Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Believe I have a virus of some sort.


  • Please log in to reply

#31
trips487

trips487

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 170 posts
Hello. I am going to post the below this post. I just want to show you a screen shot of what sometimes happens to the text on the net. Also after I did combofix I am no longer able to open my documents, videos, or music folders. Is there anyway to fix this? Thank you. Screen shot of the text will be also posted below.

Net text
http://imageshack.us.../weirdttxt.jpg/



combofix log

ComboFix 13-05-21.01 - Jfarelas 1/2013 Tue 11:50:48.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.4095.2284 [GMT -5:00]
Running from: c:\users\Jfarelas\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\PermissionResearch
c:\program files (x86)\PermissionResearch\shfscp.dat
c:\users\Jfarelas\AppData\Local\._Revolution_
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-04-21 to 2013-05-21 )))))))))))))))))))))))))))))))
.
.
2013-05-21 17:06 . 2013-05-21 17:06 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-05-21 17:06 . 2013-05-21 17:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-20 01:48 . 2013-05-20 01:48 -------- d-----w- c:\programdata\KingsIsle Entertainment
2013-05-14 22:19 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-14 22:19 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-14 22:19 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-05-14 22:18 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-05-14 22:18 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-05-14 22:18 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-05-14 22:18 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-05-14 22:18 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-14 22:18 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-05-14 22:18 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-05-14 22:18 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-14 22:18 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-14 02:09 . 2013-05-14 02:09 -------- d-----w- c:\program files (x86)\Conduit
2013-05-14 02:09 . 2013-05-14 02:15 -------- d-----w- c:\users\Jfarelas\AppData\Local\Conduit
2013-05-14 02:08 . 2013-05-21 16:47 -------- d-----w- c:\users\Jfarelas\AppData\Roaming\BitTorrent
2013-05-13 20:52 . 2013-05-13 20:52 -------- d-----w- c:\users\Jfarelas\AppData\Local\WarThunder
2013-05-13 20:52 . 2013-05-13 20:52 -------- d-----w- c:\programdata\WarThunder
2013-05-12 21:07 . 2013-05-12 21:07 -------- d-----w- c:\users\Jfarelas\AppData\Local\Razer
2013-05-12 21:06 . 2013-05-12 21:06 -------- d-----w- c:\programdata\Razer
2013-05-12 21:06 . 2013-05-12 21:06 -------- d-----w- c:\program files (x86)\Razer
2013-05-12 20:44 . 2013-05-20 00:00 -------- d-----w- c:\windows\system32\catroot2
2013-05-12 20:43 . 2013-05-12 20:43 -------- d-----w- C:\CAT-Logs
2013-05-12 05:00 . 2013-05-12 05:00 -------- d-----w- c:\programdata\StarApp
2013-05-11 16:45 . 2013-05-11 16:45 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-05-11 16:45 . 2013-05-11 16:45 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-05-11 00:56 . 2013-05-11 16:45 -------- d-----w- c:\programdata\Solid State Networks
2013-05-11 00:53 . 2013-05-11 00:53 -------- d-----w- C:\gravity
2013-05-11 00:53 . 2013-05-11 00:53 -------- d-----w- C:\PlayPark
2013-05-10 07:57 . 2013-05-10 07:57 187456 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2013-05-10 07:57 . 2013-05-10 07:57 187456 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-05-07 05:46 . 2013-05-07 05:46 311200 ----a-w- c:\windows\system32\javaws.exe
2013-05-07 05:46 . 2013-05-07 05:46 188832 ----a-w- c:\windows\system32\javaw.exe
2013-05-07 05:46 . 2013-05-07 05:46 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-05-01 00:56 . 2013-05-01 00:56 -------- d-----w- c:\programdata\SoftSafe
2013-04-30 23:47 . 2013-05-12 05:00 -------- d-----w- c:\programdata\InstallMate
2013-04-30 13:25 . 2008-10-15 11:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2013-04-30 13:25 . 2008-10-15 11:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2013-04-30 13:25 . 2008-10-15 11:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2013-04-30 13:25 . 2008-10-15 11:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2013-04-30 13:25 . 2008-10-15 11:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2013-04-30 13:25 . 2008-10-15 11:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2013-04-30 13:23 . 2013-04-30 13:23 -------- d-----w- c:\users\Public\Games
2013-04-28 15:30 . 2013-04-29 21:24 -------- d-----w- c:\programdata\notracks.com
2013-04-28 15:18 . 2012-11-22 20:10 539984 ----a-w- c:\windows\system32\EasyRedirect64.dll
2013-04-28 15:18 . 2012-11-22 20:10 380240 ----a-w- c:\windows\SysWow64\EasyRedirect.dll
2013-04-27 19:13 . 2013-04-27 19:13 -------- d-----w- c:\users\Jfarelas\AppData\Local\TERA
2013-04-27 18:57 . 2013-05-12 05:54 -------- d-----w- c:\programdata\HappyCloud
2013-04-24 02:49 . 2013-04-24 04:26 -------- d-----w- C:\WeMadeUSA
2013-04-23 19:02 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-22 01:01 . 2013-04-22 01:01 -------- d-----w- c:\program files (x86)\Common Files\WuShu_0.0.1.034
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 16:47 . 2010-08-11 08:01 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-15 16:43 . 2012-07-17 20:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-15 15:04 . 2012-04-08 06:12 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 15:04 . 2011-06-07 04:28 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-07 05:46 . 2012-06-22 03:22 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-07 05:46 . 2012-06-22 03:22 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-13 05:49 . 2013-05-14 22:19 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-14 22:19 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-14 22:19 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-14 22:19 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-14 22:19 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-14 22:19 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-04 19:50 . 2010-08-14 03:28 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-29 07:53 . 2013-03-29 07:53 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-03-21 08:08 . 2013-03-21 08:08 240952 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2013-03-19 06:04 . 2013-04-10 03:36 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 03:36 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 03:36 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 03:36 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 03:36 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 03:36 112640 ----a-w- c:\windows\system32\smss.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-02-09 02:41 222712 ----a-w- c:\users\Jfarelas\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-02-09 02:41 222712 ----a-w- c:\users\Jfarelas\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-02-09 02:41 222712 ----a-w- c:\users\Jfarelas\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Jfarelas\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768]
"Facebook Update"="c:\users\Jfarelas\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-05-12 5629312]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-05-03 1635752]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2012-12-17 3093624]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-03-01 18643560]
"FlashGet 3"="c:\program files (x86)\FlashGet Network\FlashGet 3\flashget3.exe" [2012-03-15 3090056]
"BitTorrent"="c:\users\Jfarelas\AppData\Roaming\BitTorrent\BitTorrent.exe" [2013-05-14 1125456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-12-29 140520]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 641704]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-04-29 4408368]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-06-25 1073352]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-14 559616]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [2011-08-01 165184]
.
c:\users\Jfarelas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-15 1324384]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-15 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-03-01 161384]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-11-10 167264]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-04-15 21712]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-26 138752]
R3 Mkd2Bthf;Mkd2Bthf;c:\windows\system32\drivers\Mkd2Bthf.sys [2011-09-28 97368]
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2011-09-28 107096]
R3 Mkd3kfNt;Mkd3kfNt;c:\windows\system32\drivers\Mkd3kfNt.sys [2011-09-28 182872]
R3 netr7364;Netopia RT73 Wireless Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 slb;slb;c:\aeriagames\ScarletBlade\avital\scarlb64.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 uqk;uqk;c:\koramgame\STOnline\avital\wyqku64.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 usj;usj;c:\aeriagames\EdenEternal\avital\ussjcs64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-09 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2012-11-14 14544]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2013-02-08 71480]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2013-02-08 311096]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2013-02-08 116536]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2013-02-08 45880]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-29 55856]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2013-03-29 246072]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2013-02-08 206136]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-12 140672]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-04 238080]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2013-05-14 4937264]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-04-18 283136]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-11 14:21 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 15:04]
.
2013-05-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3195389507-3672305450-632222044-1000Core.job
- c:\users\Jfarelas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-06 20:43]
.
2013-05-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3195389507-3672305450-632222044-1000UA.job
- c:\users\Jfarelas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-06 20:43]
.
2013-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-12 08:10]
.
2013-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-12 08:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-02-09 02:41 261624 ----a-w- c:\users\Jfarelas\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-02-09 02:41 261624 ----a-w- c:\users\Jfarelas\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-02-09 02:41 261624 ----a-w- c:\users\Jfarelas\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-21 8306208]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"LXBTCATS"="c:\windows\system32\spool\DRIVERS\x64\3\LXBTtime.dll" [2007-05-03 28672]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 161304]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-12-15 478984]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN41356000543251833&UM=2&ctid=CT3225826
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com
IE: Download all links by FlashGet3 - c:\program files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm
IE: Download by FlashGet3 - c:\program files (x86)\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949}
Trusted Zone: aeriagames.com
TCP: DhcpNameServer = 192.168.1.254
DPF: {0D8004AA-A1CB-4F92-BBEB-0A824B1EE2A2} - hxxp://ws.nopp.co.kr/Game/Common/HGLauncher.cab
FF - ProfilePath - c:\users\Jfarelas\AppData\Roaming\Mozilla\Firefox\Profiles\sgjxpb9b.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225826&CUI=UN99245386324865207&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-{24D66651-59B8-7743-0452-B911438B89EB} - c:\progra~3\INSTAL~1\{B55CD~1\Setup.exe
AddRemove-{319DB596-61BD-DEAB-F55D-75E0E2BD45E2} - c:\progra~3\INSTAL~1\{B39BE~1\Setup.exe
AddRemove-{38AB8629-746D-476A-A581-3C4FE348A4DF} - c:\progra~3\INSTAL~1\{38AB8~1\Setup.exe
AddRemove-{3BCDEF3A-0ACD-4595-A77E-42EFE02ECDCC} - c:\progra~3\INSTAL~1\{3BCDE~1\Setup.exe
AddRemove-{6766E41E-A966-4415-A6FE-E144BC85C6E8} - c:\progra~3\INSTAL~1\{6766E~1\Setup.exe
AddRemove-{7F5C0A02-AC23-DAA1-40DC-6F3B42371D79} - c:\progra~3\INSTAL~1\{5322F~1\Setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac,
6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{B070D3E3-FEC0-47D9-8E8A-99D4EEB3D3B0}"=hex:51,66,7a,6c,4c,1d,38,12,8d,d0,63,
b4,f2,b0,b7,02,f1,9c,da,94,eb,ed,97,a4
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=hex:51,66,7a,6c,4c,1d,3b,1b,08,8c,69,
1a,82,e9,65,3d,9d,e9,17,af,a2,b0,e5,ab
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:6e,f7,32,2a,29,26,cd,01
.
[HKEY_USERS\S-1-5-21-3195389507-3672305450-632222044-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3195389507-3672305450-632222044-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
.
**************************************************************************
.
Completion time: 2013-05-21 12:28:39 - machine was rebooted
ComboFix-quarantined-files.txt 2013-05-21 17:28
.
Pre-Run: 302,329,233,408 bytes free
Post-Run: 301,964,148,736 bytes free
.
- - End Of File - - F5025B4F38365513ADCEF8AD59E3AD6D

Edited by trips487, 21 May 2013 - 11:51 AM.

  • 0

Advertisements


#32
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
What happens when you try to open, let's say, a music folder? Nothing showing in ComboFix's log to suggest why that problem should occur. I looked at that graphic - are you describing a slight "fuzziness" in the text list?


Download MS Sysinternal's Junction.zip from here to your desktop, then unzip that. Then in that folder locate the Junction.exe file, and place a copy of that directly on your desktop.

Go to Start - Run, and copy/paste the following command line, and then press OK:

cmd /c "%userprofile%\desktop\junction.exe" -s c:\ >log.txt&log.txt

Once you have accepted the agreement a command window will open. When the scan complete a log.txt will open in Notepad. Paste those contents back here please. This will also be saved as "log.txt" in your current user's folder (example - C:\Documents and Settings\yourusername).
  • 0

#33
trips487

trips487

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 170 posts
Hello. I did as you asked and it won't scan it just pops up the black box then closes. Also yes that fuzzyness is what I am talking about. I can deal with that but it is annoying. Ill check other browsers. It may just be a firefox thing idk.
  • 0

#34
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Be sure to continue to temporarily disable any protective software when running the scan tools we use here.

Click here and download Kaspersky's TDSSKiller to your desktop, but as you download it, rename it to larry.com then click that file to run TDSSKiller.

In the display that opens click Start scan. Once that completes, follow any prompts to act on anything it located, including as reboot (Reboot Now) if requested.
When the scan completes it will create a log file on your C drive.

Similar in name to this:

C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt

Your copy will be different - some of those numbers will reflect the date/time it was just run by you there.

Copy/paste those contents back here please. If it does locate malware, but does not prompt for a reboot, go ahead and do reboot.
  • 0

#35
trips487

trips487

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 170 posts
Just a quick update. I am still with you and really sorry for the delay. I've been busy this weekend but will have the scan information done this weekend. Thanks.
  • 0

#36
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Enjoy yourself, and post when ready. Thanks.
  • 0

#37
trips487

trips487

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 170 posts
Posted below is the file. Also if you can tell me why my browser is all fuzzy that be great.






01:24:51.0986 0460 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
01:24:52.0362 0460 ============================================================
01:24:52.0362 0460 Current date / time: 2013/05/27 01:24:52.0362
01:24:52.0362 0460 SystemInfo:
01:24:52.0362 0460
01:24:52.0362 0460 OS Version: 6.1.7601 ServicePack: 1.0
01:24:52.0362 0460 Product type: Workstation
01:24:52.0362 0460 ComputerName: JFARELAS-PC
01:24:52.0363 0460 UserName: Jfarelas
01:24:52.0363 0460 Windows directory: C:\Windows
01:24:52.0363 0460 System windows directory: C:\Windows
01:24:52.0363 0460 Running under WOW64
01:24:52.0363 0460 Processor architecture: Intel x64
01:24:52.0363 0460 Number of processors: 2
01:24:52.0363 0460 Page size: 0x1000
01:24:52.0363 0460 Boot type: Normal boot
01:24:52.0363 0460 ============================================================
01:24:52.0809 0460 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:24:52.0844 0460 ============================================================
01:24:52.0844 0460 \Device\Harddisk0\DR0:
01:24:52.0844 0460 MBR partitions:
01:24:52.0844 0460 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
01:24:52.0845 0460 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x38625830
01:24:52.0845 0460 ============================================================
01:24:52.0875 0460 C: <-> \Device\Harddisk0\DR0\Partition2
01:24:52.0875 0460 ============================================================
01:24:52.0876 0460 Initialize success
01:24:52.0876 0460 ============================================================
01:25:03.0930 12916 ============================================================
01:25:03.0930 12916 Scan started
01:25:03.0930 12916 Mode: Manual;
01:25:03.0930 12916 ============================================================
01:25:04.0347 12916 ================ Scan system memory ========================
01:25:04.0347 12916 System memory - ok
01:25:04.0348 12916 ================ Scan services =============================
01:25:04.0417 12916 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
01:25:04.0419 12916 !SASCORE - ok
01:25:04.0541 12916 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
01:25:04.0544 12916 1394ohci - ok
01:25:04.0563 12916 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
01:25:04.0565 12916 ACPI - ok
01:25:04.0583 12916 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
01:25:04.0583 12916 AcpiPmi - ok
01:25:04.0690 12916 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:25:04.0691 12916 AdobeARMservice - ok
01:25:04.0775 12916 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:25:04.0778 12916 AdobeFlashPlayerUpdateSvc - ok
01:25:04.0807 12916 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
01:25:04.0812 12916 adp94xx - ok
01:25:04.0837 12916 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
01:25:04.0839 12916 adpahci - ok
01:25:04.0853 12916 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
01:25:04.0854 12916 adpu320 - ok
01:25:04.0876 12916 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:25:04.0877 12916 AeLookupSvc - ok
01:25:04.0915 12916 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
01:25:04.0920 12916 AFD - ok
01:25:04.0951 12916 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
01:25:04.0952 12916 agp440 - ok
01:25:05.0067 12916 [ C7074BD8D4B8F564859ED373433030AE ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll
01:25:05.0067 12916 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll. md5: C7074BD8D4B8F564859ED373433030AE
01:25:05.0077 12916 Akamai ( HiddenFile.Multi.Generic ) - warning
01:25:05.0077 12916 Akamai - detected HiddenFile.Multi.Generic (1)
01:25:05.0102 12916 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
01:25:05.0102 12916 ALG - ok
01:25:05.0114 12916 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
01:25:05.0114 12916 aliide - ok
01:25:05.0150 12916 [ E20DDDFBD0DBE7D8EAD4D7A51D654367 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
01:25:05.0151 12916 AMD External Events Utility - ok
01:25:05.0171 12916 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
01:25:05.0171 12916 amdide - ok
01:25:05.0199 12916 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
01:25:05.0199 12916 AmdK8 - ok
01:25:05.0369 12916 [ 4284FB1240537A33E6EC417EFD87D40F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
01:25:05.0427 12916 amdkmdag - ok
01:25:05.0463 12916 [ 6C25C497E05EFD0CB6033A0444FC9B51 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
01:25:05.0465 12916 amdkmdap - ok
01:25:05.0480 12916 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
01:25:05.0480 12916 AmdPPM - ok
01:25:05.0494 12916 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
01:25:05.0495 12916 amdsata - ok
01:25:05.0515 12916 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
01:25:05.0516 12916 amdsbs - ok
01:25:05.0529 12916 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
01:25:05.0530 12916 amdxata - ok
01:25:05.0554 12916 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
01:25:05.0555 12916 AppID - ok
01:25:05.0575 12916 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:25:05.0575 12916 AppIDSvc - ok
01:25:05.0607 12916 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
01:25:05.0608 12916 Appinfo - ok
01:25:05.0666 12916 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:25:05.0668 12916 Apple Mobile Device - ok
01:25:05.0695 12916 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
01:25:05.0696 12916 arc - ok
01:25:05.0709 12916 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
01:25:05.0710 12916 arcsas - ok
01:25:05.0805 12916 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:25:05.0806 12916 aspnet_state - ok
01:25:05.0826 12916 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:25:05.0827 12916 AsyncMac - ok
01:25:05.0858 12916 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
01:25:05.0859 12916 atapi - ok
01:25:06.0052 12916 [ 4284FB1240537A33E6EC417EFD87D40F ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
01:25:06.0110 12916 atikmdag - ok
01:25:06.0168 12916 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:25:06.0171 12916 AudioEndpointBuilder - ok
01:25:06.0182 12916 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:25:06.0185 12916 AudioSrv - ok
01:25:06.0277 12916 [ D45B7995761253A92AB071D576114F28 ] AVG Security Toolbar Service C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
01:25:06.0279 12916 AVG Security Toolbar Service - ok
01:25:06.0424 12916 [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
01:25:06.0449 12916 AVGIDSAgent - ok
01:25:06.0470 12916 [ 139BD30C32BEE830D0CF39C5324D79DE ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
01:25:06.0471 12916 AVGIDSDriver - ok
01:25:06.0510 12916 [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
01:25:06.0511 12916 AVGIDSHA - ok
01:25:06.0543 12916 [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
01:25:06.0545 12916 Avgldx64 - ok
01:25:06.0579 12916 [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
01:25:06.0583 12916 Avgloga - ok
01:25:06.0616 12916 [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
01:25:06.0617 12916 Avgmfx64 - ok
01:25:06.0650 12916 [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
01:25:06.0651 12916 Avgrkx64 - ok
01:25:06.0668 12916 [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
01:25:06.0671 12916 Avgtdia - ok
01:25:06.0698 12916 [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
01:25:06.0700 12916 avgwd - ok
01:25:06.0729 12916 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:25:06.0730 12916 AxInstSV - ok
01:25:06.0750 12916 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
01:25:06.0752 12916 b06bdrv - ok
01:25:06.0785 12916 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:25:06.0786 12916 b57nd60a - ok
01:25:06.0806 12916 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
01:25:06.0807 12916 BDESVC - ok
01:25:06.0821 12916 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
01:25:06.0821 12916 Beep - ok
01:25:06.0862 12916 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
01:25:06.0866 12916 BFE - ok
01:25:06.0896 12916 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
01:25:06.0901 12916 BITS - ok
01:25:06.0911 12916 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
01:25:06.0911 12916 blbdrive - ok
01:25:06.0969 12916 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
01:25:06.0974 12916 Bonjour Service - ok
01:25:07.0001 12916 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:25:07.0001 12916 bowser - ok
01:25:07.0020 12916 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:25:07.0021 12916 BrFiltLo - ok
01:25:07.0029 12916 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:25:07.0029 12916 BrFiltUp - ok
01:25:07.0038 12916 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
01:25:07.0039 12916 BridgeMP - ok
01:25:07.0066 12916 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
01:25:07.0067 12916 Browser - ok
01:25:07.0081 12916 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:25:07.0082 12916 Brserid - ok
01:25:07.0088 12916 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:25:07.0089 12916 BrSerWdm - ok
01:25:07.0104 12916 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:25:07.0104 12916 BrUsbMdm - ok
01:25:07.0116 12916 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:25:07.0116 12916 BrUsbSer - ok
01:25:07.0130 12916 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
01:25:07.0131 12916 BTHMODEM - ok
01:25:07.0158 12916 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
01:25:07.0159 12916 bthserv - ok
01:25:07.0177 12916 catchme - ok
01:25:07.0197 12916 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:25:07.0198 12916 cdfs - ok
01:25:07.0226 12916 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
01:25:07.0227 12916 cdrom - ok
01:25:07.0252 12916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
01:25:07.0253 12916 CertPropSvc - ok
01:25:07.0269 12916 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
01:25:07.0270 12916 circlass - ok
01:25:07.0284 12916 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
01:25:07.0287 12916 CLFS - ok
01:25:07.0327 12916 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:25:07.0328 12916 clr_optimization_v2.0.50727_32 - ok
01:25:07.0357 12916 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:25:07.0358 12916 clr_optimization_v2.0.50727_64 - ok
01:25:07.0413 12916 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:25:07.0415 12916 clr_optimization_v4.0.30319_32 - ok
01:25:07.0431 12916 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:25:07.0433 12916 clr_optimization_v4.0.30319_64 - ok
01:25:07.0448 12916 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
01:25:07.0449 12916 CmBatt - ok
01:25:07.0460 12916 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:25:07.0460 12916 cmdide - ok
01:25:07.0493 12916 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
01:25:07.0496 12916 CNG - ok
01:25:07.0511 12916 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
01:25:07.0511 12916 Compbatt - ok
01:25:07.0541 12916 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
01:25:07.0541 12916 CompositeBus - ok
01:25:07.0547 12916 COMSysApp - ok
01:25:07.0608 12916 cpuz132 - ok
01:25:07.0625 12916 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
01:25:07.0625 12916 crcdisk - ok
01:25:07.0664 12916 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:25:07.0666 12916 CryptSvc - ok
01:25:07.0715 12916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:25:07.0722 12916 DcomLaunch - ok
01:25:07.0749 12916 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
01:25:07.0750 12916 defragsvc - ok
01:25:07.0785 12916 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:25:07.0786 12916 DfsC - ok
01:25:07.0815 12916 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
01:25:07.0817 12916 Dhcp - ok
01:25:07.0839 12916 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
01:25:07.0840 12916 discache - ok
01:25:07.0855 12916 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
01:25:07.0856 12916 Disk - ok
01:25:07.0898 12916 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:25:07.0900 12916 Dnscache - ok
01:25:07.0938 12916 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
01:25:07.0940 12916 DockLoginService - ok
01:25:07.0975 12916 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
01:25:07.0979 12916 dot3svc - ok
01:25:07.0992 12916 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
01:25:07.0995 12916 DPS - ok
01:25:08.0014 12916 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:25:08.0014 12916 drmkaud - ok
01:25:08.0076 12916 [ 1ED08A6264C5C92099D6D1DAE5E8F530 ] DrvAgent64 C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
01:25:08.0077 12916 DrvAgent64 - ok
01:25:08.0120 12916 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:25:08.0130 12916 DXGKrnl - ok
01:25:08.0138 12916 EagleX64 - ok
01:25:08.0169 12916 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
01:25:08.0170 12916 EapHost - ok
01:25:08.0241 12916 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
01:25:08.0260 12916 ebdrv - ok
01:25:08.0296 12916 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
01:25:08.0297 12916 EFS - ok
01:25:08.0360 12916 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:25:08.0366 12916 ehRecvr - ok
01:25:08.0393 12916 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
01:25:08.0394 12916 ehSched - ok
01:25:08.0412 12916 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
01:25:08.0415 12916 elxstor - ok
01:25:08.0448 12916 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:25:08.0448 12916 ErrDev - ok
01:25:08.0491 12916 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
01:25:08.0493 12916 EventSystem - ok
01:25:08.0506 12916 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
01:25:08.0508 12916 exfat - ok
01:25:08.0527 12916 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:25:08.0528 12916 fastfat - ok
01:25:08.0566 12916 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
01:25:08.0570 12916 Fax - ok
01:25:08.0599 12916 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
01:25:08.0599 12916 fdc - ok
01:25:08.0616 12916 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
01:25:08.0616 12916 fdPHost - ok
01:25:08.0629 12916 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
01:25:08.0630 12916 FDResPub - ok
01:25:08.0640 12916 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:25:08.0640 12916 FileInfo - ok
01:25:08.0649 12916 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:25:08.0649 12916 Filetrace - ok
01:25:08.0718 12916 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
01:25:08.0726 12916 FLEXnet Licensing Service - ok
01:25:08.0741 12916 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
01:25:08.0742 12916 flpydisk - ok
01:25:08.0772 12916 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:25:08.0774 12916 FltMgr - ok
01:25:08.0840 12916 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
01:25:08.0852 12916 FontCache - ok
01:25:08.0922 12916 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:25:08.0923 12916 FontCache3.0.0.0 - ok
01:25:08.0950 12916 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:25:08.0951 12916 FsDepends - ok
01:25:08.0983 12916 [ B16B626996C74B564005BA855C5DEE90 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
01:25:08.0984 12916 fssfltr - ok
01:25:09.0086 12916 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
01:25:09.0100 12916 fsssvc - ok
01:25:09.0131 12916 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:25:09.0131 12916 Fs_Rec - ok
01:25:09.0165 12916 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:25:09.0167 12916 fvevol - ok
01:25:09.0181 12916 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
01:25:09.0182 12916 gagp30kx - ok
01:25:09.0206 12916 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:25:09.0206 12916 GEARAspiWDM - ok
01:25:09.0241 12916 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
01:25:09.0241 12916 GoToAssist - ok
01:25:09.0286 12916 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
01:25:09.0295 12916 gpsvc - ok
01:25:09.0365 12916 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:25:09.0366 12916 gupdate - ok
01:25:09.0376 12916 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:25:09.0377 12916 gupdatem - ok
01:25:09.0416 12916 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:25:09.0416 12916 hcw85cir - ok
01:25:09.0457 12916 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:25:09.0460 12916 HdAudAddService - ok
01:25:09.0484 12916 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
01:25:09.0485 12916 HDAudBus - ok
01:25:09.0498 12916 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
01:25:09.0499 12916 HidBatt - ok
01:25:09.0516 12916 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
01:25:09.0516 12916 HidBth - ok
01:25:09.0527 12916 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
01:25:09.0527 12916 HidIr - ok
01:25:09.0549 12916 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
01:25:09.0550 12916 hidserv - ok
01:25:09.0563 12916 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
01:25:09.0563 12916 HidUsb - ok
01:25:09.0590 12916 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:25:09.0591 12916 hkmsvc - ok
01:25:09.0624 12916 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:25:09.0628 12916 HomeGroupListener - ok
01:25:09.0659 12916 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:25:09.0663 12916 HomeGroupProvider - ok
01:25:09.0681 12916 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
01:25:09.0683 12916 HpSAMD - ok
01:25:09.0723 12916 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:25:09.0726 12916 HTTP - ok
01:25:09.0738 12916 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:25:09.0738 12916 hwpolicy - ok
01:25:09.0772 12916 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
01:25:09.0773 12916 i8042prt - ok
01:25:09.0837 12916 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
01:25:09.0841 12916 IAANTMON - ok
01:25:09.0881 12916 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
01:25:09.0883 12916 iaStor - ok
01:25:09.0903 12916 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:25:09.0906 12916 iaStorV - ok
01:25:09.0964 12916 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:25:09.0973 12916 idsvc - ok
01:25:10.0155 12916 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
01:25:10.0209 12916 igfx - ok
01:25:10.0235 12916 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
01:25:10.0235 12916 iirsp - ok
01:25:10.0275 12916 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
01:25:10.0280 12916 IKEEXT - ok
01:25:10.0333 12916 [ 492CD3A94913D753B4591CD9E29EC843 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
01:25:10.0343 12916 IntcAzAudAddService - ok
01:25:10.0367 12916 [ D485D3BD3E2179AA86853A182F70699F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
01:25:10.0368 12916 IntcHdmiAddService - ok
01:25:10.0393 12916 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
01:25:10.0394 12916 intelide - ok
01:25:10.0413 12916 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:25:10.0414 12916 intelppm - ok
01:25:10.0438 12916 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:25:10.0439 12916 IPBusEnum - ok
01:25:10.0470 12916 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:25:10.0471 12916 IpFilterDriver - ok
01:25:10.0499 12916 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:25:10.0502 12916 iphlpsvc - ok
01:25:10.0521 12916 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
01:25:10.0521 12916 IPMIDRV - ok
01:25:10.0539 12916 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:25:10.0540 12916 IPNAT - ok
01:25:10.0580 12916 [ 755E4BA6DCE627A2683BB7640553C8D6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
01:25:10.0585 12916 iPod Service - ok
01:25:10.0607 12916 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:25:10.0607 12916 IRENUM - ok
01:25:10.0629 12916 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:25:10.0629 12916 isapnp - ok
01:25:10.0645 12916 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
01:25:10.0646 12916 iScsiPrt - ok
01:25:10.0660 12916 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:25:10.0660 12916 kbdclass - ok
01:25:10.0673 12916 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
01:25:10.0674 12916 kbdhid - ok
01:25:10.0685 12916 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
01:25:10.0686 12916 KeyIso - ok
01:25:10.0722 12916 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:25:10.0722 12916 KSecDD - ok
01:25:10.0754 12916 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:25:10.0755 12916 KSecPkg - ok
01:25:10.0777 12916 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:25:10.0777 12916 ksthunk - ok
01:25:10.0801 12916 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
01:25:10.0804 12916 KtmRm - ok
01:25:10.0833 12916 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
01:25:10.0835 12916 LanmanServer - ok
01:25:10.0860 12916 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:25:10.0863 12916 LanmanWorkstation - ok
01:25:10.0880 12916 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:25:10.0881 12916 lltdio - ok
01:25:10.0910 12916 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:25:10.0912 12916 lltdsvc - ok
01:25:10.0923 12916 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:25:10.0924 12916 lmhosts - ok
01:25:10.0939 12916 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
01:25:10.0940 12916 LSI_FC - ok
01:25:10.0959 12916 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
01:25:10.0960 12916 LSI_SAS - ok
01:25:10.0971 12916 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:25:10.0972 12916 LSI_SAS2 - ok
01:25:10.0983 12916 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:25:10.0984 12916 LSI_SCSI - ok
01:25:10.0996 12916 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
01:25:10.0997 12916 luafv - ok
01:25:11.0002 12916 lxbt_device - ok
01:25:11.0041 12916 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
01:25:11.0042 12916 MBAMProtector - ok
01:25:11.0106 12916 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
01:25:11.0110 12916 MBAMScheduler - ok
01:25:11.0131 12916 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
01:25:11.0134 12916 MBAMService - ok
01:25:11.0165 12916 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:25:11.0166 12916 Mcx2Svc - ok
01:25:11.0190 12916 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
01:25:11.0191 12916 megasas - ok
01:25:11.0213 12916 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
01:25:11.0216 12916 MegaSR - ok
01:25:11.0242 12916 [ 3DF67247D8377700089D0B06F4F7ADAF ] Mkd2Bthf C:\Windows\system32\drivers\Mkd2Bthf.sys
01:25:11.0243 12916 Mkd2Bthf - ok
01:25:11.0258 12916 [ 3D88563086E2A2DC31BA9ADB47DDB349 ] Mkd2Nadr C:\Windows\system32\drivers\Mkd2Nadr.sys
01:25:11.0258 12916 Mkd2Nadr - ok
01:25:11.0277 12916 [ 8712DA9A8B621001E7029E1F73FF2D09 ] Mkd3kfNt C:\Windows\system32\drivers\Mkd3kfNt.sys
01:25:11.0278 12916 Mkd3kfNt - ok
01:25:11.0308 12916 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
01:25:11.0309 12916 MMCSS - ok
01:25:11.0326 12916 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
01:25:11.0326 12916 Modem - ok
01:25:11.0358 12916 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:25:11.0359 12916 monitor - ok
01:25:11.0389 12916 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:25:11.0389 12916 mouclass - ok
01:25:11.0411 12916 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:25:11.0412 12916 mouhid - ok
01:25:11.0439 12916 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:25:11.0440 12916 mountmgr - ok
01:25:11.0489 12916 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:25:11.0491 12916 MozillaMaintenance - ok
01:25:11.0530 12916 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
01:25:11.0531 12916 mpio - ok
01:25:11.0548 12916 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:25:11.0548 12916 mpsdrv - ok
01:25:11.0588 12916 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
01:25:11.0593 12916 MpsSvc - ok
01:25:11.0625 12916 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:25:11.0626 12916 MRxDAV - ok
01:25:11.0653 12916 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:25:11.0654 12916 mrxsmb - ok
01:25:11.0683 12916 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:25:11.0685 12916 mrxsmb10 - ok
01:25:11.0695 12916 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:25:11.0696 12916 mrxsmb20 - ok
01:25:11.0729 12916 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
01:25:11.0730 12916 msahci - ok
01:25:11.0762 12916 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:25:11.0763 12916 msdsm - ok
01:25:11.0774 12916 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
01:25:11.0775 12916 MSDTC - ok
01:25:11.0800 12916 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:25:11.0800 12916 Msfs - ok
01:25:11.0808 12916 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:25:11.0808 12916 mshidkmdf - ok
01:25:11.0820 12916 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:25:11.0821 12916 msisadrv - ok
01:25:11.0844 12916 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:25:11.0846 12916 MSiSCSI - ok
01:25:11.0851 12916 msiserver - ok
01:25:11.0865 12916 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:25:11.0866 12916 MSKSSRV - ok
01:25:11.0876 12916 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:25:11.0876 12916 MSPCLOCK - ok
01:25:11.0891 12916 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:25:11.0892 12916 MSPQM - ok
01:25:11.0929 12916 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:25:11.0931 12916 MsRPC - ok
01:25:11.0946 12916 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
01:25:11.0947 12916 mssmbios - ok
01:25:11.0969 12916 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:25:11.0970 12916 MSTEE - ok
01:25:11.0978 12916 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
01:25:11.0978 12916 MTConfig - ok
01:25:11.0991 12916 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
01:25:11.0992 12916 Mup - ok
01:25:12.0006 12916 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
01:25:12.0010 12916 napagent - ok
01:25:12.0028 12916 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:25:12.0030 12916 NativeWifiP - ok
01:25:12.0068 12916 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
01:25:12.0073 12916 NDIS - ok
01:25:12.0084 12916 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:25:12.0085 12916 NdisCap - ok
01:25:12.0113 12916 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:25:12.0113 12916 NdisTapi - ok
01:25:12.0137 12916 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:25:12.0138 12916 Ndisuio - ok
01:25:12.0169 12916 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:25:12.0170 12916 NdisWan - ok
01:25:12.0206 12916 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:25:12.0207 12916 NDProxy - ok
01:25:12.0226 12916 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:25:12.0227 12916 NetBIOS - ok
01:25:12.0264 12916 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:25:12.0267 12916 NetBT - ok
01:25:12.0283 12916 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
01:25:12.0285 12916 Netlogon - ok
01:25:12.0320 12916 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
01:25:12.0323 12916 Netman - ok
01:25:12.0376 12916 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:25:12.0377 12916 NetMsmqActivator - ok
01:25:12.0382 12916 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:25:12.0384 12916 NetPipeActivator - ok
01:25:12.0396 12916 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
01:25:12.0399 12916 netprofm - ok
01:25:12.0428 12916 [ 81B8D0C1CE44A7FDBD596B693783950C ] netr7364 C:\Windows\system32\DRIVERS\netr7364.sys
01:25:12.0431 12916 netr7364 - ok
01:25:12.0438 12916 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:25:12.0439 12916 NetTcpActivator - ok
01:25:12.0445 12916 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:25:12.0446 12916 NetTcpPortSharing - ok
01:25:12.0486 12916 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
01:25:12.0487 12916 nfrd960 - ok
01:25:12.0504 12916 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:25:12.0506 12916 NlaSvc - ok
01:25:12.0520 12916 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:25:12.0521 12916 Npfs - ok
01:25:12.0526 12916 npggsvc - ok
01:25:12.0533 12916 NPPTNT2 - ok
01:25:12.0549 12916 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
01:25:12.0551 12916 nsi - ok
01:25:12.0559 12916 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:25:12.0560 12916 nsiproxy - ok
01:25:12.0615 12916 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:25:12.0628 12916 Ntfs - ok
01:25:12.0660 12916 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
01:25:12.0660 12916 Null - ok
01:25:12.0679 12916 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:25:12.0680 12916 nvraid - ok
01:25:12.0712 12916 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:25:12.0713 12916 nvstor - ok
01:25:12.0725 12916 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:25:12.0726 12916 nv_agp - ok
01:25:12.0736 12916 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:25:12.0736 12916 ohci1394 - ok
01:25:12.0756 12916 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:25:12.0759 12916 p2pimsvc - ok
01:25:12.0787 12916 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
01:25:12.0790 12916 p2psvc - ok
01:25:12.0804 12916 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
01:25:12.0805 12916 Parport - ok
01:25:12.0832 12916 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:25:12.0832 12916 partmgr - ok
01:25:12.0849 12916 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
01:25:12.0852 12916 PcaSvc - ok
01:25:12.0885 12916 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
01:25:12.0886 12916 pci - ok
01:25:12.0903 12916 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
01:25:12.0904 12916 pciide - ok
01:25:12.0941 12916 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
01:25:12.0942 12916 pcmcia - ok
01:25:12.0953 12916 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
01:25:12.0954 12916 pcw - ok
01:25:12.0971 12916 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:25:12.0974 12916 PEAUTH - ok
01:25:13.0030 12916 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:25:13.0033 12916 PerfHost - ok
01:25:13.0133 12916 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
01:25:13.0148 12916 pla - ok
01:25:13.0198 12916 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:25:13.0205 12916 PlugPlay - ok
01:25:13.0223 12916 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:25:13.0225 12916 PNRPAutoReg - ok
01:25:13.0239 12916 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:25:13.0241 12916 PNRPsvc - ok
01:25:13.0265 12916 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:25:13.0269 12916 PolicyAgent - ok
01:25:13.0292 12916 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
01:25:13.0295 12916 Power - ok
01:25:13.0323 12916 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:25:13.0324 12916 PptpMiniport - ok
01:25:13.0344 12916 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
01:25:13.0345 12916 Processor - ok
01:25:13.0380 12916 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
01:25:13.0382 12916 ProfSvc - ok
01:25:13.0390 12916 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:25:13.0391 12916 ProtectedStorage - ok
01:25:13.0421 12916 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:25:13.0422 12916 Psched - ok
01:25:13.0453 12916 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
01:25:13.0454 12916 PxHlpa64 - ok
01:25:13.0491 12916 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
01:25:13.0499 12916 ql2300 - ok
01:25:13.0532 12916 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
01:25:13.0533 12916 ql40xx - ok
01:25:13.0556 12916 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
01:25:13.0558 12916 QWAVE - ok
01:25:13.0571 12916 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:25:13.0572 12916 QWAVEdrv - ok
01:25:13.0584 12916 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:25:13.0584 12916 RasAcd - ok
01:25:13.0605 12916 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:25:13.0605 12916 RasAgileVpn - ok
01:25:13.0620 12916 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
01:25:13.0622 12916 RasAuto - ok
01:25:13.0654 12916 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:25:13.0655 12916 Rasl2tp - ok
01:25:13.0685 12916 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
01:25:13.0688 12916 RasMan - ok
01:25:13.0704 12916 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:25:13.0705 12916 RasPppoe - ok
01:25:13.0719 12916 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:25:13.0720 12916 RasSstp - ok
01:25:13.0738 12916 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:25:13.0740 12916 rdbss - ok
01:25:13.0752 12916 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
01:25:13.0752 12916 rdpbus - ok
01:25:13.0768 12916 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:25:13.0769 12916 RDPCDD - ok
01:25:13.0778 12916 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:25:13.0779 12916 RDPENCDD - ok
01:25:13.0790 12916 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:25:13.0790 12916 RDPREFMP - ok
01:25:13.0835 12916 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
01:25:13.0836 12916 RdpVideoMiniport - ok
01:25:13.0870 12916 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:25:13.0872 12916 RDPWD - ok
01:25:13.0905 12916 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:25:13.0906 12916 rdyboost - ok
01:25:13.0940 12916 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:25:13.0942 12916 RemoteAccess - ok
01:25:13.0962 12916 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:25:13.0966 12916 RemoteRegistry - ok
01:25:13.0981 12916 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:25:13.0982 12916 RpcEptMapper - ok
01:25:13.0992 12916 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
01:25:13.0993 12916 RpcLocator - ok
01:25:14.0031 12916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
01:25:14.0035 12916 RpcSs - ok
01:25:14.0060 12916 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:25:14.0061 12916 rspndr - ok
01:25:14.0099 12916 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
01:25:14.0102 12916 RTL8167 - ok
01:25:14.0115 12916 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
01:25:14.0116 12916 SamSs - ok
01:25:14.0161 12916 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
01:25:14.0162 12916 SASDIFSV - ok
01:25:14.0186 12916 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
01:25:14.0187 12916 SASKUTIL - ok
01:25:14.0214 12916 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:25:14.0215 12916 sbp2port - ok
01:25:14.0251 12916 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:25:14.0253 12916 SCardSvr - ok
01:25:14.0286 12916 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:25:14.0286 12916 scfilter - ok
01:25:14.0335 12916 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
01:25:14.0348 12916 Schedule - ok
01:25:14.0396 12916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
01:25:14.0397 12916 SCPolicySvc - ok
01:25:14.0439 12916 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:25:14.0441 12916 SDRSVC - ok
01:25:14.0507 12916 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
01:25:14.0510 12916 SeaPort - ok
01:25:14.0532 12916 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:25:14.0532 12916 secdrv - ok
01:25:14.0564 12916 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
01:25:14.0566 12916 seclogon - ok
01:25:14.0595 12916 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
01:25:14.0596 12916 SENS - ok
01:25:14.0605 12916 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:25:14.0607 12916 SensrSvc - ok
01:25:14.0619 12916 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
01:25:14.0619 12916 Serenum - ok
01:25:14.0633 12916 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
01:25:14.0634 12916 Serial - ok
01:25:14.0668 12916 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
01:25:14.0669 12916 sermouse - ok
01:25:14.0723 12916 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
01:25:14.0725 12916 SessionEnv - ok
01:25:14.0758 12916 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
01:25:14.0758 12916 sffdisk - ok
01:25:14.0766 12916 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:25:14.0767 12916 sffp_mmc - ok
01:25:14.0783 12916 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
01:25:14.0784 12916 sffp_sd - ok
01:25:14.0799 12916 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
01:25:14.0800 12916 sfloppy - ok
01:25:14.0872 12916 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
01:25:14.0882 12916 SftService - ok
01:25:14.0918 12916 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
01:25:14.0920 12916 SharedAccess - ok
01:25:14.0974 12916 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:25:14.0980 12916 ShellHWDetection - ok
01:25:15.0002 12916 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:25:15.0002 12916 SiSRaid2 - ok
01:25:15.0025 12916 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
01:25:15.0026 12916 SiSRaid4 - ok
01:25:15.0170 12916 [ 0C1B2E3A897397738D9F81CD3D152AF0 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
01:25:15.0188 12916 Skype C2C Service - ok
01:25:15.0232 12916 [ 875B04A71869D34A415CC8B4D4673EC4 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
01:25:15.0233 12916 SkypeUpdate - ok
01:25:15.0252 12916 slb - ok
01:25:15.0272 12916 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:25:15.0273 12916 Smb - ok
01:25:15.0309 12916 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:25:15.0310 12916 SNMPTRAP - ok
01:25:15.0339 12916 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
01:25:15.0339 12916 spldr - ok
01:25:15.0372 12916 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
01:25:15.0376 12916 Spooler - ok
01:25:15.0465 12916 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
01:25:15.0488 12916 sppsvc - ok
01:25:15.0503 12916 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:25:15.0505 12916 sppuinotify - ok
01:25:15.0548 12916 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
01:25:15.0551 12916 srv - ok
01:25:15.0565 12916 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:25:15.0567 12916 srv2 - ok
01:25:15.0583 12916 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:25:15.0584 12916 srvnet - ok
01:25:15.0599 12916 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:25:15.0602 12916 SSDPSRV - ok
01:25:15.0617 12916 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:25:15.0619 12916 SstpSvc - ok
01:25:15.0658 12916 Steam Client Service - ok
01:25:15.0681 12916 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
01:25:15.0682 12916 stexstor - ok
01:25:15.0720 12916 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
01:25:15.0725 12916 stisvc - ok
01:25:15.0756 12916 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
01:25:15.0756 12916 swenum - ok
01:25:15.0839 12916 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
01:25:15.0844 12916 SwitchBoard - ok
01:25:15.0878 12916 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
01:25:15.0882 12916 swprv - ok
01:25:15.0928 12916 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
01:25:15.0947 12916 SysMain - ok
01:25:15.0986 12916 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:25:15.0988 12916 TabletInputService - ok
01:25:16.0019 12916 [ 4EF44915E522F3ECD1A3FF540AA64126 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
01:25:16.0019 12916 tap0901 - ok
01:25:16.0039 12916 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
01:25:16.0042 12916 TapiSrv - ok
01:25:16.0064 12916 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
01:25:16.0066 12916 TBS - ok
01:25:16.0128 12916 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:25:16.0141 12916 Tcpip - ok
01:25:16.0179 12916 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:25:16.0189 12916 TCPIP6 - ok
01:25:16.0228 12916 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:25:16.0229 12916 tcpipreg - ok
01:25:16.0262 12916 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:25:16.0263 12916 TDPIPE - ok
01:25:16.0294 12916 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:25:16.0294 12916 TDTCP - ok
01:25:16.0322 12916 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:25:16.0323 12916 tdx - ok
01:25:16.0354 12916 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
01:25:16.0355 12916 TermDD - ok
01:25:16.0376 12916 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
01:25:16.0381 12916 TermService - ok
01:25:16.0410 12916 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
01:25:16.0412 12916 Themes - ok
01:25:16.0437 12916 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
01:25:16.0438 12916 THREADORDER - ok
01:25:16.0452 12916 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
01:25:16.0454 12916 TrkWks - ok
01:25:16.0490 12916 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:25:16.0491 12916 TrustedInstaller - ok
01:25:16.0536 12916 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:25:16.0536 12916 tssecsrv - ok
01:25:16.0558 12916 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
01:25:16.0559 12916 TsUsbFlt - ok
01:25:16.0588 12916 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:25:16.0589 12916 tunnel - ok
01:25:16.0607 12916 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
01:25:16.0608 12916 uagp35 - ok
01:25:16.0638 12916 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:25:16.0640 12916 udfs - ok
01:25:16.0678 12916 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:25:16.0679 12916 UI0Detect - ok
01:25:16.0704 12916 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:25:16.0705 12916 uliagpkx - ok
01:25:16.0731 12916 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
01:25:16.0732 12916 umbus - ok
01:25:16.0750 12916 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
01:25:16.0751 12916 UmPass - ok
01:25:16.0767 12916 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
01:25:16.0770 12916 upnphost - ok
01:25:16.0787 12916 uqk - ok
01:25:16.0807 12916 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
01:25:16.0808 12916 USBAAPL64 - ok
01:25:16.0847 12916 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
01:25:16.0848 12916 usbaudio - ok
01:25:16.0863 12916 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:25:16.0863 12916 usbccgp - ok
01:25:16.0898 12916 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:25:16.0899 12916 usbcir - ok
01:25:16.0911 12916 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
01:25:16.0911 12916 usbehci - ok
01:25:16.0929 12916 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:25:16.0931 12916 usbhub - ok
01:25:16.0948 12916 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
01:25:16.0948 12916 usbohci - ok
01:25:16.0972 12916 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:25:16.0973 12916 usbprint - ok
01:25:17.0002 12916 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
01:25:17.0003 12916 usbscan - ok
01:25:17.0017 12916 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
01:25:17.0018 12916 USBSTOR - ok
01:25:17.0058 12916 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
01:25:17.0058 12916 usbuhci - ok
01:25:17.0082 12916 usj - ok
01:25:17.0114 12916 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
01:25:17.0117 12916 UxSms - ok
01:25:17.0137 12916 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
01:25:17.0138 12916 VaultSvc - ok
01:25:17.0149 12916 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
01:25:17.0150 12916 vdrvroot - ok
01:25:17.0178 12916 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
01:25:17.0182 12916 vds - ok
01:25:17.0212 12916 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:25:17.0213 12916 vga - ok
01:25:17.0233 12916 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
01:25:17.0234 12916 VgaSave - ok
01:25:17.0250 12916 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
01:25:17.0251 12916 vhdmp - ok
01:25:17.0262 12916 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
01:25:17.0263 12916 viaide - ok
01:25:17.0300 12916 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:25:17.0301 12916 volmgr - ok
01:25:17.0333 12916 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:25:17.0337 12916 volmgrx - ok
01:25:17.0364 12916 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:25:17.0367 12916 volsnap - ok
01:25:17.0390 12916 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
01:25:17.0391 12916 vsmraid - ok
01:25:17.0446 12916 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
01:25:17.0460 12916 VSS - ok
01:25:17.0487 12916 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
01:25:17.0488 12916 vwifibus - ok
01:25:17.0507 12916 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
01:25:17.0507 12916 vwififlt - ok
01:25:17.0541 12916 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
01:25:17.0544 12916 W32Time - ok
01:25:17.0564 12916 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
01:25:17.0564 12916 WacomPen - ok
01:25:17.0598 12916 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:25:17.0599 12916 WANARP - ok
01:25:17.0606 12916 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:25:17.0607 12916 Wanarpv6 - ok
01:25:17.0670 12916 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
01:25:17.0682 12916 WatAdminSvc - ok
01:25:17.0749 12916 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
01:25:17.0761 12916 wbengine - ok
01:25:17.0771 12916 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:25:17.0774 12916 WbioSrvc - ok
01:25:17.0792 12916 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:25:17.0795 12916 wcncsvc - ok
01:25:17.0806 12916 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:25:17.0808 12916 WcsPlugInService - ok
01:25:17.0830 12916 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
01:25:17.0831 12916 Wd - ok
01:25:17.0864 12916 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:25:17.0868 12916 Wdf01000 - ok
01:25:17.0882 12916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:25:17.0885 12916 WdiServiceHost - ok
01:25:17.0891 12916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:25:17.0893 12916 WdiSystemHost - ok
01:25:17.0929 12916 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
01:25:17.0931 12916 WebClient - ok
01:25:17.0948 12916 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:25:17.0950 12916 Wecsvc - ok
01:25:17.0962 12916 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:25:17.0964 12916 wercplsupport - ok
01:25:17.0979 12916 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
01:25:17.0981 12916 WerSvc - ok
01:25:17.0991 12916 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:25:17.0991 12916 WfpLwf - ok
01:25:18.0019 12916 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
01:25:18.0020 12916 WimFltr - ok
01:25:18.0051 12916 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:25:18.0051 12916 WIMMount - ok
01:25:18.0074 12916 WinDefend - ok
01:25:18.0090 12916 WinHttpAutoProxySvc - ok
01:25:18.0131 12916 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:25:18.0133 12916 Winmgmt - ok
01:25:18.0190 12916 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys
01:25:18.0191 12916 WinRing0_1_2_0 - ok
01:25:18.0259 12916 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
01:25:18.0273 12916 WinRM - ok
01:25:18.0318 12916 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
01:25:18.0319 12916 WinUsb - ok
01:25:18.0360 12916 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
01:25:18.0366 12916 Wlansvc - ok
01:25:18.0435 12916 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:25:18.0447 12916 wlidsvc - ok
01:25:18.0488 12916 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
01:25:18.0488 12916 WmiAcpi - ok
01:25:18.0521 12916 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:25:18.0522 12916 wmiApSrv - ok
01:25:18.0548 12916 WMPNetworkSvc - ok
01:25:18.0576 12916 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:25:18.0577 12916 WPCSvc - ok
01:25:18.0606 12916 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:25:18.0608 12916 WPDBusEnum - ok
01:25:18.0633 12916 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:25:18.0633 12916 ws2ifsl - ok
01:25:18.0650 12916 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
01:25:18.0652 12916 wscsvc - ok
01:25:18.0659 12916 WSearch - ok
01:25:18.0737 12916 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
01:25:18.0754 12916 wuauserv - ok
01:25:18.0789 12916 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:25:18.0790 12916 WudfPf - ok
01:25:18.0805 12916 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:25:18.0807 12916 WUDFRd - ok
01:25:18.0823 12916 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:25:18.0825 12916 wudfsvc - ok
01:25:18.0857 12916 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
01:25:18.0860 12916 WwanSvc - ok
01:25:18.0916 12916 X6va009 - ok
01:25:18.0939 12916 X6va012 - ok
01:25:18.0992 12916 [ 38F55D07B1D3391065C40EC065F984E2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
01:25:18.0993 12916 xusb21 - ok
01:25:19.0013 12916 ================ Scan global ===============================
01:25:19.0045 12916 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
01:25:19.0071 12916 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
01:25:19.0078 12916 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
01:25:19.0095 12916 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
01:25:19.0118 12916 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
01:25:19.0121 12916 [Global] - ok
01:25:19.0122 12916 ================ Scan MBR ==================================
01:25:19.0132 12916 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
01:25:19.0282 12916 \Device\Harddisk0\DR0 - ok
01:25:19.0282 12916 ================ Scan VBR ==================================
01:25:19.0287 12916 [ 847126097AFBB027AB722A82CA08C5C1 ] \Device\Harddisk0\DR0\Partition1
01:25:19.0289 12916 \Device\Harddisk0\DR0\Partition1 - ok
01:25:19.0302 12916 [ 8A41DF8A92B9F047ACDF0C1395CA961B ] \Device\Harddisk0\DR0\Partition2
01:25:19.0304 12916 \Device\Harddisk0\DR0\Partition2 - ok
01:25:19.0304 12916 ============================================================
01:25:19.0304 12916 Scan finished
01:25:19.0304 12916 ============================================================
01:25:19.0317 6484 Detected object count: 1
01:25:19.0317 6484 Actual detected object count: 1
01:25:29.0485 6484 c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll - copied to quarantine
01:25:29.0486 6484 Akamai ( HiddenFile.Multi.Generic ) - User select action: Quarantine

Edited by trips487, 27 May 2013 - 12:31 AM.

  • 0

#38
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Go here and download and run the 64 bit version of Farbar's FRST. It will create two logs - post them back here please.
  • 0

#39
trips487

trips487

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 170 posts
FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-05-2013
Ran by Jfarelas (administrator) on 30-05-2013 01:49:58
Running from C:\Users\Jfarelas\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(AMD) C:\Windows\system32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
( ) C:\Windows\system32\lxbtcoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Akamai Technologies, Inc.) C:\Users\Jfarelas\AppData\Local\Akamai\netsession_win.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Jfarelas\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Microsoft Corporation) C:\Windows\system32\calc.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Windows\system32\calc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Farbar) C:\Users\Jfarelas\Downloads\FRST64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8306208 2009-10-20] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [LXBTCATS] rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\LXBTtime.dll,RunDLLEntry [28672 2007-05-03] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [478984 2012-12-15] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-10-14] (Dell)
HKLM-x32\...\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2011-08-01] (Softthinks)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
HKCU\...\Run: [Akamai NetSession Interface] "C:\Users\Jfarelas\AppData\Local\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKCU\...\Run: [Facebook Update] "C:\Users\Jfarelas\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-11] (Facebook Inc.)
HKCU\...\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2013-05-12] (SUPERAntiSpyware.com)
HKCU\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1635752 2013-05-03] (Valve Corporation)
HKCU\...\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-17] ()
HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18643560 2013-03-01] (Skype Technologies S.A.)
HKCU\...\Run: [FlashGet 3] "C:\Program Files (x86)\FlashGet Network\FlashGet 3\flashget3.exe" -minimize [3090056 2012-03-14] (Trend Media Corporation Limited)
HKCU\...\Run: [BitTorrent] "C:\Users\Jfarelas\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED [1125456 2013-05-13] (BitTorrent Inc.)
HKCU\...\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [380928 2009-02-03] (AMD)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-10-14] (Dell)
HKLM-x32\...\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2011-08-01] (Softthinks)
HKLM-x32\...\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m [1807600 2009-11-13] ()
HKLM-x32\...\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [140520 2009-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [498160 2009-10-15] ()
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [641704 2012-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml [20992 2012-03-19] ()
HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4408368 2013-04-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1073352 2012-06-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Jfarelas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %Systemroot%\system32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %Systemroot%\SysWow64\webcheck.dll No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3225826
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=30-04-2013
HKCU SearchScopes: DefaultScope {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=30-04-2013
SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=30-04-2013
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Jfarelas\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll (Trend Media Group)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
PDF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab
PDF: HKLM-x32 {063F7D71-5E0B-48F2-87D5-F63C5917947E} https://platform.nex...nlab/aosmgr.cab
PDF: HKLM-x32 {0D8004AA-A1CB-4F92-BBEB-0A824B1EE2A2} http://ws.nopp.co.kr.../HGLauncher.cab
PDF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcp...ols/pcmatic.cab
PDF: HKLM-x32 {140E4DF8-9E14-4A34-9577-C77561ED7883} http://d1ylr6sba64qi...ri_4.1.71.0.cab
PDF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab
PDF: HKLM-x32 {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zon...S.cab109791.cab
PDF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab
PDF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
PDF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab
PDF: HKLM-x32 {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [20992] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Jfarelas\AppData\Roaming\Mozilla\Firefox\Profiles\klvv2ehc.default
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @ahnlab.com/asp/npaosmgr.1 - C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\npaosmgr.dll (AhnLab, Inc.)
FF Plugin-x32: @ahnlab.com/asp/npmkd25sp - C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.com/NxGame - C:\ProgramData\Nexon\NGM\npNxGame.dll (Nexon)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File
FF Plugin-x32: @ogplanet.com/npOGPPlugin - C:\Windows\system32\npOGPPlugin.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/vbp;version=0.9.17 - C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)

Chrome:
=======
CHR HomePage: hxxp://www.maplestory.com/
CHR RestoreOnStartup: "hxxp://search.conduit.com/?ctid=CT3225826&SearchSource=48&CUI=UN44199805116363118&UM=2"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (AdobeExManDetect) - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
CHR Plugin: (AhnLab Online Security) - C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\npaosmgr.dll (AhnLab, Inc.)
CHR Plugin: (AhnLab Online Security Anti-keylogger) - C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 6 U33) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle Broadcaster Plugin) - C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Happy Cloud Plugin) - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll No File
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\Nexon\NGM\npNxGame.dll (Nexon)
CHR Plugin: (Unity Player) - C:\Users\Jfarelas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Desktop) - C:\Users\Jfarelas\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CHR Plugin: (NPPlayerShell) - C:\Users\Jfarelas\AppData\Roaming\TrianglePlayer\NPTrianglePlayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.330.3) - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (OGPlanet Game Plugin) - C:\Windows\system32\npOGPPlugin.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Skype Click to Call) - C:\Users\Jfarelas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Jfarelas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2013-05-12] (SUPERAntiSpyware.com)
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll [4561152 2013-03-20] (Akamai Technologies, Inc.)
S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-14] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.)
R2 lxbt_device; C:\Windows\system32\lxbtcoms.exe [566704 2007-05-03] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4825776 2011-06-07] (INCA Internet Co., Ltd.)

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-03-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Mkd2Bthf; C:\Windows\System32\drivers\Mkd2Bthf.sys [97368 2011-09-28] (AhnLab, Inc.)
S3 Mkd2Nadr; C:\Windows\System32\drivers\Mkd2Nadr.sys [107096 2011-09-28] (AhnLab, Inc.)
S3 Mkd3kfNt; C:\Windows\System32\drivers\Mkd3kfNt.sys [182872 2011-09-28] (AhnLab, Inc.)
S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4774 2012-03-06] (INCA Internet Co., Ltd.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-11-13] (OpenLibSys.org)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz132; \??\C:\Users\Jfarelas\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [x]
R3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 slb; \??\C:\AeriaGames\ScarletBlade\avital\scarlb64.sys [x]
S3 uqk; \??\C:\koramgame\STOnline\avital\wyqku64.sys [x]
S3 usj; \??\C:\AeriaGames\EdenEternal\avital\ussjcs64.sys [x]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-05-30 01:49 - 2013-05-30 01:49 - 01915774 ____A (Farbar) C:\Users\Jfarelas\Downloads\FRST64.exe
2013-05-30 01:49 - 2013-05-30 01:49 - 00000000 ____D C:\FRST
2013-05-29 03:01 - 2013-05-29 03:01 - 00005921 ____A C:\Windows\IE10_main.log
2013-05-27 01:17 - 2013-05-27 01:25 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-05-27 01:13 - 2013-05-27 01:13 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Jfarelas\Desktop\larry.com.exe
2013-05-24 15:02 - 2013-05-24 15:02 - 00000122 ___AH C:\Users\Jfarelas\Desktop\.~lock.s183towerlist.xls#
2013-05-23 02:17 - 2010-09-07 15:39 - 00150392 ____A (Sysinternals - www.sysinternals.com) C:\Users\Jfarelas\Desktop\junction.exe
2013-05-23 02:17 - 2006-07-28 09:32 - 00007005 ____N C:\Users\Jfarelas\Desktop\Eula.txt
2013-05-23 02:16 - 2013-05-23 02:16 - 00079623 ____A C:\Users\Jfarelas\Desktop\Junction.zip
2013-05-23 00:32 - 2013-05-23 00:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-22 12:54 - 2013-05-22 12:54 - 00001115 ____A C:\Users\Jfarelas\Desktop\GameLauncher - Shortcut.lnk
2013-05-21 12:28 - 2013-05-21 12:39 - 00030027 ____A C:\ComboFix.txt
2013-05-21 11:48 - 2013-05-21 12:29 - 00000000 ____D C:\Qoobox
2013-05-21 11:48 - 2013-05-21 11:48 - 05068564 ____R (Swearware) C:\Users\Jfarelas\Desktop\ComboFix.exe
2013-05-21 11:48 - 2011-06-26 01:45 - 00256000 ____A C:\Windows\PEV.exe
2013-05-21 11:48 - 2010-11-07 12:20 - 00208896 ____A C:\Windows\MBR.exe
2013-05-21 11:48 - 2009-04-19 23:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-05-21 11:48 - 2000-08-30 19:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-05-21 11:48 - 2000-08-30 19:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-05-21 11:48 - 2000-08-30 19:00 - 00098816 ____A C:\Windows\sed.exe
2013-05-21 11:48 - 2000-08-30 19:00 - 00080412 ____A C:\Windows\grep.exe
2013-05-21 11:48 - 2000-08-30 19:00 - 00068096 ____A C:\Windows\zip.exe
2013-05-20 22:22 - 2013-05-21 12:40 - 00109360 ____A C:\Windows\PFRO.log
2013-05-20 22:22 - 2013-05-21 12:40 - 00000168 ____A C:\Windows\setupact.log
2013-05-20 22:22 - 2013-05-20 22:22 - 00000000 ____A C:\Windows\setuperr.log
2013-05-20 03:00 - 2013-05-29 03:00 - 00013650 ____A C:\Windows\IE9_main.log
2013-05-19 20:48 - 2013-05-19 20:48 - 00000817 ____A C:\Users\Public\Desktop\Play Pirate101.lnk
2013-05-19 20:48 - 2013-05-19 20:48 - 00000000 ____D C:\ProgramData\KingsIsle Entertainment
2013-05-19 01:32 - 2013-05-19 01:32 - 00000058 ____A C:\Users\Jfarelas\tree times.txt
2013-05-15 11:53 - 2013-05-15 11:53 - 00000134 ____A C:\Users\Jfarelas\Desktop\Internet Explorer Troubleshooting.url
2013-05-14 17:19 - 2013-04-10 01:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-14 17:19 - 2013-04-10 01:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-14 17:19 - 2011-02-03 06:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-14 17:18 - 2013-04-09 22:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-14 17:18 - 2013-03-19 00:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-14 17:18 - 2013-03-19 00:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-14 17:18 - 2013-02-27 01:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-14 17:18 - 2013-02-27 00:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-14 17:18 - 2013-02-27 00:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-14 17:18 - 2013-02-27 00:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-14 17:18 - 2013-02-27 00:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-14 17:18 - 2013-02-26 23:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-14 17:18 - 2013-02-26 23:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-14 17:18 - 2013-02-26 23:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-13 21:10 - 2013-05-13 21:14 - 00000000 ____D C:\Users\Jfarelas\Desktop\How I Met Your Mother Season 8 Episodes HDTV 1-12 [SEEDBOX]
2013-05-13 21:09 - 2013-05-13 21:15 - 00000000 ____D C:\Users\Jfarelas\AppData\Local\Conduit
2013-05-13 21:09 - 2013-05-13 21:09 - 00000905 ____A C:\Users\Public\Desktop\BitTorrent.lnk
2013-05-13 21:09 - 2013-05-13 21:09 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-05-13 21:08 - 2013-05-21 17:31 - 00000000 ____D C:\Users\Jfarelas\AppData\Roaming\BitTorrent
2013-05-13 21:08 - 2013-05-13 21:08 - 01125456 ____A (BitTorrent Inc.) C:\Users\Jfarelas\Downloads\BitTorrent.exe
2013-05-13 15:52 - 2013-05-13 15:52 - 00000000 ____D C:\Users\Jfarelas\AppData\Local\WarThunder
2013-05-13 15:52 - 2013-05-13 15:52 - 00000000 ____D C:\ProgramData\WarThunder
2013-05-12 16:07 - 2013-05-12 16:07 - 00000000 ____D C:\Users\Jfarelas\AppData\Local\Razer
2013-05-12 16:06 - 2013-05-12 16:06 - 00002106 ____A C:\Users\Public\Desktop\Razer Game Booster.lnk
2013-05-12 16:06 - 2013-05-12 16:06 - 00000000 ____D C:\Users\Jfarelas\Downloads\Download
2013-05-12 16:06 - 2013-05-12 16:06 - 00000000 ____D C:\ProgramData\Razer
2013-05-12 16:06 - 2013-05-12 16:06 - 00000000 ____D C:\Program Files (x86)\Razer
2013-05-12 16:05 - 2013-05-12 16:05 - 00945456 ____A C:\Users\Jfarelas\Downloads\Razer_Game_Booster_downloader.exe
2013-05-12 15:43 - 2013-05-12 15:43 - 01242562 ____A C:\Users\Jfarelas\Desktop\CAT.exe
2013-05-12 15:40 - 2013-05-24 00:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-12 15:40 - 2013-05-12 15:40 - 00001109 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-05-12 15:39 - 2013-05-12 15:39 - 21036128 ____A (Mozilla) C:\Users\Jfarelas\Downloads\Firefox Setup 20.0.1 (1).exe
2013-05-12 00:00 - 2013-05-12 00:00 - 00000000 ____D C:\ProgramData\StarApp
2013-05-11 22:32 - 2013-05-11 22:33 - 00000268 ____A C:\Users\Jfarelas\Desktop\serial.txt
2013-05-11 22:32 - 2013-05-11 22:33 - 00000002 ____A C:\Users\Jfarelas\Desktop\myFile.txt
2013-05-11 17:32 - 2013-05-11 17:32 - 00000222 ____A C:\Users\Jfarelas\Desktop\Ragnarok Online 2.url
2013-05-11 11:45 - 2013-05-11 11:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-05-11 11:45 - 2013-05-11 11:45 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-05-11 11:44 - 2013-05-11 11:44 - 26728448 ____A C:\Users\Jfarelas\Desktop\PhysX-9.12.1031-SystemSoftware.msi
2013-05-10 19:56 - 2013-05-11 11:45 - 00000000 ____D C:\ProgramData\Solid State Networks
2013-05-10 19:53 - 2013-05-10 19:53 - 00000000 ____D C:\PlayPark
2013-05-10 19:53 - 2013-05-10 19:53 - 00000000 ____D C:\gravity
2013-05-08 21:59 - 2013-05-24 00:28 - 00007168 ____A C:\Users\Jfarelas\Desktop\s183towerlist.xls
2013-05-07 01:01 - 2013-05-07 01:01 - 00173582 ____A C:\Users\Jfarelas\Documents\cc_20130507_010058.reg
2013-05-07 01:01 - 2013-05-07 01:01 - 00063030 ____A C:\Users\Jfarelas\Documents\cc_20130507_010133.reg
2013-05-07 00:57 - 2013-05-07 00:57 - 04346816 ____A (Piriform Ltd) C:\Users\Jfarelas\Desktop\ccsetup401.exe
2013-05-07 00:54 - 2013-05-07 00:54 - 21036128 ____A (Mozilla) C:\Users\Jfarelas\Desktop\Firefox Setup 20.0.1.exe
2013-05-07 00:46 - 2013-05-07 00:46 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-05-07 00:46 - 2013-05-07 00:46 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-05-07 00:46 - 2013-05-07 00:46 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-07 00:44 - 2013-05-07 00:44 - 33119648 ____A (Oracle Corporation) C:\Users\Jfarelas\Desktop\jre-7u21-windows-x64.exe
2013-05-01 12:54 - 2013-05-01 12:54 - 06589271 ____A C:\Users\Jfarelas\Desktop\GameInstaller.exe
2013-04-30 19:56 - 2013-04-30 19:56 - 00000000 ____D C:\ProgramData\SoftSafe
2013-04-30 18:47 - 2013-05-12 00:00 - 00000000 ____D C:\ProgramData\InstallMate
2013-04-30 08:27 - 2013-04-30 08:27 - 00001241 ____A C:\Users\Jfarelas\Desktop\Neverwinter.lnk
2013-04-30 08:25 - 2008-10-15 06:22 - 05631312 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll
2013-04-30 08:25 - 2008-10-15 06:22 - 04379984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-04-30 08:25 - 2008-10-15 06:22 - 02605920 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll
2013-04-30 08:25 - 2008-10-15 06:22 - 02036576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-04-30 08:25 - 2008-10-15 06:22 - 00519000 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll
2013-04-30 08:25 - 2008-10-15 06:22 - 00452440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2013-04-30 08:23 - 2013-04-30 08:23 - 00000000 ____D C:\Users\Public\Games
2013-04-30 00:25 - 2013-04-30 00:55 - 00000000 ____D C:\Users\Jfarelas\Desktop\Neverwinter NW.1.20130416a.6
2013-04-30 00:25 - 2013-04-30 00:25 - 01812872 ____A C:\Users\Jfarelas\Desktop\Neverwinter_NW.1.20130416a.6.exe

==================== One Month Modified Files and Folders =======

2013-05-30 01:49 - 2013-05-30 01:49 - 01915774 ____A (Farbar) C:\Users\Jfarelas\Downloads\FRST64.exe
2013-05-30 01:49 - 2013-05-30 01:49 - 00000000 ____D C:\FRST
2013-05-30 01:41 - 2010-08-20 23:14 - 00000000 ____D C:\Users\Jfarelas\AppData\Roaming\Skype
2013-05-30 01:26 - 2012-11-12 03:11 - 00000902 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-30 01:04 - 2012-04-08 01:13 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-30 00:48 - 2012-03-06 10:38 - 00000940 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3195389507-3672305450-632222044-1000UA.job
2013-05-29 17:32 - 2010-12-07 14:34 - 00000000 ____D C:\ProgramData\MFAData
2013-05-29 15:48 - 2012-03-06 10:38 - 00000918 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3195389507-3672305450-632222044-1000Core.job
2013-05-29 15:26 - 2012-11-12 03:11 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-29 03:01 - 2013-05-29 03:01 - 00005921 ____A C:\Windows\IE10_main.log
2013-05-29 03:01 - 2009-07-14 00:10 - 01630127 ____A C:\Windows\WindowsUpdate.log
2013-05-29 03:00 - 2013-05-20 03:00 - 00013650 ____A C:\Windows\IE9_main.log
2013-05-29 02:00 - 2010-08-08 13:47 - 00000000 ____D C:\Users\Jfarelas\AppData\Local\Adobe
2013-05-27 12:41 - 2010-08-20 23:13 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-05-27 12:41 - 2010-08-20 23:13 - 00000000 ____D C:\ProgramData\Skype
2013-05-27 04:51 - 2009-07-13 23:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-27 04:51 - 2009-07-13 23:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-27 01:25 - 2013-05-27 01:17 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-05-27 01:13 - 2013-05-27 01:13 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Jfarelas\Desktop\larry.com.exe
2013-05-24 15:02 - 2013-05-24 15:02 - 00000122 ___AH C:\Users\Jfarelas\Desktop\.~lock.s183towerlist.xls#
2013-05-24 00:56 - 2013-05-12 15:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-24 00:56 - 2013-04-11 22:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-05-24 00:28 - 2013-05-08 21:59 - 00007168 ____A C:\Users\Jfarelas\Desktop\s183towerlist.xls
2013-05-23 02:16 - 2013-05-23 02:16 - 00079623 ____A C:\Users\Jfarelas\Desktop\Junction.zip
2013-05-23 00:32 - 2013-05-23 00:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-22 12:54 - 2013-05-22 12:54 - 00001115 ____A C:\Users\Jfarelas\Desktop\GameLauncher - Shortcut.lnk
2013-05-21 17:31 - 2013-05-13 21:08 - 00000000 ____D C:\Users\Jfarelas\AppData\Roaming\BitTorrent
2013-05-21 13:11 - 2012-12-17 12:24 - 00000000 ____D C:\Users\Jfarelas\AppData\Local\PMB Files
2013-05-21 12:43 - 2012-03-28 18:57 - 00000000 ____D C:\Users\Jfarelas\AppData\Roaming\BITS
2013-05-21 12:42 - 2012-07-22 21:38 - 00000000 ____D C:\Program Files (x86)\Steam
2013-05-21 12:41 - 2010-08-07 17:28 - 00000000 ____D C:\Users\Jfarelas\AppData\Local\SoftThinks
2013-05-21 12:41 - 2010-08-07 17:28 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-05-21 12:41 - 2010-08-07 17:28 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-05-21 12:41 - 2010-04-09 19:48 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-05-21 12:40 - 2013-05-20 22:22 - 00109360 ____A C:\Windows\PFRO.log
2013-05-21 12:40 - 2013-05-20 22:22 - 00000168 ____A C:\Windows\setupact.log
2013-05-21 12:40 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-21 12:39 - 2013-05-21 12:28 - 00030027 ____A C:\ComboFix.txt
2013-05-21 12:29 - 2013-05-21 11:48 - 00000000 ____D C:\Qoobox
2013-05-21 12:09 - 2009-07-13 21:34 - 00000215 ____A C:\Windows\system.ini
2013-05-21 11:48 - 2013-05-21 11:48 - 05068564 ____R (Swearware) C:\Users\Jfarelas\Desktop\ComboFix.exe
2013-05-20 22:22 - 2013-05-20 22:22 - 00000000 ____A C:\Windows\setuperr.log
2013-05-20 08:41 - 2012-10-03 18:38 - 00000927 ____A C:\Users\Public\Desktop\AVG 2013.lnk
2013-05-19 22:10 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\NDF
2013-05-19 20:48 - 2013-05-19 20:48 - 00000817 ____A C:\Users\Public\Desktop\Play Pirate101.lnk
2013-05-19 20:48 - 2013-05-19 20:48 - 00000000 ____D C:\ProgramData\KingsIsle Entertainment
2013-05-19 20:48 - 2010-04-09 19:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-05-19 01:32 - 2013-05-19 01:32 - 00000058 ____A C:\Users\Jfarelas\tree times.txt
2013-05-19 01:32 - 2010-08-07 17:26 - 00000000 ____D C:\users\Jfarelas
2013-05-16 01:21 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-05-15 11:53 - 2013-05-15 11:53 - 00000134 ____A C:\Users\Jfarelas\Desktop\Internet Explorer Troubleshooting.url
2013-05-15 11:47 - 2010-08-11 03:01 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-15 11:40 - 2009-07-13 23:45 - 04968320 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-15 10:04 - 2012-04-08 01:12 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-15 10:04 - 2011-06-06 23:28 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-15 03:02 - 2009-07-14 00:13 - 00784888 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-13 23:15 - 2010-08-07 19:30 - 00000000 ____D C:\Users\Jfarelas\AppData\Local\Deployment
2013-05-13 23:15 - 2010-08-07 19:30 - 00000000 ____D C:\Users\Jfarelas\AppData\Local\Apps\2.0
2013-05-13 21:15 - 2013-05-13 21:09 - 00000000 ____D C:\Users\Jfarelas\AppData\Local\Conduit
2013-05-13 21:14 - 2013-05-13 21:10 - 00000000 ____D C:\Users\Jfarelas\Desktop\How I Met Your Mother Season 8 Episodes HDTV 1-12 [SEEDBOX]
2013-05-13 21:10 - 2012-07-28 13:50 - 00000000 ____D C:\Users\Jfarelas\AppData\Local\CRE
2013-05-13 21:09 - 2013-05-13 21:09 - 00000905 ____A C:\Users\Public\Desktop\BitTorrent.lnk
2013-05-13 21:09 - 2013-05-13 21:09 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-05-13 21:08 - 2013-05-13 21:08 - 01125456 ____A (BitTorrent Inc.) C:\Users\Jfarelas\Downloads\BitTorrent.exe
2013-05-13 16:57 - 2013-03-16 21:15 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-05-13 15:52 - 2013-05-13 15:52 - 00000000 ____D C:\Users\Jfarelas\AppData\Local\WarThunder
2013-05-13 15:52 - 2013-05-13 15:52 - 00000000 ____D C:\ProgramData\WarThunder
2013-05-13 15:52 - 2013-01-27 15:38 - 00000000 ____D C:\Users\Jfarelas\Documents\My Games
2013-05-12 16:07 - 2013-05-12 16:07 - 00000000 ____D C:\Users\Jfarelas\AppData\Local\Razer
2013-05-12 16:06 - 2013-05-12 16:06 - 00002106 ____A C:\Users\Public\Desktop\Razer Game Booster.lnk
2013-05-12 16:06 - 2013-05-12 16:06 - 00000000 ____D C:\Users\Jfarelas\Downloads\Download
2013-05-12 16:06 - 2013-05-12 16:06 - 00000000 ____D C:\ProgramData\Razer
2013-05-12 16:06 - 2013-05-12 16:06 - 00000000 ____D C:\Program Files (x86)\Razer
2013-05-12 16:05 - 2013-05-12 16:05 - 00945456 ____A C:\Users\Jfarelas\Downloads\Razer_Game_Booster_downloader.exe
2013-05-12 16:01 - 2012-12-09 01:48 - 00000000 ____D C:\zywxsoft
2013-05-12 15:53 - 2012-06-12 22:52 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-05-12 15:51 - 2011-03-29 15:02 - 00000000 ____D C:\Program Files\Lx_cats
2013-05-12 15:43 - 2013-05-12 15:43 - 01242562 ____A C:\Users\Jfarelas\Desktop\CAT.exe
2013-05-12 15:40 - 2013-05-12 15:40 - 00001109 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-05-12 15:39 - 2013-05-12 15:39 - 21036128 ____A (Mozilla) C:\Users\Jfarelas\Downloads\Firefox Setup 20.0.1 (1).exe
2013-05-12 00:54 - 2013-04-27 13:57 - 00000000 ____D C:\ProgramData\HappyCloud
2013-05-12 00:50 - 2012-09-28 10:50 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-05-12 00:00 - 2013-05-12 00:00 - 00000000 ____D C:\ProgramData\StarApp
2013-05-12 00:00 - 2013-04-30 18:47 - 00000000 ____D C:\ProgramData\InstallMate
2013-05-11 22:33 - 2013-05-11 22:32 - 00000268 ____A C:\Users\Jfarelas\Desktop\serial.txt
2013-05-11 22:33 - 2013-05-11 22:32 - 00000002 ____A C:\Users\Jfarelas\Desktop\myFile.txt
2013-05-11 17:32 - 2013-05-11 17:32 - 00000222 ____A C:\Users\Jfarelas\Desktop\Ragnarok Online 2.url
2013-05-11 11:45 - 2013-05-11 11:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-05-11 11:45 - 2013-05-11 11:45 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-05-11 11:45 - 2013-05-10 19:56 - 00000000 ____D C:\ProgramData\Solid State Networks
2013-05-11 11:44 - 2013-05-11 11:44 - 26728448 ____A C:\Users\Jfarelas\Desktop\PhysX-9.12.1031-SystemSoftware.msi
2013-05-11 11:40 - 2012-07-17 16:02 - 00000000 ____D C:\Program Files (x86)\Gravity
2013-05-10 19:53 - 2013-05-10 19:53 - 00000000 ____D C:\PlayPark
2013-05-10 19:53 - 2013-05-10 19:53 - 00000000 ____D C:\gravity
2013-05-07 01:01 - 2013-05-07 01:01 - 00173582 ____A C:\Users\Jfarelas\Documents\cc_20130507_010058.reg
2013-05-07 01:01 - 2013-05-07 01:01 - 00063030 ____A C:\Users\Jfarelas\Documents\cc_20130507_010133.reg
2013-05-07 00:57 - 2013-05-07 00:57 - 04346816 ____A (Piriform Ltd) C:\Users\Jfarelas\Desktop\ccsetup401.exe
2013-05-07 00:57 - 2011-05-31 22:00 - 00000979 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-05-07 00:57 - 2010-08-19 22:27 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-05-07 00:54 - 2013-05-07 00:54 - 21036128 ____A (Mozilla) C:\Users\Jfarelas\Desktop\Firefox Setup 20.0.1.exe
2013-05-07 00:46 - 2013-05-07 00:46 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-05-07 00:46 - 2013-05-07 00:46 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-05-07 00:46 - 2013-05-07 00:46 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-07 00:46 - 2012-06-21 22:22 - 01092512 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-05-07 00:46 - 2012-06-21 22:22 - 00971680 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-05-07 00:46 - 2010-04-09 19:43 - 00000000 ____D C:\Program Files\Java
2013-05-07 00:44 - 2013-05-07 00:44 - 33119648 ____A (Oracle Corporation) C:\Users\Jfarelas\Desktop\jre-7u21-windows-x64.exe
2013-05-07 00:44 - 2012-12-29 17:37 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-05-07 00:43 - 2010-04-09 19:44 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-05-07 00:42 - 2010-04-09 19:44 - 00000000 ____D C:\ProgramData\Adobe
2013-05-04 03:04 - 2013-04-29 19:43 - 00000451 ____A C:\Users\Jfarelas\Desktop\ESET.txt
2013-05-01 12:54 - 2013-05-01 12:54 - 06589271 ____A C:\Users\Jfarelas\Desktop\GameInstaller.exe
2013-04-30 19:56 - 2013-04-30 19:56 - 00000000 ____D C:\ProgramData\SoftSafe
2013-04-30 11:55 - 2012-06-13 01:00 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-04-30 08:27 - 2013-04-30 08:27 - 00001241 ____A C:\Users\Jfarelas\Desktop\Neverwinter.lnk
2013-04-30 08:23 - 2013-04-30 08:23 - 00000000 ____D C:\Users\Public\Games
2013-04-30 00:55 - 2013-04-30 00:25 - 00000000 ____D C:\Users\Jfarelas\Desktop\Neverwinter NW.1.20130416a.6
2013-04-30 00:25 - 2013-04-30 00:25 - 01812872 ____A C:\Users\Jfarelas\Desktop\Neverwinter_NW.1.20130416a.6.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


Last Boot: 2013-05-24 01:25

==================== End Of Log ============================


ADD


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-05-2013
Ran by Jfarelas at 2013-05-30 01:51:35 Run:
Running from C:\Users\Jfarelas\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

1.1.1.9
Adobe Download Assistant (Version: 1.2.5)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Akamai NetSession Interface
AMD Accelerated Video Transcoding (Version: 12.5.100.20704)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70704.0230)
Apple Mobile Device Support (Version: 5.1.1.4)
ATI AVIVO64 Codecs (Version: 10.0.0.31111)
AVG 2013 (Version: 13.0.3184)
AVG 2013 (Version: 13.0.3343)
AVG 2013 (Version: 2013.0.3343)
BitTorrent (Version: 7.8.0.29676)
Bonjour (Version: 3.0.0.10)
ccc-utility64 (Version: 2012.0704.122.388)
CCleaner (Version: 4.01)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
DragonNest
DriverAgent by eSupport.com
Facebook Messenger 2.1.4814.0 (Version: 2.1.4814.0)
Google Chrome (Version: 27.0.1453.94)
Google Update Helper (Version: 1.3.21.145)
Intel® Graphics Media Accelerator Driver
IntelR Matrix Storage Manager
iTunes (Version: 10.6.0.40)
Java 7 Update 21 (64-bit) (Version: 7.0.210)
join.me (Version: 1.3.1.414)
Junk Mail filter update (Version: 16.4.3505.0912)
Lexmark 5200 Series
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MapleStory
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SkyDrive (Version: 17.0.2003.1112)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Movie Maker (Version: 16.4.3505.0912)
Mozilla Firefox 21.0 (x86 en-US) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Neverwinter
Nexon Game Manager
NVIDIA PhysX (Version: 9.12.1031)
Paint.NET v3.5.10 (Version: 3.60.0)
Path of Exile (Version: 0.10.0.22448)
Photo Gallery (Version: 16.4.3505.0912)
Pirate101 (Version: 1.0.0)
Ragnarok Online 2
Razer Game Booster (Version: 3.5.6.0)
Skype Click to Call (Version: 6.9.12585)
Skype? 6.3 (Version: 6.3.105)
SUPERAntiSpyware (Version: 5.0.1108)
System Requirements Lab CYRI (Version: 5.0.6.0)
Uninstall Neocodex Program Manager
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)

==================== Restore Points =========================

22-05-2013 08:00:13 Windows Update
23-05-2013 08:00:14 Windows Update
24-05-2013 08:00:12 Windows Update
25-05-2013 08:00:12 Windows Update
26-05-2013 08:00:14 Windows Update
27-05-2013 00:00:10 Windows Backup
27-05-2013 08:00:12 Windows Update
28-05-2013 08:00:12 Windows Update
29-05-2013 08:00:12 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/29/2013 04:42:14 AM) (Source: Application Error) (User: )
Description: Faulting application name: Updater.exe, version: 6.3.1.53353, time stamp: 0x51309aee
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00af00c4
Faulting process id: 0x212c
Faulting application start time: 0xUpdater.exe0
Faulting application path: Updater.exe1
Faulting module path: Updater.exe2
Report Id: Updater.exe3

Error: (05/25/2013 06:42:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: MapleStory.exe, version: 8.135.1.1, time stamp: 0x519b4641
Faulting module name: MapleStory.exe, version: 8.135.1.1, time stamp: 0x519b4641
Exception code: 0xc0000005
Fault offset: 0x00b38cf6
Faulting process id: 0x2954
Faulting application start time: 0xMapleStory.exe0
Faulting application path: MapleStory.exe1
Faulting module path: MapleStory.exe2
Report Id: MapleStory.exe3

Error: (05/24/2013 01:27:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (05/23/2013 03:35:21 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (05/22/2013 00:47:54 PM) (Source: Application Hang) (User: )
Description: The program MapleStory.exe version 8.135.1.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 26a8

Start Time: 01ce5713b7efb8b3

Termination Time: 17

Application Path: C:\Nexon\MapleStory\MapleStory.exe

Report Id: b8e962f1-c307-11e2-ba4d-00256486d2f3

Error: (05/22/2013 00:41:55 PM) (Source: Application Hang) (User: )
Description: The program MapleStory.exe version 8.135.1.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: de0

Start Time: 01ce57138d265611

Termination Time: 15

Application Path: C:\Nexon\MapleStory\MapleStory.exe

Report Id: e072affa-c306-11e2-ba4d-00256486d2f3

Error: (05/22/2013 02:40:30 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (05/21/2013 02:23:55 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (05/20/2013 02:37:57 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (05/19/2013 11:43:11 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503754ef
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b8479b
Exception code: 0xc0000005
Fault offset: 0x0000000000009e5d
Faulting process id: 0x3668
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3


System errors:
=============
Error: (05/29/2013 04:42:15 AM) (Source: Service Control Manager) (User: )
Description: The Skype Updater service terminated unexpectedly. It has done this 1 time(s).

Error: (05/29/2013 03:02:13 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 10 for Windows 7 for x64-based Systems.

Error: (05/29/2013 03:00:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems.

Error: (05/28/2013 03:01:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems.

Error: (05/27/2013 03:00:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems.

Error: (05/26/2013 03:01:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems.

Error: (05/25/2013 03:01:02 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems.

Error: (05/24/2013 03:00:52 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems.

Error: (05/23/2013 03:01:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems.

Error: (05/22/2013 03:01:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems.


Microsoft Office Sessions:
=========================
Error: (05/29/2013 04:42:14 AM) (Source: Application Error)(User: )
Description: Updater.exe6.3.1.5335351309aeeunknown0.0.0.000000000c000000500af00c4212c01ce5c50b6b51f12C:\Program Files (x86)\Skype\Updater\Updater.exeunknown0a9a86e8-c844-11e2-ba4d-00256486d2f3

Error: (05/25/2013 06:42:09 PM) (Source: Application Error)(User: )
Description: MapleStory.exe8.135.1.1519b4641MapleStory.exe8.135.1.1519b4641c000000500b38cf6295401ce59841cc03419C:\Nexon\MapleStory\MapleStory.exeC:\Nexon\MapleStory\MapleStory.exeb6c76706-c594-11e2-ba4d-00256486d2f3

Error: (05/24/2013 01:27:15 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dllC:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll2

Error: (05/23/2013 03:35:21 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dllC:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll2

Error: (05/22/2013 00:47:54 PM) (Source: Application Hang)(User: )
Description: MapleStory.exe8.135.1.126a801ce5713b7efb8b317C:\Nexon\MapleStory\MapleStory.exeb8e962f1-c307-11e2-ba4d-00256486d2f3

Error: (05/22/2013 00:41:55 PM) (Source: Application Hang)(User: )
Description: MapleStory.exe8.135.1.1de001ce57138d26561115C:\Nexon\MapleStory\MapleStory.exee072affa-c306-11e2-ba4d-00256486d2f3

Error: (05/22/2013 02:40:30 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dllC:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll2

Error: (05/21/2013 02:23:55 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dllC:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll2

Error: (05/20/2013 02:37:57 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dllC:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll2

Error: (05/19/2013 11:43:11 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16450503754efKERNELBASE.dll6.1.7601.1801550b8479bc00000050000000000009e5d366801ce550673ffff56C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\KERNELBASE.dllc62e7d8b-c107-11e2-9b6d-00256486d2f3


CodeIntegrity Errors:
===================================
Date: 2013-05-21 11:59:57.575
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-21 11:59:57.410
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-19 01:29:36.077
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-19 01:29:36.027
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-10-16 12:54:44.430
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\ewido anti-malware\guard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-10-16 12:54:44.383
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\ewido anti-malware\guard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-10-15 22:47:32.720
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\ewido anti-malware\guard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-10-15 22:47:32.673
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\ewido anti-malware\guard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-10-14 03:23:23.246
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\ewido anti-malware\guard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-10-14 03:23:23.200
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\ewido anti-malware\guard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 65%
Total physical RAM: 4094.98 MB
Available physical RAM: 1431.54 MB
Total Pagefile: 8188.15 MB
Available Pagefile: 3856.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:280.79 GB) NTFS (Disk=0 Partition=3)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 78033E78)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#40
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts

Also yes that fuzzyness is what I am talking about. I can deal with that but it is annoying. Ill check other browsers. It may just be a firefox thing idk.


May have missed your reply - did you check this?


Go to Start - Control Panel - Programs - Programs and Features/Uninstall, then click on each of the following programs, if they show there, and click "Uninstall/Change".

DriverAgent by eSupport.com - Useless.
AVG 2013 - See if corruption of this is causing issues.

Reboot after, and post back an update on whatever issues still remain please.
  • 0

Advertisements


#41
trips487

trips487

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 170 posts
Hi. Sorry for the long wait. I did as you ask and so far things didn't much change. i still get the occasional fuzzyness on firefix. I will check other browsers and see if that happens there. I reinstalled my AVG as I don't have another virus protection. Is there another one you recommend me to install or AVG fine to keep? Lastly, I still have that update that seems to be corrupted and won't let me fix. What do you think I should do about that? Thank you.

Edited by trips487, 03 June 2013 - 12:31 AM.

  • 0

#42
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
What update, and did you check your browser for "fuzziness" while AVG was uninstalled? Kinda the reason for doing that.
  • 0

#43
trips487

trips487

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 170 posts

What update, and did you check your browser for "fuzziness" while AVG was uninstalled? Kinda the reason for doing that.


Fuzziness still exists with no avg. The I.E update that I told you was corrupted that couldn't be uninstalled.
  • 0

#44
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts

Fuzziness still exists with no avg. The I.E update that I told you was corrupted that couldn't be uninstalled.


Not quite the reply I was looking for. Does the fuzziness just occur using Firefox?

Follow the steps here under:

To uninstall Internet Explorer

Uninstall IE9, reboot and check for improvements.
  • 0

#45
trips487

trips487

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 170 posts

Fuzziness still exists with no avg. The I.E update that I told you was corrupted that couldn't be uninstalled.


Not quite the reply I was looking for. Does the fuzziness just occur using Firefox?

Follow the steps here under:

To uninstall Internet Explorer

Uninstall IE9, reboot and check for improvements.


Hi again from what I see chrome and I.E work with out fuzziness. If need be ill just use those browsers instead if we can't fix the fuzziness on firefox. Also I tried uninstall I.E says "error not all updates were uninstalled successfully." lastly, my dcos, music, and video folders do not open and were deleted since the recent comboxfix. I would like that fixed as well if possible. Thank you.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP