02:22 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/09 22:02:13 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012/05/05 17:09:25 | 000,217,088 | ---- | M] () -- C:\Program Files (x86)\NCSoft\Launcher\UnRar.Net.dll
MOD - [2012/05/05 17:09:25 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\NCSoft\Launcher\NC.Logging.dll
MOD - [2009/04/11 02:28:21 | 000,368,640 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009/04/10 22:04:15 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2009/03/30 00:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/30 00:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/03/26 14:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2009/02/06 18:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL
MOD - [2008/11/12 19:48:48 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Ideazon\ZEngine\AxInterop.WBOCXLib.dll
MOD - [2008/10/15 16:47:00 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razertra.exe
MOD - [2008/10/14 11:46:14 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razerhid.exe
MOD - [2008/03/12 09:41:09 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/10/08 22:24:28 | 000,953,632 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/05/20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/06/17 10:51:22 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/15 06:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/04/16 17:49:06 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/04/16 17:49:06 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/09/06 07:32:20 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2011/06/30 14:50:10 | 001,191,408 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2011/04/22 08:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010/08/09 07:30:43 | 000,161,144 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist Express Customer\240\g2ax_service.exe -- (GoToAssist Express Customer)
SRV - [2010/05/24 16:25:14 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/15 16:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/11/02 21:00:46 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/08/30 15:17:30 | 003,407,412 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2009/07/26 18:35:19 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/18 13:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008/05/23 11:14:54 | 000,157,696 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)
SRV - [2008/01/20 22:47:00 | 000,428,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/20 22:47:00 | 000,211,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/05/11 23:06:20 | 000,971,360 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\timntr.sys -- (timounter)
DRV:64bit: - [2012/05/11 23:06:08 | 000,210,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\vididr.sys -- (vididr)
DRV:64bit: - [2012/05/11 23:06:02 | 000,141,920 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\vsflt53.sys -- (vidsflt53) Acronis Disk Storage Filter (53)
DRV:64bit: - [2012/05/11 23:05:56 | 000,275,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\snapman.sys -- (snapman)
DRV:64bit: - [2012/02/29 09:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/01/16 01:44:50 | 000,348,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2011/01/16 01:44:50 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/01/16 01:44:50 | 000,106,536 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011/01/16 01:44:50 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/01/16 01:44:50 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/05/20 15:26:28 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VX1000.sys -- (VX1000)
DRV:64bit: - [2010/04/26 22:25:20 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/04/26 22:25:20 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV:64bit: - [2010/04/26 22:25:20 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2010/04/26 22:25:20 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/15 13:59:30 | 000,042,088 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\nvoclk64.sys -- (nvoclk64)
DRV:64bit: - [2009/08/03 11:12:00 | 001,289,216 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17)
DRV:64bit: - [2009/04/11 01:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/04/22 08:53:36 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys -- (ENTECH64)
DRV:64bit: - [2008/01/20 22:49:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RootMdm.sys -- (ROOTMODEM)
DRV:64bit: - [2008/01/20 22:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2007/08/17 16:48:46 | 000,030,336 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Lachesis.sys -- (VaneFltr)
DRV:64bit: - [2007/07/23 10:57:04 | 000,052,992 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Alpham164.sys -- (Alpham1)
DRV:64bit: - [2007/03/20 12:51:04 | 000,021,760 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Alpham264.sys -- (Alpham2)
DRV:64bit: - [2006/05/24 14:51:14 | 000,013,824 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\copperhd.sys -- (copperhd)
DRV:64bit: - [2005/10/21 20:01:22 | 000,019,200 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbicp.sys -- (uisp)
DRV - [2008/05/23 11:11:46 | 000,040,480 | ---- | M] (NVidia Corp.) [Kernel | Auto | Running] -- C:\Windows\nvflsh64.sys -- (NVR0FLASHDev)
DRV - [2007/12/24 23:31:38 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice)
DRV - [2007/12/24 23:31:38 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice)
DRV - [2005/07/14 16:36:14 | 000,014,408 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.SYS -- (GearAspiWDM)
DRV - [2005/01/01 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
DRV - [2004/06/22 18:44:50 | 000,005,632 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\Entech64.sys -- (ENTECH64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7GGLL_en
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{B648DCBC-6F54-494F-971D-1F519DDBCE09}: "URL" = http://www.cdnredire...q={searchTerms}
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.c...m=1&toolbar=UT2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...TDF&PC=WLEM&q="
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-sunm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-sunm"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/"
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {2A1D5949-B519-4924-BF62-8522FE0D5274}:0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.5.20110120033202
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://dts.search-re...id=406&sr=0&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@fileplanet.com/fpdlm: C:\Program Files (x86)\Download Manager\npfpdlm.dll (IGN Entertainment)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@rayv.com/rayvplugin: C:\Program Files (x86)\RayV\RayV\plugins\nprayvplugin.dll (RayV)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files (x86)\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/17 10:51:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/18 21:08:58 | 000,000,000 | ---D | M]

[2012/05/22 01:37:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions
[2010/07/07 19:15:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/06/18 21:41:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\pkhxzst0.default\extensions
[2012/06/18 21:41:13 | 000,000,000 | ---D | M] (AddThis) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\pkhxzst0.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2009/04/10 16:30:25 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\pkhxzst0.default\extensions\[email protected]
[2009/08/21 01:45:54 | 000,000,687 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\pkhxzst0.default\searchplugins\ask.xml
[2011/05/08 11:11:10 | 000,001,832 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\pkhxzst0.default\searchplugins\bing.xml
[2012/05/22 00:58:39 | 000,002,519 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\pkhxzst0.default\searchplugins\Search_Results.xml
[2012/05/22 00:13:34 | 000,001,370 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\pkhxzst0.default\searchplugins\vgrabber.xml
[2009/03/24 09:18:36 | 000,002,330 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\pkhxzst0.default\searchplugins\wowprogresscom.xml
[2012/05/22 01:37:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2008/06/22 15:15:51 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/06/29 17:00:59 | 000,031,123 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PKHXZST0.DEFAULT\EXTENSIONS\{2A1D5949-B519-4924-BF62-8522FE0D5274}.XPI
[2012/06/18 21:00:59 | 000,010,707 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PKHXZST0.DEFAULT\EXTENSIONS\{72C9FDFF-BCCD-4FAC-A08E-857103C6E721}.XPI
[2012/03/28 18:26:51 | 000,685,019 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PKHXZST0.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
[2009/08/08 03:00:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/06/17 10:51:23 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/18 14:55:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/05/22 00:58:39 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012/02/18 14:55:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Search Results ()
CHR - default_search_provider: search_url = http://dts.search-re...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: CTB Dynamic Link Library (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbknbhjdechbmaobalboajacpcddfpdm\1.0_0\ctb.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: IGN Download Manager Plug-in (Enabled) = C:\Program Files (x86)\Download Manager\npfpdlm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RayV Plugin (Enabled) = C:\Program Files (x86)\RayV\RayV\plugins\nprayvplugin.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files (x86)\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: BlackBerry AppWorld (Enabled) = C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: vGrabber Chrome Toolbar = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbknbhjdechbmaobalboajacpcddfpdm\1.0_0\
CHR - Extension: uTorrentControl2 = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.7.1_0\
CHR - Extension: Gmail = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/06/02 01:09:01 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Bundlore LTD Helper Object) - {551F809C-AF12-4545-9D0C-6EB71DDDC088} - C:\Program Files (x86)\Bundlore LTD\vgrabber\1.5.23.25\bh\vgrabber.dll (Bundlore LTD)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bundlore LTD Toolbar) - {263C8DDB-AB71-4F00-8FA5-FFEB620F5840} - C:\Program Files (x86)\Bundlore LTD\vgrabber\1.5.23.25\vgrabberTlbr.dll (Bundlore LTD)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [NVRaidService] C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Seagate Scheduler2 Service] C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
O4:64bit: - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [DiscWizardMonitor.exe] C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [Lachesis] C:\Program Files (x86)\Razer\Lachesis\razerhid.exe ()
O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Zboard] C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe (Ideazon, Inc.)
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe (IGN Entertainment)
O4 - HKCU..\Run: [NCsoft Launcher] C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe (NCSoft)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.nvidia.co.../sysreqlab2.cab (Reg Error: Key error.)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...10926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72173957-0D3C-4DA2-A199-29DABC1317BD}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{842458C3-590B-4370-B1D5-1925410E0404}: DhcpNameServer = 65.32.5.111 65.32.5.112
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist Express Customer: DllName - (C:\Program Files (x86)\Citrix\GoToAssist Express Customer\240\g2ax_winlogonx64.dll) - C:\Program Files (x86)\Citrix\GoToAssist Express Customer\240\g2ax_winlogonx64.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/18 21:08:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/06/17 15:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA
[2012/06/17 15:46:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\TERA
[2012/06/15 23:59:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sansa Media Converter
[2012/06/15 23:59:35 | 000,010,368 | ---- | C] (InterVideo, Inc.) -- C:\Windows\SysWow64\iviaspi.sys
[2012/06/15 23:58:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SanDisk
[2012/06/13 14:58:42 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Macromedia
[2012/06/06 22:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
[2012/06/06 07:54:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Pando_Temp
[2012/06/02 09:54:04 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/06/02 01:14:13 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/06/02 00:50:48 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/06/02 00:50:48 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/06/02 00:50:48 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/06/02 00:50:41 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/06/02 00:47:39 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/02 00:47:20 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\what is this
[2012/06/02 00:38:23 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\RK_Quarantine
[2012/05/26 21:37:33 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012/05/26 19:58:21 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\SCE
[2012/05/26 19:58:21 | 000,000,000 | ---D | C] -- C:\Crash
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/22 20:53:22 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/22 20:53:18 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/22 20:53:18 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/22 20:53:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/22 20:51:53 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/06/22 20:29:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/21 18:21:12 | 000,000,318 | ---- | M] () -- C:\Users\Administrator\Desktop\Curse Client.appref-ms
[2012/06/18 16:10:52 | 000,000,724 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012/06/17 15:46:41 | 000,000,489 | ---- | M] () -- C:\Users\Public\Desktop\TERA-Launcher.lnk
[2012/06/16 00:30:34 | 000,001,280 | ---- | M] () -- C:\Users\Public\Desktop\Mass Effect 3.lnk
[2012/06/15 23:59:37 | 000,002,084 | ---- | M] () -- C:\Users\Public\Desktop\ Sansa Media Converter.lnk
[2012/06/15 11:47:21 | 000,000,892 | ---- | M] () -- C:\Users\Administrator\Desktop\Eusing Free Registry Cleaner.lnk
[2012/06/13 03:49:23 | 000,392,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/13 03:23:38 | 000,826,882 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/13 03:23:38 | 000,677,998 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/13 03:23:38 | 000,134,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/12 01:31:46 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/06/07 18:25:49 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/06/02 23:09:46 | 000,000,659 | ---- | M] () -- C:\Users\Administrator\Desktop\Gw2.exe - Shortcut.lnk
[2012/06/02 01:09:01 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/05/26 21:37:33 | 000,000,747 | ---- | M] () -- C:\Users\Administrator\Desktop\DC Universe Online Live.lnk
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/21 18:21:12 | 000,000,318 | ---- | C] () -- C:\Users\Administrator\Desktop\Curse Client.appref-ms
[2012/06/18 21:19:37 | 000,014,324 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012/06/17 15:46:41 | 000,000,489 | ---- | C] () -- C:\Users\Public\Desktop\TERA-Launcher.lnk
[2012/06/15 23:59:37 | 000,002,084 | ---- | C] () -- C:\Users\Public\Desktop\ Sansa Media Converter.lnk
[2012/06/02 23:09:53 | 000,000,659 | ---- | C] () -- C:\Users\Administrator\Desktop\Gw2.exe - Shortcut.lnk
[2012/06/02 00:50:48 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/06/02 00:50:48 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/06/02 00:50:48 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/06/02 00:50:48 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/06/02 00:50:48 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/05/26 19:57:46 | 000,000,747 | ---- | C] () -- C:\Users\Administrator\Desktop\DC Universe Online Live.lnk
[2012/05/26 19:57:46 | 000,000,725 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online Live.lnk
[2012/05/15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/13 12:22:02 | 000,000,380 | ---- | C] () -- C:\Windows\SysWow64\parser_settings.ini
[2011/01/16 01:38:23 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010/07/01 10:35:06 | 000,000,254 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2010/07/01 10:35:06 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2010/07/01 10:34:18 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010/07/01 10:28:39 | 000,031,767 | ---- | C] () -- C:\Windows\maxlink.ini
[2010/07/01 09:27:59 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2010/06/07 20:52:42 | 000,000,552 | ---- | C] () -- C:\Users\Administrator\AppData\Local\d3d8caps.dat
[2010/06/07 20:49:04 | 000,000,680 | ---- | C] () -- C:\Users\Administrator\AppData\Local\d3d9caps.dat
[2009/07/08 06:51:46 | 000,000,101 | ---- | C] () -- C:\Users\Administrator\AppData\Local\fusioncache.dat
[2009/02/14 20:00:55 | 000,870,128 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\mcs.rma
[2008/03/23 15:09:09 | 000,017,920 | ---- | C] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/12 08:56:31 | 000,001,460 | ---- | C] () -- C:\Users\Administrator\AppData\Local\d3d9caps64.dat

========== LOP Check ==========

[2008/10/05 15:16:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Bioshock
[2012/05/18 12:16:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Canon
[2009/09/16 20:06:45 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GetRightToGo
[2008/03/21 07:15:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Ideazon
[2009/08/21 00:56:09 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ImgBurn
[2012/05/11 22:32:02 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Leadertech
[2012/05/06 14:06:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\LolClient
[2009/08/07 14:35:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Music Coach
[2009/02/19 08:32:46 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OpenOffice.org
[2012/04/14 14:21:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Origin
[2011/01/02 10:58:46 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\RayV
[2011/04/21 09:33:46 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Research In Motion
[2012/06/01 21:27:37 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\RIFT
[2009/03/04 19:44:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SanDisk
[2012/05/11 23:08:40 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Seagate
[2008/09/20 20:17:04 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SPORE
[2008/07/11 17:20:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SPORE Creature Creator
[2010/11/14 16:16:20 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SystemRequirementsLab
[2010/07/07 19:15:14 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TomTom
[2009/07/08 06:51:49 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Turbine
[2009/04/04 13:26:06 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Unreal Streaming
[2012/05/22 00:27:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\uTorrent
[2012/06/22 20:51:54 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

Edited by Valkour, 23 June 2012 - 07:10 AM.

  • 0

Advertisements

#2
maliprog
Posted 26 June 2012 - 11:51 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello Valkour and welcome to my office here at G2G! :)

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

If this is caused by malware we will find it. Let's see...

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Check the boxes beside:

    • Verify Driver Digital Signature
    • Detect TDLFS file system
  • then click OK.
  • Click the Start Scan button to start the scan.
  • If a suspicious object is detected, the default action will be Skip
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected for malicious objects

    Posted Image
  • Click Continue then Reboot now to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Step 2

Download aswMBR.exe ( 511KB ) to your desktop.

  • Double click the aswMBR.exe to run it
  • Click the "Scan" button to start scan
  • On completion of the scan click save log, save it to your desktop and post aswMBR.txt in your next reply

Step 3

Download GMER from Here. Note the file's name and save it to your root folder, such as C:.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
  • Click on this link to see a list of programs that should be disabled.
  • Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
  • Allow the driver to load if asked.
  • You may be prompted to scan immediately if it detects rootkit activity.
  • If you are prompted to scan your system click "No", save the log and post back the results.
  • If not prompted, click the "Rootkit/Malware" tab.
  • On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
  • Select all drives that are connected to your system to be scanned.
  • Click the Scan button to begin. (Please be patient as it can take some time to complete)
  • When the scan is finished, click Save to save the scan results to your Desktop.
  • Save the file as Results.log and copy/paste the contents in your next reply.
  • Exit the program and re-enable all active protection when done.

Step 4

Please don't forget to include these items in your reply:

  • TDSSKiller log
  • aswMBR log
  • GMER log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#3
Valkour
Posted 27 June 2012 - 07:10 AM

Valkour

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
09:04:45.0347 4916 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
09:04:45.0620 4916 ============================================================
09:04:45.0620 4916 Current date / time: 2012/06/27 09:04:45.0620
09:04:45.0620 4916 SystemInfo:
09:04:45.0620 4916
09:04:45.0620 4916 OS Version: 6.0.6002 ServicePack: 2.0
09:04:45.0620 4916 Product type: Workstation
09:04:45.0620 4916 ComputerName: LEITHIAN
09:04:45.0620 4916 UserName: Administrator
09:04:45.0620 4916 Windows directory: C:\Windows
09:04:45.0620 4916 System windows directory: C:\Windows
09:04:45.0620 4916 Running under WOW64
09:04:45.0620 4916 Processor architecture: Intel x64
09:04:45.0620 4916 Number of processors: 4
09:04:45.0620 4916 Page size: 0x1000
09:04:45.0620 4916 Boot type: Normal boot
09:04:45.0620 4916 ============================================================
09:04:46.0968 4916 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:04:46.0985 4916 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:04:47.0001 4916 ============================================================
09:04:47.0001 4916 \Device\Harddisk0\DR0:
09:04:47.0001 4916 MBR partitions:
09:04:47.0001 4916 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
09:04:47.0001 4916 \Device\Harddisk1\DR1:
09:04:47.0002 4916 MBR partitions:
09:04:47.0002 4916 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
09:04:47.0002 4916 ============================================================
09:04:47.0129 4916 C: <-> \Device\Harddisk1\DR1\Partition0
09:04:47.0160 4916 E: <-> \Device\Harddisk0\DR0\Partition0
09:04:47.0160 4916 ============================================================
09:04:47.0160 4916 Initialize success
09:04:47.0160 4916 ============================================================
09:05:14.0882 4028 ============================================================
09:05:14.0882 4028 Scan started
09:05:14.0882 4028 Mode: Manual; SigCheck; TDLFS;
09:05:14.0882 4028 ============================================================
09:05:17.0468 4028 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
09:05:17.0551 4028 ACPI - ok
09:05:17.0648 4028 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
09:05:17.0671 4028 adp94xx - ok
09:05:17.0714 4028 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
09:05:17.0733 4028 adpahci - ok
09:05:17.0773 4028 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
09:05:17.0785 4028 adpu160m - ok
09:05:17.0805 4028 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
09:05:17.0819 4028 adpu320 - ok
09:05:17.0878 4028 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
09:05:18.0084 4028 AeLookupSvc - ok
09:05:18.0167 4028 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
09:05:18.0312 4028 AFD - ok
09:05:18.0370 4028 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
09:05:18.0381 4028 agp440 - ok
09:05:18.0431 4028 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
09:05:18.0443 4028 aic78xx - ok
09:05:18.0479 4028 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
09:05:18.0613 4028 ALG - ok
09:05:18.0668 4028 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
09:05:18.0677 4028 aliide - ok
09:05:18.0745 4028 Alpham1 (b3e801135e0c81733542c14d9aa8120a) C:\Windows\system32\DRIVERS\Alpham164.sys
09:05:18.0803 4028 Alpham1 - ok
09:05:18.0823 4028 Alpham2 (6493983fedbc49d9112703ece9b251fe) C:\Windows\system32\DRIVERS\Alpham264.sys
09:05:18.0864 4028 Alpham2 - ok
09:05:18.0891 4028 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
09:05:18.0901 4028 amdide - ok
09:05:18.0941 4028 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
09:05:19.0010 4028 AmdK8 - ok
09:05:19.0061 4028 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
09:05:19.0083 4028 Appinfo - ok
09:05:19.0156 4028 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
09:05:19.0168 4028 arc - ok
09:05:19.0207 4028 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
09:05:19.0218 4028 arcsas - ok
09:05:19.0311 4028 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
09:05:19.0363 4028 AsyncMac - ok
09:05:19.0415 4028 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
09:05:19.0426 4028 atapi - ok
09:05:19.0517 4028 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
09:05:19.0612 4028 AudioEndpointBuilder - ok
09:05:19.0616 4028 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
09:05:19.0662 4028 AudioSrv - ok
09:05:19.0803 4028 BBSvc (ceabb1e93186e7056ea46cbad8f8fd85) C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BBSvc.exe
09:05:19.0817 4028 BBSvc - ok
09:05:19.0844 4028 BBUpdate (c0d34db1235b6a5c3df5a5c212d67f73) C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\SeaPort.exe
09:05:19.0858 4028 BBUpdate - ok
09:05:19.0885 4028 Beep - ok
09:05:19.0949 4028 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
09:05:20.0007 4028 BFE - ok
09:05:20.0117 4028 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\system32\qmgr.dll
09:05:20.0232 4028 BITS - ok
09:05:20.0280 4028 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
09:05:20.0325 4028 blbdrive - ok
09:05:20.0354 4028 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
09:05:20.0398 4028 bowser - ok
09:05:20.0446 4028 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
09:05:20.0477 4028 BrFiltLo - ok
09:05:20.0486 4028 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
09:05:20.0552 4028 BrFiltUp - ok
09:05:20.0606 4028 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
09:05:20.0660 4028 Browser - ok
09:05:20.0723 4028 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
09:05:20.0891 4028 Brserid - ok
09:05:20.0915 4028 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
09:05:21.0002 4028 BrSerWdm - ok
09:05:21.0024 4028 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
09:05:21.0083 4028 BrUsbMdm - ok
09:05:21.0094 4028 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
09:05:21.0146 4028 BrUsbSer - ok
09:05:21.0208 4028 BthEnum (09f926a0d9c0bafd8417a4307d2ed13c) C:\Windows\system32\DRIVERS\BthEnum.sys
09:05:21.0230 4028 BthEnum - ok
09:05:21.0286 4028 BTHMODEM (72f70a38bb15252eb7c4da7ba3bd4ed1) C:\Windows\system32\DRIVERS\bthmodem.sys
09:05:21.0320 4028 BTHMODEM - ok
09:05:21.0338 4028 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
09:05:21.0397 4028 BthPan - ok
09:05:21.0509 4028 BTHPORT (e1466882252ff51edde48c3f7eda2591) C:\Windows\system32\Drivers\BTHport.sys
09:05:21.0602 4028 BTHPORT - ok
09:05:21.0659 4028 BthServ (22e65ffd640f16968f855f5b3528d366) C:\Windows\System32\bthserv.dll
09:05:21.0748 4028 BthServ - ok
09:05:21.0879 4028 BTHUSB (970192cded77a128e7e30722e5ee6b9c) C:\Windows\system32\Drivers\BTHUSB.sys
09:05:21.0962 4028 BTHUSB - ok
09:05:22.0063 4028 BTWAMPFL (72cc5dcc4e67e7927f94801166cfdcda) C:\Windows\system32\DRIVERS\btwampfl.sys
09:05:22.0084 4028 BTWAMPFL - ok
09:05:22.0153 4028 btwaudio (f6135859a582a7294ba7a3336e08baa1) C:\Windows\system32\drivers\btwaudio.sys
09:05:22.0162 4028 btwaudio - ok
09:05:22.0203 4028 btwavdt (3def2370e414b4e299673558ba171a51) C:\Windows\system32\drivers\btwavdt.sys
09:05:22.0212 4028 btwavdt - ok
09:05:22.0387 4028 btwdins (37fee2bc1d213de99ce7f8bb247a9229) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:05:22.0417 4028 btwdins - ok
09:05:22.0448 4028 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
09:05:22.0470 4028 btwl2cap - ok
09:05:22.0490 4028 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys
09:05:22.0498 4028 btwrchid - ok
09:05:22.0533 4028 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
09:05:22.0588 4028 cdfs - ok
09:05:22.0640 4028 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
09:05:22.0685 4028 cdrom - ok
09:05:22.0747 4028 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
09:05:22.0777 4028 CertPropSvc - ok
09:05:22.0805 4028 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
09:05:22.0868 4028 circlass - ok
09:05:23.0062 4028 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
09:05:23.0115 4028 CLFS - ok
09:05:23.0214 4028 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:05:23.0224 4028 clr_optimization_v2.0.50727_32 - ok
09:05:23.0303 4028 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:05:23.0313 4028 clr_optimization_v2.0.50727_64 - ok
09:05:23.0428 4028 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:05:23.0456 4028 clr_optimization_v4.0.30319_32 - ok
09:05:23.0504 4028 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:05:23.0514 4028 clr_optimization_v4.0.30319_64 - ok
09:05:23.0540 4028 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
09:05:23.0550 4028 cmdide - ok
09:05:23.0564 4028 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
09:05:23.0574 4028 Compbatt - ok
09:05:23.0576 4028 COMSysApp - ok
09:05:23.0630 4028 copperhd (71879a4ab90d21bccf9e3cfcf0bb5f4a) C:\Windows\system32\drivers\copperhd.sys
09:05:23.0686 4028 copperhd - ok
09:05:23.0696 4028 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
09:05:23.0706 4028 crcdisk - ok
09:05:23.0798 4028 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
09:05:23.0831 4028 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
09:05:23.0832 4028 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
09:05:23.0893 4028 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
09:05:23.0910 4028 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
09:05:23.0910 4028 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
09:05:24.0004 4028 CryptSvc (62740b9d2a137e8ced41a9e4239a7a31) C:\Windows\system32\cryptsvc.dll
09:05:24.0044 4028 CryptSvc - ok
09:05:24.0330 4028 CTAudSvcService (69cdba2b9c397e349a04fa70dd9170a2) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
09:05:24.0387 4028 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
09:05:24.0387 4028 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
09:05:24.0475 4028 DAUpdaterSvc (914a7156b0c0f10be645a02e13f576b2) C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
09:05:24.0482 4028 DAUpdaterSvc - ok
09:05:24.0566 4028 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
09:05:24.0615 4028 DcomLaunch - ok
09:05:24.0697 4028 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
09:05:24.0745 4028 DfsC - ok
09:05:24.0997 4028 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
09:05:25.0167 4028 DFSR - ok
09:05:25.0304 4028 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
09:05:25.0337 4028 Dhcp - ok
09:05:25.0379 4028 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
09:05:25.0392 4028 disk - ok
09:05:25.0451 4028 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
09:05:25.0470 4028 Dnscache - ok
09:05:25.0535 4028 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
09:05:25.0559 4028 dot3svc - ok
09:05:25.0587 4028 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
09:05:25.0641 4028 DPS - ok
09:05:25.0676 4028 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
09:05:25.0707 4028 drmkaud - ok
09:05:25.0777 4028 dump_wmimmc - ok
09:05:25.0844 4028 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
09:05:25.0899 4028 DXGKrnl - ok
09:05:25.0963 4028 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
09:05:26.0019 4028 E1G60 - ok
09:05:26.0045 4028 EagleX64 - ok
09:05:26.0090 4028 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
09:05:26.0162 4028 EapHost - ok
09:05:26.0228 4028 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
09:05:26.0241 4028 Ecache - ok
09:05:26.0309 4028 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
09:05:26.0403 4028 ehRecvr - ok
09:05:26.0449 4028 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
09:05:26.0463 4028 ehSched - ok
09:05:26.0590 4028 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
09:05:26.0664 4028 ehstart - ok
09:05:26.0744 4028 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
09:05:26.0789 4028 elxstor - ok
09:05:26.0855 4028 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
09:05:26.0926 4028 EMDMgmt - ok
09:05:26.0996 4028 ENTECH64 (12c061d9f9621be916d58191872ec281) C:\Windows\system32\DRIVERS\ENTECH64.sys
09:05:27.0006 4028 ENTECH64 - ok
09:05:27.0074 4028 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
09:05:27.0102 4028 ErrDev - ok
09:05:27.0148 4028 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
09:05:27.0245 4028 EventSystem - ok
09:05:27.0310 4028 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
09:05:27.0389 4028 exfat - ok
09:05:27.0430 4028 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
09:05:27.0489 4028 fastfat - ok
09:05:27.0548 4028 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
09:05:27.0596 4028 fdc - ok
09:05:27.0630 4028 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
09:05:27.0687 4028 fdPHost - ok
09:05:27.0718 4028 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
09:05:27.0781 4028 FDResPub - ok
09:05:27.0808 4028 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
09:05:27.0819 4028 FileInfo - ok
09:05:27.0842 4028 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
09:05:27.0870 4028 Filetrace - ok
09:05:27.0891 4028 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
09:05:27.0935 4028 flpydisk - ok
09:05:27.0978 4028 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
09:05:27.0994 4028 FltMgr - ok
09:05:28.0103 4028 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
09:05:28.0206 4028 FontCache - ok
09:05:28.0255 4028 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:05:28.0263 4028 FontCache3.0.0.0 - ok
09:05:28.0303 4028 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
09:05:28.0312 4028 fssfltr - ok
09:05:28.0525 4028 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
09:05:28.0581 4028 fsssvc - ok
09:05:28.0719 4028 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
09:05:28.0756 4028 Fs_Rec - ok
09:05:28.0790 4028 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
09:05:28.0802 4028 gagp30kx - ok
09:05:28.0822 4028 GearAspiWDM - ok
09:05:28.0916 4028 GoToAssist Express Customer (c034cf6364210b88b114be02b864bb23) C:\Program Files (x86)\Citrix\GoToAssist Express Customer\240\g2ax_service.exe
09:05:28.0926 4028 GoToAssist Express Customer - ok
09:05:28.0985 4028 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
09:05:29.0020 4028 gpsvc - ok
09:05:29.0095 4028 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:05:29.0105 4028 gupdate - ok
09:05:29.0136 4028 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:05:29.0145 4028 gupdatem - ok
09:05:29.0192 4028 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:05:29.0202 4028 gusvc - ok
09:05:29.0289 4028 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
09:05:29.0305 4028 HdAudAddService - ok
09:05:29.0389 4028 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:05:29.0491 4028 HDAudBus - ok
09:05:29.0524 4028 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
09:05:29.0587 4028 HidBth - ok
09:05:29.0603 4028 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
09:05:29.0659 4028 HidIr - ok
09:05:29.0687 4028 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\System32\hidserv.dll
09:05:29.0750 4028 hidserv - ok
09:05:29.0775 4028 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
09:05:29.0801 4028 HidUsb - ok
09:05:29.0833 4028 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
09:05:29.0863 4028 hkmsvc - ok
09:05:29.0910 4028 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
09:05:29.0921 4028 HpCISSs - ok
09:05:29.0975 4028 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
09:05:30.0037 4028 HTTP - ok
09:05:30.0074 4028 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
09:05:30.0084 4028 i2omp - ok
09:05:30.0124 4028 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
09:05:30.0193 4028 i8042prt - ok
09:05:30.0216 4028 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
09:05:30.0232 4028 iaStorV - ok
09:05:30.0349 4028 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:05:30.0373 4028 IDriverT ( UnsignedFile.Multi.Generic ) - warning
09:05:30.0373 4028 IDriverT - detected UnsignedFile.Multi.Generic (1)
09:05:30.0519 4028 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:05:30.0573 4028 idsvc - ok
09:05:30.0597 4028 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
09:05:30.0607 4028 iirsp - ok
09:05:30.0714 4028 IJPLMSVC (54e0f4ccd6ce99a807459af928dd64ac) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
09:05:30.0726 4028 IJPLMSVC - ok
09:05:30.0806 4028 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
09:05:30.0886 4028 IKEEXT - ok
09:05:30.0968 4028 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
09:05:30.0978 4028 intelide - ok
09:05:30.0996 4028 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
09:05:31.0039 4028 intelppm - ok
09:05:31.0064 4028 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
09:05:31.0109 4028 IPBusEnum - ok
09:05:31.0143 4028 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:05:31.0185 4028 IpFilterDriver - ok
09:05:31.0245 4028 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
09:05:31.0277 4028 iphlpsvc - ok
09:05:31.0280 4028 IpInIp - ok
09:05:31.0301 4028 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
09:05:31.0357 4028 IPMIDRV - ok
09:05:31.0391 4028 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
09:05:31.0421 4028 IPNAT - ok
09:05:31.0452 4028 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
09:05:31.0507 4028 IRENUM - ok
09:05:31.0552 4028 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
09:05:31.0562 4028 isapnp - ok
09:05:31.0623 4028 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
09:05:31.0637 4028 iScsiPrt - ok
09:05:31.0665 4028 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
09:05:31.0687 4028 iteatapi - ok
09:05:31.0708 4028 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
09:05:31.0718 4028 iteraid - ok
09:05:31.0774 4028 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
09:05:31.0784 4028 kbdclass - ok
09:05:31.0800 4028 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
09:05:31.0840 4028 kbdhid - ok
09:05:31.0877 4028 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
09:05:31.0896 4028 KeyIso - ok
09:05:31.0944 4028 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
09:05:31.0966 4028 KSecDD - ok
09:05:32.0000 4028 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
09:05:32.0052 4028 ksthunk - ok
09:05:32.0129 4028 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
09:05:32.0189 4028 KtmRm - ok
09:05:32.0224 4028 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\System32\srvsvc.dll
09:05:32.0306 4028 LanmanServer - ok
09:05:32.0346 4028 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
09:05:32.0391 4028 LanmanWorkstation - ok
09:05:32.0513 4028 LGDDCDevice (94b28885a72e127374cb113d13163b68) C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys
09:05:32.0528 4028 LGDDCDevice ( UnsignedFile.Multi.Generic ) - warning
09:05:32.0528 4028 LGDDCDevice - detected UnsignedFile.Multi.Generic (1)
09:05:32.0572 4028 LGII2CDevice (acc40c79ab2b7d3ec2c82b88f6dc17a0) C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys
09:05:32.0587 4028 LGII2CDevice ( UnsignedFile.Multi.Generic ) - warning
09:05:32.0587 4028 LGII2CDevice - detected UnsignedFile.Multi.Generic (1)
09:05:32.0606 4028 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
09:05:32.0650 4028 lltdio - ok
09:05:32.0703 4028 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
09:05:32.0746 4028 lltdsvc - ok
09:05:32.0764 4028 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
09:05:32.0814 4028 lmhosts - ok
09:05:32.0845 4028 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
09:05:32.0857 4028 LSI_FC - ok
09:05:32.0882 4028 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
09:05:32.0895 4028 LSI_SAS - ok
09:05:32.0936 4028 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
09:05:32.0948 4028 LSI_SCSI - ok
09:05:32.0969 4028 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
09:05:33.0008 4028 luafv - ok
09:05:33.0033 4028 MCSTRM - ok
09:05:33.0074 4028 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
09:05:33.0086 4028 Mcx2Svc - ok
09:05:33.0124 4028 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
09:05:33.0135 4028 megasas - ok
09:05:33.0199 4028 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
09:05:33.0219 4028 MegaSR - ok
09:05:33.0257 4028 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
09:05:33.0295 4028 MMCSS - ok
09:05:33.0336 4028 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
09:05:33.0376 4028 Modem - ok
09:05:33.0427 4028 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
09:05:33.0456 4028 monitor - ok
09:05:33.0486 4028 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
09:05:33.0497 4028 mouclass - ok
09:05:33.0536 4028 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
09:05:33.0577 4028 mouhid - ok
09:05:33.0595 4028 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
09:05:33.0606 4028 MountMgr - ok
09:05:33.0714 4028 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:05:33.0725 4028 MozillaMaintenance - ok
09:05:33.0778 4028 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
09:05:33.0790 4028 mpio - ok
09:05:33.0819 4028 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
09:05:33.0859 4028 mpsdrv - ok
09:05:33.0912 4028 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
09:05:34.0004 4028 MpsSvc - ok
09:05:34.0028 4028 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
09:05:34.0038 4028 Mraid35x - ok
09:05:34.0075 4028 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
09:05:34.0097 4028 MRxDAV - ok
09:05:34.0131 4028 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:05:34.0147 4028 mrxsmb - ok
09:05:34.0173 4028 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:05:34.0214 4028 mrxsmb10 - ok
09:05:34.0235 4028 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:05:34.0255 4028 mrxsmb20 - ok
09:05:34.0290 4028 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
09:05:34.0301 4028 msahci - ok
09:05:34.0387 4028 MSCamSvc (a592a054d78750b4d73abaa4c94decdf) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
09:05:34.0398 4028 MSCamSvc - ok
09:05:34.0412 4028 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
09:05:34.0425 4028 msdsm - ok
09:05:34.0450 4028 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
09:05:34.0486 4028 MSDTC - ok
09:05:34.0505 4028 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
09:05:34.0547 4028 Msfs - ok
09:05:34.0573 4028 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
09:05:34.0583 4028 msisadrv - ok
09:05:34.0641 4028 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
09:05:34.0690 4028 MSiSCSI - ok
09:05:34.0693 4028 msiserver - ok
09:05:34.0746 4028 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
09:05:34.0785 4028 MSKSSRV - ok
09:05:34.0795 4028 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
09:05:34.0833 4028 MSPCLOCK - ok
09:05:34.0840 4028 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
09:05:34.0893 4028 MSPQM - ok
09:05:34.0940 4028 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
09:05:34.0957 4028 MsRPC - ok
09:05:34.0970 4028 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
09:05:34.0980 4028 mssmbios - ok
09:05:35.0027 4028 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
09:05:35.0067 4028 MSTEE - ok
09:05:35.0080 4028 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
09:05:35.0092 4028 Mup - ok
09:05:35.0141 4028 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
09:05:35.0193 4028 napagent - ok
09:05:35.0261 4028 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
09:05:35.0297 4028 NativeWifiP - ok
09:05:35.0385 4028 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
09:05:35.0413 4028 NDIS - ok
09:05:35.0446 4028 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
09:05:35.0483 4028 NdisTapi - ok
09:05:35.0497 4028 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
09:05:35.0541 4028 Ndisuio - ok
09:05:35.0574 4028 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
09:05:35.0597 4028 NdisWan - ok
09:05:35.0615 4028 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
09:05:35.0664 4028 NDProxy - ok
09:05:35.0695 4028 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
09:05:35.0749 4028 NetBIOS - ok
09:05:35.0803 4028 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
09:05:35.0842 4028 netbt - ok
09:05:35.0868 4028 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
09:05:35.0879 4028 Netlogon - ok
09:05:35.0911 4028 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
09:05:35.0948 4028 Netman - ok
09:05:35.0986 4028 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
09:05:36.0028 4028 netprofm - ok
09:05:36.0093 4028 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:05:36.0103 4028 NetTcpPortSharing - ok
09:05:36.0143 4028 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
09:05:36.0153 4028 nfrd960 - ok
09:05:36.0199 4028 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
09:05:36.0242 4028 NlaSvc - ok
09:05:36.0273 4028 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
09:05:36.0305 4028 Npfs - ok
09:05:36.0331 4028 npggsvc - ok
09:05:36.0336 4028 NPPTNT2 - ok
09:05:36.0370 4028 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
09:05:36.0410 4028 nsi - ok
09:05:36.0431 4028 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
09:05:36.0484 4028 nsiproxy - ok
09:05:36.0594 4028 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
09:05:36.0641 4028 Ntfs - ok
09:05:36.0743 4028 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
09:05:36.0783 4028 Null - ok
09:05:37.0103 4028 NVENETFD (98350606682594521d56eccb5d01ecf7) C:\Windows\system32\DRIVERS\nvmfdx64.sys
09:05:37.0174 4028 NVENETFD - ok
09:05:37.0969 4028 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:05:38.0567 4028 nvlddmkm - ok
09:05:38.0714 4028 nvoclk64 (8c1d181480796d7d3366a9381fd7782d) C:\Windows\system32\DRIVERS\nvoclk64.sys
09:05:38.0723 4028 nvoclk64 - ok
09:05:38.0761 4028 NVR0FLASHDev (549256fd69b5833490cc530bd909ca4a) C:\Windows\nvflsh64.sys
09:05:38.0769 4028 NVR0FLASHDev - ok
09:05:38.0801 4028 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
09:05:38.0812 4028 nvstor - ok
09:05:38.0847 4028 nvstor64 (71b6ecd3c56fbf12fb1968da3953b703) C:\Windows\system32\DRIVERS\nvstor64.sys
09:05:38.0858 4028 nvstor64 - ok
09:05:38.0951 4028 nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
09:05:38.0983 4028 nvsvc - ok
09:05:39.0498 4028 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:05:39.0564 4028 nvUpdatusService - ok
09:05:39.0694 4028 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
09:05:39.0706 4028 nv_agp - ok
09:05:39.0709 4028 NwlnkFlt - ok
09:05:39.0713 4028 NwlnkFwd - ok
09:05:39.0839 4028 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:05:39.0881 4028 odserv - ok
09:05:39.0958 4028 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
09:05:40.0000 4028 ohci1394 - ok
09:05:40.0051 4028 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:05:40.0061 4028 ose - ok
09:05:40.0939 4028 P17 (634347adebc790b8f07654a3ea8034fd) C:\Windows\system32\drivers\P17.sys
09:05:41.0027 4028 P17 - ok
09:05:41.0094 4028 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
09:05:41.0222 4028 p2pimsvc - ok
09:05:41.0230 4028 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
09:05:41.0252 4028 p2psvc - ok
09:05:41.0319 4028 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
09:05:41.0406 4028 Parport - ok
09:05:41.0442 4028 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
09:05:41.0454 4028 partmgr - ok
09:05:41.0482 4028 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
09:05:41.0513 4028 PcaSvc - ok
09:05:41.0551 4028 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
09:05:41.0564 4028 pci - ok
09:05:41.0608 4028 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
09:05:41.0619 4028 pciide - ok
09:05:41.0643 4028 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
09:05:41.0656 4028 pcmcia - ok
09:05:41.0706 4028 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
09:05:41.0791 4028 PEAUTH - ok
09:05:41.0843 4028 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
09:05:41.0877 4028 PerfHost - ok
09:05:42.0006 4028 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
09:05:42.0128 4028 pla - ok
09:05:42.0172 4028 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
09:05:42.0198 4028 PlugPlay - ok
09:05:42.0272 4028 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
09:05:42.0326 4028 PNRPAutoReg - ok
09:05:42.0333 4028 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
09:05:42.0355 4028 PNRPsvc - ok
09:05:42.0410 4028 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
09:05:42.0477 4028 PolicyAgent - ok
09:05:42.0550 4028 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
09:05:42.0573 4028 PptpMiniport - ok
09:05:42.0606 4028 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
09:05:42.0646 4028 Processor - ok
09:05:42.0684 4028 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
09:05:42.0740 4028 ProfSvc - ok
09:05:42.0783 4028 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
09:05:42.0794 4028 ProtectedStorage - ok
09:05:42.0838 4028 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
09:05:42.0859 4028 PSched - ok
09:05:42.0935 4028 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
09:05:42.0974 4028 ql2300 - ok
09:05:43.0016 4028 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
09:05:43.0027 4028 ql40xx - ok
09:05:43.0066 4028 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
09:05:43.0095 4028 QWAVE - ok
09:05:43.0109 4028 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
09:05:43.0121 4028 QWAVEdrv - ok
09:05:43.0206 4028 RapiMgr (ed4e69c31ef566266be13638ebe9da56) C:\Windows\WindowsMobile\rapimgr.dll
09:05:43.0259 4028 RapiMgr - ok
09:05:43.0279 4028 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
09:05:43.0340 4028 RasAcd - ok
09:05:43.0369 4028 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
09:05:43.0428 4028 RasAuto - ok
09:05:43.0477 4028 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:05:43.0510 4028 Rasl2tp - ok
09:05:43.0538 4028 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
09:05:43.0563 4028 RasMan - ok
09:05:43.0591 4028 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
09:05:43.0623 4028 RasPppoe - ok
09:05:43.0687 4028 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
09:05:43.0714 4028 RasSstp - ok
09:05:43.0749 4028 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
09:05:43.0773 4028 rdbss - ok
09:05:43.0794 4028 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:05:43.0822 4028 RDPCDD - ok
09:05:43.0872 4028 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
09:05:43.0923 4028 rdpdr - ok
09:05:43.0946 4028 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
09:05:43.0974 4028 RDPENCDD - ok
09:05:44.0011 4028 RDPWD (ae4bd9e1c33d351d8e607fc81f15160c) C:\Windows\system32\drivers\RDPWD.sys
09:05:44.0032 4028 RDPWD - ok
09:05:44.0059 4028 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
09:05:44.0121 4028 RemoteAccess - ok
09:05:44.0173 4028 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
09:05:44.0231 4028 RemoteRegistry - ok
09:05:44.0264 4028 RFCOMM (cd71e053d7260e4102d99a28f9196070) C:\Windows\system32\DRIVERS\rfcomm.sys
09:05:44.0311 4028 RFCOMM - ok
09:05:44.0314 4028 RimUsb - ok
09:05:44.0382 4028 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
09:05:44.0443 4028 RimVSerPort - ok
09:05:44.0466 4028 ROOTMODEM (6a0cf73b019cbc9255e23c9192ec3702) C:\Windows\system32\Drivers\RootMdm.sys
09:05:44.0495 4028 ROOTMODEM - ok
09:05:44.0523 4028 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
09:05:44.0555 4028 RpcLocator - ok
09:05:44.0621 4028 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
09:05:44.0651 4028 RpcSs - ok
09:05:44.0668 4028 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
09:05:44.0697 4028 rspndr - ok
09:05:44.0725 4028 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
09:05:44.0735 4028 SamSs - ok
09:05:44.0764 4028 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
09:05:44.0775 4028 sbp2port - ok
09:05:44.0811 4028 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
09:05:44.0835 4028 SCardSvr - ok
09:05:44.0903 4028 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
09:05:44.0987 4028 Schedule - ok
09:05:45.0018 4028 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
09:05:45.0038 4028 SCPolicySvc - ok
09:05:45.0062 4028 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
09:05:45.0115 4028 SDRSVC - ok
09:05:45.0135 4028 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:05:45.0216 4028 secdrv - ok
09:05:45.0239 4028 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
09:05:45.0282 4028 seclogon - ok
09:05:45.0302 4028 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\system32\sens.dll
09:05:45.0344 4028 SENS - ok
09:05:45.0375 4028 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
09:05:45.0419 4028 Serenum - ok
09:05:45.0466 4028 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
09:05:45.0509 4028 Serial - ok
09:05:45.0535 4028 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
09:05:45.0593 4028 sermouse - ok
09:05:45.0645 4028 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
09:05:45.0697 4028 SessionEnv - ok
09:05:45.0722 4028 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
09:05:45.0751 4028 sffdisk - ok
09:05:45.0762 4028 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
09:05:45.0799 4028 sffp_mmc - ok
09:05:45.0814 4028 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
09:05:45.0855 4028 sffp_sd - ok
09:05:45.0869 4028 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
09:05:45.0943 4028 sfloppy - ok
09:05:46.0101 4028 SgtSch2Svc (d85b7c7810d4fde6da341ef96de13702) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
09:05:46.0137 4028 SgtSch2Svc - ok
09:05:46.0212 4028 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
09:05:46.0280 4028 SharedAccess - ok
09:05:46.0342 4028 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
09:05:46.0380 4028 ShellHWDetection - ok
09:05:46.0425 4028 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
09:05:46.0436 4028 SiSRaid2 - ok
09:05:46.0461 4028 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
09:05:46.0473 4028 SiSRaid4 - ok
09:05:46.0626 4028 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
09:05:46.0749 4028 slsvc - ok
09:05:46.0845 4028 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
09:05:46.0867 4028 SLUINotify - ok
09:05:46.0921 4028 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
09:05:46.0944 4028 Smb - ok
09:05:46.0982 4028 snapman (32cde417100c530964e79c53b4e994ca) C:\Windows\system32\DRIVERS\snapman.sys
09:05:46.0995 4028 snapman - ok
09:05:47.0016 4028 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
09:05:47.0028 4028 SNMPTRAP - ok
09:05:47.0297 4028 speedfan (5f9785e7535f8f602cb294a54962c9e7) C:\Windows\syswow64\speedfan.sys
09:05:47.0306 4028 speedfan - ok
09:05:47.0335 4028 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
09:05:47.0346 4028 spldr - ok
09:05:47.0384 4028 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
09:05:47.0470 4028 Spooler - ok
09:05:47.0520 4028 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
09:05:47.0596 4028 srv - ok
09:05:47.0628 4028 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
09:05:47.0653 4028 srv2 - ok
09:05:47.0677 4028 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
09:05:47.0690 4028 srvnet - ok
09:05:47.0730 4028 sscdbus (f4f1e1ff6986fe8914525af751ea3eac) C:\Windows\system32\DRIVERS\sscdbus.sys
09:05:47.0740 4028 sscdbus - ok
09:05:47.0789 4028 sscdmdfl (5447690d2cfe1bde1be3a5a5a3e2f796) C:\Windows\system32\DRIVERS\sscdmdfl.sys
09:05:47.0797 4028 sscdmdfl - ok
09:05:47.0813 4028 sscdmdm (bfda292053aeb76a0c1d63b2279d5138) C:\Windows\system32\DRIVERS\sscdmdm.sys
09:05:47.0824 4028 sscdmdm - ok
09:05:47.0885 4028 sscdserd (208731a751357dd71c5a0345c77afd0a) C:\Windows\system32\DRIVERS\sscdserd.sys
09:05:47.0895 4028 sscdserd - ok
09:05:47.0949 4028 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
09:05:48.0011 4028 SSDPSRV - ok
09:05:48.0070 4028 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
09:05:48.0098 4028 SstpSvc - ok
09:05:48.0174 4028 Steam Client Service - ok
09:05:48.0300 4028 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:05:48.0352 4028 Stereo Service - ok
09:05:48.0419 4028 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys
09:05:48.0446 4028 StillCam - ok
09:05:48.0529 4028 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
09:05:48.0619 4028 stisvc - ok
09:05:48.0680 4028 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
09:05:48.0690 4028 swenum - ok
09:05:48.0773 4028 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
09:05:48.0835 4028 swprv - ok
09:05:48.0879 4028 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
09:05:48.0889 4028 Symc8xx - ok
09:05:48.0917 4028 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
09:05:48.0927 4028 Sym_hi - ok
09:05:48.0949 4028 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
09:05:48.0959 4028 Sym_u3 - ok
09:05:49.0023 4028 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
09:05:49.0117 4028 SysMain - ok
09:05:49.0173 4028 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
09:05:49.0225 4028 TabletInputService - ok
09:05:49.0260 4028 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
09:05:49.0319 4028 TapiSrv - ok
09:05:49.0355 4028 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
09:05:49.0391 4028 TBS - ok
09:05:49.0491 4028 Tcpip (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\drivers\tcpip.sys
09:05:49.0536 4028 Tcpip - ok
09:05:49.0677 4028 Tcpip6 (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\DRIVERS\tcpip.sys
09:05:49.0713 4028 Tcpip6 - ok
09:05:49.0776 4028 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
09:05:49.0852 4028 tcpipreg - ok
09:05:49.0873 4028 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
09:05:49.0935 4028 TDPIPE - ok
09:05:49.0968 4028 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
09:05:50.0008 4028 TDTCP - ok
09:05:50.0043 4028 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
09:05:50.0082 4028 tdx - ok
09:05:50.0114 4028 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
09:05:50.0126 4028 TermDD - ok
09:05:50.0181 4028 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
09:05:50.0254 4028 TermService - ok
09:05:50.0291 4028 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
09:05:50.0305 4028 Themes - ok
09:05:50.0329 4028 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
09:05:50.0357 4028 THREADORDER - ok
09:05:50.0436 4028 timounter (6adc063fd51f03ef0cab3e716a725bd2) C:\Windows\system32\DRIVERS\timntr.sys
09:05:50.0466 4028 timounter - ok
09:05:50.0555 4028 TomTomHOMEService (efef22b9577e5051057fde1ae381b50c) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
09:05:50.0565 4028 TomTomHOMEService - ok
09:05:50.0596 4028 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
09:05:50.0627 4028 TrkWks - ok
09:05:50.0679 4028 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
09:05:50.0710 4028 TrustedInstaller - ok
09:05:50.0751 4028 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:05:50.0796 4028 tssecsrv - ok
09:05:50.0822 4028 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
09:05:50.0856 4028 tunmp - ok
09:05:50.0905 4028 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
09:05:50.0930 4028 tunnel - ok
09:05:50.0954 4028 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
09:05:50.0965 4028 uagp35 - ok
09:05:51.0025 4028 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
09:05:51.0076 4028 udfs - ok
09:05:51.0108 4028 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
09:05:51.0138 4028 UI0Detect - ok
09:05:51.0196 4028 uisp (75894b827b8ca53fc2bb991c91b6728c) C:\Windows\system32\Drivers\usbicp.sys
09:05:51.0256 4028 uisp - ok
09:05:51.0319 4028 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
09:05:51.0331 4028 uliagpkx - ok
09:05:51.0369 4028 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
09:05:51.0385 4028 uliahci - ok
09:05:51.0418 4028 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
09:05:51.0430 4028 UlSata - ok
09:05:51.0462 4028 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
09:05:51.0474 4028 ulsata2 - ok
09:05:51.0496 4028 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
09:05:51.0524 4028 umbus - ok
09:05:51.0555 4028 UMPass (01abe05c401e70795b43a8933b44831e) C:\Windows\system32\DRIVERS\umpass.sys
09:05:51.0614 4028 UMPass - ok
09:05:51.0714 4028 UpdateCenterService - ok
09:05:51.0758 4028 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
09:05:51.0849 4028 upnphost - ok
09:05:51.0914 4028 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
09:05:51.0955 4028 usbaudio - ok
09:05:52.0017 4028 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
09:05:52.0055 4028 usbccgp - ok
09:05:52.0093 4028 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
09:05:52.0165 4028 usbcir - ok
09:05:52.0205 4028 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
09:05:52.0226 4028 usbehci - ok
09:05:52.0338 4028 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
09:05:52.0363 4028 usbhub - ok
09:05:52.0409 4028 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
09:05:52.0458 4028 usbohci - ok
09:05:52.0498 4028 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
09:05:52.0527 4028 usbprint - ok
09:05:52.0560 4028 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
09:05:52.0608 4028 usbscan - ok
09:05:52.0630 4028 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:05:52.0665 4028 USBSTOR - ok
09:05:52.0702 4028 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
09:05:52.0723 4028 usbuhci - ok
09:05:52.0753 4028 usb_rndisx (1e36bb1a3c5aaf2aa9fa9a126df8c16c) C:\Windows\system32\DRIVERS\usb8023x.sys
09:05:52.0783 4028 usb_rndisx - ok
09:05:52.0817 4028 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
09:05:52.0839 4028 UxSms - ok
09:05:52.0893 4028 VaneFltr (81a9f455bf2c9180348949f7c8d93e66) C:\Windows\system32\drivers\Lachesis.sys
09:05:52.0909 4028 VaneFltr - ok
09:05:52.0948 4028 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
09:05:52.0998 4028 vds - ok
09:05:53.0016 4028 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
09:05:53.0045 4028 vga - ok
09:05:53.0058 4028 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
09:05:53.0104 4028 VgaSave - ok
09:05:53.0128 4028 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
09:05:53.0137 4028 viaide - ok
09:05:53.0207 4028 vididr (96a4f56cbba3dcf5d90cda1bc218d040) C:\Windows\system32\DRIVERS\vididr.sys
09:05:53.0219 4028 vididr - ok
09:05:53.0265 4028 vidsflt53 (c69a784bec737cd7460ebf3c3834d65e) C:\Windows\system32\DRIVERS\vsflt53.sys
09:05:53.0275 4028 vidsflt53 - ok
09:05:53.0305 4028 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
09:05:53.0317 4028 volmgr - ok
09:05:53.0383 4028 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
09:05:53.0404 4028 volmgrx - ok
09:05:53.0442 4028 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
09:05:53.0458 4028 volsnap - ok
09:05:53.0496 4028 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
09:05:53.0509 4028 vsmraid - ok
09:05:53.0614 4028 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
09:05:53.0721 4028 VSS - ok
09:05:53.0956 4028 VX1000 (ce6c085771812d5ee863cc7ef93caef2) C:\Windows\system32\DRIVERS\VX1000.sys
09:05:54.0036 4028 VX1000 - ok
09:05:54.0116 4028 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
09:05:54.0161 4028 W32Time - ok
09:05:54.0215 4028 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
09:05:54.0259 4028 WacomPen - ok
09:05:54.0289 4028 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
09:05:54.0331 4028 Wanarp - ok
09:05:54.0334 4028 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
09:05:54.0355 4028 Wanarpv6 - ok
09:05:54.0430 4028 WcesComm (382a7b0b632ec98de5f0658da9de6159) C:\Windows\WindowsMobile\wcescomm.dll
09:05:54.0460 4028 WcesComm - ok
09:05:54.0514 4028 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
09:05:54.0597 4028 wcncsvc - ok
09:05:54.0627 4028 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
09:05:54.0665 4028 WcsPlugInService - ok
09:05:54.0685 4028 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
09:05:54.0696 4028 Wd - ok
09:05:54.0749 4028 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:05:54.0775 4028 Wdf01000 - ok
09:05:54.0797 4028 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
09:05:54.0828 4028 WdiServiceHost - ok
09:05:54.0831 4028 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
09:05:54.0861 4028 WdiSystemHost - ok
09:05:54.0900 4028 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
09:05:54.0916 4028 WebClient - ok
09:05:54.0958 4028 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
09:05:55.0043 4028 Wecsvc - ok
09:05:55.0089 4028 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
09:05:55.0112 4028 wercplsupport - ok
09:05:55.0137 4028 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
09:05:55.0171 4028 WerSvc - ok
09:05:55.0219 4028 WinDefend - ok
09:05:55.0224 4028 WinHttpAutoProxySvc - ok
09:05:55.0281 4028 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
09:05:55.0320 4028 Winmgmt - ok
09:05:55.0452 4028 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
09:05:55.0507 4028 WinRM - ok
09:05:55.0651 4028 WinUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.sys
09:05:55.0724 4028 WinUSB - ok
09:05:55.0784 4028 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
09:05:55.0868 4028 Wlansvc - ok
09:05:55.0987 4028 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:05:55.0996 4028 wlcrasvc - ok
09:05:56.0181 4028 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:05:56.0255 4028 wlidsvc - ok
09:05:56.0360 4028 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
09:05:56.0381 4028 WmiAcpi - ok
09:05:56.0442 4028 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
09:05:56.0466 4028 wmiApSrv - ok
09:05:56.0527 4028 WMPNetworkSvc - ok
09:05:56.0569 4028 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
09:05:56.0621 4028 WPCSvc - ok
09:05:56.0653 4028 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
09:05:56.0691 4028 WPDBusEnum - ok
09:05:56.0742 4028 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
09:05:56.0753 4028 WpdUsb - ok
09:05:56.0918 4028 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:05:56.0951 4028 WPFFontCache_v0400 - ok
09:05:56.0997 4028 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
09:05:57.0036 4028 ws2ifsl - ok
09:05:57.0065 4028 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\system32\wscsvc.dll
09:05:57.0079 4028 wscsvc - ok
09:05:57.0082 4028 WSearch - ok
09:05:57.0240 4028 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
09:05:57.0498 4028 wuauserv - ok
09:05:57.0701 4028 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:05:57.0742 4028 WUDFRd - ok
09:05:57.0764 4028 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
09:05:57.0794 4028 wudfsvc - ok
09:05:57.0831 4028 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
09:05:58.0114 4028 \Device\Harddisk0\DR0 - ok
09:05:58.0139 4028 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
09:05:58.0420 4028 \Device\Harddisk1\DR1 - ok
09:05:58.0423 4028 Boot (0x1200) (c0e5a07bafaf4f560eff4e6240c0053f) \Device\Harddisk0\DR0\Partition0
09:05:58.0424 4028 \Device\Harddisk0\DR0\Partition0 - ok
09:05:58.0427 4028 Boot (0x1200) (af25eca5357d90e9d6e9fb685dbd1f4e) \Device\Harddisk1\DR1\Partition0
09:05:58.0428 4028 \Device\Harddisk1\DR1\Partition0 - ok
09:05:58.0429 4028 ============================================================
09:05:58.0429 4028 Scan finished
09:05:58.0429 4028 ============================================================
09:05:58.0441 5032 Detected object count: 6
09:05:58.0441 5032 Actual detected object count: 6
09:06:28.0398 5032 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:06:28.0398 5032 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:06:28.0400 5032 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:06:28.0400 5032 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:06:28.0402 5032 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
09:06:28.0402 5032 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:06:28.0403 5032 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
09:06:28.0403 5032 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:06:28.0404 5032 LGDDCDevice ( UnsignedFile.Multi.Generic ) - skipped by user
09:06:28.0404 5032 LGDDCDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:06:28.0407 5032 LGII2CDevice ( UnsignedFile.Multi.Generic ) - skipped by user
09:06:28.0407 5032 LGII2CDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#4
Valkour
Posted 27 June 2012 - 07:13 AM

Valkour

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-27 09:10:54
-----------------------------
09:10:54.862 OS Version: Windows x64 6.0.6002 Service Pack 2
09:10:54.863 Number of processors: 4 586 0xF0B
09:10:54.863 ComputerName: LEITHIAN UserName:
09:10:55.994 Initialize success
09:11:41.906 Disk 0 \Device\Harddisk0\DR0 -> \Device\0000005c
09:11:41.908 Disk 0 Vendor: ST1000DM CC4D Size: 953869MB BusType: 3
09:11:41.910 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\0000005d
09:11:41.912 Disk 1 Vendor: Hitachi_ GM3O Size: 305245MB BusType: 3
09:11:41.919 Disk 1 MBR read successfully
09:11:41.921 Disk 1 MBR scan
09:11:41.923 Disk 1 Windows VISTA default MBR code
09:11:41.932 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305243 MB offset 2048
09:11:41.969 Disk 1 scanning C:\Windows\system32\drivers
09:11:49.260 Service scanning
09:12:06.275 Modules scanning
09:12:06.280 Disk 1 trace - called modules:
09:12:06.289 ntoskrnl.exe CLASSPNP.SYS disk.sys vsflt53.sys acpi.sys storport.sys hal.dll nvstor64.sys
09:12:06.292 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa80052ab060]
09:12:06.347 3 CLASSPNP.SYS[fffffa600117fc33] -> nt!IofCallDriver -> [0xfffffa80052a9470]
09:12:06.354 5 vsflt53.sys[fffffa6000969cfd] -> nt!IofCallDriver -> [0xfffffa8004fbb490]
09:12:06.358 7 acpi.sys[fffffa60008c9fde] -> nt!IofCallDriver -> \Device\0000005d[0xfffffa8004fc3060]
09:12:06.362 Scan finished successfully
09:12:51.138 Disk 1 MBR has been saved successfully to "C:\Users\Administrator\Desktop\MBR.dat"
09:12:51.142 The log file has been saved successfully to "C:\Users\Administrator\Desktop\aswMBR.txt"
  • 0

#5
Valkour
Posted 27 June 2012 - 11:56 AM

Valkour

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-06-27 13:54:42
Windows 6.0.6002 Service Pack 2
Running: g2p82hhv.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0002760e2406
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0002760e2406@001cef018315 0x8B 0xCF 0x6D 0x69 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0002760e2406@002557b4061a 0x82 0xF9 0x38 0xEC ...
Reg HKLM\SYSTEM\ControlSet011\Services\BTHPORT\Parameters\Keys\0002760e2406 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet011\Services\BTHPORT\Parameters\Keys\0002760e2406@001cef018315 0x8B 0xCF 0x6D 0x69 ...
Reg HKLM\SYSTEM\ControlSet011\Services\BTHPORT\Parameters\Keys\0002760e2406@002557b4061a 0x82 0xF9 0x38 0xEC ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{212DC30F-9799-4916-131A-8B148F094D9D}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{212DC30F-9799-4916-131A-8B148F094D9D}@bbnodbcmpjjmeakpkphhhablmkkdimjiddja 0x61 0x61 0x00 0x00
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{212DC30F-9799-4916-131A-8B148F094D9D}@abnodbcmpjjmeakpkpiheabjoccahboabm 0x61 0x61 0x00 0x00
Reg HKCU\Software\Microsoft\Windows Live\Companion\[email protected]@7633568c6d6d28b620ca9f3257966f9d\r\n 0xC5 0xB3 0xA2 0x11 ...

---- EOF - GMER 1.0.15 ----

Thats the last file scan. Thank you for taking the time to help me!
  • 0

#6
maliprog
Posted 27 June 2012 - 02:02 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
So far I don't see anything to remove. Let's see what will Kaspersky find.

Download Virus Removal Tool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image

Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow Virus Removal Tool to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post
  • 0

#7
Valkour
Posted 27 June 2012 - 07:24 PM

Valkour

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Graphics crashed again last night heres the message i get in the problem report...

Description
A problem with your video hardware caused Windows to stop working correctly.

Problem signature
Problem Event Name: LiveKernelEvent
OS Version: 6.0.6002.2.2.0.768.3
Locale ID: 1033

Files that help describe the problem (some files may no longer be available)
WD-20120625-1351.dmp
sysdata.xml
Version.txt

View a temporary copy of these files
Warning: If a virus or other security threat caused the problem, opening a copy of the files could harm your computer.

Extra information about the problem
BCCode: 117
BCP1: FFFFFA80049204E0
BCP2: FFFFFA6003BAC4D4
BCP3: 0000000000000000
BCP4: 0000000000000000
OS Version: 6_0_6002
Service Pack: 2_0
Product: 768_1
Server information: 8e0a451c-398a-4f4e-baec-98cd51ac50b0
  • 0

#8
Valkour
Posted 27 June 2012 - 08:04 PM

Valkour

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
I cant seem to get the Kaspersky report to post but it returned back with no issues.

Ill try to get it up if I can but so far it just keeps crashing my browser
  • 0

#9
maliprog
Posted 27 June 2012 - 11:04 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
It's OK. I think this is actually hardware or system problem because I don't see any infection so far. Let's do some steps in order to repair your system. There are no logs to post instead just report to me if all scans finished and if there was any problems.

Step 1

  • Open an elevated command prompt. To do this, click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator. If you are prompted for an administrator password or for a confirmation, type the password, or click Allow.
  • Type the following command, and then press ENTER: 

    sfc /scannow
Step 2

  • Go to Start -> My Computer
  • Right click on C: disk and clik on Properties
  • Click on tab Tools and click on Check now... button
  • Check Automatically fix system errors and Scan for and attempt recovery of bad sectors
  • Click Start button
  • Confirm schedule disk check next time computer starts with Yes button
  • Restart your system and wait while system checks your disk for errors

  • 0

#10
Valkour
Posted 28 June 2012 - 07:18 AM

Valkour

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
windows resource protection found corrupt files and successfully repaired them . Details are included in the CBS. log .

I found that log its pretty huge if you want it
  • 0

Advertisements

#11
Valkour
Posted 28 June 2012 - 07:39 AM

Valkour

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
oddly when i rebooted my internet connectivity icon had an x through it but i could still get online, I rebooted again and now that icon is gone completely?
  • 0

#12
maliprog
Posted 28 June 2012 - 01:54 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
We will deal with icon later.

Do you have your connection now? Can you use Internet on this system?
How is your system after doing these steps? Any problems?
  • 0

#13
Valkour
Posted 28 June 2012 - 04:53 PM

Valkour

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
yes, I have internet it works and after another reboot the icon has returned! Ill put the graphics card through its paces and see if i get any errors with it tonight. Thanks for the help so far!
  • 0

#14
maliprog
Posted 28 June 2012 - 11:02 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
I'll be here :). Let me know how is your system after you test it now. I'll prepare some cleanup for you in meantime.
  • 0

#15
maliprog
Posted 01 July 2012 - 01:44 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Valkour,

Your logs and system are clean now. I'm glad we fix up your computer.

Step 1

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    :Commands
    [purity]
    [emptytemp]
    [resethosts]
    [clearallrestorepoints]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
Step 2

We need to clean up your PC from programs we used.

Please start OTL one more time and click CleanUp button. OTL will restart your system at the end.

In case that any of the software we used in this fix still remains on your system please delete it manually (Right click on it and select Delete).

General recommendations

Here are some recommendations you should follow to minimize infection risk in the future:

1. Something to read

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

2. Make Backups of Important Files

Please read this article Home Computer Data Backup.

3. Regularly update your software

To eliminate design flaws and security vulnerabilities, all software needs to be updated to the latest version or the vendor’s patch installed.

You should download Update Checker from here. The program will automaticly check for newer version of software installed on your system.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP