Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Checkup


  • Please log in to reply

#1
megaman186

megaman186

    Member

  • Member
  • PipPip
  • 23 posts
Hey guys this isn't a 1st priority issue, not even sure if it's classified as an issue actually, So please help other people before helping me.

Anyway I'd just like you guys to go through these OTL logs, to make sure things are fine, it's just that my pc has been playing up a tad these past few days, nothing serious though.

Here's the logs.


OTL:

OTL logfile created on: 30/08/2013 2:32:15 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Timothy\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

15.90 Gb Total Physical Memory | 13.19 Gb Available Physical Memory | 82.98% Memory free
31.80 Gb Paging File | 28.64 Gb Available in Paging File | 90.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 702.49 Gb Free Space | 75.42% Space Free | Partition Type: NTFS

Computer Name: SIKORSKY14 | User Name: Timothy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/30 14:31:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Timothy\Desktop\OTL.exe
PRC - [2013/08/16 13:21:43 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/07/23 11:52:18 | 000,606,056 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2013/07/01 01:46:26 | 004,411,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/09 14:07:06 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/02/23 23:34:40 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2013/02/23 23:34:40 | 000,920,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
PRC - [2013/02/23 23:34:40 | 000,408,960 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.19\AsusFanControlService.exe
PRC - [2013/02/23 23:34:40 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012/08/20 12:43:20 | 000,550,272 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
PRC - [2012/08/14 16:05:54 | 001,190,400 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
PRC - [2012/08/07 12:42:12 | 001,504,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2012/08/03 15:40:52 | 001,112,064 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2012/07/16 21:01:20 | 000,658,080 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
PRC - [2012/07/12 16:36:08 | 001,384,608 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe
PRC - [2012/07/12 16:36:06 | 003,984,032 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
PRC - [2012/03/13 11:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2011/09/08 20:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/28 19:17:46 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\0e91ea226b5db1b422453e62a277736b\System.Xml.Linq.ni.dll
MOD - [2013/08/28 19:17:23 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\f16e993b7058b005bbf273007fadf95b\UIAutomationTypes.ni.dll
MOD - [2013/08/28 19:17:21 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\d187afdee972b70222b76bd6aed1f742\PresentationFramework-SystemXml.ni.dll
MOD - [2013/08/28 19:17:21 | 000,013,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\9010845c58c17f145b3e39c2d28c4869\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2013/08/28 15:09:45 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\775d60de39c6f0b49f1640c4e6c8de09\PresentationFramework.ni.dll
MOD - [2013/08/28 15:09:37 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8e3d6080e8eaaaf28389f3742ff9acdd\PresentationCore.ni.dll
MOD - [2013/08/28 15:09:36 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\5f27b142c87d877c73ac245ab951a773\System.Windows.Forms.ni.dll
MOD - [2013/08/28 15:09:33 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\82d58d49946f82eb56bae40f3b097784\System.Xml.ni.dll
MOD - [2013/08/28 15:09:33 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\a35e871c52b7a7aee64c969c02acfaa0\System.Core.ni.dll
MOD - [2013/08/28 15:09:32 | 001,156,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\e4d73111d4c76c446ad6a007302f5941\System.Management.ni.dll
MOD - [2013/08/28 15:09:31 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\782db4c31adf3046c62e43b8f11453c1\WindowsBase.ni.dll
MOD - [2013/08/28 15:09:31 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f4fff5d6e716c439b944025d3994170d\System.Xaml.ni.dll
MOD - [2013/08/28 15:09:31 | 000,462,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7dd4cd3e4768d2aa55af60c838790088\PresentationFramework.Aero.ni.dll
MOD - [2013/08/28 15:09:30 | 002,786,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\a46953d62d9923cfd393cb102df2e6ad\System.Runtime.Serialization.ni.dll
MOD - [2013/08/28 15:09:30 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\cceaf9d7891fc325a90473aa9a661661\System.Drawing.ni.dll
MOD - [2013/08/28 15:09:29 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ac79b74f022d9a096de2b884f4249543\System.ni.dll
MOD - [2013/08/28 15:09:29 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\2fd755147672c80dd4b13978933f8a3d\System.Configuration.ni.dll
MOD - [2013/08/28 15:09:29 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\72227d58a04b80252053352dead3b9a3\System.ServiceModel.Internals.ni.dll
MOD - [2013/08/28 15:09:29 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\176ea254700896ee68956986b947ea9b\SMDiagnostics.ni.dll
MOD - [2013/08/28 15:09:25 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll
MOD - [2013/08/16 13:21:41 | 000,410,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ppgooglenaclpluginchrome.dll
MOD - [2013/08/16 13:21:40 | 013,594,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll
MOD - [2013/08/16 13:21:39 | 004,053,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\pdf.dll
MOD - [2013/08/16 13:20:49 | 000,709,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\libglesv2.dll
MOD - [2013/08/16 13:20:48 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\libegl.dll
MOD - [2013/08/16 13:20:46 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ffmpegsumo.dll
MOD - [2013/02/23 23:25:28 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2013/02/23 23:25:08 | 000,662,016 | ---- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2012/08/14 10:14:36 | 001,123,840 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
MOD - [2012/08/03 15:40:40 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
MOD - [2012/08/01 09:51:14 | 001,040,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
MOD - [2012/07/10 16:55:30 | 001,625,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\WiFiGO.dll
MOD - [2012/06/22 12:32:10 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
MOD - [2012/06/19 11:56:22 | 001,305,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2012/05/28 20:27:04 | 001,622,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2012/05/25 09:33:10 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2012/05/02 17:04:30 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
MOD - [2012/04/25 13:47:54 | 000,659,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
MOD - [2012/04/20 15:24:08 | 000,716,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
MOD - [2012/03/21 11:07:44 | 000,972,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2012/02/06 20:08:30 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\pngio.dll
MOD - [2012/01/19 08:39:30 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
MOD - [2012/01/12 15:44:02 | 000,475,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
MOD - [2011/10/14 19:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2011/09/26 18:36:24 | 000,869,376 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
MOD - [2011/09/19 19:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/08/09 13:52:50 | 000,425,984 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.dll
MOD - [2011/07/21 08:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 18:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2011/06/08 10:15:44 | 000,651,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\ThermalRadar.dll
MOD - [2010/12/14 16:46:32 | 000,067,584 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
MOD - [2010/10/05 07:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010/10/05 07:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2010/09/23 10:51:36 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll
MOD - [2010/02/25 13:01:30 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsZip.dll
MOD - [2009/08/12 19:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/07/24 09:40:52 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/07/23 19:47:02 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2013/05/27 15:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 11:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/04/20 17:27:56 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/09 14:07:06 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/02/23 23:34:40 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2013/02/23 23:34:40 | 000,920,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
SRV - [2013/02/23 23:34:40 | 000,408,960 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.19\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2013/02/23 23:34:40 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2013/02/07 12:10:08 | 000,161,384 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/19 05:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/17 14:46:50 | 000,137,488 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2012/11/19 16:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 07:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/07/24 10:36:40 | 012,721,664 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/07/24 09:10:26 | 000,617,472 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/07/20 01:51:00 | 000,311,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/07/20 01:50:56 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/07/20 01:50:56 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/07/20 01:50:50 | 000,206,648 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/07/10 16:29:34 | 000,039,096 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:64bit: - [2013/07/10 16:29:32 | 000,137,400 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2013/07/10 01:32:38 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/07/05 18:40:38 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/07/01 01:45:28 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/03/21 03:08:24 | 000,240,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/03/15 16:01:20 | 000,103,296 | ---- | M] (Corsair) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\corsveng2kamd64.sys -- (CorsairAudioFilter)
DRV:64bit: - [2013/02/23 23:25:19 | 000,032,400 | ---- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/20 13:55:42 | 000,057,512 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV:64bit: - [2012/08/24 00:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/24 00:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/24 00:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/24 00:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/12 21:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/04/11 08:40:58 | 000,082,560 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012/04/11 08:40:58 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/03/01 16:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/06 09:44:12 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2011/11/03 10:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/11/03 10:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/03/11 16:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 16:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/16 02:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/12/17 08:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/21 13:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 13:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 13:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 13:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/04/27 15:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/27 15:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
DRV:64bit: - [2010/04/27 15:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 13:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 13:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/14 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/07/17 14:33:41 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Corsair\CorsairLINK2\CorsairLINK_HardwareMonitor.sys -- (WinRing0_1_2_0)
DRV - [2009/07/14 11:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://au.search.yah...r=spigot-yhp-ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-AU
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1B 6A D0 10 B1 45 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {CB48E1D2-B537-4A80-9128-9055DA217591}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{7C564381-7707-42E0-A569-1B40FE4F93DE}: "URL" = http://websearch.ask...74-391AA63B4928
IE - HKCU\..\SearchScopes\{CB48E1D2-B537-4A80-9128-9055DA217591}: "URL" = http://au.search.yah...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\npuplaypc.dll (Ubisoft)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://au.search.yah...r=spigot-yhp-ch
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - Extension: Google Docs = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0\
CHR - Extension: FVD Downloader = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.3.7_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: YouTube Options (Full Version) = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojmgeoecaejeajjegjmijbcifhkbmgjd\1.8.133_0\
CHR - Extension: Gmail = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Youtube Mp3 Downloader = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppndpcdpbpcgiimpobknmdjmkdopkkmj\2.0_0\

O1 HOSTS File: ([2009/06/11 07:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS WiFi GO! FileTransfer Execute] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 198.142.0.51 211.29.132.12 198.142.235.14
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65229273-D170-45D8-8BEE-61C38140E0B6}: DhcpNameServer = 198.142.0.51 211.29.132.12 198.142.235.14
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{963686b4-7e27-11e2-915b-08606e822ea2}\Shell - "" = AutoRun
O33 - MountPoints2\{963686b4-7e27-11e2-915b-08606e822ea2}\Shell\AutoRun\command - "" = D:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/30 14:31:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Timothy\Desktop\OTL.exe
[2013/08/28 15:05:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/08/27 18:43:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/08/27 18:43:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013/08/23 16:33:52 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/08/15 20:00:09 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\PAYDAY 2
[2013/08/10 15:27:18 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\CARS
[2013/08/04 21:05:58 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\CrashRpt
[2013/08/04 21:04:48 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\BeamNG
[2013/08/02 17:27:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/08/02 17:26:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013/08/02 17:26:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2013/08/02 17:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/07/31 18:07:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2013/07/31 17:18:47 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/07/31 17:13:22 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\AVG2013
[2013/07/31 17:12:50 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\TuneUp Software
[2013/07/31 17:12:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/07/31 17:12:34 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/07/31 17:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013/07/31 17:12:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/07/31 17:09:40 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\MFAData
[2013/07/31 17:09:40 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/07/31 17:09:40 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Avg2013
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/30 14:31:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Timothy\Desktop\OTL.exe
[2013/08/30 14:18:18 | 000,000,000 | ---- | M] () -- C:\Windows\Path.idx
[2013/08/30 14:13:14 | 001,048,576 | ---- | M] () -- C:\Windows\PE_Rom.dll
[2013/08/30 14:11:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/30 14:11:17 | 4215,492,606 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/28 23:10:03 | 000,267,962 | ---- | M] () -- C:\Users\Timothy\Desktop\ghost.png
[2013/08/28 23:09:41 | 000,306,857 | ---- | M] () -- C:\Users\Timothy\Desktop\mastermind.png
[2013/08/28 16:15:56 | 000,000,000 | ---- | M] () -- C:\asc_rdflag
[2013/08/28 15:14:52 | 000,000,024 | ---- | M] () -- C:\Users\Timothy\random.dat
[2013/08/28 15:14:43 | 000,000,046 | ---- | M] () -- C:\Users\Timothy\jagex_cl_runescape_LIVE.dat
[2013/08/28 15:07:38 | 000,766,336 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/28 15:07:38 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/28 15:07:38 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/28 15:07:34 | 000,766,336 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/26 18:38:34 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013/08/26 18:38:34 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/08/26 18:38:13 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013/08/24 06:32:26 | 000,020,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/24 06:32:26 | 000,020,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/21 13:19:38 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/31 17:49:22 | 000,000,000 | ---- | M] () -- C:\Windows\MB.idx
[2013/07/31 17:12:50 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/28 23:10:03 | 000,267,962 | ---- | C] () -- C:\Users\Timothy\Desktop\ghost.png
[2013/08/28 23:09:41 | 000,306,857 | ---- | C] () -- C:\Users\Timothy\Desktop\mastermind.png
[2013/08/28 16:15:56 | 000,000,000 | ---- | C] () -- C:\asc_rdflag
[2013/07/31 17:12:50 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/07/23 20:24:36 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013/07/23 20:14:46 | 002,538,960 | ---- | C] () -- C:\Windows\PE_File.dll
[2013/07/20 20:13:45 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2013/07/03 23:12:02 | 000,000,051 | ---- | C] () -- C:\Users\Timothy\jagex_cl_runescape_LIVE_BETA.dat
[2013/05/23 17:38:30 | 000,000,048 | ---- | C] () -- C:\Users\Timothy\jagex_cl_loginapplet_LIVE.dat
[2013/05/09 15:54:30 | 000,000,021 | ---- | C] () -- C:\Users\Timothy\AppData\Roaming\config_data.dat
[2013/04/17 00:37:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/04/17 00:37:12 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/04/13 16:19:30 | 000,000,023 | ---- | C] () -- C:\Users\Timothy\jagexappletviewer.preferences
[2013/03/26 22:13:21 | 000,007,622 | ---- | C] () -- C:\Users\Timothy\AppData\Local\Resmon.ResmonCfg
[2013/03/16 18:31:28 | 000,000,047 | ---- | C] () -- C:\Users\Timothy\jagex_cl_runescape_LIVE1.dat
[2013/03/16 18:23:04 | 000,000,046 | ---- | C] () -- C:\Users\Timothy\jagex_cl_runescape_LIVE.dat
[2013/03/09 14:43:15 | 000,000,046 | ---- | C] () -- C:\Users\Timothy\jagex_cl_oldschool_LIVE.dat
[2013/03/09 14:43:15 | 000,000,024 | ---- | C] () -- C:\Users\Timothy\random.dat
[2013/03/08 23:13:44 | 000,290,184 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/03/08 23:13:41 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/03/06 10:51:29 | 000,000,119 | -HS- | C] () -- C:\Windows\cnerolf.bin
[2013/02/25 17:10:43 | 000,109,256 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll
[2013/02/25 17:10:43 | 000,090,824 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2013/02/23 23:57:41 | 000,766,336 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/02/23 23:41:24 | 001,048,576 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2013/02/23 23:36:28 | 000,014,464 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2013/02/23 23:34:41 | 000,015,232 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013/02/23 23:34:40 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2013/02/23 23:34:40 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2013/02/23 23:33:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/02/23 20:50:16 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013/02/16 12:58:28 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/02/16 12:58:28 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/09/28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/13 08:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009/07/14 14:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 15:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 14:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 11:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 13:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 11:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/07/31 17:13:22 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\AVG2013
[2013/05/09 16:25:30 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Corsair
[2013/02/24 11:29:15 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\HTML Executable
[2013/02/26 18:47:58 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\IObit
[2013/08/01 19:45:04 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Origin
[2013/07/20 20:13:45 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\PACE Anti-Piracy
[2013/04/05 00:46:40 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\poclbm
[2013/02/24 15:56:23 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Spirited Machine
[2013/04/04 14:27:08 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Subversion
[2013/02/24 15:08:00 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\SystemRequirementsLab
[2013/04/28 15:51:59 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\TS3Client
[2013/07/31 17:12:50 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\TuneUp Software
[2013/08/16 10:41:31 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 908 bytes -> C:\Users\Timothy\AppData\Local\8T2wairQ:71zdmReaS8eX3Lf0lcVIkufGHGh
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:56E2E879
@Alternate Data Stream - 1112 bytes -> C:\ProgramData\Microsoft:UBPfHHTAkij7xBLoBy3tYToy
@Alternate Data Stream - 1104 bytes -> C:\ProgramData\Microsoft:iMfQty76xsk9zrFh9vhYRL
@Alternate Data Stream - 1055 bytes -> C:\Program Files\Common Files\Microsoft Shared:dHIsdxXhnKN2hsrulNqRa3KHjP

< End of report >


Extras:

OTL Extras logfile created on: 30/08/2013 2:32:15 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Timothy\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

15.90 Gb Total Physical Memory | 13.19 Gb Available Physical Memory | 82.98% Memory free
31.80 Gb Paging File | 28.64 Gb Available in Paging File | 90.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 702.49 Gb Free Space | 75.42% Space Free | Partition Type: NTFS

Computer Name: SIKORSKY14 | User Name: Timothy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3739B70F-C7B3-4B82-9590-A831FCD55380}" = lport=1900 | protocol=17 | dir=in | name=upnp udp 1900 |
"{61F6F82D-C744-457B-BA8A-DBB8559D0A30}" = lport=138 | protocol=17 | dir=in | app=system |
"{6D7EE572-04C5-49E3-B446-8A2AD86BCC79}" = rport=445 | protocol=6 | dir=out | app=system |
"{6F12B4FD-1123-4488-85BD-187C840C0E63}" = lport=139 | protocol=6 | dir=in | app=system |
"{8024B29A-7DAC-43C8-895C-B291FFED3887}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{831AE373-1869-488D-BD76-111C01BA7F35}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{89D9932B-39D4-47C2-AC8F-95A69E8D28BA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B15EC63-B2D0-4A27-AB69-61FE1F3342F0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B7D096C-C84F-4162-AE8E-FFC2FB23B8EE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8C7E2D4F-A9E5-4CF2-8C37-AFCE644A95E1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{976087F6-530D-44B5-89AE-5816A6169EAC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{98A180A4-A6EC-45B8-8A44-F5F7B9140FB1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{997C6E6F-A6D2-446F-BCAC-BE0D3F7E0F72}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9FC48D47-7B1C-48F3-9959-02A3CC898960}" = lport=2869 | protocol=6 | dir=in | name=upnp tcp 2869 |
"{A1B78706-06E9-491D-8BF2-0358FCC17BC9}" = rport=138 | protocol=17 | dir=out | app=system |
"{A4257452-0DD6-4958-A5F0-A659D79E33E7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A6EFF00E-5D5D-4A02-A057-D8F2D677D5B3}" = rport=137 | protocol=17 | dir=out | app=system |
"{AAFD77F7-E04A-419F-B365-586049F6A932}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C432E797-D2C8-4FA2-82A2-799DD291EE2E}" = lport=2869 | protocol=6 | dir=in | name=upnp tcp 2869 |
"{C8430095-5825-47BD-AEAC-1C97953DC9FA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CF55F8D6-E47D-4102-A7B7-C5BDF603F933}" = rport=139 | protocol=6 | dir=out | app=system |
"{D9EEA17C-D3C0-4DDD-875C-F69B21047A10}" = lport=1900 | protocol=17 | dir=in | name=upnp udp 1900 |
"{DA598D38-189F-4212-83BB-56CF800ACE6B}" = lport=137 | protocol=17 | dir=in | app=system |
"{E0C7B65B-9C50-4E01-A7A3-9F2BFD33FE42}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EA906BA8-398D-468A-A5B7-73EAB2214A7D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{F8282CD5-3569-42D2-827C-14C4CE83F76B}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{018CC6FE-F936-4813-9DC5-57DDF6AD3FB9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe |
"{065DB1AE-DA86-44E5-A6B4-5DF248305DDB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{075D6684-37FF-4831-9A1C-009C3C34545A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{088DB96E-0D46-492C-A2F0-DE920F8CC3B0}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{0D748ABB-41F0-4882-B0FC-8C1F7D4A1851}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0EB0D792-432E-48AA-8EA1-52B4C581E232}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\swkotor\swkotor.exe |
"{0F3726C1-4826-49CA-8D93-F0DCC5FC93A5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{11EF7D23-06E4-4ECB-9446-4EBCA73FFD8A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\knights of the old republic ii\swkotor2.exe |
"{13B1A10F-1A2B-40EC-A359-FB441E052D89}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe |
"{155CC7E3-878E-485A-8672-9B4568AE8073}" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2 free\arma2free.exe |
"{18D0C7CC-9B84-4DCB-97E1-951A44A26619}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{1D785C07-7145-47C1-BFF8-2987C21CB53E}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{1EF01CDF-139E-42A4-9671-844F331BA3E9}" = protocol=6 | dir=in | app=c:\program files (x86)\origin\origin.exe |
"{241150B0-D926-4C66-A4FB-06E4A26160B1}" = protocol=58 | dir=in | [email protected],-28545 |
"{284BEB83-E5BB-407E-8591-FE1FFE0CC3CC}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\remote go!\assisttools\wifi go! server.exe |
"{328A8CF5-0EEA-458C-9312-58CFA311D1BF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{32AFC395-3A43-4FDF-897B-85605678AE64}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{3B9A34D9-0E50-4A90-8112-70681C230125}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{3C9084A4-D93B-4EBD-8D6F-B3393E2309F6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{3FC42127-8C70-4F06-A140-C52722EB937B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{413257FC-47BE-4984-9EFC-B9DA23A57B74}" = protocol=6 | dir=out | app=system |
"{46B43E82-4D09-4011-9775-3E1264D180F2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{46C09752-80FF-41D5-A209-3962395F3DE7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4E52000D-28F2-4121-B150-3FFF066B3127}" = protocol=58 | dir=out | [email protected],-28546 |
"{4F9DB5D5-6F70-416F-BD2B-51BC87E8E5EF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{51D23ACC-5564-4C7E-9272-0447E535BB58}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\swkotor\swkotor.exe |
"{5AB99F48-779E-471B-9F54-B7A28E8EC29A}" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2 operation arrowhead\arma2oa.exe |
"{5BD4C00C-D0B0-4AA7-A972-BC835F28C867}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{629CCAAE-C6A7-457F-A67D-2F828A37706E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{6395C5DA-BBDF-463A-8942-384BAA9DC113}" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2 operation arrowhead\arma2oa.exe |
"{6732D1A7-C905-4FF7-B99D-672311BD98C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6A52CE53-747C-417C-B4D2-7B5A5FBB568D}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\remote go!\assisttools\wifi go! server.exe |
"{7064D787-E358-4628-9C19-0F413B132C2E}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{769F9FEB-B5BE-4486-B539-FB656C5CBB71}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{787A7C4D-CA43-4F41-827D-365BF09C35C4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{794934AA-0E00-4935-A0B1-886A8B1F0CBD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7B8E7C9D-C797-4434-A584-CAC6B6A45F80}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{800ED500-BC21-49D1-B256-639518F3A47E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8093729D-C6E7-4E07-B0A3-C27DB325C79A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{810DA16B-6782-439A-8553-4879580C6878}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{82337DC0-4666-4D3B-9682-2C9E4044678E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8353CFD1-4D00-4212-B5E9-13BCE2E81E8B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{877CA600-93A0-4D42-97F9-0522583778BF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8B9291D9-562C-4E8B-BDCE-346C94ACF849}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{8D7F9EE8-8887-4772-8371-20053072C3B9}" = protocol=1 | dir=out | [email protected],-28544 |
"{912083BA-5E2D-45ED-9B5F-27763447AC99}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{979840EA-A9B8-4B45-BE1A-A0919893E360}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9E825917-C297-4BE7-9DAB-A6B4EDF5DD18}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A20385C8-F326-46C4-85CD-39631E93C68C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{A3739C47-5FB5-4163-A5CB-6C7C9C42E84D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{AA3BEEE5-6B55-4400-84F8-79797C98E355}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pcars\pcars.exe |
"{BC23552A-5DD2-48F3-84B3-21BCC2CB30C3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pcars\pcars.exe |
"{C13396A3-9434-4645-87BF-984C10D158D5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C3E09D01-4553-44B1-992E-32DA2016CEA9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C611AF08-6CC9-43F7-9A23-8FB9BDEB9958}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{D13B6C76-7AD7-4C79-B5E1-B75FB18ED69F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe |
"{D4916180-10AE-499F-BC14-EAD9AC840AE1}" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2 free\arma2free.exe |
"{D8A5725C-F9EB-4AB1-B913-E147AFEDEB57}" = protocol=17 | dir=in | app=c:\program files (x86)\origin\origin.exe |
"{DFC6388E-FC23-4223-96C2-C1396D37D7CF}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{E2B0B1B5-8F19-488A-A019-0D0B76DF6E54}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{E37E9DC5-87CD-475E-9A14-EFBA0953CC78}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{E575DBA5-429A-4364-A3E4-AAF7FE7A4CB7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{E6850444-0C14-46E9-8929-14B75B8C8321}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{E7365FA0-91C1-4421-A120-A4BCADCF3A29}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{EB7C722D-F591-4BB7-9A57-339FE6BDD0DE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\knights of the old republic ii\swkotor2.exe |
"{EBBD2A97-CBDA-44CA-BB2E-4179666082AE}" = protocol=1 | dir=in | [email protected],-28543 |
"{EFBA2033-E2F1-4333-B438-F67AB09750A0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe |
"{F2605631-F2C9-4D38-9433-CA64CBDD8C2E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F4C8537E-BDAD-42DB-A0E2-73CCED26A825}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{F85D722B-FDA6-4F30-A921-09C978A5F8E4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{32A7E6ED-2B63-47C6-83EB-321D8437F642}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{64D1684E-B86A-4A2C-BC66-D8ADA6971278}C:\program files (x86)\city car driving\bin\win32\starter.exe" = protocol=6 | dir=in | app=c:\program files (x86)\city car driving\bin\win32\starter.exe |
"UDP Query User{1A843F95-C4DD-4F1E-A3BF-C840C1D01709}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{92941012-2F4D-46A9-9ED0-BF5EF172C633}C:\program files (x86)\city car driving\bin\win32\starter.exe" = protocol=17 | dir=in | app=c:\program files (x86)\city car driving\bin\win32\starter.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java™ 7 (64-bit)
"{2EB96857-04FC-3A67-6E29-6914FB78CB90}" = AMD Accelerated Video Transcoding
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{446BDB12-E817-C16B-B974-DFB805CD99A5}" = AMD Drag and Drop Transcoding
"{461CA979-8990-39B7-ECCC-A378CBD6A452}" = AMD Fuel
"{4A39ED00-7650-A60F-F7E3-A1C3F1D4C34E}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4FF9E8AA-D554-4CE7-89F9-B69DAA5A1E98}" = AVG 2013
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7FCDABCC-1A1E-4D61-909D-BA9495172774}" = iTunes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{833F5E6D-6E01-11D1-978E-6DFBCEF72570}" = AMD Steady Video Plug-In
"{90140000-0016-0000-1000-0000000FF1CE}" = Microsoft Office Excel 2010
"{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}_Office14.EXCEL_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0000-1000-0000000FF1CE}" = Microsoft Office PowerPoint 2010
"{90140000-0018-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}_Office14.POWERPOINT_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0000-1000-0000000FF1CE}" = Microsoft Office Word 2010
"{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}_Office14.WORD_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.WORD_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.WORD_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.WORD_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.WORD_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.EXCEL_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.WORD_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.WORD_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.WORD_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C068588D-7275-E9E0-9158-2D57BA13FDFD}" = AMD Wireless Display v3.0
"{E74BF83C-2CA5-48EF-901F-959309E7D9EC}" = AVG 2013
"{E9897E08-46FA-A07E-B332-1515AAB356F4}" = AMD Catalyst Install Manager
"{F60D5FAB-2C7B-A299-F839-05A7F7D9CE2C}" = ccc-utility64
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"AVG" = AVG 2013
"CCleaner" = CCleaner
"Office14.EXCEL" = Microsoft Excel 2010
"Office14.POWERPOINT" = Microsoft PowerPoint 2010
"Office14.WORD" = Microsoft Word 2010

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}" = Halo 2 for Windows Vista
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1A4C46F0-1DCE-B7FF-753E-1BFFD38CAD11}" = CCC Help Spanish
"{1BE249CC-2A97-4FD2-AF8C-80D027ADD8A5}" = DayZ Commander
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{28E3970E-5D53-A59D-84B6-B2BB7637553A}" = Catalyst Control Center Localization All
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{31EF3584-9232-F8F4-4BAD-EED7653090D3}" = CCC Help Turkish
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{355E39A9-6C8E-CB2A-1210-F39569A625EC}" = CCC Help Swedish
"{3CF111C7-92E1-AD47-B521-A153921D0FE3}" = CCC Help Dutch
"{408B1AE6-D09B-74DE-A38B-96B74CCECC34}" = CCC Help Hungarian
"{45160C56-61F6-468D-A5B0-9FAE2C3E68D6}" = Catalyst Control Center - Branding
"{48614A23-EF39-FA3B-BA1C-115F83993B19}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5E57EF20-E146-9911-8AAE-E6665AE0B536}" = AMD Catalyst Control Center
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A59840D-8F35-A994-427B-822314E81AAF}" = CCC Help Chinese Traditional
"{7B228E0D-FFB9-A3D0-42C4-1A90D9286F8E}" = CCC Help Japanese
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8D0D61A4-B3DE-CBB6-7425-C2BB4D8D8C1A}" = CCC Help English
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{96903DF6-228F-4ED6-660B-956DE8D43981}" = CCC Help Russian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B798FEC-837B-84BF-D690-D4D5EC1CBD53}" = CCC Help Italian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B4A3B8BE-4953-064E-E1FD-8D3AFCF58A07}" = CCC Help Chinese Standard
"{BA362E17-3164-CFA3-A1D7-A8CECB20D56C}" = Catalyst Control Center Graphics Previews Common
"{BB939DE5-2680-3FE2-5B4F-C40629336C08}" = CCC Help French
"{BE3359DF-E0AF-E1D7-FEBF-63D4D3729CC5}" = CCC Help Polish
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BFE8FCC5-B9FE-39A2-B062-678A4D98D7CA}" = CCC Help Finnish
"{C14B79C1-2D2F-BCEB-8F25-49D91A6B2324}" = CCC Help German
"{C86A5731-2E91-63FF-14A3-1BB7FEEF9B6F}" = CCC Help Danish
"{CBE3BEFB-1514-6F68-64B5-03F83735A240}" = CCC Help Korean
"{CE8AA8D6-2186-5551-EC7F-E94919D166A6}" = CCC Help Norwegian
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{EACFCDA4-3286-4DEB-92D8-53006239F347}" = ArmA II Launcher
"{EC1CBFB4-E22A-D856-31A7-665CFCC2C116}" = CCC Help Greek
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5460185-E398-6A00-2ABF-3194D03C30EA}" = CCC Help Thai
"{F8360AF1-47D9-2A5C-558A-ED6F01511C71}" = Catalyst Control Center InstallProxy
"{FB2EEC93-63C4-9734-FA07-D840E0219040}" = CCC Help Czech
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"ArmA 2" = ArmA 2 Free Uninstall
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for OA" = BattlEye for OA Uninstall
"BOSS" = BOSS
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"ESN Sonar-0.70.4" = ESN Sonar
"Google Chrome" = Google Chrome
"Halo 2" = Halo 2 for Windows Vista
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Steam App 208580" = Star Wars: Knights of the Old Republic II
"Steam App 218620" = PAYDAY 2
"Steam App 219640" = Chivalry: Medieval Warfare
"Steam App 22370" = Fallout 3 - Game of the Year Edition
"Steam App 234630" = Project CARS
"Steam App 240" = Counter-Strike: Source
"Steam App 32370" = Star Wars: Knights of the Old Republic
"The Elder Scrolls V Skyrim Dragonborn © Bethes~300CD4A2_is1" = The Elder Scrolls V Skyrim Dragonborn © Bethesda Softworks version 1
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.5

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 28/08/2013 5:52:48 AM | Computer Name = Sikorsky14 | Source = Application Error | ID = 1000
Description = Faulting application name: RzSynapse.exe, version: 1.12.8.15754, time
stamp: 0x51eed0d6 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x0812cc64 Faulting process id: 0xc7c Faulting application
start time: 0x01cea3d458f990d9 Faulting application path: C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
Faulting
module path: unknown Report Id: 98531e5a-0fc7-11e3-9ec3-08606e822ea2

Error - 28/08/2013 5:56:28 AM | Computer Name = Sikorsky14 | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.

Error - 28/08/2013 5:57:46 AM | Computer Name = Sikorsky14 | Source = WinMgmt | ID = 10
Description =

Error - 28/08/2013 9:43:47 PM | Computer Name = Sikorsky14 | Source = WinMgmt | ID = 10
Description =

Error - 28/08/2013 9:44:42 PM | Computer Name = Sikorsky14 | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.

Error - 29/08/2013 3:54:18 AM | Computer Name = Sikorsky14 | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385,
time stamp: 0x4a5bc3c1 Faulting module name: sysmain.dll, version: 6.1.7601.17514,
time stamp: 0x4ce7c9db Exception code: 0xc0000005 Fault offset: 0x0000000000004e03
Faulting
process id: 0x5b8 Faulting application start time: 0x01cea458fcebae8a Faulting application
path: C:\Windows\System32\svchost.exe Faulting module path: c:\windows\system32\sysmain.dll
Report
Id: 34617659-1080-11e3-94d9-08606e822ea2

Error - 29/08/2013 8:25:26 PM | Computer Name = Sikorsky14 | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.

Error - 29/08/2013 8:26:34 PM | Computer Name = Sikorsky14 | Source = WinMgmt | ID = 10
Description =

Error - 30/08/2013 12:12:12 AM | Computer Name = Sikorsky14 | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.

Error - 30/08/2013 12:12:55 AM | Computer Name = Sikorsky14 | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 10/08/2013 11:27:12 AM | Computer Name = Sikorsky14 | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 10/08/2013 9:56:02 PM | Computer Name = Sikorsky14 | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058

Error - 11/08/2013 10:23:44 AM | Computer Name = Sikorsky14 | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 11/08/2013 10:30:42 PM | Computer Name = Sikorsky14 | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058

Error - 12/08/2013 12:54:04 PM | Computer Name = Sikorsky14 | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 13/08/2013 6:46:35 AM | Computer Name = Sikorsky14 | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058

Error - 13/08/2013 1:37:16 PM | Computer Name = Sikorsky14 | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 13/08/2013 10:26:53 PM | Computer Name = Sikorsky14 | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058

Error - 14/08/2013 11:04:18 AM | Computer Name = Sikorsky14 | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 15/08/2013 1:24:46 AM | Computer Name = Sikorsky14 | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058


< End of report >


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,002 posts
  • MVP
Copy the text in the code box by highlighting and Ctrl + c

:OTL

@Alternate Data Stream - 908 bytes -> C:\Users\Timothy\AppData\Local\8T2wairQ:71zdmReaS8eX3Lf0lcVIkufGHGh
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:56E2E879
@Alternate Data Stream - 1112 bytes -> C:\ProgramData\Microsoft:UBPfHHTAkij7xBLoBy3tYToy
@Alternate Data Stream - 1104 bytes -> C:\ProgramData\Microsoft:iMfQty76xsk9zrFh9vhYRL
@Alternate Data Stream - 1055 bytes -> C:\Program Files\Common Files\Microsoft Shared:dHIsdxXhnKN2hsrulNqRa3KHjP

:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]


then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and right click on the AdwCleaner icon and Run As Admin.

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.



Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop.
  • Pause your anti-virus. Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.



Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow



(Does this complain that it could not fix all of your files?)



Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application. VEW will overwrite the log at C:\vew.txt each time it runs so either post your System results before running VEW for Applications or copy the file c:\vew.txt to a new location.


Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemdrive%\$Recycle.Bin|@;true;true;true /fp
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Download aswMBR.exe to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply



Download, Save and Run (win 7 or Vista => Right click and Run as Admin.) farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

Your event log is showing a problem with Windows Activation.

Error - 28/08/2013 9:44:42 PM | Computer Name = Sikorsky14 | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.


You may need to reactivate:

http://windows.micro...n-this-computer

Ron
  • 0

#3
megaman186

megaman186

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Alright thanks for your response here are all the logs, also the sfc /scannow under commands prompt doesn't complain at all and it only found one issue and had repaired it. Also the avast scan didn't find anything but I'll post the log anyway.

ADWCleaner Log (R0):

# AdwCleaner v3.001 - Report created 31/08/2013 at 11:00:42
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Timothy - SIKORSKY14
# Running from : C:\Users\Timothy\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found C:\Program Files (x86)\Common Files\spigot
Folder Found C:\ProgramData\Ask
Folder Found C:\Users\Timothy\AppData\Local\Coupon Companion Plugin

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : [x64] HKCU\Software\APN PIP
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660


-\\ Google Chrome v29.0.1547.62

[ File : C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1145 octets] - [31/08/2013 11:00:42]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1205 octets] ##########


ADWCleaner Log (S0):

# AdwCleaner v3.001 - Report created 31/08/2013 at 11:01:59
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Timothy - SIKORSKY14
# Running from : C:\Users\Timothy\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\Users\Timothy\AppData\Local\Coupon Companion Plugin

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660


-\\ Google Chrome v29.0.1547.62

[ File : C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1289 octets] - [31/08/2013 11:00:42]
AdwCleaner[S0].txt - [1193 octets] - [31/08/2013 11:01:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1253 octets] ##########


JRT Log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.5 (08.28.2013:1)
OS: Windows 7 Ultimate x64
Ran by Timothy on Sat 31/08/2013 at 11:07:04.68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181104}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181104}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_1_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7C564381-7707-42E0-A569-1B40FE4F93DE}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 31/08/2013 at 11:10:28.93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Event Viewer Tool Log (system):

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 31/08/2013 11:27:26 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 31/08/2013 1:24:20 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 31/08/2013 1:22:45 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.


Event Viewer Tool Log (Application):

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 31/08/2013 11:28:01 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 31/08/2013 1:25:10 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 31/08/2013 1:23:57 AM
Type: Error Category: 0
Event: 4103 Source: Microsoft-Windows-Winlogon
Windows license activation failed. Error 0x80070005.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 31/08/2013 1:27:08 AM
Type: Warning Category: 3
Event: 3036 Source: Microsoft-Windows-Search
The content source <csc://{S-1-5-21-1820716277-370758180-2689453388-1000}/> cannot be accessed.

Context: Application, SystemIndex Catalog

Details:
The object was not found. (HRESULT : 0x80041201) (0x80041201)


Log: 'Application' Date/Time: 31/08/2013 1:23:57 AM
Type: Warning Category: 0
Event: 4105 Source: Microsoft-Windows-Winlogon
Windows is in Notification period.


OTL Log:

OTL logfile created on: 31/08/2013 11:29:24 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Timothy\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

15.90 Gb Total Physical Memory | 13.48 Gb Available Physical Memory | 84.74% Memory free
31.80 Gb Paging File | 29.00 Gb Available in Paging File | 91.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 709.06 Gb Free Space | 76.13% Space Free | Partition Type: NTFS

Computer Name: SIKORSKY14 | User Name: Timothy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/31 10:53:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Timothy\Desktop\OTL.exe
PRC - [2013/08/25 03:49:56 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/07/23 11:52:18 | 000,606,056 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2013/07/01 01:46:26 | 004,411,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/09 14:07:06 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/02/23 23:34:40 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2013/02/23 23:34:40 | 000,920,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
PRC - [2013/02/23 23:34:40 | 000,408,960 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.19\AsusFanControlService.exe
PRC - [2013/02/23 23:34:40 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012/08/20 12:43:20 | 000,550,272 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
PRC - [2012/08/14 16:05:54 | 001,190,400 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
PRC - [2012/08/07 12:42:12 | 001,504,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2012/08/03 15:40:52 | 001,112,064 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2012/07/16 21:01:20 | 000,658,080 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
PRC - [2012/07/12 16:36:08 | 001,384,608 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe
PRC - [2012/07/12 16:36:06 | 003,984,032 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
PRC - [2012/03/13 11:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2011/09/08 20:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/28 19:17:46 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\0e91ea226b5db1b422453e62a277736b\System.Xml.Linq.ni.dll
MOD - [2013/08/28 19:17:23 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\f16e993b7058b005bbf273007fadf95b\UIAutomationTypes.ni.dll
MOD - [2013/08/28 19:17:23 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\3e43caeb09dc44d1b81e74597e46767d\UIAutomationProvider.ni.dll
MOD - [2013/08/28 19:17:21 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\d187afdee972b70222b76bd6aed1f742\PresentationFramework-SystemXml.ni.dll
MOD - [2013/08/28 19:17:21 | 000,013,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\9010845c58c17f145b3e39c2d28c4869\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2013/08/28 15:09:45 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\775d60de39c6f0b49f1640c4e6c8de09\PresentationFramework.ni.dll
MOD - [2013/08/28 15:09:37 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8e3d6080e8eaaaf28389f3742ff9acdd\PresentationCore.ni.dll
MOD - [2013/08/28 15:09:36 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\5f27b142c87d877c73ac245ab951a773\System.Windows.Forms.ni.dll
MOD - [2013/08/28 15:09:33 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\82d58d49946f82eb56bae40f3b097784\System.Xml.ni.dll
MOD - [2013/08/28 15:09:33 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\a35e871c52b7a7aee64c969c02acfaa0\System.Core.ni.dll
MOD - [2013/08/28 15:09:32 | 001,156,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\e4d73111d4c76c446ad6a007302f5941\System.Management.ni.dll
MOD - [2013/08/28 15:09:31 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\782db4c31adf3046c62e43b8f11453c1\WindowsBase.ni.dll
MOD - [2013/08/28 15:09:31 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f4fff5d6e716c439b944025d3994170d\System.Xaml.ni.dll
MOD - [2013/08/28 15:09:31 | 000,462,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7dd4cd3e4768d2aa55af60c838790088\PresentationFramework.Aero.ni.dll
MOD - [2013/08/28 15:09:30 | 002,786,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\a46953d62d9923cfd393cb102df2e6ad\System.Runtime.Serialization.ni.dll
MOD - [2013/08/28 15:09:30 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\cceaf9d7891fc325a90473aa9a661661\System.Drawing.ni.dll
MOD - [2013/08/28 15:09:29 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ac79b74f022d9a096de2b884f4249543\System.ni.dll
MOD - [2013/08/28 15:09:29 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\2fd755147672c80dd4b13978933f8a3d\System.Configuration.ni.dll
MOD - [2013/08/28 15:09:29 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\72227d58a04b80252053352dead3b9a3\System.ServiceModel.Internals.ni.dll
MOD - [2013/08/28 15:09:29 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\176ea254700896ee68956986b947ea9b\SMDiagnostics.ni.dll
MOD - [2013/08/28 15:09:25 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll
MOD - [2013/08/25 03:49:53 | 000,410,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\ppgooglenaclpluginchrome.dll
MOD - [2013/08/25 03:49:51 | 004,053,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\pdf.dll
MOD - [2013/08/25 03:49:01 | 000,709,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\libglesv2.dll
MOD - [2013/08/25 03:49:00 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\libegl.dll
MOD - [2013/08/25 03:48:58 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\ffmpegsumo.dll
MOD - [2013/02/23 23:25:28 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2013/02/23 23:25:08 | 000,662,016 | ---- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2012/08/14 10:14:36 | 001,123,840 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
MOD - [2012/08/03 15:40:40 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
MOD - [2012/08/01 09:51:14 | 001,040,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
MOD - [2012/07/10 16:55:30 | 001,625,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\WiFiGO.dll
MOD - [2012/06/22 12:32:10 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
MOD - [2012/06/19 11:56:22 | 001,305,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2012/05/28 20:27:04 | 001,622,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2012/05/25 09:33:10 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2012/05/02 17:04:30 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
MOD - [2012/04/25 13:47:54 | 000,659,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
MOD - [2012/04/20 15:24:08 | 000,716,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
MOD - [2012/03/21 11:07:44 | 000,972,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2012/02/06 20:08:30 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\pngio.dll
MOD - [2012/01/19 08:39:30 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
MOD - [2012/01/12 15:44:02 | 000,475,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
MOD - [2011/10/14 19:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2011/09/26 18:36:24 | 000,869,376 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
MOD - [2011/09/19 19:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/08/09 13:52:50 | 000,425,984 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.dll
MOD - [2011/07/21 08:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 18:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2011/06/08 10:15:44 | 000,651,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\ThermalRadar.dll
MOD - [2010/12/14 16:46:32 | 000,067,584 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
MOD - [2010/10/05 07:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010/10/05 07:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2009/08/12 19:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/07/24 09:40:52 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/07/23 19:47:02 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2013/05/27 15:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 11:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/04/20 17:27:56 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/09 14:07:06 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/02/23 23:34:40 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2013/02/23 23:34:40 | 000,920,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
SRV - [2013/02/23 23:34:40 | 000,408,960 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.19\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2013/02/23 23:34:40 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2013/02/07 12:10:08 | 000,161,384 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/19 05:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/17 14:46:50 | 000,137,488 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2012/11/19 16:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 07:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/07/24 10:36:40 | 012,721,664 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/07/24 09:10:26 | 000,617,472 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/07/20 01:51:00 | 000,311,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/07/20 01:50:56 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/07/20 01:50:56 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/07/20 01:50:50 | 000,206,648 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/07/10 16:29:34 | 000,039,096 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:64bit: - [2013/07/10 16:29:32 | 000,137,400 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2013/07/10 01:32:38 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/07/05 18:40:38 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/07/01 01:45:28 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/03/21 03:08:24 | 000,240,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/03/15 16:01:20 | 000,103,296 | ---- | M] (Corsair) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\corsveng2kamd64.sys -- (CorsairAudioFilter)
DRV:64bit: - [2013/02/23 23:25:19 | 000,032,400 | ---- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/20 13:55:42 | 000,057,512 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV:64bit: - [2012/08/24 00:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/24 00:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/24 00:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/24 00:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/12 21:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/04/11 08:40:58 | 000,082,560 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012/04/11 08:40:58 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/03/01 16:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/06 09:44:12 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2011/11/03 10:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/11/03 10:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/03/11 16:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 16:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/16 02:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/12/17 08:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/21 13:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 13:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 13:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 13:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/04/27 15:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/27 15:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
DRV:64bit: - [2010/04/27 15:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 13:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 13:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/14 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/07/17 14:33:41 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Corsair\CorsairLINK2\CorsairLINK_HardwareMonitor.sys -- (WinRing0_1_2_0)
DRV - [2009/07/14 11:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://au.search.yah...r=spigot-yhp-ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-AU
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1B 6A D0 10 B1 45 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{CB48E1D2-B537-4A80-9128-9055DA217591}: "URL" = http://au.search.yah...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\npuplaypc.dll (Ubisoft)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://au.search.yah...r=spigot-yhp-ch
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - Extension: Google Docs = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0\
CHR - Extension: FVD Video Downloader = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.4.0_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: YouTube Options (Full Version) = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojmgeoecaejeajjegjmijbcifhkbmgjd\1.8.133_0\
CHR - Extension: Gmail = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Youtube Mp3 Downloader = C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppndpcdpbpcgiimpobknmdjmkdopkkmj\2.0_0\

O1 HOSTS File: ([2009/06/11 07:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS WiFi GO! FileTransfer Execute] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 198.142.0.51 211.29.132.12 198.142.235.14
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65229273-D170-45D8-8BEE-61C38140E0B6}: DhcpNameServer = 198.142.0.51 211.29.132.12 198.142.235.14
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{963686b4-7e27-11e2-915b-08606e822ea2}\Shell - "" = AutoRun
O33 - MountPoints2\{963686b4-7e27-11e2-915b-08606e822ea2}\Shell\AutoRun\command - "" = D:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1} - .NET Framework
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1} - .NET Framework
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/08/31 11:07:02 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/08/31 11:06:07 | 001,023,533 | ---- | C] (Thisisu) -- C:\Users\Timothy\Desktop\JRT.exe
[2013/08/31 11:00:40 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/08/31 10:54:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/08/31 10:53:22 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Timothy\Desktop\OTL.exe
[2013/08/28 15:05:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/08/27 18:43:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/08/27 18:43:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013/08/23 16:33:52 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/08/16 03:03:15 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/08/16 03:03:15 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/08/16 03:03:14 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/08/16 03:03:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/08/16 03:03:14 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/08/16 03:03:14 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/08/16 03:03:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/08/16 03:03:14 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/08/16 03:03:14 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/08/16 03:03:14 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/08/16 03:03:14 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/08/16 03:03:13 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/08/16 03:03:13 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/08/16 03:03:13 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/08/16 03:03:13 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/08/15 20:00:09 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\PAYDAY 2
[2013/08/15 15:36:00 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/08/15 15:36:00 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/08/15 15:35:59 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/08/15 15:35:47 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/08/15 15:35:47 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/08/15 15:35:46 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013/08/15 15:35:41 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/08/15 15:35:40 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/08/15 15:35:40 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/08/15 15:35:40 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/08/15 15:35:40 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/08/15 15:35:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/08/15 15:35:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/08/15 15:35:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/08/15 15:35:40 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/08/15 15:35:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/08/10 15:27:18 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\CARS
[2013/08/04 21:05:58 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\CrashRpt
[2013/08/04 21:04:48 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\BeamNG
[2013/08/02 17:27:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/08/02 17:26:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013/08/02 17:26:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2013/08/02 17:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/31 11:30:04 | 000,000,000 | ---- | M] () -- C:\Windows\Path.idx
[2013/08/31 11:25:56 | 000,061,440 | ---- | M] ( ) -- C:\Users\Timothy\Desktop\VEW.exe
[2013/08/31 11:25:00 | 001,048,576 | ---- | M] () -- C:\Windows\PE_Rom.dll
[2013/08/31 11:23:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/31 11:23:32 | 4215,492,606 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/31 11:06:11 | 001,023,533 | ---- | M] (Thisisu) -- C:\Users\Timothy\Desktop\JRT.exe
[2013/08/31 10:59:14 | 000,994,642 | ---- | M] () -- C:\Users\Timothy\Desktop\AdwCleaner.exe
[2013/08/31 10:53:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Timothy\Desktop\OTL.exe
[2013/08/31 05:28:06 | 000,020,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/31 05:28:06 | 000,020,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/31 01:27:20 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/08/30 18:27:13 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013/08/30 18:27:13 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/08/30 18:27:01 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013/08/28 23:10:03 | 000,267,962 | ---- | M] () -- C:\Users\Timothy\Desktop\ghost.png
[2013/08/28 23:09:41 | 000,306,857 | ---- | M] () -- C:\Users\Timothy\Desktop\mastermind.png
[2013/08/28 16:15:56 | 000,000,000 | ---- | M] () -- C:\asc_rdflag
[2013/08/28 15:14:52 | 000,000,024 | ---- | M] () -- C:\Users\Timothy\random.dat
[2013/08/28 15:14:43 | 000,000,046 | ---- | M] () -- C:\Users\Timothy\jagex_cl_runescape_LIVE.dat
[2013/08/28 15:07:38 | 000,766,336 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/28 15:07:38 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/28 15:07:38 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/28 15:07:34 | 000,766,336 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/31 11:25:55 | 000,061,440 | ---- | C] ( ) -- C:\Users\Timothy\Desktop\VEW.exe
[2013/08/31 10:59:03 | 000,994,642 | ---- | C] () -- C:\Users\Timothy\Desktop\AdwCleaner.exe
[2013/08/28 23:10:03 | 000,267,962 | ---- | C] () -- C:\Users\Timothy\Desktop\ghost.png
[2013/08/28 23:09:41 | 000,306,857 | ---- | C] () -- C:\Users\Timothy\Desktop\mastermind.png
[2013/08/28 16:15:56 | 000,000,000 | ---- | C] () -- C:\asc_rdflag
[2013/07/23 20:24:36 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013/07/23 20:14:46 | 002,538,960 | ---- | C] () -- C:\Windows\PE_File.dll
[2013/07/20 20:13:45 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2013/07/03 23:12:02 | 000,000,051 | ---- | C] () -- C:\Users\Timothy\jagex_cl_runescape_LIVE_BETA.dat
[2013/05/23 17:38:30 | 000,000,048 | ---- | C] () -- C:\Users\Timothy\jagex_cl_loginapplet_LIVE.dat
[2013/05/09 15:54:30 | 000,000,021 | ---- | C] () -- C:\Users\Timothy\AppData\Roaming\config_data.dat
[2013/04/17 00:37:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/04/17 00:37:12 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/04/13 16:19:30 | 000,000,023 | ---- | C] () -- C:\Users\Timothy\jagexappletviewer.preferences
[2013/03/26 22:13:21 | 000,007,622 | ---- | C] () -- C:\Users\Timothy\AppData\Local\Resmon.ResmonCfg
[2013/03/16 18:31:28 | 000,000,047 | ---- | C] () -- C:\Users\Timothy\jagex_cl_runescape_LIVE1.dat
[2013/03/16 18:23:04 | 000,000,046 | ---- | C] () -- C:\Users\Timothy\jagex_cl_runescape_LIVE.dat
[2013/03/09 14:43:15 | 000,000,046 | ---- | C] () -- C:\Users\Timothy\jagex_cl_oldschool_LIVE.dat
[2013/03/09 14:43:15 | 000,000,024 | ---- | C] () -- C:\Users\Timothy\random.dat
[2013/03/08 23:13:44 | 000,290,184 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/03/08 23:13:41 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/03/06 10:51:29 | 000,000,119 | -HS- | C] () -- C:\Windows\cnerolf.bin
[2013/02/25 17:10:43 | 000,109,256 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll
[2013/02/25 17:10:43 | 000,090,824 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2013/02/23 23:57:41 | 000,766,336 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/02/23 23:41:24 | 001,048,576 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2013/02/23 23:36:28 | 000,014,464 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2013/02/23 23:34:41 | 000,015,232 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013/02/23 23:34:40 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2013/02/23 23:34:40 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2013/02/23 23:33:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/02/23 20:50:16 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013/02/16 12:58:28 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/02/16 12:58:28 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/09/28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/13 08:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009/07/14 14:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 15:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 14:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 11:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 13:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 11:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST1000DM003-1CH162 ATA Device
Partitions: 2
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 931.00GB
Starting Offset: 105906176
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2013/07/28 23:17:43 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Adobe
[2013/02/28 19:59:57 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Apple Computer
[2013/04/05 00:31:37 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\ATI
[2013/07/31 17:13:22 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\AVG2013
[2013/05/09 16:25:30 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Corsair
[2013/02/24 11:29:15 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\HTML Executable
[2013/02/23 20:20:39 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Identities
[2013/02/26 18:47:58 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\IObit
[2013/02/24 11:29:35 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Macromedia
[2013/02/25 20:31:14 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Malwarebytes
[2010/11/21 17:16:46 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Media Center Programs
[2013/07/12 13:51:33 | 000,000,000 | --SD | M] -- C:\Users\Timothy\AppData\Roaming\Microsoft
[2013/03/09 17:12:57 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Microsoft Game Studios
[2013/08/01 19:45:04 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Origin
[2013/07/20 20:13:45 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\PACE Anti-Piracy
[2013/04/05 00:46:40 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\poclbm
[2013/02/24 15:33:16 | 000,000,000 | RH-D | M] -- C:\Users\Timothy\AppData\Roaming\SecuROM
[2013/08/28 22:46:18 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Skype
[2013/02/24 15:56:23 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Spirited Machine
[2013/04/04 14:27:08 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Subversion
[2013/02/24 15:08:00 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\SystemRequirementsLab
[2013/04/04 14:27:29 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\TortoiseSVN
[2013/04/28 15:51:59 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\TS3Client
[2013/07/31 17:12:50 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\TuneUp Software
[2013/08/16 10:41:31 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\uTorrent
[2013/08/10 18:43:24 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\vlc

< MD5 for: ATAPI.SYS >
[2009/07/14 11:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 11:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 11:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CSRSS.EXE >
[2009/07/14 11:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009/07/14 11:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 15:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 16:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 16:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 16:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 13:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 15:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 15:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 13:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2010/11/21 13:24:00 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\SysNative\mswsock.dll
[2010/11/21 13:24:00 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll
[2010/11/21 13:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\SysWOW64\mswsock.dll
[2010/11/21 13:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll

< MD5 for: NAPINSP.DLL >
[2009/07/14 11:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\SysWOW64\NapiNSP.dll
[2009/07/14 11:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_abf396ebf0847c31\NapiNSP.dll
[2009/07/14 11:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\SysNative\NapiNSP.dll
[2009/07/14 11:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\winsxs\amd64_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_0812326fa8e1ed67\NapiNSP.dll

< MD5 for: NLAAPI.DLL >
[2012/01/13 17:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\SysWOW64\nlaapi.dll
[2012/01/13 17:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_cfca9d84561311f2\nlaapi.dll
[2010/11/21 13:24:01 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=104A1070E90F1C530328E69B49718841 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_d000a58855ea91a1\nlaapi.dll
[2012/10/04 02:29:27 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=11B8C7970C10650827D060AA81BEE63F -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_d07f52216f10753a\nlaapi.dll
[2010/11/21 13:23:54 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=2DF36F15B2BC1571A6A542A3C2107920 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_c5abfb362189cfa6\nlaapi.dll
[2012/10/04 03:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\SysNative\nlaapi.dll
[2012/10/04 03:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_c575f33221b24ff7\nlaapi.dll
[2012/10/04 03:32:48 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=C98BCE54F31113D5E736C1097FD086DC -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_c62aa7cf3aafb33f\nlaapi.dll

< MD5 for: PNRPNSP.DLL >
[2009/07/14 11:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\SysWOW64\pnrpnsp.dll
[2009/07/14 11:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\winsxs\wow64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_d7c8b1ac70865dab\pnrpnsp.dll
[2009/07/14 11:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\SysNative\pnrpnsp.dll
[2009/07/14 11:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\winsxs\amd64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_cd74075a3c259bb0\pnrpnsp.dll

< MD5 for: PRINTISOLATIONHOST.EXE >
[2009/07/14 11:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\SysNative\PrintIsolationHost.exe
[2009/07/14 11:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\winsxs\amd64_microsoft-windows-p..ng-server-isolation_31bf3856ad364e35_6.1.7600.16385_none_f8a40495785334a9\PrintIsolationHost.exe

< MD5 for: SERVICES.EXE >
[2009/07/14 11:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 11:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 11:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 11:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 11:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 11:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/21 13:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 13:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 13:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 13:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 13:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 13:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< MD5 for: WINRNR.DLL >
[2009/07/14 11:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\SysNative\winrnr.dll
[2009/07/14 11:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_b543449669c73e11\winrnr.dll
[2009/07/14 11:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\SysWOW64\winrnr.dll
[2009/07/14 11:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_5924a912b169ccdb\winrnr.dll

< MD5 for: WSHELPER.DLL >
[2009/07/14 11:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\SysWOW64\wshelper.dll
[2009/07/14 11:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\wshelper.dll
[2009/07/14 11:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\SysNative\wshelper.dll
[2009/07/14 11:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\wshelper.dll

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/08/25 03:49:56 | 000,829,392 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2013/08/25 03:49:56 | 000,829,392 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2013/08/25 03:49:56 | 000,829,392 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2013/08/25 03:49:56 | 000,829,392 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2013/07/26 16:23:39 | 000,775,256 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2013/07/26 16:23:39 | 000,775,256 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2013/08/25 03:49:56 | 000,829,392 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2013/08/25 03:49:56 | 000,829,392 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2013/08/25 03:49:56 | 000,829,392 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2013/08/25 03:49:56 | 000,829,392 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2013/07/26 15:13:58 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2013/07/26 15:13:58 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2013/07/26 15:13:58 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2013/07/26 16:23:39 | 000,775,256 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2013/07/26 16:23:39 | 000,775,256 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< End of report >


OTL Extras Log:

OTL Extras logfile created on: 31/08/2013 11:29:24 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Timothy\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

15.90 Gb Total Physical Memory | 13.48 Gb Available Physical Memory | 84.74% Memory free
31.80 Gb Paging File | 29.00 Gb Available in Paging File | 91.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 709.06 Gb Free Space | 76.13% Space Free | Partition Type: NTFS

Computer Name: SIKORSKY14 | User Name: Timothy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3739B70F-C7B3-4B82-9590-A831FCD55380}" = lport=1900 | protocol=17 | dir=in | name=upnp udp 1900 |
"{61F6F82D-C744-457B-BA8A-DBB8559D0A30}" = lport=138 | protocol=17 | dir=in | app=system |
"{6D7EE572-04C5-49E3-B446-8A2AD86BCC79}" = rport=445 | protocol=6 | dir=out | app=system |
"{6F12B4FD-1123-4488-85BD-187C840C0E63}" = lport=139 | protocol=6 | dir=in | app=system |
"{8024B29A-7DAC-43C8-895C-B291FFED3887}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{831AE373-1869-488D-BD76-111C01BA7F35}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{89D9932B-39D4-47C2-AC8F-95A69E8D28BA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B15EC63-B2D0-4A27-AB69-61FE1F3342F0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B7D096C-C84F-4162-AE8E-FFC2FB23B8EE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8C7E2D4F-A9E5-4CF2-8C37-AFCE644A95E1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{976087F6-530D-44B5-89AE-5816A6169EAC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{98A180A4-A6EC-45B8-8A44-F5F7B9140FB1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{997C6E6F-A6D2-446F-BCAC-BE0D3F7E0F72}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9FC48D47-7B1C-48F3-9959-02A3CC898960}" = lport=2869 | protocol=6 | dir=in | name=upnp tcp 2869 |
"{A1B78706-06E9-491D-8BF2-0358FCC17BC9}" = rport=138 | protocol=17 | dir=out | app=system |
"{A4257452-0DD6-4958-A5F0-A659D79E33E7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A6EFF00E-5D5D-4A02-A057-D8F2D677D5B3}" = rport=137 | protocol=17 | dir=out | app=system |
"{AAFD77F7-E04A-419F-B365-586049F6A932}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C432E797-D2C8-4FA2-82A2-799DD291EE2E}" = lport=2869 | protocol=6 | dir=in | name=upnp tcp 2869 |
"{C8430095-5825-47BD-AEAC-1C97953DC9FA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CF55F8D6-E47D-4102-A7B7-C5BDF603F933}" = rport=139 | protocol=6 | dir=out | app=system |
"{D9EEA17C-D3C0-4DDD-875C-F69B21047A10}" = lport=1900 | protocol=17 | dir=in | name=upnp udp 1900 |
"{DA598D38-189F-4212-83BB-56CF800ACE6B}" = lport=137 | protocol=17 | dir=in | app=system |
"{E0C7B65B-9C50-4E01-A7A3-9F2BFD33FE42}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EA906BA8-398D-468A-A5B7-73EAB2214A7D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{F8282CD5-3569-42D2-827C-14C4CE83F76B}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{018CC6FE-F936-4813-9DC5-57DDF6AD3FB9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe |
"{065DB1AE-DA86-44E5-A6B4-5DF248305DDB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{075D6684-37FF-4831-9A1C-009C3C34545A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{088DB96E-0D46-492C-A2F0-DE920F8CC3B0}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{0D748ABB-41F0-4882-B0FC-8C1F7D4A1851}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0EB0D792-432E-48AA-8EA1-52B4C581E232}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\swkotor\swkotor.exe |
"{0F3726C1-4826-49CA-8D93-F0DCC5FC93A5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{11EF7D23-06E4-4ECB-9446-4EBCA73FFD8A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\knights of the old republic ii\swkotor2.exe |
"{13B1A10F-1A2B-40EC-A359-FB441E052D89}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe |
"{155CC7E3-878E-485A-8672-9B4568AE8073}" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2 free\arma2free.exe |
"{18D0C7CC-9B84-4DCB-97E1-951A44A26619}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{1D785C07-7145-47C1-BFF8-2987C21CB53E}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{1EF01CDF-139E-42A4-9671-844F331BA3E9}" = protocol=6 | dir=in | app=c:\program files (x86)\origin\origin.exe |
"{241150B0-D926-4C66-A4FB-06E4A26160B1}" = protocol=58 | dir=in | [email protected],-28545 |
"{284BEB83-E5BB-407E-8591-FE1FFE0CC3CC}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\remote go!\assisttools\wifi go! server.exe |
"{328A8CF5-0EEA-458C-9312-58CFA311D1BF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{32AFC395-3A43-4FDF-897B-85605678AE64}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{3B9A34D9-0E50-4A90-8112-70681C230125}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{3C9084A4-D93B-4EBD-8D6F-B3393E2309F6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{3FC42127-8C70-4F06-A140-C52722EB937B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{413257FC-47BE-4984-9EFC-B9DA23A57B74}" = protocol=6 | dir=out | app=system |
"{46B43E82-4D09-4011-9775-3E1264D180F2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{46C09752-80FF-41D5-A209-3962395F3DE7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4E52000D-28F2-4121-B150-3FFF066B3127}" = protocol=58 | dir=out | [email protected],-28546 |
"{4F9DB5D5-6F70-416F-BD2B-51BC87E8E5EF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{51D23ACC-5564-4C7E-9272-0447E535BB58}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\swkotor\swkotor.exe |
"{5AB99F48-779E-471B-9F54-B7A28E8EC29A}" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2 operation arrowhead\arma2oa.exe |
"{5BD4C00C-D0B0-4AA7-A972-BC835F28C867}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{629CCAAE-C6A7-457F-A67D-2F828A37706E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{6395C5DA-BBDF-463A-8942-384BAA9DC113}" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2 operation arrowhead\arma2oa.exe |
"{6732D1A7-C905-4FF7-B99D-672311BD98C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6A52CE53-747C-417C-B4D2-7B5A5FBB568D}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\remote go!\assisttools\wifi go! server.exe |
"{7064D787-E358-4628-9C19-0F413B132C2E}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{769F9FEB-B5BE-4486-B539-FB656C5CBB71}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{787A7C4D-CA43-4F41-827D-365BF09C35C4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{794934AA-0E00-4935-A0B1-886A8B1F0CBD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7B8E7C9D-C797-4434-A584-CAC6B6A45F80}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{800ED500-BC21-49D1-B256-639518F3A47E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8093729D-C6E7-4E07-B0A3-C27DB325C79A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{810DA16B-6782-439A-8553-4879580C6878}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{82337DC0-4666-4D3B-9682-2C9E4044678E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8353CFD1-4D00-4212-B5E9-13BCE2E81E8B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{877CA600-93A0-4D42-97F9-0522583778BF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8B9291D9-562C-4E8B-BDCE-346C94ACF849}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{8D7F9EE8-8887-4772-8371-20053072C3B9}" = protocol=1 | dir=out | [email protected],-28544 |
"{912083BA-5E2D-45ED-9B5F-27763447AC99}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{979840EA-A9B8-4B45-BE1A-A0919893E360}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9E825917-C297-4BE7-9DAB-A6B4EDF5DD18}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A20385C8-F326-46C4-85CD-39631E93C68C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{A3739C47-5FB5-4163-A5CB-6C7C9C42E84D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{AA3BEEE5-6B55-4400-84F8-79797C98E355}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pcars\pcars.exe |
"{BC23552A-5DD2-48F3-84B3-21BCC2CB30C3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pcars\pcars.exe |
"{C13396A3-9434-4645-87BF-984C10D158D5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C3E09D01-4553-44B1-992E-32DA2016CEA9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C611AF08-6CC9-43F7-9A23-8FB9BDEB9958}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{D13B6C76-7AD7-4C79-B5E1-B75FB18ED69F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe |
"{D4916180-10AE-499F-BC14-EAD9AC840AE1}" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2 free\arma2free.exe |
"{D8A5725C-F9EB-4AB1-B913-E147AFEDEB57}" = protocol=17 | dir=in | app=c:\program files (x86)\origin\origin.exe |
"{DFC6388E-FC23-4223-96C2-C1396D37D7CF}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{E2B0B1B5-8F19-488A-A019-0D0B76DF6E54}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{E37E9DC5-87CD-475E-9A14-EFBA0953CC78}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{E575DBA5-429A-4364-A3E4-AAF7FE7A4CB7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{E6850444-0C14-46E9-8929-14B75B8C8321}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{E7365FA0-91C1-4421-A120-A4BCADCF3A29}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{EB7C722D-F591-4BB7-9A57-339FE6BDD0DE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\knights of the old republic ii\swkotor2.exe |
"{EBBD2A97-CBDA-44CA-BB2E-4179666082AE}" = protocol=1 | dir=in | [email protected],-28543 |
"{EFBA2033-E2F1-4333-B438-F67AB09750A0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe |
"{F2605631-F2C9-4D38-9433-CA64CBDD8C2E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F4C8537E-BDAD-42DB-A0E2-73CCED26A825}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{F85D722B-FDA6-4F30-A921-09C978A5F8E4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{32A7E6ED-2B63-47C6-83EB-321D8437F642}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{64D1684E-B86A-4A2C-BC66-D8ADA6971278}C:\program files (x86)\city car driving\bin\win32\starter.exe" = protocol=6 | dir=in | app=c:\program files (x86)\city car driving\bin\win32\starter.exe |
"UDP Query User{1A843F95-C4DD-4F1E-A3BF-C840C1D01709}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{92941012-2F4D-46A9-9ED0-BF5EF172C633}C:\program files (x86)\city car driving\bin\win32\starter.exe" = protocol=17 | dir=in | app=c:\program files (x86)\city car driving\bin\win32\starter.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java™ 7 (64-bit)
"{2EB96857-04FC-3A67-6E29-6914FB78CB90}" = AMD Accelerated Video Transcoding
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{446BDB12-E817-C16B-B974-DFB805CD99A5}" = AMD Drag and Drop Transcoding
"{461CA979-8990-39B7-ECCC-A378CBD6A452}" = AMD Fuel
"{4A39ED00-7650-A60F-F7E3-A1C3F1D4C34E}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4FF9E8AA-D554-4CE7-89F9-B69DAA5A1E98}" = AVG 2013
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7FCDABCC-1A1E-4D61-909D-BA9495172774}" = iTunes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{833F5E6D-6E01-11D1-978E-6DFBCEF72570}" = AMD Steady Video Plug-In
"{90140000-0016-0000-1000-0000000FF1CE}" = Microsoft Office Excel 2010
"{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}_Office14.EXCEL_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0000-1000-0000000FF1CE}" = Microsoft Office PowerPoint 2010
"{90140000-0018-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}_Office14.POWERPOINT_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0000-1000-0000000FF1CE}" = Microsoft Office Word 2010
"{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}_Office14.WORD_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.WORD_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.WORD_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.WORD_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.WORD_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.EXCEL_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.WORD_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.WORD_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.WORD_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C068588D-7275-E9E0-9158-2D57BA13FDFD}" = AMD Wireless Display v3.0
"{E74BF83C-2CA5-48EF-901F-959309E7D9EC}" = AVG 2013
"{E9897E08-46FA-A07E-B332-1515AAB356F4}" = AMD Catalyst Install Manager
"{F60D5FAB-2C7B-A299-F839-05A7F7D9CE2C}" = ccc-utility64
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"AVG" = AVG 2013
"CCleaner" = CCleaner
"Office14.EXCEL" = Microsoft Excel 2010
"Office14.POWERPOINT" = Microsoft PowerPoint 2010
"Office14.WORD" = Microsoft Word 2010

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}" = Halo 2 for Windows Vista
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1A4C46F0-1DCE-B7FF-753E-1BFFD38CAD11}" = CCC Help Spanish
"{1BE249CC-2A97-4FD2-AF8C-80D027ADD8A5}" = DayZ Commander
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{28E3970E-5D53-A59D-84B6-B2BB7637553A}" = Catalyst Control Center Localization All
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{31EF3584-9232-F8F4-4BAD-EED7653090D3}" = CCC Help Turkish
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{355E39A9-6C8E-CB2A-1210-F39569A625EC}" = CCC Help Swedish
"{3CF111C7-92E1-AD47-B521-A153921D0FE3}" = CCC Help Dutch
"{408B1AE6-D09B-74DE-A38B-96B74CCECC34}" = CCC Help Hungarian
"{45160C56-61F6-468D-A5B0-9FAE2C3E68D6}" = Catalyst Control Center - Branding
"{48614A23-EF39-FA3B-BA1C-115F83993B19}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5E57EF20-E146-9911-8AAE-E6665AE0B536}" = AMD Catalyst Control Center
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A59840D-8F35-A994-427B-822314E81AAF}" = CCC Help Chinese Traditional
"{7B228E0D-FFB9-A3D0-42C4-1A90D9286F8E}" = CCC Help Japanese
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8D0D61A4-B3DE-CBB6-7425-C2BB4D8D8C1A}" = CCC Help English
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{96903DF6-228F-4ED6-660B-956DE8D43981}" = CCC Help Russian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B798FEC-837B-84BF-D690-D4D5EC1CBD53}" = CCC Help Italian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B4A3B8BE-4953-064E-E1FD-8D3AFCF58A07}" = CCC Help Chinese Standard
"{BA362E17-3164-CFA3-A1D7-A8CECB20D56C}" = Catalyst Control Center Graphics Previews Common
"{BB939DE5-2680-3FE2-5B4F-C40629336C08}" = CCC Help French
"{BE3359DF-E0AF-E1D7-FEBF-63D4D3729CC5}" = CCC Help Polish
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BFE8FCC5-B9FE-39A2-B062-678A4D98D7CA}" = CCC Help Finnish
"{C14B79C1-2D2F-BCEB-8F25-49D91A6B2324}" = CCC Help German
"{C86A5731-2E91-63FF-14A3-1BB7FEEF9B6F}" = CCC Help Danish
"{CBE3BEFB-1514-6F68-64B5-03F83735A240}" = CCC Help Korean
"{CE8AA8D6-2186-5551-EC7F-E94919D166A6}" = CCC Help Norwegian
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{EACFCDA4-3286-4DEB-92D8-53006239F347}" = ArmA II Launcher
"{EC1CBFB4-E22A-D856-31A7-665CFCC2C116}" = CCC Help Greek
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5460185-E398-6A00-2ABF-3194D03C30EA}" = CCC Help Thai
"{F8360AF1-47D9-2A5C-558A-ED6F01511C71}" = Catalyst Control Center InstallProxy
"{FB2EEC93-63C4-9734-FA07-D840E0219040}" = CCC Help Czech
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"ArmA 2" = ArmA 2 Free Uninstall
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for OA" = BattlEye for OA Uninstall
"BOSS" = BOSS
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"ESN Sonar-0.70.4" = ESN Sonar
"Google Chrome" = Google Chrome
"Halo 2" = Halo 2 for Windows Vista
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Steam App 208580" = Star Wars: Knights of the Old Republic II
"Steam App 218620" = PAYDAY 2
"Steam App 219640" = Chivalry: Medieval Warfare
"Steam App 22370" = Fallout 3 - Game of the Year Edition
"Steam App 234630" = Project CARS
"Steam App 240" = Counter-Strike: Source
"Steam App 32370" = Star Wars: Knights of the Old Republic
"The Elder Scrolls V Skyrim Dragonborn © Bethes~300CD4A2_is1" = The Elder Scrolls V Skyrim Dragonborn © Bethesda Softworks version 1
"The Sith Lords Restored Content Mod_is1" = TSLRCM 1.8.1
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.5

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 30/08/2013 9:23:57 PM | Computer Name = Sikorsky14 | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.

Error - 30/08/2013 9:25:10 PM | Computer Name = Sikorsky14 | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 30/08/2013 9:24:20 PM | Computer Name = Sikorsky14 | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058


< End of report >


aswMBR Log:

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-08-31 11:47:32
-----------------------------
11:47:32.164 OS Version: Windows x64 6.1.7601 Service Pack 1
11:47:32.165 Number of processors: 8 586 0x200
11:47:32.165 ComputerName: SIKORSKY14 UserName: Timothy
11:47:33.004 Initialize success
11:49:33.454 AVAST engine defs: 13083001
11:49:44.010 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
11:49:44.011 Disk 0 Vendor: ST1000DM003-1CH162 CC44 Size: 953869MB BusType: 11
11:49:44.116 Disk 0 MBR read successfully
11:49:44.117 Disk 0 MBR scan
11:49:44.120 Disk 0 Windows 7 default MBR code
11:49:44.122 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:49:44.131 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
11:49:44.150 Disk 0 scanning C:\Windows\system32\drivers
11:49:50.844 Service scanning
11:50:03.751 Modules scanning
11:50:04.933 AVAST engine scan C:\Windows
11:50:06.725 AVAST engine scan C:\Windows\system32
11:52:59.814 AVAST engine scan C:\Windows\system32\drivers
11:53:08.999 AVAST engine scan C:\Users\Timothy
11:56:24.462 AVAST engine scan C:\ProgramData
11:57:30.451 Scan finished successfully
11:58:10.111 Disk 0 MBR has been saved successfully to "C:\Users\Timothy\Desktop\aswMBR\MBR.dat"
11:58:10.114 The log file has been saved successfully to "C:\Users\Timothy\Desktop\aswMBR\aswMBR.txt"




FSS Log:

Farbar Service Scanner Version: 28-08-2013
Ran by Timothy (administrator) on 31-08-2013 at 11:59:59
Running from "C:\Users\Timothy\Desktop"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,002 posts
  • MVP

[ Application Events ]
Error - 30/08/2013 9:23:57 PM | Computer Name = Sikorsky14 | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.



This one is serious. If you don't get it to activate then in 30 days it won't let you do anything but try and activate.



Error - 30/08/2013 9:24:20 PM | Computer Name = Sikorsky14 | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058


In the Search box, type: services.msc and wait until it finds it then right click on the found services.msc and Run As Admin.

Once the services window opens find: Function Discovery Provider
Host and right click on it and select Properties. Make sure the Startup Type: is set to Manual. Apply. Hit the Start button. Does it start? If not what error do you get?

Log: 'Application' Date/Time: 31/08/2013 1:27:08 AM
Type: Warning Category: 3
Event: 3036 Source: Microsoft-Windows-Search
The content source <csc://{S-1-5-21-1820716277-370758180-2689453388-1000}/> cannot be accessed.


Try the Fixit on http://support.micro.../windows_search

Log: 'Application' Date/Time: 31/08/2013 1:25:10 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


Try the Fixit: http://support.micro....com/kb/2545227


et Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a minute then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.


Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.
  • 0

#5
megaman186

megaman186

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Changed the process to manual and started it, no problems with that. I ran the automatic fix it programs for those 2 other problems.

Heres the logs for the others:

System Processes:

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 94.76 0 K 24 K 0
procexp64.exe 1.61 38,716 K 58,156 K 5616 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
Interrupts 0.86 0 K 0 K n/a Hardware Interrupts and DPCs
svchost.exe 0.53 5,704 K 11,088 K 1160 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
atkexComSvc.exe 0.46 8,140 K 11,424 K 2092 (Verified) ASUSTeK Computer Inc.
Steam.exe 0.38 206,340 K 111,704 K 1240 Steam Client Bootstrapper ([email protected]) Valve Corporation (Verified) Valve
WiFi GO! Server.exe 0.37 10,376 K 2,540 K 3232 ASUS WiFi GO! Server ASUSTeK Computer Inc. (Verified) ASUSTeK Computer Inc.
csrss.exe 0.35 4,080 K 12,876 K 656 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
aaHMSvc.exe 0.15 6,560 K 9,100 K 2164 ASUSTeK Computer Inc. (Verified) ASUSTeK Computer Inc.
dwm.exe 0.12 37,572 K 55,720 K 3124 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.11 71,548 K 81,056 K 5128 Google Chrome Google Inc. (Verified) Google Inc
svchost.exe 0.08 5,716 K 9,604 K 1276 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
System 0.07 724 K 16,716 K 4
chrome.exe 0.07 120,332 K 122,044 K 4764 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 0.02 92,388 K 87,092 K 3960 Google Chrome Google Inc. (Verified) Google Inc
RzSynapse.exe 0.01 110,388 K 5,668 K 3948 Razer Synapse Razer Inc. (Verified) Razer USA Ltd
avgidsagent.exe 0.01 36,668 K 27,468 K 2252 AVG Identity Protection Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
ASCService.exe 0.01 24,964 K 11,628 K 1220 Advanced SystemCare Service IObit (Verified) IObit Information Technology
MOM.exe 0.01 27,508 K 7,116 K 3716 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (No signature was present in the subject) Advanced Micro Devices Inc.
CCC.exe 0.01 113,004 K 5,360 K 4636 Catalyst Control Center: Host application ATI Technologies Inc. (No signature was present in the subject) ATI Technologies Inc.
csrss.exe < 0.01 2,800 K 5,240 K 984 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
avgwdsvc.exe < 0.01 11,372 K 21,816 K 2584 AVG Watchdog Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
AppleMobileDeviceService.exe < 0.01 3,620 K 9,916 K 1928 MobileDeviceService Apple Inc. (Verified) Apple Inc.
svchost.exe < 0.01 32,484 K 35,444 K 1844 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe < 0.01 35,084 K 28,840 K 2540 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
explorer.exe < 0.01 55,032 K 86,120 K 3272 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
AsDLNAServerReal.exe < 0.01 5,596 K 2,380 K 4780 ASUS DLNA Player ASUSTeK Computer Inc. (Verified) ASUSTeK Computer Inc.
taskhost.exe < 0.01 14,752 K 15,644 K 3068 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
lsass.exe < 0.01 7,256 K 13,648 K 1048 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
PnkBstrA.exe < 0.01 1,360 K 4,360 K 2116 (Verified) Even Balance
svchost.exe < 0.01 27,640 K 43,228 K 1528 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
audiodg.exe < 0.01 18,492 K 18,128 K 524 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
avgrsa.exe < 0.01 47,460 K 53,192 K 540 AVG Resident Shield Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
svchost.exe < 0.01 10,740 K 18,452 K 1456 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
avgui.exe < 0.01 8,584 K 22,676 K 3992 AVG User Interface AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
avgnsa.exe < 0.01 15,108 K 20,612 K 3040 AVG Online Shield Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
WmiPrvSE.exe 3,632 K 7,132 K 6016 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 7,460 K 14,020 K 4120 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WLIDSVCM.EXE 2,044 K 3,976 K 2736 Microsoft® Windows Live ID Service Monitor Microsoft Corporation (Verified) Microsoft Corporation
WLIDSVC.EXE 5,340 K 13,312 K 3016 Microsoft® Windows Live ID Service Microsoft Corporation (Verified) Microsoft Corporation
winlogon.exe 3,892 K 8,408 K 980 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 2,096 K 5,256 K 296 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
WiFileTransfer.exe 3,164 K 1,288 K 3924 WiFil GO! File Transfer ASUSTeK Computer Inc. (Verified) ASUSTeK Computer Inc.
U3BoostSvr64.exe 3,192 K 1,024 K 3980 USB 3.0 Boost Service ASUSTeK Computer Inc. (Verified) ASUSTeK Computer Inc.
TurboVHelp.exe 12,580 K 1,284 K 3268 TurboVHelp ASUSTeK Computer Inc. (No signature was present in the subject) ASUSTeK Computer Inc.
taskeng.exe 3,464 K 7,728 K 2304 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 290,932 K 281,412 K 2360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 16,976 K 18,060 K 2032 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 8,768 K 14,580 K 1488 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 28,008 K 24,572 K 1424 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,032 K 6,468 K 3404 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,768 K 6,208 K 5036 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,564 K 7,712 K 1640 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,496 K 6,116 K 2316 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,968 K 4,600 K 1776 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 7,652 K 13,076 K 1992 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 732 K 1,420 K 324 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
services.exe 7,160 K 13,292 K 1040 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
RtkNGUI64.exe 14,732 K 1,408 K 3828 Realtek HD Audio Manager Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
procexp.exe 2,788 K 8,100 K 1368 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PowerControlHelp.exe 5,376 K 1,180 K 3244 Digi+ Power Control Help ASUSTeK Computer Inc. (No signature was present in the subject) ASUSTeK Computer Inc.
msiexec.exe 11,924 K 25,544 K 3436 Windows® installer Microsoft Corporation (Verified) Microsoft Windows
mbamscheduler.exe 2,692 K 6,316 K 2792 Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
lsm.exe 3,276 K 5,004 K 1056 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
GoogleUpdate.exe 2,480 K 836 K 6068 Google Installer Google Inc. (Verified) Google Inc
Fuel.Service.exe 6,732 K 13,608 K 1764 AMD Fuel Service Advanced Micro Devices, Inc. (No signature was present in the subject) Advanced Micro Devices, Inc.
chrome.exe 21,332 K 21,500 K 776 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 21,564 K 23,184 K 592 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 72,136 K 73,632 K 6004 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 37,480 K 48,232 K 4232 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 17,492 K 20,588 K 6128 Google Chrome Google Inc. (Verified) Google Inc
avgcsrva.exe 12,476 K 54,848 K 5468 AVG Scanning Core Module - Server Part AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
atiesrxx.exe 1,892 K 4,808 K 1336 AMD External Events Service Module AMD (Verified) Advanced Micro Devices
atieclxx.exe 3,568 K 8,772 K 1736 AMD External Events Client Module AMD (Verified) Advanced Micro Devices
AsusFanControlService.exe 4,316 K 7,472 K 2224 ASUS Motherboard Fan Control Service ASUSTeK Computer Inc. (Verified) ASUSTeK Computer Inc.
AsSysCtrlService.exe 1,144 K 3,512 K 2200 AsSysCtr Application ASUSTeK Computer Inc. (Verified) ASUSTeK Computer Inc.
AsRoutineController.exe 3,696 K 1,384 K 3252 ASUS Routine Controller ASUSTeK Computer Inc. (Verified) ASUSTeK Computer Inc.
AlertHelper.exe 3,576 K 1,032 K 4868 AlertHelper ASUSTeK Computer Inc. (Verified) ASUSTeK Computer Inc.
AiChargerPlus.exe 1,688 K 1,192 K 3908 AiChargerPlus Application ASUSTek Computer Inc. (Verified) ASUSTeK Computer Inc.
AI Suite II.exe 80,720 K 7,404 K 4676 AI Suite II ASUSTeK Computer Inc. (Verified) ASUSTeK Computer Inc.



Speccy:

Summary
Operating System
Windows 7 Ultimate 64-bit SP1
CPU
AMD FX-8350 17 °C
Vishera 32nm Technology
RAM
16.0GB Dual-Channel DDR3 @ 936MHz (9-9-9-24)
Motherboard
ASUSTeK COMPUTER INC. SABERTOOTH 990FX R2.0 (Socket 942) 37 °C
Graphics
DELL U2312HM ([email protected])
3072MB ATI AMD Radeon HD 7900 Series (Gigabyte) 35 °C
Hard Drives
932GB Seagate ST1000DM003-1CH162 ATA Device (SATA) 31 °C
Optical Drives
ELBY CLONEDRIVE SCSI CdRom Device
Audio
Realtek High Definition Audio
Operating System
Windows 7 Ultimate 64-bit SP1
Computer type: Desktop
Installation Date: 23/02/2013 9:19:35 PM

Windows Security Center
User Account Control (UAC) Disabled
Firewall Enabled
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Every Day
Schedule Time 3:00 AM
Windows Defender
Windows Defender Disabled
Antivirus
Antivirus Enabled
Display Name AVG AntiVirus Free Edition 2013
Virus Signature Database Up to date
.NET Frameworks installed
v4.5 Full
v4.5 Client
v3.5 SP1
v3.0 SP2
v2.0 SP2
Internet Explorer
Version 10.0.9200.16660
PowerShell
Version 2.0
Java
Java Runtime Environment
Path C:\Program Files (x86)\Java\jre7\bin\java.exe
Version 7.0
Update 25
Build 17
Java Runtime Environment
Path C:\Program Files\Java\jre7\bin\java.exe
Version 7.0
Build 147
Environment Variables
USERPROFILE C:\Users\Timothy
SystemRoot C:\Windows
User Variables
TEMP C:\Users\Timothy\AppData\Local\Temp
TMP C:\Users\Timothy\AppData\Local\Temp
path %CommonProgramFiles%\Microsoft Shared\Windows Live
Machine Variables
ComSpec C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
OS Windows_NT
Path C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
C:\Program Files (x86)\AMD APP\bin\x86_64
C:\Program Files (x86)\AMD APP\bin\x86
%CommonProgramFiles%\Microsoft Shared\Windows Live
C:\Windows\system32
C:\Windows
C:\Windows\System32\Wbem
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE AMD64
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
NUMBER_OF_PROCESSORS 8
PROCESSOR_LEVEL 21
PROCESSOR_IDENTIFIER AMD64 Family 21 Model 2 Stepping 0, AuthenticAMD
PROCESSOR_REVISION 0200
windows_tracing_flags 3
asl.log Destination=file
AMDAPPSDKROOT C:\Program Files (x86)\AMD APP\
Power Profile
Active power scheme High performance
Hibernation Enabled
Turn Off Monitor after: (On AC Power) Never
Turn Off Hard Disk after: (On AC Power) 20 min
Suspend after: (On AC Power) Never
Screen saver Disabled
Uptime
Current Session
Current Time 31/08/2013 5:20:56 PM
Current Uptime 21,466 sec (0 d, 05 h, 57 m, 46 s)
Last Boot Time 31/08/2013 11:23:10 AM
TimeZone
TimeZone GMT +10:00 Hours
Language English (Australia)
Location Australia
Format English (Australia)
Currency $
Date Format d/MM/yyyy
Time Format h:mm:ss tt
Process List
aaHMSvc.exe
Process ID 2164
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
Memory Usage 8.89 MB
Peak Memory Usage 9.01 MB
AI Suite II.exe
Process ID 4676
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
Memory Usage 7.69 MB
Peak Memory Usage 55 MB
AiChargerPlus.exe
Process ID 3908
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
Memory Usage 1.16 MB
Peak Memory Usage 5.86 MB
AlertHelper.exe
Process ID 4868
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
Memory Usage 1.08 MB
Peak Memory Usage 7.09 MB
AppleMobileDeviceService.exe
Process ID 1928
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 9.68 MB
Peak Memory Usage 9.68 MB
ASCService.exe
Process ID 1220
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
Memory Usage 11 MB
Peak Memory Usage 25 MB
AsDLNAServerReal.exe
Process ID 4780
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
Memory Usage 2.48 MB
Peak Memory Usage 12 MB
AsRoutineController.exe
Process ID 3252
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
Memory Usage 1.34 MB
Peak Memory Usage 11 MB
AsSysCtrlService.exe
Process ID 2200
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
Memory Usage 3.43 MB
Peak Memory Usage 3.45 MB
AsusFanControlService.exe
Process ID 2224
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.19\AsusFanControlService.exe
Memory Usage 7.30 MB
Peak Memory Usage 7.42 MB
atieclxx.exe
Process ID 1736
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\atieclxx.exe
Memory Usage 8.57 MB
Peak Memory Usage 8.57 MB
atiesrxx.exe
Process ID 1336
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\atiesrxx.exe
Memory Usage 4.70 MB
Peak Memory Usage 4.73 MB
atkexComSvc.exe
Process ID 2092
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
audiodg.exe
Process ID 524
avgcsrva.exe
Process ID 5468
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
Memory Usage 80 MB
Peak Memory Usage 83 MB
avgidsagent.exe
Process ID 2252
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
Memory Usage 27 MB
Peak Memory Usage 42 MB
avgnsa.exe
Process ID 3040
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
Memory Usage 20 MB
Peak Memory Usage 28 MB
avgrsa.exe
Process ID 540
User SYSTEM
Domain NT AUTHORITY
Path C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
Memory Usage 52 MB
Peak Memory Usage 169 MB
avgui.exe
Process ID 3992
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\AVG\AVG2013\avgui.exe
Memory Usage 22 MB
Peak Memory Usage 23 MB
avgwdsvc.exe
Process ID 2584
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
Memory Usage 21 MB
Peak Memory Usage 25 MB
CCC.exe
Process ID 4636
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Memory Usage 5.60 MB
Peak Memory Usage 108 MB
chrome.exe
Process ID 592
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 24 MB
Peak Memory Usage 25 MB
chrome.exe
Process ID 4232
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 52 MB
Peak Memory Usage 67 MB
chrome.exe
Process ID 6128
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 20 MB
Peak Memory Usage 22 MB
chrome.exe
Process ID 6004
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 71 MB
Peak Memory Usage 93 MB
chrome.exe
Process ID 5128
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 80 MB
Peak Memory Usage 111 MB
chrome.exe
Process ID 3960
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 109 MB
Peak Memory Usage 210 MB
chrome.exe
Process ID 4764
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 121 MB
Peak Memory Usage 129 MB
chrome.exe
Process ID 776
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 22 MB
Peak Memory Usage 23 MB
csrss.exe
Process ID 656
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 13 MB
Peak Memory Usage 20 MB
csrss.exe
Process ID 984
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 5.16 MB
Peak Memory Usage 5.16 MB
dllhost.exe
Process ID 6204
User Timothy
Domain Sikorsky14
Path C:\Windows\system32\DllHost.exe
Memory Usage 8.00 MB
Peak Memory Usage 8.00 MB
dwm.exe
Process ID 3124
User Timothy
Domain Sikorsky14
Path C:\Windows\system32\Dwm.exe
Memory Usage 54 MB
Peak Memory Usage 90 MB
explorer.exe
Process ID 3272
User Timothy
Domain Sikorsky14
Path C:\Windows\Explorer.EXE
Memory Usage 86 MB
Peak Memory Usage 88 MB
Fuel.Service.exe
Process ID 1764
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Memory Usage 13 MB
Peak Memory Usage 14 MB
GoogleUpdate.exe
Process ID 6068
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Memory Usage 888 KB
Peak Memory Usage 6.54 MB
lsass.exe
Process ID 1048
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
lsm.exe
Process ID 1056
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 4.88 MB
Peak Memory Usage 4.90 MB
mbamscheduler.exe
Process ID 2792
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
Memory Usage 6.17 MB
Peak Memory Usage 6.22 MB
MOM.exe
Process ID 3716
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
Memory Usage 6.95 MB
Peak Memory Usage 27 MB
PnkBstrA.exe
Process ID 2116
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\SysWOW64\PnkBstrA.exe
Memory Usage 4.26 MB
Peak Memory Usage 4.31 MB
PowerControlHelp.exe
Process ID 3244
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
Memory Usage 1.27 MB
Peak Memory Usage 8.51 MB
RtkNGUI64.exe
Process ID 3828
User Timothy
Domain Sikorsky14
Path C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
Memory Usage 1.38 MB
Peak Memory Usage 12 MB
RzSynapse.exe
Process ID 3948
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
Memory Usage 7.17 MB
Peak Memory Usage 120 MB
SearchFilterHost.exe
Process ID 5076
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchFilterHost.exe
Memory Usage 7.90 MB
Peak Memory Usage 7.97 MB
SearchIndexer.exe
Process ID 2540
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchIndexer.exe
Memory Usage 29 MB
Peak Memory Usage 29 MB
SearchProtocolHost.exe
Process ID 5912
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 9.45 MB
Peak Memory Usage 9.45 MB
services.exe
Process ID 1040
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
smss.exe
Process ID 324
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 1.39 MB
Peak Memory Usage 1.42 MB
Speccy64.exe
Process ID 5692
User Timothy
Domain Sikorsky14
Path C:\Program Files\Speccy\Speccy64.exe
Memory Usage 33 MB
Peak Memory Usage 34 MB
spoolsv.exe
Process ID 1992
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
Steam.exe
Process ID 1240
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\Steam\Steam.exe
Memory Usage 109 MB
Peak Memory Usage 226 MB
svchost.exe
Process ID 1776
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 4.50 MB
Peak Memory Usage 4.64 MB
svchost.exe
Process ID 5036
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 6.06 MB
Peak Memory Usage 6.10 MB
svchost.exe
Process ID 3404
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 6.32 MB
Peak Memory Usage 6.68 MB
svchost.exe
Process ID 2360
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 272 MB
Peak Memory Usage 446 MB
svchost.exe
Process ID 2316
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.97 MB
Peak Memory Usage 6.04 MB
svchost.exe
Process ID 1160
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 1276
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 9.45 MB
Peak Memory Usage 9.48 MB
svchost.exe
Process ID 2032
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 18 MB
Peak Memory Usage 79 MB
svchost.exe
Process ID 1424
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 24 MB
Peak Memory Usage 24 MB
svchost.exe
Process ID 1844
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 35 MB
Peak Memory Usage 57 MB
svchost.exe
Process ID 1640
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 7.56 MB
Peak Memory Usage 7.57 MB
svchost.exe
Process ID 1528
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 43 MB
Peak Memory Usage 46 MB
svchost.exe
Process ID 1488
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 14 MB
Peak Memory Usage 18 MB
svchost.exe
Process ID 1456
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
System
Process ID 4
System Idle Process
Process ID 0
taskeng.exe
Process ID 2304
User Timothy
Domain Sikorsky14
Path C:\Windows\system32\taskeng.exe
Memory Usage 7.55 MB
Peak Memory Usage 7.68 MB
taskhost.exe
Process ID 3068
User Timothy
Domain Sikorsky14
Path C:\Windows\system32\taskhost.exe
Memory Usage 15 MB
Peak Memory Usage 16 MB
TurboVHelp.exe
Process ID 3268
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
Memory Usage 1.47 MB
Peak Memory Usage 19 MB
U3BoostSvr64.exe
Process ID 3980
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
Memory Usage 1.06 MB
Peak Memory Usage 7.16 MB
WiFi GO! Server.exe
Process ID 3232
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
Memory Usage 2.70 MB
Peak Memory Usage 18 MB
WiFileTransfer.exe
Process ID 3924
User Timothy
Domain Sikorsky14
Path C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe
Memory Usage 1.27 MB
Peak Memory Usage 6.26 MB
wininit.exe
Process ID 296
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 5.13 MB
Peak Memory Usage 5.22 MB
winlogon.exe
Process ID 980
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 8.21 MB
Peak Memory Usage 9.57 MB
WLIDSVC.EXE
Process ID 3016
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
Memory Usage 13 MB
Peak Memory Usage 14 MB
WLIDSVCM.EXE
Process ID 2736
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
Memory Usage 3.88 MB
Peak Memory Usage 3.93 MB
WmiApSrv.exe
Process ID 6952
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\WmiApSrv.exe
Memory Usage 6.46 MB
Peak Memory Usage 6.46 MB
WmiPrvSE.exe
Process ID 4120
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 18 MB
Peak Memory Usage 19 MB
WmiPrvSE.exe
Process ID 6016
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 30 MB
Peak Memory Usage 30 MB
WmiPrvSE.exe
Process ID 5672
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 9.71 MB
Peak Memory Usage 10 MB
Scheduler
ASC6_AutoClean
CCleanerSkipUAC
elbyExecuteWithUAC
Hotfixes
15/08/2013 Security Update for Windows 7 for x64-based Systems (KB2862966)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/08/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2844286)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/08/2013 Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2862772)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/08/2013 Update for Windows 7 for x64-based Systems (KB2863058)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
15/08/2013 Security Update for Microsoft .NET Framework 4.5 on Windows 7, Vista, Windows Server 2008, Windows Server 2008 R2 for x64 (KB2840642)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/08/2013 Security Update for Windows 7 for x64-based Systems (KB2803821)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/08/2013 Security Update for Windows 7 for x64-based Systems (KB2849470)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/08/2013 Windows Malicious Software Removal Tool x64 - August 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
15/08/2013 Security Update for Windows 7 for x64-based Systems (KB2859537)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/08/2013 Security Update for Windows 7 for x64-based Systems (KB2861855)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/08/2013 Security Update for Windows 7 for x64-based Systems (KB2868623)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
3/08/2013 Security Update for Microsoft .NET Framework 4.5 on Windows 7, Vista, Windows Server 2008, Windows Server 2008 R2 for x64 (KB2742613)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/08/2013 Security Update for Microsoft .NET Framework 4.5 on Windows 7, Vista, Server 2008, and Server 2008 R2 for x64 (KB2804582)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
3/08/2013 Security Update for Microsoft .NET Framework 4.5 on Windows 7, Vista, Windows Server 2008, Windows Server 2008 R2 for x64 (KB2833957)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
3/08/2013 Security Update for Microsoft .NET Framework 4.5 on Windows 7, Vista, Server 2008, and Server 2008 R2 for x64 (KB2737083)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/08/2013 Security Update for Microsoft .NET Framework 4.5 on Windows 7, Vista, Windows Server 2008, Windows Server 2008 R2 for x64 (KB2789648)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/08/2013 Security Update for Microsoft .NET Framework 4.5 on Windows 7, Vista, Windows Server 2008, Windows Server 2008 R2 for x64 (KB2840642)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
17/07/2013 Windows Malicious Software Removal Tool x64 - July 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
11/07/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2840628)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/07/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2840631)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/07/2013 Windows Malicious Software Removal Tool x64 - July 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
11/07/2013 Security Update for Windows 7 for x64-based Systems (KB2847927)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/07/2013 Security Update for Windows 7 for x64-based Systems (KB2845187)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/07/2013 Security Update for Windows 7 for x64-based Systems (KB2803821)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/07/2013 Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2846071)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/07/2013 Security Update for Microsoft Office 2010 (KB2687276) 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
11/07/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2833946)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/07/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2835393)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/07/2013 Security Update for Windows 7 for x64-based Systems (KB2850851)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/07/2013 Security Update for Windows 7 for x64-based Systems (KB2835364)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/07/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2844286)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/07/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2832414)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/07/2013 Security Update for Windows 7 for x64-based Systems (KB2834886)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/07/2013 Security Update for Windows 7 for x64-based Systems (KB2835361)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/06/2013 Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2859903)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
12/06/2013 Security Update for Windows 7 for x64-based Systems (KB2845690)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
12/06/2013 Windows Malicious Software Removal Tool x64 - June 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
12/06/2013 Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 (KB2838727)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
12/06/2013 Security Update for Windows 7 for x64-based Systems (KB2839894)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
12/06/2013 Security Update for Windows 7 for x64-based Systems (KB2813430)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/05/2013 Security Update for Windows 7 for x64-based Systems (KB2830290)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/05/2013 Update for Windows 7 for x64-based Systems (KB2798162)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
15/05/2013 Security Update for Windows 7 for x64-based Systems (KB2829361)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/05/2013 Windows Malicious Software Removal Tool x64 - May 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
15/05/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2804576)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
15/05/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2804579)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
15/05/2013 Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 64-Bit Edition.
15/05/2013 Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2829530)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/05/2013 Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB2820197)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
8/05/2013 Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2817183)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/05/2013 Internet Explorer 10 for Windows 7 for x64-based Systems
Internet Explorer 10 is fast and fluid, and lets your websites
shine and perform just like native apps on your PC.
Internet
Explorer 10. Fast and fluid for Windows 7.
• Fast. Internet
Explorer 10 harnesses the untapped power of your PC, delivering
pages full of vivid graphics, smoother video, and interactive
content.
• Easy. Experience the web the way you want to with
pinned sites, built-in Spellcheck, and seamless integration with
your PC running Windows 7.
• Safer. Improved features like SmartScreen
Filter and Tracking Protection let you be more aware of threats
to your PC and your privacy.
26/04/2013 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
24/04/2013 Security Update for Windows 7 for x64-based Systems (KB2840149)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
20/04/2013 Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
20/04/2013 Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition
Microsoft has released an update for Microsoft PowerPoint 2010
64-Bit Edition. This update provides the latest fixes to Microsoft
PowerPoint 2010 64-Bit Edition. Additionally, this update contains
stability and performance improvements.
19/04/2013 Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
19/04/2013 Security Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit Edition
A security vulnerability exists in Microsoft Filter Pack 2.0
64-Bit Edition that could allow arbitrary code to run when a
maliciously modified file is opened. This update resolves that
vulnerability.
19/04/2013 Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
19/04/2013 Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
19/04/2013 Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
19/04/2013 Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition
A security vulnerability exists in Microsoft Excel 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
19/04/2013 Security Update for Microsoft InfoPath 2010 (KB2760406) 64-Bit Edition
A security vulnerability exists in Microsoft InfoPath 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
19/04/2013 Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition
A security vulnerability exists in Microsoft Word 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
19/04/2013 Update for Office File Validation 2010 (KB2553065), 64-bit Edition
Microsoft has released an update for Microsoft Office File Validation
2010, 64-bit Edition. This update provides the latest fixes to
Microsoft Office File Validation 2010, 64-bit Edition. Additionally,
this update contains stability and performance improvements.
19/04/2013 Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
19/04/2013 Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
19/04/2013 Security Update for Microsoft Office 2010 (KB2553091), 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010, 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
19/04/2013 Security Update for Microsoft Excel 2010 (KB2597166) 64-Bit Edition
A security vulnerability exists in Microsoft Excel 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
19/04/2013 Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
19/04/2013 Update for Microsoft Office 2010 (KB2597091) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
19/04/2013 Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
19/04/2013 Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
19/04/2013 Service Pack 1 for Microsoft Office 2010 (KB2510690 ) 64-bit Edition
Service Pack 1 (SP1) for Microsoft Office 2010 (KB2510690 ) 64-bit
Edition contains new updates which improve security, performance,
and stability. Additionally, the SP is a roll-up of all previously
released updates.
19/04/2013 Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
19/04/2013 Security Update for Microsoft InfoPath 2010 (KB2553322) 64-Bit Edition
A security vulnerability exists in Microsoft InfoPath 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
19/04/2013 Security Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit Edition
A security vulnerability exists in Microsoft PowerPoint 2010
64-Bit Edition that could allow arbitrary code to run when a
maliciously modified file is opened. This update resolves that
vulnerability.
19/04/2013 Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
19/04/2013 Security Update for Microsoft Office 2010 (KB2584066), 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010, 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
19/04/2013 Security Update for Microsoft Office 2010 (KB2553096), 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010, 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
19/04/2013 Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 64-Bit Edition.
10/04/2013 Security Update for Windows 7 for x64-based Systems (KB2813347)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/04/2013 Windows Malicious Software Removal Tool x64 - April 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
10/04/2013 Security Update for Windows 7 for x64-based Systems (KB2808735)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/04/2013 Security Update for Windows 7 for x64-based Systems (KB2823324)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/04/2013 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2817183)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/04/2013 Security Update for Microsoft InfoPath 2010 (KB2760406) 64-Bit Edition
A security vulnerability exists in Microsoft InfoPath 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
10/04/2013 Security Update for Windows 7 for x64-based Systems (KB2813170)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/04/2013 Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 64-Bit Edition.
28/03/2013 Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
28/03/2013 Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
28/03/2013 Security Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit Edition
A security vulnerability exists in Microsoft Filter Pack 2.0
64-Bit Edition that could allow arbitrary code to run when a
maliciously modified file is opened. This update resolves that
vulnerability.
28/03/2013 Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
28/03/2013 Security Update for Microsoft InfoPath 2010 (KB2687417) 64-Bit Edition
A security vulnerability exists in Microsoft InfoPath 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
28/03/2013 Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
28/03/2013 Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
28/03/2013 Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition
A security vulnerability exists in Microsoft Excel 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
28/03/2013 Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
Microsoft has released an update for Microsoft SharePoint Workspace
2010 64-Bit Edition. This update provides the latest fixes to
Microsoft SharePoint Workspace 2010 64-Bit Edition. Additionally,
this update contains stability and performance improvements.
28/03/2013 Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition
A security vulnerability exists in Microsoft Word 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
28/03/2013 Security Update for Microsoft OneNote 2010 (KB2760600) 64-Bit Edition
A security vulnerability exists in Microsoft OneNote 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
27/03/2013 Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition
Microsoft has released an update for Microsoft OneNote 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft OneNote
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
27/03/2013 Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
27/03/2013 Update for Office File Validation 2010 (KB2553065), 64-bit Edition
Microsoft has released an update for Microsoft Office File Validation
2010, 64-bit Edition. This update provides the latest fixes to
Microsoft Office File Validation 2010, 64-bit Edition. Additionally,
this update contains stability and performance improvements.
27/03/2013 Update for Microsoft Office 2010 (KB2566458), 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010, 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010, 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
27/03/2013 Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Microsoft has released an update for Microsoft OneNote 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft OneNote
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
27/03/2013 Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
27/03/2013 Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
27/03/2013 Security Update for Microsoft Office 2010 (KB2553091), 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010, 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
27/03/2013 Security Update for Microsoft Excel 2010 (KB2597166) 64-Bit Edition
A security vulnerability exists in Microsoft Excel 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
27/03/2013 Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
27/03/2013 Update for Microsoft Office 2010 (KB2597091) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
27/03/2013 Security Update for Microsoft SharePoint Workspace 2010 (KB2566445), 64-Bit Edition
A security vulnerability exists in Microsoft SharePoint Workspace
2010, 64-Bit Edition that could allow arbitrary code to run when
a maliciously modified file is opened. This update resolves that
vulnerability.
27/03/2013 Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
27/03/2013 Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
27/03/2013 Service Pack 1 for Microsoft Office 2010 (KB2510690 ) 64-bit Edition
Service Pack 1 (SP1) for Microsoft Office 2010 (KB2510690 ) 64-bit
Edition contains new updates which improve security, performance,
and stability. Additionally, the SP is a roll-up of all previously
released updates.
27/03/2013 Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
27/03/2013 Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 64-Bit Edition.
27/03/2013 Security Update for Microsoft InfoPath 2010 (KB2553322) 64-Bit Edition
A security vulnerability exists in Microsoft InfoPath 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
27/03/2013 Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
27/03/2013 Security Update for Microsoft Office 2010 (KB2584066), 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010, 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
27/03/2013 Security Update for Microsoft Office 2010 (KB2553096), 64-Bit Edition
A security vulnerability exists in Microsoft Office 2010, 64-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
13/03/2013 Windows Malicious Software Removal Tool x64 - March 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
11/03/2013 Security Update for Microsoft Visual C++ 2010 Redistributable Package (KB2467173)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
10/03/2013 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
10/03/2013 Security Update for Microsoft Visual C++ 2010 Service Pack 1 Redistributable Package (KB2565063)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
10/03/2013 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
27/02/2013 Platform Update for Windows 7 x64-Edition (KB2670838)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
26/02/2013 Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB973688)
Install this update to prevent applications from sending too
many HTTP requests while a well-known Document Type Definition
(DTD) is included. After you install this item, you may have
to restart your computer. Once you have installed this item,
it cannot be removed.
26/02/2013 Security Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB954430)
A security issue has been identified in Microsoft XML Core Services
(MSXML) that could allow an attacker to compromise your Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer. Once you have installed
this item, it cannot be removed.
24/02/2013 Hotfix for Windows (KB2646060)
Fix for KB2646060
24/02/2013 Hotfix for Windows (KB2646060)
Fix for KB2646060
24/02/2013 Hotfix for Windows (KB2645594)
Fix for KB2645594
24/02/2013 Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2468871)
Install this update to resolve issues in Microsoft .NET Framework
4. For a complete listing of the issues that are included in
this update, see the associated Microsoft Knowledge Base article
for more information. After you install this item, you may have
to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2732487)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2529073)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2533523)
This update addresses stability, reliability, and performance
issues in Microsoft .NET Framework 4. After you install this
item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB982018)
This is a reliability update. This update resolves some performance
and reliability issues in Windows. By applying this update, you
can achieve better performance and responsiveness in various
scenarios. For more information please see the Knowledge Base
article. After you install this item, you may have to restart
your computer.
24/02/2013 Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2600217)
This update addresses stability, reliability, and performance
issues in Microsoft .NET Framework 4. After you install this
item, you may have to restart your computer.
24/02/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2742595)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
24/02/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2737019)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
24/02/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2789642)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
24/02/2013 Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2797052)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
24/02/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2729449)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
24/02/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2604121)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
24/02/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2656351)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
24/02/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2736428)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected application to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
24/02/2013 Security Update for Windows 7 for x64-based Systems (KB2532531)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
24/02/2013 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2487367)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2522422)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2761217)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2729094)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2739159)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2563227)
Install this update to resolve performance and reliability issues
in Windows. By applying this update, you can achieve better performance
and responsiveness in various scenarios. For a complete listing
of the issues that are included in this update, see the associated
Microsoft Knowledge Base article for more information. After
you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2505438)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2763523)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2515325)
This is a reliability update. This update resolves some performance
and reliability issues in Windows. By applying this update, you
can achieve better performance and responsiveness in various
scenarios. For more information please see the Knowledge Base
article. After you install this item, you may have to restart
your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2640148)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2547666)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2709981)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2574819)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2660075)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2511250)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Kernel-Mode Driver Framework version 1.11 for Windows 7 for x64-based Systems (KB2685811)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2545698)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2592687)
The Remote Desktop Protocol 8.0 update enables you to use the
new Remote Desktop Services features. These features are introduced
in Windows 8 and in Windows Server 2012 and are available for
computers that are running Windows 7 Service Pack 1 or Windows
Server 2008 R2 Service Pack 1. After you install this item, you
may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2719857)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2603229)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2741355)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2484033)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2750841)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2541014)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2709630)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2732059)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2488113)
This is a reliability update. This update resolves some performance
and reliability issues in Windows. By applying this update, you
can achieve better performance and responsiveness in various
scenarios. For more information please see the Knowledge Base
article. After you install this item, you may have to restart
your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2786400)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2773072)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for User-Mode Driver Framework version 1.11 for Windows 7 for x64-based Systems (KB2685813)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2699779)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2726535)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2762895)
Install this update to resolve a set of known application compatibility
issues with Windows. For a complete listing of the issues that
are included in this update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2506928)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2732500)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2647753)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2522422)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2761217)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Update for Windows 7 for x64-based Systems (KB2729094)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
24/02/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656356)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
24/02/2013 Security Update for Windows 7 for x64-based Systems (KB2799494)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
24/02/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2789645)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
24/02/2013 Security Update for Windows 7 for x64-based Systems (KB2769369)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
24/02/2013 Security Update for Windows 7 for x64-based Systems (KB2560656)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2658846)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Update for Windows 7 for x64-based Systems (KB2552343)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
23/02/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2756921)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2620704)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Update for Windows 7 for x64-based Systems (KB2533552)
Install this update to enable future updates to install successfully
on all editions of Windows 7 or Windows Server 2008 R2. This
update may be required before selected future updates can be
installed. After you install this item, it cannot be removed.
23/02/2013 Update for Windows 7 for x64-based Systems (KB2718704)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
23/02/2013 Update for Windows 7 for x64-based Systems (KB2779562)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2012. After you install this item, you
may have to restart your computer.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2479943)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2631813)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2536276)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2585542)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
23/02/2013 Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB2618451)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2778344)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Windows Malicious Software Removal Tool x64 - February 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2620712)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2570947)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2676562)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2506212)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2691442)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2667402)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2655992)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
23/02/2013 Update Rollup for ActiveX Killbits for Windows 7 for x64-based Systems (KB2736233)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
23/02/2013 Windows Internet Explorer 9 for Windows 7 for x64-based Systems
Windows Internet Explorer 9 delivers web sites and applications
that look and perform like native PC applications through the
power of Windows.

Fast: Internet Explorer 9 is all-around fast.
Designed to take full advantage of your PC’s hardware through
Windows, Internet Explorer 9 delivers graphically rich and immersive
experiences that are as fast and responsive as native applications
installed on your PC.

Clean: Internet Explorer puts the focus
on the Web sites you love with a clean look and increased viewing
area that makes your Web sites shine. Intuitive and seamless
integration with Windows 7 provides one-click access to Web applications
pinned directly to your Taskbar.

Trusted: Internet Explorer
is the trusted way to the Web because it has a robust set of
built-in security, privacy and reliability technologies that
keep you safer and your browsing experience uninterrupted.
Interoperable: Support for HTML5 and modern Web standards architected
to take advantage of the GPU means that the same mark-up not
only works across the Web, but runs faster and delivers a richer
experience through Windows and Internet Explorer 9.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2757638)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2509553)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2758857)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2770660)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2785220)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
23/02/2013 Update for Windows 7 for x64-based Systems (KB2749655)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
23/02/2013 Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2792100)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2790113)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2604115)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2536275)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2790655)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2579686)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2685939)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2729452)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2753842)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2645640)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2742599)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2690533)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2743555)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2706045)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2727528)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Update for Windows 7 for x64-based Systems (KB2506014)
An issue has been identified that could allow a user with administrative
permissions to load an unsigned driver. This update resolves
that issue. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
23/02/2013 Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2797052)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Update for Windows 7 for x64-based Systems (KB2786081)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2659262)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2532531)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2653956)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2705219)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656411)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2491683)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2544893)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2654428)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2712808)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2511455)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2564958)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2619339)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2660649)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2698365)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2736422)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected application to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2644615)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
23/02/2013 Update for Windows 7 for x64-based Systems (KB2661254)
Install this update to keep your system up to date by increasing
the minimum level of encryption on Windows systems. After you
install this item, you may have to restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2584146)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2799494)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2790113)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2604115)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2536275)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2579686)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2685939)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2729452)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2790655)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
23/02/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2742599)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Definition Update for Windows Defender - KB915597 (Definition 1.145.236.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
23/02/2013 Update for Windows (KB958488)
Microsoft .NET Framework 4.0 Shared
23/02/2013 Hotfix for Windows (KB2505454)
Fix for KB2505454
23/02/2013 Security Update for Windows 7 for x64-based Systems (KB2621440)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/02/2013 Windows Update Agent 7.6.7600.256
The Windows Update Agent enables your computer to search for
and install updates from an update service. The agent can automatically
update itself as needed to communicate with the update service
when Windows searches for new updates.
23/02/2013 Update for Windows (KB971033)
Update to Windows Activation Technologies.
System Folders
Path for burning CD C:\Users\Timothy\AppData\Local\Microsoft\Windows\Burn\Burn1
Application Data C:\ProgramData
Public Desktop C:\Users\Public\Desktop
Documents C:\Users\Public\Documents
Global Favorites C:\Users\Timothy\Favorites
Music C:\Users\Public\Music
Pictures C:\Users\Public\Pictures
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Videos C:\Users\Public\Videos
Cookies C:\Users\Timothy\AppData\Roaming\Microsoft\Windows\Cookies
Desktop C:\Users\Timothy\Desktop
Physical Desktop C:\Users\Timothy\Desktop
User Favorites C:\Users\Timothy\Favorites
Fonts C:\Windows\Fonts
Internet History C:\Users\Timothy\AppData\Local\Microsoft\Windows\History
Temporary Internet Files C:\Users\Timothy\AppData\Local\Microsoft\Windows\Temporary Internet Files
Local Application Data C:\Users\Timothy\AppData\Local
Windows Directory C:\Windows
Windows/System C:\Windows\system32
Program Files C:\Program Files
Services
Running Advanced SystemCare Service 6
Running AMD External Events Utility
Running AMD FUEL Service
Running Apple Mobile Device
Running Application Experience
Running ASUS Com Service
Running ASUS HM Com Service
Running ASUS System Control Service
Running AsusFanControlService
Running AVG WatchDog
Running AVGIDSAgent
Running Background Intelligent Transfer Service
Running Base Filtering Engine
Running CNG Key Isolation
Running COM+ Event System
Running Computer Browser
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Distributed Link Tracking Client
Running DNS Client
Running Encrypting File System (EFS)
Running Extensible Authentication Protocol
Running Function Discovery Provider Host
Running Group Policy Client
Running Human Interface Device Access
Running IKE and AuthIP IPsec Keying Modules
Running IPsec Policy Agent
Running MBAMScheduler
Running Multimedia Class Scheduler
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Plug and Play
Running PnkBstrA
Running Power
Running Print Spooler
Running Program Compatibility Assistant Service
Running Remote Procedure Call (RPC)
Running RPC Endpoint Mapper
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running SSDP Discovery
Running Superfetch
Running System Event Notification Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Themes
Running User Profile Service
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Backup
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows Live ID Sign-in Assistant
Running Windows Management Instrumentation
Running Windows Search
Running Windows Update
Running WLAN AutoConfig
Running WMI Performance Adapter
Running Workstation
Stopped ActiveX Installer (AxInstSV)
Stopped Adaptive Brightness
Stopped Adobe Acrobat Update Service
Stopped Application Identity
Stopped Application Information
Stopped Application Layer Gateway Service
Stopped Application Management
Stopped ASP.NET State Service
Stopped BattlEye Service
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Bluetooth Support Service
Stopped Bonjour Service
Stopped BranchCache
Stopped Certificate Propagation
Stopped COM+ System Application
Stopped Credential Manager
Stopped Diagnostic System Host
Stopped Disk Defragmenter
Stopped Distributed Transaction Coordinator
Stopped Fax
Stopped Function Discovery Resource Publication
Stopped Futuremark SystemInfo Service
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped Health Key and Certificate Management
Stopped HomeGroup Listener
Stopped HomeGroup Provider
Stopped InstallDriver Table Manager
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped IP Helper
Stopped iPod Service
Stopped KtmRm for Distributed Transaction Coordinator
Stopped Link-Layer Topology Discovery Mapper
Stopped Media Center Extender Service
Stopped Microsoft .NET Framework NGEN v2.0.50727_X64
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X64
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Net.Msmq Listener Adapter
Stopped Net.Pipe Listener Adapter
Stopped Net.Tcp Listener Adapter
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Office 64 Source Engine
Stopped Office Software Protection Platform
Stopped Offline Files
Stopped Parental Controls
Stopped Peer Name Resolution Protocol
Stopped Peer Networking Grouping
Stopped Peer Networking Identity Manager
Stopped Performance Counter DLL Host
Stopped Performance Logs & Alerts
Stopped PnP-X IP Bus Enumerator
Stopped PNRP Machine Name Publication Service
Stopped Portable Device Enumerator Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Access Connection Manager
Stopped Remote Desktop Configuration
Stopped Remote Desktop Services
Stopped Remote Desktop Services UserMode Port Redirector
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped Secondary Logon
Stopped Secure Socket Tunneling Protocol Service
Stopped Skype Updater
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Software Protection
Stopped SPP Notification Service
Stopped Steam Client Service
Stopped Tablet PC Input Service
Stopped Telephony
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped UPnP Device Host
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped WebClient
Stopped Windows Activation Technologies Service
Stopped Windows Biometric Service
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Defender
Stopped Windows Driver Foundation - User-mode Driver Framework
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Installer
Stopped Windows Media Center Receiver Service
Stopped Windows Media Center Scheduler Service
Stopped Windows Media Player Network Sharing Service
Stopped Windows Modules Installer
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped Windows Time
Stopped WinHTTP Web Proxy Auto-Discovery Service
Stopped Wired AutoConfig
Stopped WWAN AutoConfig
Security Options
Accounts: Administrator account status Disabled
Accounts: Guest account status Disabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Accounts: Rename administrator account Administrator
Accounts: Rename guest account Guest
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Disabled
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings Not Defined
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Not Defined
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Not Defined
Devices: Restrict floppy access to locally logged-on user only Not Defined
Domain controller: Allow server operators to schedule tasks Not Defined
Domain controller: LDAP server signing requirements Not Defined
Domain controller: Refuse machine account password changes Not Defined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Enabled
Interactive logon: Display user information when the session is locked Not Defined
Interactive logon: Do not display last user name Disabled
Interactive logon: Do not require CTRL+ALT+DEL Not Defined
Interactive logon: Message text for users attempting to log on
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 5 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require smart card Disabled
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session 15 minutes
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Microsoft network server: Server SPN target name validation level Not Defined
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of passwords and credentials for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion
Network access: Remotely accessible registry paths and sub-paths System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog
Network access: Restrict anonymous access to Named Pipes and Shares Enabled
Network access: Shares that can be accessed anonymously Not Defined
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Network security: Allow Local System to use computer identity for NTLM Not Defined
Network security: Allow LocalSystem NULL session fallback Not Defined
Network Security: Allow PKU2U authentication requests to this computer to use online identities Not Defined
Network security: Configure encryption types allowed for Kerberos Not Defined
Network security: Do not store LAN Manager hash value on next password change Enabled
Network security: Force logoff when logon hours expire Disabled
Network security: LAN Manager authentication level Not Defined
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Require 128-bit encryption
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Require 128-bit encryption
Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication Not Defined
Network security: Restrict NTLM: Add server exceptions in this domain Not Defined
Network security: Restrict NTLM: Audit Incoming NTLM Traffic Not Defined
Network security: Restrict NTLM: Audit NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Incoming NTLM traffic Not Defined
Network security: Restrict NTLM: NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers Not Defined
Recovery console: Allow automatic administrative logon Disabled
Recovery console: Allow floppy copy and access to all drives and all folders Disabled
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Force strong key protection for user keys stored on the computer Not Defined
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Require case insensitivity for non-Windows subsystems Enabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
System settings: Optional subsystems Posix
System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Disabled
User Account Control: Admin Approval Mode for the Built-in Administrator account Disabled
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop Disabled
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Elevate without prompting
User Account Control: Behavior of the elevation prompt for standard users Prompt for credentials
User Account Control: Detect application installations and prompt for elevation Enabled
User Account Control: Only elevate executables that are signed and validated Disabled
User Account Control: Only elevate UIAccess applications that are installed in secure locations Enabled
User Account Control: Run all administrators in Admin Approval Mode Disabled
User Account Control: Switch to the secure desktop when prompting for elevation Disabled
User Account Control: Virtualize file and registry write failures to per-user locations Enabled
Device Tree
ACPI x64-based PC
Microsoft ACPI-Compliant System
ACPI Power Button
AMD FX-8350 Eight-Core Processor
AMD FX-8350 Eight-Core Processor
AMD FX-8350 Eight-Core Processor
AMD FX-8350 Eight-Core Processor
AMD FX-8350 Eight-Core Processor
AMD FX-8350 Eight-Core Processor
AMD FX-8350 Eight-Core Processor
AMD FX-8350 Eight-Core Processor
High precision event timer
Motherboard resources
System board
Microsoft Windows Management Interface for ACPI
ACPI Fixed Feature Button
PCI bus
PCI standard PCI-to-PCI bridge
PCI standard PCI-to-PCI bridge
PCI standard PCI-to-PCI bridge
AMD SATA Controller
ATI I/O Communications Processor SMBus Controller
ATI I/O Communications Processor PCI Bus Controller
PCI standard PCI-to-PCI bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
System board
Microsoft Windows Management Interface for ACPI
Motherboard resources
PCI standard host CPU bridge
Motherboard resources
PCI standard PCI-to-PCI bridge
AMD Radeon HD 7900 Series
Dell U2312HM DVI
High Definition Audio Controller
AMD High Definition Audio Device
PCI standard PCI-to-PCI bridge
Asmedia 106x SATA Controller
ATA Channel 0
ATA Channel 1
PCI standard PCI-to-PCI bridge
Asmedia 106x SATA Controller
ATA Channel 1
ATA Channel 0
ST1000DM003-1CH162 ATA Device
PCI standard PCI-to-PCI bridge
ASMedia XHCI Controller
USB Root Hub
Standard OpenHCD USB Host Controller
USB Root Hub
Standard Enhanced PCI to USB Host Controller
USB Root Hub
Standard OpenHCD USB Host Controller
USB Root Hub
USB Composite Device
USB Input Device
Razer DeathAdder
Razer DeathAdder
Razer DeathAdder
HID-compliant consumer control device
HID-compliant device
HID-compliant device
HID-compliant device
USB Input Device
HID Keyboard Device
Standard Enhanced PCI to USB Host Controller
USB Root Hub
High Definition Audio Controller
Realtek High Definition Audio
PCI standard ISA bridge
Motherboard resources
Motherboard resources
Microsoft ACPI-Compliant Embedded Controller
Programmable interrupt controller
Direct memory access controller
System timer
System CMOS/real time clock
System speaker
Motherboard resources
Numeric data processor
Motherboard resources
Communications Port (COM1)
Standard OpenHCD USB Host Controller
USB Root Hub
PCI standard PCI-to-PCI bridge
Realtek PCIe GBE Family Controller
PCI standard PCI-to-PCI bridge
ASMedia XHCI Controller
USB Root Hub
USB Composite Device
USB Input Device
HID Keyboard Device
Razer BlackWidow
Razer BlackWidow
HID-compliant consumer control device
HID-compliant device
HID-compliant device
HID-compliant device
USB Input Device
Razer BlackWidow
PCI standard PCI-to-PCI bridge
ASMedia XHCI Controller
USB Root Hub
Standard OpenHCD USB Host Controller
USB Root Hub
Standard Enhanced PCI to USB Host Controller
USB Root Hub
CPU
AMD FX-8350
Cores 8
Threads 8
Name AMD FX-8350
Code Name Vishera
Package Socket AM3+ (942)
Technology 32nm
Specification AMD FX-8350 Eight-Core Processor
Family F
Extended Family 15
Model 2
Extended Model 2
Stepping 0
Revision OR-C0
Instructions MMX (+), SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, SSE4A, AMD 64, NX, VMX, AES, AVX, FMA3, FMA4
Virtualization Supported, Disabled
Hyperthreading Not supported
Fan Speed 2335 RPM
Bus Speed 200.7 MHz
Rated Bus Speed 2207.5 MHz
Stock Core Speed 4000 MHz
Stock Bus Speed 200 MHz
Average Temperature 17 °C
Caches
L1 Data Cache Size 8 x 16 KBytes
L1 Instructions Cache Size 4 x 64 KBytes
L2 Unified Cache Size 4 x 2048 KBytes
L3 Unified Cache Size 8192 KBytes
Core 0
Core Speed 4113.9 MHz
Multiplier x 20.5
Bus Speed 200.7 MHz
Rated Bus Speed 2207.5 MHz
Temperature 17 °C
Thread 1
APIC ID 0
Core 1
Core Speed 1404.7 MHz
Multiplier x 7.0
Bus Speed 200.7 MHz
Rated Bus Speed 2207.5 MHz
Temperature 17 °C
Thread 1
APIC ID 1
Core 2
Core Speed 1404.7 MHz
Multiplier x 7.0
Bus Speed 200.7 MHz
Rated Bus Speed 2207.5 MHz
Temperature 17 °C
Thread 1
APIC ID 2
Core 3
Core Speed 4113.9 MHz
Multiplier x 20.5
Bus Speed 200.7 MHz
Rated Bus Speed 2207.5 MHz
Temperature 17 °C
Thread 1
APIC ID 3
Core 4
Core Speed 4113.9 MHz
Multiplier x 20.5
Bus Speed 200.7 MHz
Rated Bus Speed 2207.5 MHz
Temperature 17 °C
Thread 1
APIC ID 4
Core 5
Core Speed 1404.7 MHz
Multiplier x 7.0
Bus Speed 200.7 MHz
Rated Bus Speed 2207.5 MHz
Temperature 17 °C
Thread 1
APIC ID 5
Core 6
Core Speed 4113.9 MHz
Multiplier x 20.5
Bus Speed 200.7 MHz
Rated Bus Speed 2207.5 MHz
Temperature 17 °C
Thread 1
APIC ID 6
Core 7
Core Speed 1404.7 MHz
Multiplier x 7.0
Bus Speed 200.7 MHz
Rated Bus Speed 2207.5 MHz
Temperature 17 °C
Thread 1
APIC ID 7
RAM
Memory slots
Total memory slots 4
Used memory slots 4
Free memory slots 0
Memory
Type DDR3
Size 16384 MBytes
Channels # Dual
DRAM Frequency 936.5 MHz
CAS# Latency (CL) 9 clocks
RAS# to CAS# Delay (tRCD) 9 clocks
RAS# Precharge (tRP) 9 clocks
Cycle Time (tRAS) 24 clocks
Bank Cycle Time (tRC) 45 clocks
Physical Memory
Memory Usage 16 %
Total Physical 16 GB
Available Physical 13 GB
Total Virtual 32 GB
Available Virtual 28 GB
SPD
Number Of SPD Modules 4
Slot #1
Type DDR3
Size 4096 MBytes
Manufacturer Corsair
Max Bandwidth PC3-10700 (667 MHz)
Part Number CMD8GX3M2A1866C9
SPD Ext. EPP
XMP--2
Frequency
JEDEC #3
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 33
Voltage 1.500 V
JEDEC #2
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 26
Voltage 1.500 V
JEDEC #1
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 22
Voltage 1.500 V
Slot #2
Type DDR3
Size 4096 MBytes
Manufacturer Corsair
Max Bandwidth PC3-10700 (667 MHz)
Part Number CMD8GX3M2A1866C9
SPD Ext. EPP
XMP--2
Frequency
JEDEC #3
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 33
Voltage 1.500 V
JEDEC #2
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 26
Voltage 1.500 V
JEDEC #1
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 22
Voltage 1.500 V
Slot #3
Type DDR3
Size 4096 MBytes
Manufacturer Corsair
Max Bandwidth PC3-10700 (667 MHz)
Part Number CMD8GX3M2A1866C9
SPD Ext. EPP
XMP--2
Frequency
JEDEC #3
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 33
Voltage 1.500 V
JEDEC #2
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 26
Voltage 1.500 V
JEDEC #1
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 22
Voltage 1.500 V
Slot #4
Type DDR3
Size 4096 MBytes
Manufacturer Corsair
Max Bandwidth PC3-10700 (667 MHz)
Part Number CMD8GX3M2A1866C9
SPD Ext. EPP
XMP--2
Frequency
JEDEC #3
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 33
Voltage 1.500 V
JEDEC #2
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 26
Voltage 1.500 V
JEDEC #1
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 22
Voltage 1.500 V
Motherboard
Manufacturer ASUSTeK COMPUTER INC.
Model SABERTOOTH 990FX R2.0 (Socket 942)
Version To be filled by O.E.M.
Chipset Vendor AMD
Chipset Model RD9x0
Chipset Revision 02
Southbridge Vendor AMD
Southbridge Model SB950
Southbridge Revision 40
System Temperature 37 °C
BIOS
Brand American Megatrends Inc.
Version 1503
Date 11/01/2013
Voltage
+12V 11.581 V
+5V 4.872 V
CPU CORE 1.392 V
VIN3 1.644 V
VIN4 2.880 V
+3.3V 3.132 V
VIN6 2.784 V
VIN7 2.688 V
VIN8 1.644 V
PCI Data
Slot PCI-E
Slot Type PCI-E
Slot Usage In Use
Bus Width Unknown
Slot Designation PCIE16_1
Slot Number 0
Slot PCI-E
Slot Type PCI-E
Slot Usage Available
Bus Width Unknown
Slot Designation PCIE1_1
Slot Number 1
Slot PCI-E
Slot Type PCI-E
Slot Usage Available
Bus Width Unknown
Slot Designation PCIE16_2
Slot Number 2
Slot PCI-E
Slot Type PCI-E
Slot Usage Available
Bus Width Unknown
Slot Designation PCIE16_3
Slot Number 3
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI1
Slot Number 4
Slot PCI-E
Slot Type PCI-E
Slot Usage Available
Bus Width Unknown
Slot Designation PCIE16_4
Slot Number 5
Graphics
Monitor
Name DELL U2312HM on AMD Radeon HD 7900 Series
Current Resolution 1920x1080 pixels
Work Resolution 1920x1040 pixels
State Enabled, Primary, Output devices support
Monitor Width 1920
Monitor Height 1080
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
ATI AMD Radeon HD 7900 Series
Manufacturer ATI
Model AMD Radeon HD 7900 Series
Device ID 1002-679A
Subvendor Gigabyte (1458)
Current Performance Level Level 0
Voltage 0.950 V
GPU Clock 1000.0 MHz
Temperature 35 °C
Core Voltage 0.950 V
Bios Core Clock 500.00
Bios Mem Clock 150.00
Driver version 13.200.0.0
BIOS Version xxx-xxx-xxx
Memory Type GDDR5
Memory 3072 MB
Bandwidth 240.0 GB/s
Count of performance levels : 2
Level 1
GPU Clock 300 MHz
Memory Clock 150 MHz
Level 2
GPU Clock 1000 MHz
Memory Clock 1250 MHz
Hard Drives
ST1000DM003-1CH162 ATA Device
Manufacturer Seagate
Heads 16
Cylinders 16,383
SATA type SATA-III 6.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
Serial Number Z1D3BJX5
LBA Size 48-bit LBA
Power On Count 262 times
Power On Time 106.5 days
Speed 7200 RPM
Features S.M.A.R.T., APM, NCQ
Transfer Mode SATA III
Interface SATA
Capacity 932 GB
Real size 1,000,204,886,016 bytes
RAID Type None
S.M.A.R.T
Status Good
Temperature 31 °C
Temperature Range OK (less than 50 °C)
01 Read Error Rate 120 (099) Data 000010DB98
03 Spin-Up Time 097 (097) Data 0000000000
04 Start/Stop Count 100 (100) Data 0000000108
05 Reallocated Sectors Count 100 (100) Data 0000000000
07 Seek Error Rate 077 (060) Data 00032DD0E5
09 Power-On Hours (POH) 098 (098) Data 00000009FB
0A Spin Retry Count 100 (100) Data 0000000000
0C Device Power Cycle Count 100 (100) Data 0000000106
B7 SATA Downshift Error Count 099 (099) Data 0000000001
B8 End-to-End error / IOEDC 100 (100) Data 0000000000
BB Reported Uncorrectable Errors 100 (100) Data 0000000000
BC Command Timeout 100 (099) Data 0000030007
BD High Fly Writes (WDC) 100 (100) Data 0000000000
BE Temperature Difference from 100 069 (051) Data 002112001F
BF G-sense error rate 100 (100) Data 0000000000
C0 Power-off Retract Count 100 (100) Data 0000000020
C1 Load/Unload Cycle Count 100 (100) Data 0000000550
C2 Temperature 031 (049) Data 000000001F
C5 Current Pending Sector Count 100 (100) Data 0000000000
C6 Uncorrectable Sector Count 100 (100) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
F0 Head Flying Hours 100 (253) Data 0000000A05
F1 Total LBAs Written 100 (253) Data 008E397C55
F2 Total LBAs Read 100 (253) Data 00C554FE90
Partition 0
Partition ID Disk #0, Partition #0
Size 100 MB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number 3C73299A
Size 931 GB
Used Space 223 GB (24%)
Free Space 708 GB (76%)
Optical Drives
ELBY CLONEDRIVE SCSI CdRom Device
Media Type BD Reader
Name ELBY CLONEDRIVE SCSI CdRom Device
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Read capabilities CD-R, CD-RW, CD-ROM, DVD-RAM, DVD-ROM, DVD-R, HD DVD-ROM, BD-ROM
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive D:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 5
SCSI Target Id 0
Status OK
Audio
Sound Cards
AMD High Definition Audio Device
Realtek High Definition Audio
Playback Devices
Realtek Digital Output (Realtek High Definition Audio)
Realtek Digital Output(Optical) (Realtek High Definition Audio)
Speakers (Realtek High Definition Audio) (default)
Speaker Configuration
Speaker type Stereo
Peripherals
Razer BlackWidow
Device Kind Keyboard
Device Name Razer BlackWidow
Vendor ECHELON
Location Razer BlackWidow
Driver
Date 7-10-2013
Version 6.2.9200.16384
File C:\Windows\system32\DRIVERS\rzudd.sys
File C:\Windows\system32\DRIVERS\kbdhid.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
File C:\Windows\system32\WdfCoInstaller01009.dll
HID Keyboard Device
Device Kind Keyboard
Device Name HID Keyboard Device
Vendor ECHELON
Location USB Input Device
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\DRIVERS\kbdhid.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
HID Keyboard Device
Device Kind Keyboard
Device Name HID Keyboard Device
Vendor ECHELON
Location USB Input Device
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\DRIVERS\kbdhid.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
Razer DeathAdder
Device Kind Keyboard
Device Name Razer DeathAdder
Vendor ECHELON
Location Razer DeathAdder
Driver
Date 7-10-2013
Version 6.2.9200.16384
File C:\Windows\system32\DRIVERS\rzudd.sys
File C:\Windows\system32\DRIVERS\kbdhid.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
File C:\Windows\system32\WdfCoInstaller01009.dll
Razer BlackWidow
Device Kind Mouse
Device Name Razer BlackWidow
Vendor ECHELON
Location USB Input Device
Driver
Date 7-10-2013
Version 6.2.9200.16384
File C:\Windows\system32\DRIVERS\rzudd.sys
File C:\Windows\system32\DRIVERS\mouhid.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
File C:\Windows\system32\WdfCoInstaller01009.dll
Razer DeathAdder
Device Kind Mouse
Device Name Razer DeathAdder
Vendor ECHELON
Location USB Input Device
Driver
Date 7-10-2013
Version 6.2.9200.16384
File C:\Windows\system32\DRIVERS\rzudd.sys
File C:\Windows\system32\DRIVERS\mouhid.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
File C:\Windows\system32\WdfCoInstaller01009.dll
Printers
Fax
Printer Port SHRFAX:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Monochrome
Status Unknown
Driver
Driver Name Microsoft Shared Fax Driver (v4.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\FXSDRV.DLL
Microsoft XPS Document Writer (Default Printer)
Printer Port XPSPort:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\mxdwdrv.dll
Network
You are connected to the internet
Connected through Realtek PCIe GBE Family Controller
IP Address 192.168.0.95
Subnet mask 255.255.255.0
Gateway server 192.168.0.1
Preferred DNS server 198.142.0.51
Alternate DNS server 211.29.132.12
Alternate DNS server 198.142.235.14
DHCP Enabled
DHCP server 192.168.0.1
External IP Address 211.30.50.91
Adapter Type Ethernet
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 0 Bps
Computer Name
NetBIOS Name SIKORSKY14
DNS Name Sikorsky14
Membership Part of workgroup
Workgroup WORKGROUP
Remote Desktop
Disabled
Console
State Active
Domain Sikorsky14
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Wi-Fi not enabled
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout (ms) 60,000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout (ms) 30,000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Enabled
File and printer sharing service Enabled
Simple File Sharing Enabled
Administrative Shares Enabled
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Adapters List
Realtek PCIe GBE Family Controller
IP Address 192.168.0.95
Subnet mask 255.255.255.0
Gateway server 192.168.0.1
MAC Address 08-60-6E-82-2E-A2
Network Shares
Users C:\Users
Current TCP Connections
AppleMobileDeviceService.exe (1928)
Local 127.0.0.1:27015 LISTEN
C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (3232)
Local 0.0.0.0:5068 LISTEN
Local 0.0.0.0:5080 LISTEN
Local 127.0.0.1:5080 ESTABLISHED Remote 127.0.0.1:49158 (Querying... )
Local 127.0.0.1:49158 ESTABLISHED Remote 127.0.0.1:5080 (Querying... )
Local 0.0.0.0:5069 LISTEN
Local 0.0.0.0:5050 LISTEN
Local 0.0.0.0:5060 LISTEN
Local 0.0.0.0:5063 LISTEN
Local 0.0.0.0:5065 LISTEN
Local 0.0.0.0:5066 LISTEN
Local 0.0.0.0:5067 LISTEN
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (4764)
Local 192.168.0.95:50782 ESTABLISHED Remote 74.125.237.104:80 (Querying... ) (HTTP)
Local 192.168.0.95:50779 ESTABLISHED Remote 74.125.237.207:443 (Querying... ) (HTTPS)
Local 192.168.0.95:50774 ESTABLISHED Remote 74.125.31.84:443 (Querying... ) (HTTPS)
Local 192.168.0.95:50790 ESTABLISHED Remote 74.125.237.203:443 (Querying... ) (HTTPS)
Local 192.168.0.95:50771 ESTABLISHED Remote 68.232.44.139:443 (Querying... ) (HTTPS)
Local 192.168.0.95:50767 ESTABLISHED Remote 23.46.33.224:80 (Querying... ) (HTTP)
Local 192.168.0.95:50763 ESTABLISHED Remote 74.125.237.103:443 (Querying... ) (HTTPS)
Local 192.168.0.95:50755 ESTABLISHED Remote 74.125.31.95:80 (Querying... ) (HTTP)
Local 192.168.0.95:50781 ESTABLISHED Remote 23.46.33.224:443 (Querying... ) (HTTPS)
Local 192.168.0.95:50751 CLOSE-WAIT Remote 66.117.25.36:80 (Querying... ) (HTTP)
Local 192.168.0.95:50753 ESTABLISHED Remote 108.168.208.206:80 (Querying... ) (HTTP)
Local 192.168.0.95:50750 ESTABLISHED Remote 23.79.243.50:80 (Querying... ) (HTTP)
Local 192.168.0.95:50746 ESTABLISHED Remote 125.56.204.96:80 (Querying... ) (HTTP)
Local 192.168.0.95:50745 ESTABLISHED Remote 125.56.204.96:80 (Querying... ) (HTTP)
Local 192.168.0.95:50744 ESTABLISHED Remote 125.56.204.96:80 (Querying... ) (HTTP)
Local 192.168.0.95:50706 ESTABLISHED Remote 23.79.243.8:80 (Querying... ) (HTTP)
Local 192.168.0.95:50695 ESTABLISHED Remote 31.13.70.81:80 (Querying... ) (HTTP)
Local 192.168.0.95:50831 ESTABLISHED Remote 174.133.98.146:80 (Querying... ) (HTTP)
Local 192.168.0.95:49819 ESTABLISHED Remote 69.171.235.16:80 (Querying... ) (HTTP)
System Process
Local 192.168.0.95:50754 TIME-WAIT Remote 108.168.208.206:80 (Querying... ) (HTTP)
Local 192.168.0.95:50812 TIME-WAIT Remote 23.79.243.43:80 (Querying... ) (HTTP)
Local 192.168.0.95:50797 TIME-WAIT Remote 184.84.221.48:80 (Querying... ) (HTTP)
Local 192.168.0.95:50795 TIME-WAIT Remote 23.79.243.32:80 (Querying... ) (HTTP)
Local 192.168.0.95:50796 TIME-WAIT Remote 184.84.221.48:80 (Querying... ) (HTTP)
Local 192.168.0.95:50791 TIME-WAIT Remote 69.171.235.16:80 (Querying... ) (HTTP)
Local 192.168.0.95:50794 TIME-WAIT Remote 23.79.243.32:80 (Querying... ) (HTTP)
Local 192.168.0.95:50793 TIME-WAIT Remote 23.79.243.32:80 (Querying... ) (HTTP)
Local 192.168.0.95:50792 TIME-WAIT Remote 69.171.235.16:80 (Querying... ) (HTTP)
Local 192.168.0.95:50813 TIME-WAIT Remote 23.79.243.43:80 (Querying... ) (HTTP)
Local 192.168.0.95:50814 TIME-WAIT Remote 23.79.243.43:80 (Querying... ) (HTTP)
Local 192.168.0.95:50815 TIME-WAIT Remote 23.79.243.43:80 (Querying... ) (HTTP)
Local 192.168.0.95:50816 TIME-WAIT Remote 31.13.70.1:80 (Querying... ) (HTTP)
Local 192.168.0.95:50817 TIME-WAIT Remote 31.13.70.1:80 (Querying... ) (HTTP)
Local 192.168.0.95:50818 TIME-WAIT Remote 31.13.70.1:80 (Querying... ) (HTTP)
Local 192.168.0.95:50819 TIME-WAIT Remote 31.13.70.1:80 (Querying... ) (HTTP)
Local 192.168.0.95:50787 TIME-WAIT Remote 23.79.243.8:80 (Querying... ) (HTTP)
Local 192.168.0.95:50820 TIME-WAIT Remote 31.13.70.1:80 (Querying... ) (HTTP)
Local 192.168.0.95:50786 TIME-WAIT Remote 23.79.243.8:80 (Querying... ) (HTTP)
Local 192.168.0.95:50832 TIME-WAIT Remote 199.7.57.72:80 (Querying... ) (HTTP)
Local 192.168.0.95:50803 TIME-WAIT Remote 23.79.243.50:80 (Querying... ) (HTTP)
Local 192.168.0.95:50802 TIME-WAIT Remote 23.79.243.50:80 (Querying... ) (HTTP)
Local 192.168.0.95:50801 TIME-WAIT Remote 31.13.70.81:80 (Querying... ) (HTTP)
Local 192.168.0.95:50800 TIME-WAIT Remote 31.13.70.81:80 (Querying... ) (HTTP)
Local 192.168.0.95:50799 TIME-WAIT Remote 184.84.221.48:80 (Querying... ) (HTTP)
Local 192.168.0.95:50798 TIME-WAIT Remote 184.84.221.48:80 (Querying... ) (HTTP)
Local 192.168.0.95:50804 TIME-WAIT Remote 23.79.243.50:80 (Querying... ) (HTTP)
Local 192.168.0.95:50805 TIME-WAIT Remote 125.56.205.250:80 (Querying... ) (HTTP)
Local 192.168.0.95:50806 TIME-WAIT Remote 125.56.205.250:80 (Querying... ) (HTTP)
Local 192.168.0.95:50807 TIME-WAIT Remote 125.56.205.250:80 (Querying... ) (HTTP)
Local 192.168.0.95:50808 TIME-WAIT Remote 125.56.204.42:80 (Querying... ) (HTTP)
Local 192.168.0.95:50809 TIME-WAIT Remote 125.56.204.42:80 (Querying... ) (HTTP)
Local 192.168.0.95:50810 TIME-WAIT Remote 125.56.204.42:80 (Querying... ) (HTTP)
Local 192.168.0.95:50811 TIME-WAIT Remote 23.79.243.43:80 (Querying... ) (HTTP)
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 192.168.0.95:139 (NetBIOS session service) LISTEN
lsass.exe (1048)
Local 0.0.0.0:49154 LISTEN
services.exe (1040)
Local 0.0.0.0:49157 LISTEN
svchost.exe (1276)
Local 0.0.0.0:135 (DCE) LISTEN
svchost.exe (1424)
Local 0.0.0.0:49153 LISTEN
svchost.exe (1528)
Local 0.0.0.0:49155 LISTEN
wininit.exe (296)
Local 0.0.0.0:49152 LISTEN
Generated with Speccy v1.22.537


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,002 posts
  • MVP
Process Explorer looks good. All files are verified and System Idle is a nice high 94.76 and Interrupts is a nice low 0.86

Speccy says it's running nice and cool. You are getting more read errors on your hard drive than I like to see:

01 Read Error Rate 120 (099) Data 000010DB98


You might want to get Seagate's SeaTools for Windows from http://www.seagate.c...port/downloads/ and install it and then run the Extended Disk Test. (This will reboot and then probably run all night.) See what it says about your drive. Sometimes when it finishes it will say that it found some errors and it can try to correct them. Allow it to try. Then I would run a Windows Disk Check just to make sure:

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.


Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow

(This will check your critical system files. Does this finish without complaint? IF it says it couldn't fix everything then:

Copy the next two lines:

findstr /c:"[SR]" \windows\logs\cbs\cbs.log > \windows\logs\cbs\junk.txt
notepad \windows\logs\cbs\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.



These files that I removed with OTL:

@Alternate Data Stream - 908 bytes -> C:\Users\Timothy\AppData\Local\8T2wairQ:71zdmReaS8eX3Lf0lcVIkufGHGh
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:56E2E879
@Alternate Data Stream - 1112 bytes -> C:\ProgramData\Microsoft:UBPfHHTAkij7xBLoBy3tYToy
@Alternate Data Stream - 1104 bytes -> C:\ProgramData\Microsoft:iMfQty76xsk9zrFh9vhYRL
@Alternate Data Stream - 1055 bytes -> C:\Program Files\Common Files\Microsoft Shared:dHIsdxXhnKN2hsrulNqRa3KHjP

are very suspicious so let's run an ESET online scan. This is another one which is probably best done while you sleep as it takes a long time:

Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner. Accept the terms then press Start (If you get a warning from your browser tell it you want to run it). If you do not have IE you can use another browser but it require the installation of an add-on then the browser has to restart.

# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.


Let's also try the bitdefender quickscan. Unlike ESET this is a very quick scan.

http://quickscan.bitdefender.com/

When it finishes there is a View Report option at the bottom. Click on it and copy and paste the report (even if it says nothing found).


IF either of the above found anything then let's run some more scans (you can run them anyway if you want to):

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

If you do not get a log when it finishes, run it again.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it by right clicking and Run As Admin.


If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.



Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Right-click mbam-setup.exe and select Run As Administrator to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.
  • 0

#7
megaman186

megaman186

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Alright ill run the seagate disk check while im asleep, when i wake up in the morning will it have the results or will it reboot or something
  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,002 posts
  • MVP
Last time I ran it it just sat there and waited on me to tell it what to do. (Make sure the PC doesn't decide to go to sleep)
  • 0

#9
megaman186

megaman186

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
seagate tools isn't picking up my drive, i have rescanned many times and it wont pick it up so i can't run the test.

Edited by megaman186, 01 September 2013 - 07:25 AM.

  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,002 posts
  • MVP
Does Drive Detect http://knowledge.sea...US/FAQ/004206en see it?

If so what firmware version is it? There is a new version at:

http://knowledge.sea...US/FAQ/223651en
  • 0

#11
megaman186

megaman186

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
drive detect does detect my drive, i also clicked on the firmware check button and the page says it has no new firmware updates. So now I'm going to download the DOS version of the disk check program and run it off usb to see if that will work.


Edit: Nope didn't work, I had burned the iso to my usb and then booted my pc up from the usb and it just boots up windows

Edit2: Alright I'm gonna go ahead and do everything in your post besides the seagate scanner

Edited by megaman186, 03 September 2013 - 12:39 AM.

  • 0

#12
megaman186

megaman186

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Alright here is the logs you asked for. I didn't run the Seagate scanner due to the fact it wasn't working for me, I ran the sfc /scannow in CMD though which im pretty sure only found one issue and fixed it otherwise it didn't find anything at all, I can't remember, but it didn't complain about not being able to fix anything. Also none of the scanners found anything besides ComboFix and TDSSKiller but I'm gonna post the logs for them anyway. (I can only post the one log for the ESET scanner due to the fact it hadn't found anything so it didn't give me the option to show the log after the scan.)

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 03/09/2013 4:32:34 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 03/09/2013 5:42:00 AM
Type: Error Category: 0
Event: 10001 Source: Microsoft-Windows-DistributedCOM
Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding

Log: 'System' Date/Time: 03/09/2013 5:39:26 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 02/09/2013 8:13:11 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

Log: 'System' Date/Time: 02/09/2013 6:28:42 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

Log: 'System' Date/Time: 02/09/2013 4:18:45 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/09/2013 8:13:14 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 02/09/2013 4:18:48 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.


ESET Online Scanner Log:

[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a04e2508c8fa89488002c171eb6e4050
# engine=15001
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-03 08:21:19
# local_time=2013-09-04 06:21:19 (+1000, AUS Eastern Standard Time)
# country="Australia"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1043 16777213 100 87 0 65406063 0 0
# compatibility_mode=5893 16776574 100 94 3813482 129873129 0 0
# scanned=190723
# found=0
# cleaned=0
# scan_time=3542


BitDefender Log:

QuickScan 32-bit v0.9.9.131
---------------------------
Scan date: Tue Sep 03 16:35:44 2013
Machine ID: 3C73299A



No infection found.
-------------------



Processes
---------
(unsigned) Digi+ Power Control Help 3832 C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(unsigned) TurboVHelp 1916 C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe

(verified) aaHMSvc.exe 2196 C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(verified) Advanced SystemCare 1232 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(verified) AI Suite II 4812 C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(verified) AiChargerPlus Application 4072 C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(verified) AlertHelper 4164 C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(verified) AsSysCtr Application 2232 C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(verified) ASUS 4388 C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
(verified) ASUS Motherboard Fan Control Service 2256 C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.19\AsusFanControlService.exe
(verified) ASUS Routine Controller 3816 C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(verified) ASUS WiFi GO! Server 3804 C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
(verified) atkexComSvc.exe 2092 C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(verified) AVG Internet Security 2284 C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(verified) AVG Internet Security 4008 C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(verified) AVG Internet Security 2404 C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(verified) Google Chrome 3572 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 6796 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 1316 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 4656 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 3044 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 5128 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 5164 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 5180 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 5444 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 5576 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 6192 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 6300 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified) Google Update 5704 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(verified) Malwarebytes Anti-Malware 2516 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(verified) MobileDeviceService 2068 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(verified) PnkBstrA.exe 2656 C:\Windows\SysWOW64\PnkBstrA.exe
(verified) Razer Synapse 3928 C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(verified) WiFil GO! File Transfer 4080 C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe


Network activity
----------------
Process chrome.exe (3044) connected on port 80 (HTTP) --> 69.171.235.16
Process chrome.exe (3044) connected on port 80 (HTTP) --> 31.13.70.1
Process chrome.exe (3044) connected on port 80 (HTTP) --> 23.46.52.211
Process chrome.exe (3044) connected on port 80 (HTTP) --> 23.46.54.41
Process chrome.exe (3044) connected on port 80 (HTTP) --> 23.46.54.41
Process chrome.exe (3044) connected on port 80 (HTTP) --> 23.46.54.41
Process chrome.exe (3044) connected on port 80 (HTTP) --> 23.46.54.41
Process chrome.exe (3044) connected on port 80 (HTTP) --> 23.46.54.41
Process chrome.exe (3044) connected on port 80 (HTTP) --> 23.46.54.41
Process chrome.exe (3044) connected on port 80 (HTTP) --> 23.46.54.41
Process chrome.exe (3044) connected on port 80 (HTTP) --> 23.46.54.41
Process chrome.exe (3044) connected on port 80 (HTTP) --> 23.46.54.41
Process chrome.exe (3044) connected on port 80 (HTTP) --> 74.125.237.30
Process chrome.exe (3044) connected on port 80 (HTTP) --> 23.46.54.41
Process chrome.exe (3044) connected on port 80 (HTTP) --> 23.46.54.41
Process chrome.exe (3044) connected on port 80 (HTTP) --> 23.46.54.41
Process chrome.exe (3044) connected on port 80 (HTTP) --> 23.46.54.41
Process chrome.exe (3044) connected on port 80 (HTTP) --> 23.46.54.41
Process chrome.exe (3044) connected on port 80 (HTTP) --> 23.46.54.41
Process chrome.exe (3044) connected on port 80 (HTTP) --> 74.125.237.9
Process chrome.exe (3044) connected on port 80 (HTTP) --> 74.125.237.9
Process chrome.exe (3044) connected on port 80 (HTTP) --> 96.6.138.239
Process chrome.exe (3044) connected on port 80 (HTTP) --> 125.56.204.81
Process chrome.exe (3044) connected on port 80 (HTTP) --> 31.13.70.65
Process chrome.exe (3044) connected on port 80 (HTTP) --> 66.235.143.121
Process chrome.exe (3044) connected on port 443 (HTTP over SSL) --> 74.125.237.9
Process chrome.exe (3044) connected on port 443 (HTTP over SSL) --> 74.125.237.106
Process chrome.exe (3044) connected on port 443 (HTTP over SSL) --> 74.125.237.165
Process chrome.exe (3044) connected on port 443 (HTTP over SSL) --> 74.125.237.108

Process WiFi GO! Server.exe (3804) listens on ports: 5050 (Yahoo Messenger), 5060 (SIP), 5063, 5065, 5066, 5067, 5068, 5069, 5080


Autoruns and critical files
---------------------------
(verified) AiChargerPlus Application C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(verified) AVG Internet Security C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(verified) Catalyst® Control Center C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
(verified) Microsoft® Windows® Operating System C:\Windows\system32\userinit.exe
(verified) Razer Synapse C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(verified) WiFil GO! File Transfer C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe


Browser plugins
---------------
(verified) Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
(verified) Advanced SystemCare 6 C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\ASCPlugin_Protect.dll
(verified) ascplugin_protection.dll c:\program files (x86)\iobit\advanced systemcare 6\browerprotect\ascplugin_protection.dll
(verified) Bitdefender QuickScan C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.131_0\npqscan.dll
(verified) Bonjour C:\Program Files (x86)\Bonjour\mdnsNSP.dll
(verified) Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
(unsigned) ESN Launch Mozilla Plugin C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll
(unsigned) ESN Launch Mozilla Plugin C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll
(verified) ESN Sonar API C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
(verified) Google Update C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
(verified) Java Deployment Toolkit 7.0.250.17 C:\Windows\SysWOW64\npDeployJava1.dll
(verified) Java™ Platform SE 7 U25 C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
(verified) Java™ Platform SE 7 U25 c:\program files (x86)\java\jre7\bin\ssv.dll
(verified) Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL
(verified) Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL
(verified) Microsoft® Windows Live ID C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
(verified) Microsoft® Windows Live ID C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
(verified) Microsoft® Windows® Operating System C:\Windows\System32\mswsock.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll
(verified) npitunes.dll C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
(verified) NPSWF32_11_8_800_94.dll C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
(unsigned) Shockwave for Director C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
(verified) Steady Video c:\program files (x86)\amd\steadyvideo\steadyvideo.dll
(verified) Uplay PC C:\Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\npuplaypc.dll
(unsigned) VLC Web Plugin C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
(verified) Windows® Internet Explorer C:\Windows\SysWOW64\ieframe.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll


Scan
----
MD5: b1bb8edc9d83d8096ee873f04cee600c C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
MD5: ef4dd326e35c6c6c94675c71271c0fcc c:\program files (x86)\amd\steadyvideo\steadyvideo.dll
MD5: 67d5ff7bfa5b4a93ae0f1e0d1291e5f8 C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MD5: 0466b91ee5767a769e9f8edb8ef94ddb C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
MD5: 68fb60221d8c7143c01bc758f9853784 C:\Program Files (x86)\ASUS\AAHM\1.00.20\AsAcpi.dll
MD5: c3ee2ce6a16aeed78aad518fde72958a C:\Program Files (x86)\ASUS\AAHM\1.00.20\asacpiex.dll
MD5: 0cd9ef0a06d047537b83ba755f188a5f C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
MD5: 3f188126510fa73a469f42de42252937 C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
MD5: 68fb60221d8c7143c01bc758f9853784 C:\Program Files (x86)\ASUS\AI Suite II\AsAcpi.dll
MD5: c3ee2ce6a16aeed78aad518fde72958a C:\Program Files (x86)\ASUS\AI Suite II\asacpiex.dll
MD5: 7fb99bb09cf9199c566160936b26ce2d C:\Program Files (x86)\ASUS\AI Suite II\AsMultiLang.dll
MD5: 8c9231025faf86b78906b6c847531ffb C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
MD5: e4137411446a2f0218f57ebbcb6fceb2 C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MD5: 7fb99bb09cf9199c566160936b26ce2d C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\AsMultiLang.dll
MD5: dce03c42f57ffa8efdb206424d13121c C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
MD5: 7fb99bb09cf9199c566160936b26ce2d C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\AsMultiLang.dll
MD5: 8c4b9db963b607954a786b042b27802e C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MD5: 578f4045fa6bbbb76efb6738888f3f9f C:\Program Files (x86)\ASUS\AI Suite II\Cpu Frequency\CpuFrequency.dll
MD5: 68fb60221d8c7143c01bc758f9853784 C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\AsAcpi.dll
MD5: c3ee2ce6a16aeed78aad518fde72958a C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\asacpiex.dll
MD5: 94c4c06fa972009b06345e4ec65f43da C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\DigiPowerControl.dll
MD5: 0fb079bf4940455b8332e95f34c67022 C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
MD5: 612e5d1794d4ac3439edb6b2dab72cd4 C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
MD5: 4be86d640a489e937b43769a99355664 C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MD5: 4b22b93fe6236f516d70f904147eaaff C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MD5: 7fb99bb09cf9199c566160936b26ce2d C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\AsMultiLang.dll
MD5: 74cd409f7b043cb13949ebf54032c346 C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
MD5: b5106a79dd046815332b6e3b6e8d27d1 C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MD5: a6dc53be82d8b9e832613194156914de C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
MD5: 7891d59c1c22006c8e6a885157d60a42 C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
MD5: 12423ba359edab6624b0031e5d4f1365 C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.dll
MD5: 3748192f4d5461485ad0157793a06601 C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
MD5: ba596dc432ca8482da04ce1fdcb5b8a1 C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
MD5: 41b289925a16271a304aa5abdf62148c C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\MirrorOpSender.dll
MD5: c505194c3145d7a91dfb4aa6d2334252 C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
MD5: 6f70dd20b730e0c09570b61909e14d49 C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
MD5: 4b179856ddbea7dee5f4699c6757018a C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
MD5: b5106a79dd046815332b6e3b6e8d27d1 C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\pngio.dll
MD5: 5626c6a78deb15f00e780115472c163c C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe
MD5: d0c55726064a73547559bda9fbd55b1b C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
MD5: 6c2c9e1ecba27fa083b4977613d0c4cb C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DLNAHelper.dll
MD5: cda4100baf1b93a3ff9a3d1e8d05af3e C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\MPListProcess.dll
MD5: b264ad8b91a9fe10b6232d58e505794c C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\UPnPXMLParse.dll
MD5: 493a68e53ac6aeec6620123e01d2c85b C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\WiFiGO.dll
MD5: 0c7488d1cb40e5cece582b9811859b5d C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MD5: 1886da4adb90a186e52674fc3a8afe98 C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
MD5: 7fb99bb09cf9199c566160936b26ce2d C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AsMultiLang.dll
MD5: b5106a79dd046815332b6e3b6e8d27d1 C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
MD5: ad4070e21d9a39e69729d082000b5a4e C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MD5: 29c267bb8d8b7c4d788b365953b645b2 C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MD5: 7fb99bb09cf9199c566160936b26ce2d C:\Program Files (x86)\ASUS\AI Suite II\Splitter\AsMultiLang.dll
MD5: e59d4711044b4699135f6a5cd65cdf7c C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MD5: 93b992a36a89e9f762232998a7abd01d C:\Program Files (x86)\ASUS\AI Suite II\System Information\SystemInfo.dll
MD5: 7fb99bb09cf9199c566160936b26ce2d C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\AsMultiLang.dll
MD5: 7ee5411e76443e0dd05fbdcf5c0a88f1 C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MD5: 6e290104855a6791739855ea04554c46 C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\ThermalRadar.dll
MD5: 68fb60221d8c7143c01bc758f9853784 C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\AsAcpi.dll
MD5: c3ee2ce6a16aeed78aad518fde72958a C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\asacpiEx.dll
MD5: 9ecd478182c424e49f75b4ef11e894eb C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MD5: eb46d5a4833d912bef8ecb0eca560e2f C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\IccHelper_old.dll
MD5: b5106a79dd046815332b6e3b6e8d27d1 C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
MD5: d8ccf6db53bee5f0deabeec462922c60 C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVEVO.dll
MD5: 710cb3685fd1f39cce1bde033aee64a4 C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
MD5: 7fb99bb09cf9199c566160936b26ce2d C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\AsMultiLang.dll
MD5: c7562be255996d55713383f77f6d3e3e C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\Express.dll
MD5: 374f47cc83725739b9fa110a4ffd3b36 C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsFtp.dll
MD5: 2a2d8d99c025d92dd803d4e1a3c94389 C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll
MD5: 7fb99bb09cf9199c566160936b26ce2d C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsMultiLang.dll
MD5: 9ea206b53d88386afe234138b08df3dd C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsZip.dll
MD5: 8e36f955af2e1e1d4a35201c25837df6 C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\BIOSFLK.dll
MD5: ee0d9d08cb72552ee524581d4cdcc9eb C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
MD5: ad8947d621fdca48f1f39f4624b60aa1 C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
MD5: e2891088bc0a341f49b69d524ba04882 C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.19\AsAcpi.dll
MD5: fcdf60ea278867b930c53dd9777f7682 C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.19\asacpiex.dll
MD5: 96760a3494b1f95a25a83a3a3ffa6436 C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.19\AsusFanControlService.exe
MD5: affebdf6ce01fcb74b3bb7cc3c7b7eec C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
MD5: 31e2470e61d5a390405ba41c279d8446 C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
MD5: 57969c1e39a08b450b1a46cc73299457 C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
MD5: 85d03de49c43d471ed3d7b9a9b28f8fd C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
MD5: 5378ad5a54c074eba41b7d97fc96d63f C:\Program Files (x86)\AVG\AVG2013\avgadvisorx.dll
MD5: 730e90935150048a4e5f392fcdd49da3 C:\Program Files (x86)\AVG\AVG2013\avgapps.dll
MD5: 3961de6134280fd3bc911d5b2119cecf C:\Program Files (x86)\AVG\AVG2013\avgcertx.dll
MD5: 71ea9078f6e1246b0bbd746c2999723f C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll
MD5: 2e967b05e5d1ef57632819bdc54f19b1 C:\Program Files (x86)\AVG\AVG2013\avgchclx.dll
MD5: 414f57444511b818db23fa5cf89f3205 C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll
MD5: 8564728cb493b0704edb9a3607b3dde9 C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll
MD5: a2a3b266093fdb25e81a44f2eb463026 C:\Program Files (x86)\AVG\AVG2013\avgcorex.dll
MD5: e69a7ad873caf58d3a39dd8b0db94724 C:\Program Files (x86)\AVG\AVG2013\avgcslx.dll
MD5: a7c48f3d2f119712e779184933698f90 C:\Program Files (x86)\AVG\AVG2013\avgdecider.dll
MD5: 9eed448e2c6306bfd8b2b19063fc21a1 C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll
MD5: a6639bc625634614dc30392bd81c4001 C:\Program Files (x86)\AVG\AVG2013\avgidpsdkx.dll
MD5: 4db93f4db7077801d2d82013506ac1d0 C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
MD5: 62d32e9c2c63c113bfd011423719b292 C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll
MD5: 2fef21eee9934bb10165aa02e530183c C:\Program Files (x86)\AVG\AVG2013\avglngx.dll
MD5: 21139ed432efb4a8cdf715862dbdf9e0 C:\Program Files (x86)\AVG\AVG2013\avglogx.dll
MD5: ae4d9dc676a2517dee3e51978bcfe47c C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll
MD5: 099d9f937f6ee23672391b3a5bd6d7e5 C:\Program Files (x86)\AVG\AVG2013\avgntsqlitex.dll
MD5: 5bdb1e096dea119a4d205acb6e958175 C:\Program Files (x86)\AVG\AVG2013\avgopensslx.dll
MD5: 6a0a8d20469efd39a4a3463a88811a57 C:\Program Files (x86)\AVG\AVG2013\avgsched.dll
MD5: 67dabfb8eb4afa87c558504d5fcd43c8 C:\Program Files (x86)\AVG\AVG2013\avgsecapix.dll
MD5: 8bec8631aed9c58ef8dd7ce1755f86aa C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll
MD5: 288d8a54fe326ae26ad43f348e646147 C:\Program Files (x86)\AVG\AVG2013\avgui.exe
MD5: b80b70609797f944517186ddac174a50 C:\Program Files (x86)\AVG\AVG2013\avguires.dll
MD5: a58368eb286021d25876d351e4cf6dcb C:\Program Files (x86)\AVG\AVG2013\avgwd.dll
MD5: 48939d9f350aef9370f03a1e49a49be2 C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
MD5: f65bebe969c232f60c7a13b0f00fb52c C:\Program Files (x86)\AVG\AVG2013\avgwdwsc.dll
MD5: bfd3111b723cc07e56316198617932d7 C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll
MD5: 31b2952853ba5f53bde06db5ac8f98aa C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll
MD5: b83062f5bffaf797dca67464b58970d5 C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MD5: 3927397ac60d943daf8808affed582b7 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
MD5: 5ac534ac42dab97223fa6df558dc743f C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
MD5: f6fd367c9eaaedf90cd7a7952ae0b336 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
MD5: a7dddde163f16ab49df3de9eec715495 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
MD5: ef8cd3c64ee9c08980d6d06ccce46c68 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: fc7a868decc3ab027f29178ec8a7f252 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
MD5: ff9831030678c7b6d70bac00f68f8976 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: e5b6d88b36bddad5039764fbf80284dd C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: 1d75bc73585969f41ba7ef0c882dff2b C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: 011285619951bc4c92fe322e08abf050 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: 78865abc5f5d13190f8b35bd9044714a C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
MD5: 54152706627f5f33952340d90ada50ee C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MD5: 0a855f27a1e48991d14c593cb930d2b2 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: 6d41f6aa35220e7a54543075b27e8f83 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
MD5: a84509c6ab1c764c592f192aa89da830 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: 4fe5c6d40664ae07be5105874357d2ed C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: 4327cf9a9d0864ca0ffc97fcda97315a C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
MD5: 24665b221424ffd7b71f0d2c398f2f4f C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
MD5: 06c1e887bf34c0e31eb8e2c999e4842f C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
MD5: db9bf91fd8be1630742cae4394ddbbe9 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
MD5: 0c0195c48b6b8582fa6f6373032118da C:\Program Files (x86)\Corsair\CorsairLINK2\CorsairLINK_HardwareMonitor.sys
MD5: 290eba98ad0ce0d1b880b5d71194b069 C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
MD5: 45b72c74b33d2a60a47fd82a339c1605 C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\chrome.dll
MD5: 5bf8e37fa1e25227480f9cd2aca21fb6 C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\d3dcompiler_46.dll
MD5: 44083bbfd32291deffac96252c7356c5 C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\ffmpegsumo.dll
MD5: fc46bc534444f1adb121d35ccec3fd88 C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\icudt.dll
MD5: 9e280c8df09ab777dc3d887cb9018a42 C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\libegl.dll
MD5: 82f855c79ede79368e1cde5c703d5992 C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\libglesv2.dll
MD5: 99ad2cfe09c90dd56133eb6cfac8103b C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\libpeerconnection.dll
MD5: e207ef55ce9050e47a9b6e6874a1d166 C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\pdf.dll
MD5: 0b309204ae61ced9f59ad5bfa4a6c52d C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\ppgooglenaclpluginchrome.dll
MD5: 8e436bd0d9c2cb57306070dfea3d4513 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
MD5: ff60b8c5bbe73b0790b3332783b6fd81 C:\Program Files (x86)\Google\Update\1.3.21.153\goopdate.dll
MD5: 101700e93eb905992b518256cb441829 C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
MD5: 506708142bc63daba64f2d3ad1dcd5bf C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
MD5: 26443c4332b966c44481d1de8d1bcbb4 C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
MD5: 9243229dfccc99b5441750eba49f1b14 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
MD5: d681077926c01e2a5204f914d26dad68 c:\program files (x86)\iobit\advanced systemcare 6\browerprotect\ascplugin_protection.dll
MD5: df45047308324a3ecaa5f3c1ad2f8738 C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCUrlScanner.dll
MD5: ddb9bcff8cbf73638a15579fec223229 C:\Program Files (x86)\IObit\Advanced SystemCare 6\rtl120.bpl
MD5: e73310d7895b2889a1f2a560285a68ee C:\Program Files (x86)\IObit\Advanced SystemCare 6\sqlite3.dll
MD5: 8290e04f8a4d9594bfb53d520b677b8a C:\Program Files (x86)\IObit\Advanced SystemCare 6\vcl120.bpl
MD5: 270ee43cc00609b9937aaf94e1e970d4 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
MD5: abcb4a6eab701c629378255abcb308e5 C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
MD5: 155915c088f11eeb9b342f4134f11c7e c:\program files (x86)\java\jre7\bin\ssv.dll
MD5: ef39cccc9ad927a25334ae0b41a8a343 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
MD5: 9275f02bea644f43a459e316a932658f C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
MD5: 65085456fd9a74d7f1a999520c299ecb C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
MD5: 6ded8fcbf5f1d9e422b327ca51625e24 C:\Program Files (x86)\Razer\Synapse\Ionic.Zip.dll
MD5: b89cb7f3f1a1e2807e708f5435deb13d C:\Program Files (x86)\Razer\Synapse\log4net.dll
MD5: 5bc05cd618ab73aee1a651cc7f26d3b5 C:\Program Files (x86)\Razer\Synapse\RazerProtocolDLL.dll
MD5: f0b417d16a2255a338a5b442b300be7c C:\Program Files (x86)\Razer\Synapse\RzCommon.dll
MD5: 433384bb549c2cd0e3169ff7a41e95d7 C:\Program Files (x86)\Razer\Synapse\rzdetmgr.dll
MD5: 0e78a4eb173786dcad8b5ddf6aed6811 C:\Program Files (x86)\Razer\Synapse\RzEmilySettings.dll
MD5: 0ad809d5af735d4e42aa7a12982f6ce2 C:\Program Files (x86)\Razer\Synapse\RzStorage.dll
MD5: 7c43ba4312d5170d045a06926a31defe C:\Program Files (x86)\Razer\Synapse\RzStorageIO.dll
MD5: 8432c6f95094a4a634e03f6162406f6f C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
MD5: 0d086803e8035497c1cb7909c2ecf321 C:\Program Files (x86)\Razer\Synapse\RzSynapseLoginUI.dll
MD5: 5207fc2cb90a89737cc60597ce29d096 C:\Program Files (x86)\Razer\Synapse\RzTrayMgr.dll
MD5: a1f7b1a57bcf1668ff69419c037f0b84 C:\Program Files (x86)\Razer\Synapse\RzUISdk.dll
MD5: 6fd36c3441a13d5d22301ef64bb484dc C:\Program Files (x86)\Razer\Synapse\RzUpdate.dll
MD5: 0a0a0183711efb04f9bcc32bb44471f2 C:\Program Files (x86)\Skype\Updater\Updater.exe
MD5: 2052b1d9b6a8f505aafee8caae99b115 C:\Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\npuplaypc.dll
MD5: a843fc35574ecfd9e7a41c5505a9921b C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
MD5: 2b2687d326eb5bb5c367473e033bbeec C:\Program Files (x86)\Windows Defender\MpOAV.dll
MD5: f2154a205f4b784b61a72aebc72bdc5f C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
MD5: 3609978b121faccb9388a98bed65b61b C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
MD5: f9d908de6b166dac9b89bf62fa291ce8 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: ebbcd5dfbb1de70e8f4af8fa59e401fd C:\Program Files\Bonjour\mDNSResponder.exe
MD5: 0a888754c63c3a5d8cd8f7492c62b40d C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MD5: 2872b90d57c8310194a78a9787406467 C:\Program Files\iPod\bin\iPodService.exe
MD5: 7cbb1d4d13dc62d7f529d87151fd3cd3 C:\Program Files\Windows Defender\mpsvc.dll
MD5: a9f3bfc9345f49614d5859ec95b9e994 C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: fe6c76a6909eccc7fa93a4d2cba7fad6 C:\ProgramData\Razer\Synapse\Devices\RazerConfigNative.dll
MD5: 7c428ebc7f035d54b36dc76b4a79dfb3 C:\ProgramData\Razer\Synapse\Modules\SystemInfo\RzSystemInfo.dll
MD5: 27c6e8965348f6b28534fd4b91f5f3da C:\ProgramData\Razer\Synapse\Modules\WoWSync\RzWoWSync.dll
MD5: 427c7159951e5a8d943aed5c81c40fb3 C:\ProgramData\Razer\Synapse\Modules\WoWSyncOrbWeaver\RzWoWSyncOrbweaver.dll
MD5: 4589cf3854b0e332e4e26211bcffeb1d C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\ASCPlugin_Protect.dll
MD5: 6677ef124913dcacc2078b27309edcac C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.131_0\npqscan.dll
MD5: ee1ff8f1b6861b195f744f8405e23b4d C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll
MD5: 0a9a1715abd3885578b939d9c9b6e20b C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7dd4cd3e4768d2aa55af60c838790088\PresentationFramework.Aero.ni.dll
MD5: eddcdd26baa6199bf957a1a65d791fe8 C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\d187afdee972b70222b76bd6aed1f742\PresentationFramework-SystemXml.ni.dll
MD5: 7dbccbc19fbf06809ea6d03ad89be700 C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\9010845c58c17f145b3e39c2d28c4869\PresentationFramework-SystemXmlLinq.ni.dll
MD5: c5ae8da4a3a797977efac6ec5582bc01 C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\775d60de39c6f0b49f1640c4e6c8de09\PresentationFramework.ni.dll
MD5: d46b32ae5e645263592a334036707299 C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8e3d6080e8eaaaf28389f3742ff9acdd\PresentationCore.ni.dll
MD5: da6ce6be24bff7c2da7bba28774458ea C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\176ea254700896ee68956986b947ea9b\SMDiagnostics.ni.dll
MD5: 2c9ada7e1af4f628fd16ca486dff9dc4 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\2fd755147672c80dd4b13978933f8a3d\System.Configuration.ni.dll
MD5: b265b209e1d71b5670b14302004a5cf7 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\a35e871c52b7a7aee64c969c02acfaa0\System.Core.ni.dll
MD5: f605ed324e3a2d97b491c91902914ad3 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\cceaf9d7891fc325a90473aa9a661661\System.Drawing.ni.dll
MD5: 565801e87454a8c6d03fe46d2466c3cf C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\e4d73111d4c76c446ad6a007302f5941\System.Management.ni.dll
MD5: 1300a5a116b92db9956ba45120a67671 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\a46953d62d9923cfd393cb102df2e6ad\System.Runtime.Serialization.ni.dll
MD5: dae23978e7524bc70fba3a768ed45672 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\72227d58a04b80252053352dead3b9a3\System.ServiceModel.Internals.ni.dll
MD5: 7246d1dacdf85518967c5b7d243a60a3 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\5f27b142c87d877c73ac245ab951a773\System.Windows.Forms.ni.dll
MD5: 3bfd303fbc91a04c422c39c17f79d02b C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f4fff5d6e716c439b944025d3994170d\System.Xaml.ni.dll
MD5: 49ef01c5554fb1868d025e73b8d17c0c C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\0e91ea226b5db1b422453e62a277736b\System.Xml.Linq.ni.dll
MD5: a8069712a287fcdaf476bfce2b46dc8c C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\82d58d49946f82eb56bae40f3b097784\System.Xml.ni.dll
MD5: d9be0cef248ec49a13f3e7141e494bfc C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ac79b74f022d9a096de2b884f4249543\System.ni.dll
MD5: 62a374d00ef0360d084ecc894b8facfa C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\f16e993b7058b005bbf273007fadf95b\UIAutomationTypes.ni.dll
MD5: f9614011c8c4fc2857a51427cfbd2907 C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\782db4c31adf3046c62e43b8f11453c1\WindowsBase.ni.dll
MD5: c4002b6b41975f057d98c439030cea07 C:\Windows\ehome\ehRecvr.exe
MD5: 332feab1435662fc6c672e25beb37be3 C:\Windows\Explorer.exe
MD5: 5988fc40f8db5b0739cd1e3a5d0d78bd C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
MD5: a8b7f3818ab65695e3a0bb3279f6dce6 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
MD5: 108fb6ddb69e537a2ea53f425363fae5 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
MD5: 86329c35ff23cfef0fb6c0023ba06bce C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
MD5: 5243cfc2e7161c91c2b355240035b9e4 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
MD5: d34eefd07a6578d9c4cf9c1a2f255468 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
MD5: e1b2bf9fb51d09e90edf75b1d9f968e9 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
MD5: ab22bff47d0c26749e4951680f64349c C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MD5: 9f781c881a9813cdf37b5e2f96097baa C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsecimpl.dll
MD5: 6d7c8a951af6ad6835c029b3cb88d333 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
MD5: 60a8f8bcb1b435bbcfc04cfa6b3bdf8e C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
MD5: b90b0d578e604897ad879c2823591f7e C:\Windows\Microsoft.NET\Framework\v4.0.30319\WMINet_Utils.dll
MD5: beda0dcdd857d44926e031cd019fbf0f C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
MD5: e50903982521cb2751b01a14169ba68c C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
MD5: 773212b2aaa24c1e31f10246b15b276c C:\Windows\servicing\TrustedInstaller.exe
MD5: 7812537eb7af2eaed650f06332a805fd C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
MD5: eb7ab4d04810406731fd34538e4b9a0c C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
MD5: e8a4bbdb754f4b02d435676e1da61625 C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
MD5: 502d593cb5380b28973367d02a561c2a C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
MD5: 3df0a5319da331d41fedcd19e7943407 C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: c6d2cbbf23f941a258e4c7acd91d2c54 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
MD5: 10e6e57e9969d65a204144733350cbfc C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
MD5: 679566981ad21a4a97b3ebdd02b90173 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
MD5: 9d0753e3338218a16db6064792d4a104 C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
MD5: c0f480030d210e00d13ff5652de09bc4 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: 2ef5989079a591fc8e0e1397ad0abccf C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
MD5: 070a8322a99c9896359a688c0f641e91 C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: 77c06a24bbff6910fa580deee7fa6860 C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
MD5: b5f32e970c316f18a2d371b0c6462493 C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 663ad6d905f8243f7128a5ff253cd539 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
MD5: 9366615015ae89730b120dfff84d398c C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
MD5: d8d8aace7e4adb74a2b5bcc4752d4551 C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: 6aff6341541922e8926b5d075b1b826f C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: dd96f6365b16e75a445f5799ef4c6e36 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: 26a6d505be05d3af660f810906907b8e C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
MD5: 4c94752c2f167cd5f2311bccc37700ff C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: f947fa55cb0404f107c3b96023584003 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
MD5: 48c4878254c6bfe8f1bd3e70ccbed090 C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
MD5: bd329655c141263797405fc26a02a53b C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: d3e8f9b8c009eb158a7d3afb159f4eeb C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: 2d7c3d32691bd5f77b02f404d56b3edb C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
MD5: 62c50b99d25813365fdeb39c43d9c655 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
MD5: 6a13b4f3b3f575f1e24b877b9359aaba C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
MD5: 49aca548b2423f1c67898e6ac719a9a6 C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
MD5: 2e33dfd10f28f86c3fc40ee123cc3904 C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
MD5: 1c60e09ca1c3a045bc4d367f67c915b7 C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
MD5: 60f4aefa103d421ea4a40e31409b4756 C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
MD5: 6951562dc4625eefc6eacd52ad165866 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MD5: 007863e45f25aa47a4c30d0930bbfd85 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
MD5: 589cbc4989f750e1da35625ab481cf43 C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
MD5: 3be0d923aa45a4dbe091c2d84f0b4fe7 C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
MD5: 2f75b73974ad36cfe84f86f766ca9fa0 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
MD5: 7f21da4760ce9b4b1b12cbc58c2a642a C:\Windows\System32\apisetschema.dll
MD5: ad7b9c14083b52bc532fba5948342b98 C:\Windows\system32\cmd.exe
MD5: 7ca1becea5de2643addad32670e7a4c9 C:\Windows\system32\cryptsvc.dll
MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\Windows\system32\dhcpcore.dll
MD5: 798de15f187c1f013095bbbeb6fb6197 C:\Windows\system32\drivers\ASIO.sys
MD5: 1392b92179b07b672720763d9b1028a5 C:\Windows\system32\drivers\ASUPIO.sys
MD5: 8b88ebbb05a0e56b7dcc708498c02b3e C:\Windows\system32\explorer.exe
MD5: eee470f2a771fc0b543bdeef74fceca0 C:\Windows\system32\msiexec.exe
MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 C:\Windows\System32\mswsock.dll
MD5: 0ba65122ffa7e37564ee86422dbf7ae8 C:\Windows\system32\NLAapi.dll
MD5: 528d298f9914c558ea7a9809be598e65 C:\Windows\System32\ntdll.dll
MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\Windows\system32\pla.dll
MD5: 205e1b699fd3f2f9b036eea2ec30c620 C:\Windows\system32\PnkBstrA.exe
MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\Windows\system32\provsvc.dll
MD5: 236f286e103fd44bd85fdd93097fd5dd C:\Windows\system32\SearchIndexer.exe
MD5: 4ae380f39a0032eab7dd953030b26d28 C:\Windows\system32\sessenv.dll
MD5: 414da952a35bf5d50192e28263b40577 C:\Windows\System32\shsvcs.dll
MD5: 613bf4820361543956909043a265c6ac C:\Windows\System32\tapisrv.dll
MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 C:\Windows\system32\userinit.exe
MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\Windows\System32\wcncsvc.dll
MD5: a9d880f97530d5b8fee278923349929d C:\Windows\System32\webclnt.dll
MD5: ca9f7888b524d8100b977c81f44c3234 C:\Windows\system32\winhttp.dll
MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\Windows\system32\WsmSvc.dll
MD5: d2958325c1ae1ae37a83334c6229e3bc C:\Windows\SysWOW64\actxprxy.dll
MD5: ae7b288233c212c62cd544bf768c45e6 C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
MD5: 95e2376b3323f062eb562b8586d0f14a C:\Windows\SysWOW64\advapi32.dll
MD5: 6a13b4f3b3f575f1e24b877b9359aaba C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
MD5: 49aca548b2423f1c67898e6ac719a9a6 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
MD5: 2e33dfd10f28f86c3fc40ee123cc3904 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
MD5: 1c60e09ca1c3a045bc4d367f67c915b7 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
MD5: 60f4aefa103d421ea4a40e31409b4756 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
MD5: 6951562dc4625eefc6eacd52ad165866 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MD5: 007863e45f25aa47a4c30d0930bbfd85 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
MD5: 589cbc4989f750e1da35625ab481cf43 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
MD5: 3be0d923aa45a4dbe091c2d84f0b4fe7 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
MD5: 863f793d15b4026b1a5fdeca873d4d84 C:\Windows\SysWOW64\apphelp.dll
MD5: 8128b54eaa48f9c06b19a86c87752996 C:\Windows\SysWOW64\AsIO.dll
MD5: 1b6db29c92ed8799c56f618e755f5bf9 C:\Windows\SysWOW64\aticfx32.dll
MD5: 440db964613838f1155c230795fa5107 C:\Windows\SysWOW64\atiu9pag.dll
MD5: 0f18647b4c0212e364f53321dde0d54b C:\Windows\SysWOW64\atiumdag.dll
MD5: 526e72daf26a10ea82cad43e47f3e055 C:\Windows\SysWOW64\atiumdva.dll
MD5: d57e158710910e06ea82dc1263ddfdca C:\Windows\SysWOW64\atiuxpag.dll
MD5: c940f2f5c60b3727c5f18840735b229c C:\Windows\SysWOW64\AudioSes.dll
MD5: f436e847fa799ecd75ad8c313673f450 C:\Windows\SysWOW64\cfgmgr32.dll
MD5: d1de1eafde97be41cf6585027ff3e732 C:\Windows\SysWOW64\comdlg32.dll
MD5: 4e5fe39c1076d115ec8bfcfe14d75b80 C:\Windows\SysWOW64\credssp.dll
MD5: ae8eb083b050e17a7d6eb5e28aecddd6 C:\Windows\SysWOW64\crypt32.dll
MD5: 7b851a8018b1ea00a69707a390004884 C:\Windows\SysWOW64\cryptnet.dll
MD5: 465bea35f7ed4a4a57686dea7ea10f47 C:\Windows\SysWOW64\cscapi.dll
MD5: 6de66fe7c526637e74cd066461c7c871 C:\Windows\SysWOW64\d3d11.dll
MD5: 6ef5f3f18413c367195f06e503ab86a6 C:\Windows\SysWOW64\d3d9.dll
MD5: 53223b673a3fa2f9a4d1c31c8d3f6cd8 C:\Windows\SysWOW64\dbghelp.dll
MD5: 2eeff4502f5e13b1bed4a04ccad64c08 C:\Windows\SysWOW64\devobj.dll
MD5: 162d247e995eaebf3ef4289069e1111c C:\Windows\SysWOW64\devrtl.dll
MD5: 81f6c1ae23b1c493d9e996c3103915d7 C:\Windows\SysWOW64\dhcpcsvc6.dll
MD5: 5e08ac958be05247ff1539e0d1ce7905 C:\Windows\SysWOW64\dinput8.dll
MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\Windows\SysWOW64\dnsapi.dll
MD5: 062373995eae5f0eac9eaa9192136bfb C:\Windows\SysWOW64\dnssd.dll
MD5: 4bfb41025fa1c37205edeefde36f7771 C:\Windows\SysWow64\drivers\AiChargerPlus.sys
MD5: 798de15f187c1f013095bbbeb6fb6197 C:\Windows\SysWow64\drivers\AsIO.sys
MD5: 1392b92179b07b672720763d9b1028a5 C:\Windows\SysWow64\drivers\AsUpIO.sys
MD5: a5e4cdb420540095d1293c874b5f89aa C:\Windows\SysWow64\drivers\ASUSFILTER.sys
MD5: 1c0e369575f387460e2a5f28269b2cc4 C:\Windows\SysWOW64\DWrite.dll
MD5: d4f264fe23f8953d840904418220c15e C:\Windows\SysWOW64\dxgi.dll
MD5: 53af1750fd45ddd705c9b68c7dc58827 C:\Windows\SysWOW64\evr.dll
MD5: e2a17bcc08d92f42e08af6ba2f93aba7 C:\Windows\SysWOW64\ExplorerFrame.dll
MD5: 03a03a453f1aaae0c73aaaf895321c7a C:\Windows\SysWOW64\FWPUCLNT.DLL
MD5: d6d3ad7bf1d6f6ce9547613ed5e170a2 C:\Windows\SysWOW64\gdi32.dll
MD5: e9bcb6728dd04412bf87f03db00de1cf C:\Windows\SysWOW64\ieframe.dll
MD5: d0e0086ba353c379dcfe8624e8b8f17a C:\Windows\SysWOW64\iertutil.dll
MD5: b2db6aba2e292235749b80a9c3dfa867 C:\Windows\SysWOW64\imagehlp.dll
MD5: a6f09e5669d9a19035f6d942caa15882 C:\Windows\SysWOW64\imm32.dll
MD5: a90dc9abd65db1a8902f361103029952 C:\Windows\SysWOW64\IPHLPAPI.DLL
MD5: 1c83426a51ad83b5e788b6cf143b48d8 C:\Windows\SysWOW64\jscript.dll
MD5: ac0b6f41882fc6ed186962d770ebf1d2 C:\Windows\SysWOW64\kernel32.dll
MD5: e954a79d6a754a5475582caced1565e6 C:\Windows\SysWOW64\KernelBase.dll
MD5: 0c8597dbc74aaf5179471ba013e3c6b4 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
MD5: fdba1dec4f9be4274a00b9b850c63484 C:\Windows\SysWOW64\mf.dll
MD5: 2a2c442f00b45e01d4c882eea69a01bc C:\Windows\SysWOW64\mfc100enu.dll
MD5: f3de10aabd5c7a1a186c9966f037d0c0 C:\Windows\SysWOW64\mfc100u.dll
MD5: dc6612a9ee015a36ba2a27bc9cc12537 C:\Windows\SysWOW64\mfc42.dll
MD5: 243974ec02f7ae49e4179c54624143ab C:\Windows\SysWOW64\MMDevAPI.dll
MD5: 938f39b50bafe13d6f58c7790682c010 C:\Windows\SysWOW64\msasn1.dll
MD5: 7f8678c59f188528d60104e697c2361e C:\Windows\SysWOW64\mscms.dll
MD5: d83947a58613e9091b4c9cc0f1546a8d C:\Windows\SysWOW64\mscoree.dll
MD5: 45fb05f743e626d9e239e52602cea041 C:\Windows\SysWOW64\msctfui.dll
MD5: a6c29db53eca94fa8591c5388d604b82 C:\Windows\SysWOW64\msi.dll
MD5: c5413bc4f10ceb4c3070bbf04d324117 C:\Windows\SysWOW64\msisip.dll
MD5: 600a65f922ccdcbb2d11467914241556 C:\Windows\SysWOW64\msmpeg2vdec.dll
MD5: c5a99a4c0dc9f0f5a95ba0c83d30a549 C:\Windows\SysWOW64\mstask.dll
MD5: bc83108b18756547013ed443b8cdb31b C:\Windows\SysWOW64\msvcp100.dll
MD5: 0e37fbfa79d349d672456923ec5fbbe3 C:\Windows\SysWOW64\msvcr100.dll
MD5: 956b6aca4eff31046403f0dd6235332e C:\Windows\SysWOW64\msvcr110_clr0400.dll
MD5: 9dc80a8aaaaac397bdab3c67165a824e C:\Windows\SysWOW64\msvcrt.dll
MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 C:\Windows\SysWOW64\mswsock.dll
MD5: 21d3a18769ec2c4e56756d04e989a221 C:\Windows\SysWOW64\msxml3.dll
MD5: bf6d6ed5fadceee885bd0144ecf1ba27 C:\Windows\SysWOW64\ncrypt.dll
MD5: 2fca0d2c59a855c54bafa22aa329df0f C:\Windows\SysWOW64\netapi32.dll
MD5: 20b3934db73eaba2b49b7177873cb81f C:\Windows\SysWOW64\netutils.dll
MD5: 0ba65122ffa7e37564ee86422dbf7ae8 C:\Windows\SysWOW64\nlaapi.dll
MD5: d7324eb1edcb8990f8522de0311359e9 C:\Windows\SysWOW64\npDeployJava1.dll
MD5: 528d298f9914c558ea7a9809be598e65 C:\Windows\SysWOW64\ntdll.dll
MD5: 03f3b770dfbed6131653ceda8ca780f0 C:\Windows\SysWOW64\ntshrui.dll
MD5: 7d34af98a706230cc2dedfe0cabf87ab C:\Windows\SysWOW64\odbc32.dll
MD5: 928cf7268086631f54c3d8e17238c6dd C:\Windows\SysWOW64\ole32.dll
MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\Windows\SysWOW64\oleacc.dll
MD5: 6c765e82b57f2e66ce9c54ac238471d9 C:\Windows\SysWOW64\oleaut32.dll
MD5: 703ffd301ab900b047337c5d40fd6f96 C:\Windows\SysWOW64\olepro32.dll
MD5: 205e1b699fd3f2f9b036eea2ec30c620 C:\Windows\SysWOW64\PnkBstrA.exe
MD5: a94f26f3ac78b6c7570a654e0347bde8 C:\Windows\SysWOW64\powrprof.dll
MD5: 12c45e3cb6d65f73209549e2d02eca7a C:\Windows\SysWOW64\propsys.dll
MD5: 4dc999ced9429939d75682ebd7d48901 C:\Windows\SysWOW64\rpcrt4.dll
MD5: 5997d769cdb108390dcfaebf442bf816 C:\Windows\SysWOW64\RpcRtRemote.dll
MD5: 0915c4db6dbc3bb9e11b7ecbbe4b7159 C:\Windows\SysWOW64\rtutils.dll
MD5: 50c5b31ce6066ae8d6e949c1ce74747c C:\Windows\SysWOW64\rzaudiodll.dll
MD5: f03e13d522754042e213c19881c24c9b C:\Windows\SysWOW64\rzdevicedll.dll
MD5: ce71f4a096ed26bb9b4bdcd89d7da420 C:\Windows\SysWOW64\rzdevinfo.dll
MD5: 68ecca523ed760aafc03c5d587569859 C:\Windows\SysWOW64\samcli.dll
MD5: af78f66116814fdd6677cebd73035cdd C:\Windows\SysWOW64\schannel.dll
MD5: a113afeed3159a1ed52d78cb0226006d C:\Windows\SysWOW64\secur32.dll
MD5: 10fb16b50affda6d44588f3c445dc273 C:\Windows\SysWOW64\setupapi.dll
MD5: 1f05f5a16881cd928c82d53cefcf4477 C:\Windows\SysWOW64\shdocvw.dll
MD5: 565d78187494fb5f08b5a52deb2aea7a C:\Windows\SysWOW64\shell32.dll
MD5: 8cc3c111d653e96f3ea1590891491d71 C:\Windows\SysWOW64\shlwapi.dll
MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\Windows\SysWOW64\srvcli.dll
MD5: bfb26890612fb8ae8b0463ebebe84b7e C:\Windows\SysWOW64\sspicli.dll
MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\Windows\SysWOW64\sxs.dll
MD5: 5e56e7cf5e0bfed9001539efdd7d7999 C:\Windows\SysWOW64\traffic.dll
MD5: 954ea9b34f155c844b11f4047a8f6f89 C:\Windows\SysWOW64\upnp.dll
MD5: 059fc59f97a6220c46a612a9470a00b3 C:\Windows\SysWOW64\urlmon.dll
MD5: 5e0db2d8b2750543cd2ebb9ea8e6cdd3 C:\Windows\SysWOW64\user32.dll
MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\Windows\SysWOW64\userenv.dll
MD5: b7230010d97787af3d25e4c82f2b06b9 C:\Windows\SysWOW64\usp10.dll
MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\Windows\SysWOW64\wbem\fastprox.dll
MD5: 704314fd398c81d5f342caa5df7b7f21 C:\Windows\SysWOW64\wbemcomn.dll
MD5: fb19fc5951a88f3c523e35c2c98d23c0 C:\Windows\SysWOW64\webio.dll
MD5: 5b2e4e90c04fb9ae9f2c5e99ff59b283 C:\Windows\SysWOW64\WindowsCodecs.dll
MD5: 2875b386b45b8a77e2343c5e129ae50c C:\Windows\SysWOW64\WindowsPowerShell\v1.0\pwrshsip.dll
MD5: ca9f7888b524d8100b977c81f44c3234 C:\Windows\SysWOW64\winhttp.dll
MD5: daa3903f06116ae9ee7ac1d1b93684a4 C:\Windows\SysWOW64\wininet.dll
MD5: d5aefad57c08349a4393d987df7c715d C:\Windows\SysWOW64\winmm.dll
MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 C:\Windows\SysWOW64\winspool.drv
MD5: 418e881201583a3039d81f43e39e6c78 C:\Windows\SysWOW64\winsta.dll
MD5: 68eaaedf0365168b804e8728368fa946 C:\Windows\SysWOW64\wintrust.dll
MD5: e5a4a1326a02f8e7b59e6c3270ce7202 C:\Windows\SysWOW64\wkscli.dll
MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\Windows\SysWOW64\Wldap32.dll
MD5: 907281ed4ad35d41b29ffdc211ebad80 C:\Windows\SysWOW64\wmi.dll
MD5: 43c9cf6825cea58f1815b7c3dbbb385c C:\Windows\SysWOW64\Wpc.dll
MD5: 181f69bc9c406b7fb5c0ade8031630ac C:\Windows\SysWOW64\wpdshext.dll
MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\Windows\SysWOW64\ws2_32.dll
MD5: a8cdf3768604ff95b54669e20053d569 C:\Windows\SysWOW64\wscapi.dll
MD5: e8f6851e4600cd3674422487ee240941 C:\Windows\SysWOW64\wshext.dll
MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\Windows\SysWOW64\wtsapi32.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MD5: bdac1aa64495d0f7e1ff810ebbf1f018 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MD5: 352b3dc62a0d259a82a052238425c872 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MD5: 84174ca0e190bb9d1efd0f005fe13b35 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll


No file uploaded.

Scan finished - communication took 5 sec
Total traffic - 0.02 MB sent, 1.36 KB recvd
Scanned 528 files and modules - 23 seconds

==============================================================================


ComboFix Log:

ComboFix 13-09-02.02 - Timothy 04/09/2013 13:52:06.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.61.1033.18.16283.14153 [GMT 10:00]
Running from: c:\users\Timothy\Downloads\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Timothy\AppData\Roaming\poclbm
c:\users\Timothy\AppData\Roaming\poclbm\poclbm_scrypt.ini
.
.
((((((((((((((((((((((((( Files Created from 2013-08-04 to 2013-09-04 )))))))))))))))))))))))))))))))
.
.
2013-09-04 03:56 . 2013-09-04 03:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-03 19:14 . 2013-09-03 19:14 -------- d-----w- c:\program files (x86)\ESET
2013-09-03 06:35 . 2013-09-03 06:35 -------- d-----w- c:\users\Timothy\AppData\Roaming\QuickScan
2013-08-31 09:10 . 2013-08-31 09:10 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-31 09:10 . 2013-08-31 09:10 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-31 09:10 . 2013-08-31 09:10 -------- d-----w- c:\windows\system32\Macromed
2013-08-31 09:05 . 2013-08-31 09:05 -------- d-----w- c:\windows\SysWow64\Adobe
2013-08-31 01:07 . 2013-08-31 01:07 -------- d-----w- c:\windows\ERUNT
2013-08-31 01:00 . 2013-08-31 01:46 -------- d-----w- C:\AdwCleaner
2013-08-31 00:54 . 2013-08-31 00:54 -------- d-----w- C:\_OTL
2013-08-27 08:43 . 2013-08-27 08:43 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-08-27 08:43 . 2013-08-27 08:43 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-08-15 10:00 . 2013-08-28 09:28 -------- d-----w- c:\users\Timothy\AppData\Local\PAYDAY 2
2013-08-15 05:36 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-08-15 05:36 . 2013-07-09 05:46 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-08-15 05:36 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-08-15 05:36 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-04 03:36 . 2013-02-23 13:41 1048576 ----a-w- c:\windows\PE_Rom.dll
2013-08-30 08:27 . 2013-03-09 03:16 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-08-30 08:27 . 2013-03-08 13:13 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-08-30 08:27 . 2013-03-08 13:13 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-08-15 17:00 . 2013-02-23 23:53 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-07-31 07:31 . 2013-07-31 07:31 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-07-31 07:31 . 2013-07-31 07:31 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-07-31 07:30 . 2013-07-31 07:30 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-07-31 07:30 . 2013-07-31 07:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-07-31 07:30 . 2013-07-31 07:30 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-07-31 07:30 . 2013-07-31 07:30 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-07-25 03:38 . 2013-07-25 03:38 296448 ----a-w- c:\windows\SysWow64\rzaudiodll.dll
2013-07-24 00:39 . 2013-07-24 00:39 157736 ----a-w- c:\windows\system32\amdhcp64.dll
2013-07-24 00:39 . 2013-07-24 00:39 142304 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2013-07-24 00:39 . 2013-07-24 00:39 78432 ----a-w- c:\windows\system32\atimpc64.dll
2013-07-24 00:39 . 2013-07-24 00:39 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2013-07-24 00:39 . 2013-07-24 00:39 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2013-07-24 00:39 . 2013-07-24 00:39 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2013-07-24 00:39 . 2013-07-24 00:39 126336 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2013-07-24 00:39 . 2013-03-21 06:42 143304 ----a-w- c:\windows\system32\atiuxp64.dll
2013-07-24 00:39 . 2013-07-24 00:39 115512 ----a-w- c:\windows\system32\atiu9p64.dll
2013-07-24 00:39 . 2013-04-16 14:53 98496 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2013-07-24 00:39 . 2013-03-21 06:42 1251120 ----a-w- c:\windows\system32\aticfx64.dll
2013-07-24 00:39 . 2013-04-16 14:53 1043000 ----a-w- c:\windows\SysWow64\aticfx32.dll
2013-07-24 00:39 . 2013-03-21 06:41 9066784 ----a-w- c:\windows\system32\atidxx64.dll
2013-07-24 00:39 . 2013-07-24 00:39 7918816 ----a-w- c:\windows\SysWow64\atidxx32.dll
2013-07-24 00:38 . 2013-04-16 14:53 6475232 ----a-w- c:\windows\SysWow64\atiumdva.dll
2013-07-24 00:38 . 2013-04-16 14:53 6532912 ----a-w- c:\windows\SysWow64\atiumdag.dll
2013-07-24 00:38 . 2013-07-24 00:38 7093744 ----a-w- c:\windows\system32\atiumd6a.dll
2013-07-24 00:38 . 2013-07-24 00:38 7607720 ----a-w- c:\windows\system32\atiumd64.dll
2013-07-24 00:36 . 2013-07-24 00:36 12721664 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2013-07-24 00:19 . 2013-07-24 00:19 229376 ----a-w- c:\windows\system32\clinfo.exe
2013-07-24 00:18 . 2013-07-24 00:18 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2013-07-24 00:18 . 2013-07-24 00:18 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2013-07-24 00:18 . 2013-07-24 00:18 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2013-07-24 00:18 . 2013-07-24 00:18 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2013-07-24 00:18 . 2013-07-24 00:18 28193280 ----a-w- c:\windows\system32\amdocl64.dll
2013-07-24 00:16 . 2013-07-24 00:16 129536 ----a-w- c:\windows\system32\coinst_13.20.dll
2013-07-24 00:16 . 2013-07-24 00:16 23761408 ----a-w- c:\windows\SysWow64\amdocl.dll
2013-07-24 00:14 . 2013-07-24 00:14 63488 ----a-w- c:\windows\system32\OpenCL.dll
2013-07-24 00:14 . 2013-07-24 00:14 57344 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-07-24 00:04 . 2013-07-24 00:04 368640 ----a-w- c:\windows\system32\atiapfxx.exe
2013-07-24 00:03 . 2013-07-24 00:03 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2013-07-24 00:03 . 2013-07-24 00:03 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2013-07-24 00:03 . 2013-07-24 00:03 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2013-07-24 00:03 . 2013-07-24 00:03 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2013-07-24 00:03 . 2013-07-24 00:03 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2013-07-24 00:00 . 2013-07-24 00:00 25609728 ----a-w- c:\windows\system32\atio6axx.dll
2013-07-24 00:00 . 2013-07-24 00:00 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2013-07-23 23:42 . 2013-07-23 23:42 442368 ----a-w- c:\windows\system32\atidemgy.dll
2013-07-23 23:41 . 2013-07-23 23:41 26112 ----a-w- c:\windows\system32\atimuixx.dll
2013-07-23 23:41 . 2013-07-23 23:41 21624832 ----a-w- c:\windows\SysWow64\atioglxx.dll
2013-07-23 23:41 . 2013-07-23 23:41 574976 ----a-w- c:\windows\system32\atieclxx.exe
2013-07-23 23:40 . 2013-07-23 23:40 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2013-07-23 23:39 . 2013-07-23 23:39 190976 ----a-w- c:\windows\system32\atitmm64.dll
2013-07-23 23:11 . 2013-07-23 23:11 1091584 ----a-w- c:\windows\system32\atiadlxx.dll
2013-07-23 23:11 . 2013-07-23 23:11 824320 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2013-07-23 23:10 . 2013-07-23 23:10 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2013-07-23 23:10 . 2013-07-23 23:10 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2013-07-23 23:10 . 2013-07-23 23:10 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2013-07-23 23:10 . 2013-07-23 23:10 100352 ----a-w- c:\windows\system32\atig6txx.dll
2013-07-23 23:10 . 2013-07-23 23:10 96768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2013-07-23 23:10 . 2013-07-23 23:10 617472 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2013-07-23 23:08 . 2013-07-23 23:08 95744 ----a-w- c:\windows\system32\amdave64.dll
2013-07-23 23:08 . 2013-07-23 23:08 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
2013-07-23 23:08 . 2013-07-23 23:08 89088 ----a-w- c:\windows\system32\atisamu64.dll
2013-07-23 23:07 . 2013-07-23 23:07 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2013-07-23 23:06 . 2013-07-23 23:06 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2013-07-23 10:29 . 2013-07-23 10:29 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2013-07-23 10:24 . 2013-07-23 10:24 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2013-07-23 10:16 . 2013-07-23 10:14 2538960 ----a-w- c:\windows\PE_File.dll
2013-07-19 15:51 . 2013-07-19 15:51 311608 ----a-w- c:\windows\system32\drivers\avgloga.sys
2013-07-19 15:50 . 2013-07-19 15:50 71480 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2013-07-19 15:50 . 2013-07-19 15:50 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-07-19 15:50 . 2013-07-19 15:50 206648 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2013-07-18 05:02 . 2013-07-18 05:02 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-18 05:02 . 2013-02-24 04:44 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-07-18 05:02 . 2013-02-24 04:44 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-07-16 02:10 . 2013-07-16 02:10 57344 ----a-w- c:\windows\SysWow64\rzdevinfo.dll
2013-07-16 02:10 . 2013-07-16 02:10 154112 ----a-w- c:\windows\SysWow64\rztouchdll.dll
2013-07-16 02:10 . 2013-07-16 02:10 117248 ----a-w- c:\windows\SysWow64\rzdisplaydll.dll
2013-07-16 02:10 . 2013-07-16 02:10 772608 ----a-w- c:\windows\SysWow64\rzdevicedll.dll
2013-07-10 06:29 . 2013-07-10 06:29 39096 ----a-w- c:\windows\system32\drivers\rzendpt.sys
2013-07-10 06:29 . 2013-07-10 06:29 137400 ----a-w- c:\windows\system32\drivers\rzudd.sys
2013-07-09 15:32 . 2013-07-09 15:32 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-07-09 04:45 . 2013-08-15 05:35 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-07 04:59 . 2013-07-07 05:03 140288 ----a-w- c:\windows\SysWow64\COMDLG32.OCX
2013-07-07 04:59 . 2001-05-21 01:46 140288 ----a-w- c:\windows\system32\COMDLG32.OCX
2013-07-05 08:40 . 2013-07-05 08:40 96256 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
2013-07-05 08:40 . 2013-07-05 08:40 110080 ----a-w- c:\windows\system32\DelayAPO.dll
2013-06-30 15:45 . 2013-06-30 15:45 116536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2012-08-20 550272]
"ASUS WiFi GO! FileTransfer Execute"="c:\program files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe" [2012-07-12 1384608]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2013-07-23 606056]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-06-30 4411440]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-07-23 766208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 atillk64;atillk64; [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 CorsairAudioFilter;Corsair Audio Filtering Service;c:\windows\system32\DRIVERS\corsveng2kamd64.sys;c:\windows\SYSNATIVE\DRIVERS\corsveng2kamd64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 GPCIDrv;GPCIDrv; [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Corsair\CorsairLINK2\CorsairLINK_HardwareMonitor.sys;c:\program files (x86)\Corsair\CorsairLINK2\CorsairLINK_HardwareMonitor.sys [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.19\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.01.19\AsusFanControlService.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S3 AiChargerPlus;AiChargerPlus;SysWow64\drivers\AiChargerPlus.sys;SysWow64\drivers\AiChargerPlus.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-30 15:25 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-08-07 6827664]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://au.search.yahoo.com?type=198484&fr=spigot-yhp-ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 198.142.0.51 211.29.132.12 198.142.235.14
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}"=hex:51,66,7a,6c,4c,1d,38,12,c0,08,7b,
68,6e,2b,53,0b,f0,d2,a5,e5,25,9d,9d,3c
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}"=hex:51,66,7a,6c,4c,1d,38,12,e3,94,1f,
be,3b,97,d8,0c,d0,f4,c8,9e,21,03,83,f2
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:24,2b,8a,db,82,a5,ce,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5f,73,cf,13,1b,73,cd,48,89,ba,71,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5f,73,cf,13,1b,73,cd,48,89,ba,71,\
.
[HKEY_USERS\S-1-5-21-1820716277-370758180-2689453388-1000\Software\SecuROM\License information*]
"datasecu"=hex:5e,98,6c,8e,67,c0,f2,ab,e8,d5,09,7e,df,94,18,a9,f2,6b,06,f8,bb,
b3,d8,92,a9,49,2f,2f,8b,57,db,34,ce,af,15,72,4c,53,e1,75,06,d9,ba,88,6a,fe,\
"rkeysecu"=hex:af,69,27,56,ff,16,91,0d,3f,65,b4,b4,58,2e,58,07
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:6a,09,03,51,49,73,d4,d4,ee,d3,dd,ab,a2,3b,dd,9e,2d,36,63,e3,b0,
d6,a6,44,bd,27,1f,63,f3,ea,5c,fc,60,fe,c3,a3,73,ae,9a,65,6f,4e,de,6a,6f,65,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
c:\program files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
c:\program files (x86)\ASUS\AI Suite II\AI Suite II.exe
c:\program files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Completion time: 2013-09-04 14:01:30 - machine was rebooted
ComboFix-quarantined-files.txt 2013-09-04 04:01
.
Pre-Run: 764,328,636,416 bytes free
Post-Run: 764,506,427,392 bytes free
.
- - End Of File - - 104B8CB91CA235999673A7DDAD56CCE6
A36C5E4F47E84449FF07ED3517B43A31


TDSSKiller:

14:05:35.0681 3128 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:05:36.0790 3128 ============================================================
14:05:36.0790 3128 Current date / time: 2013/09/04 14:05:36.0790
14:05:36.0790 3128 SystemInfo:
14:05:36.0790 3128
14:05:36.0790 3128 OS Version: 6.1.7601 ServicePack: 1.0
14:05:36.0790 3128 Product type: Workstation
14:05:36.0790 3128 ComputerName: SIKORSKY14
14:05:36.0790 3128 UserName: Timothy
14:05:36.0790 3128 Windows directory: C:\Windows
14:05:36.0790 3128 System windows directory: C:\Windows
14:05:36.0790 3128 Running under WOW64
14:05:36.0790 3128 Processor architecture: Intel x64
14:05:36.0790 3128 Number of processors: 8
14:05:36.0790 3128 Page size: 0x1000
14:05:36.0790 3128 Boot type: Normal boot
14:05:36.0790 3128 ============================================================
14:05:37.0621 3128 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:05:37.0627 3128 ============================================================
14:05:37.0627 3128 \Device\Harddisk0\DR0:
14:05:37.0627 3128 MBR partitions:
14:05:37.0627 3128 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:05:37.0627 3128 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
14:05:37.0627 3128 ============================================================
14:05:37.0646 3128 C: <-> \Device\Harddisk0\DR0\Partition2
14:05:37.0646 3128 ============================================================
14:05:37.0646 3128 Initialize success
14:05:37.0646 3128 ============================================================
14:06:09.0149 3200 ============================================================
14:06:09.0149 3200 Scan started
14:06:09.0149 3200 Mode: Manual; SigCheck; TDLFS;
14:06:09.0149 3200 ============================================================
14:06:09.0621 3200 ================ Scan system memory ========================
14:06:09.0621 3200 System memory - ok
14:06:09.0621 3200 ================ Scan services =============================
14:06:09.0720 3200 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:06:09.0775 3200 1394ohci - ok
14:06:09.0791 3200 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:06:09.0801 3200 ACPI - ok
14:06:09.0815 3200 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:06:09.0857 3200 AcpiPmi - ok
14:06:09.0956 3200 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:06:09.0963 3200 AdobeARMservice - ok
14:06:09.0969 3200 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:06:09.0981 3200 adp94xx - ok
14:06:09.0986 3200 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:06:09.0995 3200 adpahci - ok
14:06:09.0999 3200 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:06:10.0007 3200 adpu320 - ok
14:06:10.0066 3200 [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
14:06:10.0077 3200 AdvancedSystemCareService6 - ok
14:06:10.0088 3200 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:06:10.0118 3200 AeLookupSvc - ok
14:06:10.0163 3200 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:06:10.0181 3200 AFD - ok
14:06:10.0192 3200 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:06:10.0199 3200 agp440 - ok
14:06:10.0247 3200 [ 4BFB41025FA1C37205EDEEFDE36F7771 ] AiChargerPlus C:\Windows\syswow64\drivers\AiChargerPlus.sys
14:06:10.0259 3200 AiChargerPlus - ok
14:06:10.0271 3200 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:06:10.0279 3200 ALG - ok
14:06:10.0286 3200 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:06:10.0292 3200 aliide - ok
14:06:10.0325 3200 [ 6FBCC488A8E6849A2DCF05A562537873 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:06:10.0350 3200 AMD External Events Utility - ok
14:06:10.0390 3200 AMD FUEL Service - ok
14:06:10.0401 3200 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:06:10.0407 3200 amdide - ok
14:06:10.0423 3200 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
14:06:10.0430 3200 amdiox64 - ok
14:06:10.0454 3200 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:06:10.0461 3200 AmdK8 - ok
14:06:10.0617 3200 [ D87900C55B1199E533C80A05C94C098F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:06:10.0725 3200 amdkmdag - ok
14:06:10.0750 3200 [ 817E188279A3FFB2A1C8CEDDC744E4F2 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:06:10.0768 3200 amdkmdap - ok
14:06:10.0789 3200 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:06:10.0809 3200 AmdPPM - ok
14:06:10.0836 3200 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:06:10.0842 3200 amdsata - ok
14:06:10.0860 3200 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:06:10.0868 3200 amdsbs - ok
14:06:10.0879 3200 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:06:10.0885 3200 amdxata - ok
14:06:10.0919 3200 [ EE4797DFEBBE8ACDB548DD8E80BE0A88 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
14:06:10.0926 3200 amd_sata - ok
14:06:10.0932 3200 [ D56EAD71A86FD2ACAE2DB47D0A6A3A41 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
14:06:10.0937 3200 amd_xata - ok
14:06:10.0947 3200 [ F2154A205F4B784B61A72AEBC72BDC5F ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
14:06:10.0952 3200 AODDriver4.2 - ok
14:06:10.0976 3200 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:06:10.0997 3200 AppID - ok
14:06:11.0013 3200 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:06:11.0034 3200 AppIDSvc - ok
14:06:11.0057 3200 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
14:06:11.0074 3200 Appinfo - ok
14:06:11.0120 3200 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:06:11.0127 3200 Apple Mobile Device - ok
14:06:11.0153 3200 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:06:11.0182 3200 AppMgmt - ok
14:06:11.0185 3200 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:06:11.0191 3200 arc - ok
14:06:11.0194 3200 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:06:11.0201 3200 arcsas - ok
14:06:11.0237 3200 [ EB6DC008A1F36DFD7999EB57E97EAACE ] asahci64 C:\Windows\system32\DRIVERS\asahci64.sys
14:06:11.0243 3200 asahci64 - ok
14:06:11.0287 3200 [ 31E2470E61D5A390405BA41C279D8446 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
14:06:11.0301 3200 asComSvc - ok
14:06:11.0319 3200 [ 0466B91EE5767A769E9F8EDB8EF94DDB ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
14:06:11.0333 3200 asHmComSvc - ok
14:06:11.0343 3200 [ 798DE15F187C1F013095BBBEB6FB6197 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
14:06:11.0349 3200 AsIO - ok
14:06:11.0362 3200 [ 22842362DF890F5492F85AA60916A697 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
14:06:11.0395 3200 asmthub3 - ok
14:06:11.0410 3200 [ 08E2D77766CC05E75A0707207D9FC684 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
14:06:11.0436 3200 asmtxhci - ok
14:06:11.0515 3200 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:06:11.0523 3200 aspnet_state - ok
14:06:11.0556 3200 [ AD8947D621FDCA48F1F39F4624B60AA1 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
14:06:11.0563 3200 AsSysCtrlService - ok
14:06:11.0583 3200 [ 1392B92179B07B672720763D9B1028A5 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
14:06:11.0589 3200 AsUpIO - ok
14:06:11.0630 3200 [ 96760A3494B1F95A25A83A3A3FFA6436 ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.19\AsusFanControlService.exe
14:06:11.0640 3200 AsusFanControlService - ok
14:06:11.0661 3200 [ A5E4CDB420540095D1293C874B5F89AA ] ASUSFILTER C:\Windows\syswow64\drivers\ASUSFILTER.sys
14:06:11.0667 3200 ASUSFILTER - ok
14:06:11.0692 3200 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:06:11.0714 3200 AsyncMac - ok
14:06:11.0716 3200 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:06:11.0723 3200 atapi - ok
14:06:11.0741 3200 [ 37CB595C0AB20ECBFA5170D3185690DB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
14:06:11.0770 3200 AtiHDAudioService - ok
14:06:11.0786 3200 atillk64 - ok
14:06:11.0814 3200 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:06:11.0839 3200 AudioEndpointBuilder - ok
14:06:11.0846 3200 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:06:11.0870 3200 AudioSrv - ok
14:06:11.0966 3200 [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
14:06:12.0020 3200 AVGIDSAgent - ok
14:06:12.0044 3200 [ 241C32E942869FD1351CC5864976C3AC ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
14:06:12.0052 3200 AVGIDSDriver - ok
14:06:12.0062 3200 [ C8D9EEACF266512C1FA52E2ECF5AD944 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
14:06:12.0068 3200 AVGIDSHA - ok
14:06:12.0100 3200 [ FACD18A89FDEBC35C85CAF762B294BE2 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
14:06:12.0108 3200 Avgldx64 - ok
14:06:12.0145 3200 [ 29FCDEAC6086FB7E55344B51E35D99CE ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
14:06:12.0154 3200 Avgloga - ok
14:06:12.0167 3200 [ 85053293DCDE19829E8691A9E9E8A6FF ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
14:06:12.0174 3200 Avgmfx64 - ok
14:06:12.0216 3200 [ 0638096A30B7081DAACB8DCC39BD16EF ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
14:06:12.0223 3200 Avgrkx64 - ok
14:06:12.0236 3200 [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
14:06:12.0244 3200 Avgtdia - ok
14:06:12.0267 3200 [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
14:06:12.0276 3200 avgwd - ok
14:06:12.0299 3200 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:06:12.0327 3200 AxInstSV - ok
14:06:12.0359 3200 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:06:12.0386 3200 b06bdrv - ok
14:06:12.0396 3200 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:06:12.0404 3200 b57nd60a - ok
14:06:12.0419 3200 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:06:12.0444 3200 BDESVC - ok
14:06:12.0456 3200 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:06:12.0491 3200 Beep - ok
14:06:12.0514 3200 [ 06C1E887BF34C0E31EB8E2C999E4842F ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
14:06:12.0527 3200 BEService ( UnsignedFile.Multi.Generic ) - warning
14:06:12.0527 3200 BEService - detected UnsignedFile.Multi.Generic (1)
14:06:12.0549 3200 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:06:12.0582 3200 BFE - ok
14:06:12.0607 3200 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
14:06:12.0634 3200 BITS - ok
14:06:12.0639 3200 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:06:12.0646 3200 blbdrive - ok
14:06:12.0700 3200 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:06:12.0709 3200 Bonjour Service - ok
14:06:12.0738 3200 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:06:12.0755 3200 bowser - ok
14:06:12.0763 3200 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:06:12.0772 3200 BrFiltLo - ok
14:06:12.0782 3200 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:06:12.0791 3200 BrFiltUp - ok
14:06:12.0817 3200 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:06:12.0839 3200 BridgeMP - ok
14:06:12.0851 3200 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:06:12.0858 3200 Browser - ok
14:06:12.0872 3200 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:06:12.0899 3200 Brserid - ok
14:06:12.0912 3200 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:06:12.0920 3200 BrSerWdm - ok
14:06:12.0926 3200 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:06:12.0935 3200 BrUsbMdm - ok
14:06:12.0938 3200 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:06:12.0944 3200 BrUsbSer - ok
14:06:12.0947 3200 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:06:12.0956 3200 BTHMODEM - ok
14:06:12.0985 3200 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:06:13.0017 3200 bthserv - ok
14:06:13.0019 3200 catchme - ok
14:06:13.0023 3200 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:06:13.0045 3200 cdfs - ok
14:06:13.0048 3200 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:06:13.0063 3200 cdrom - ok
14:06:13.0077 3200 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:06:13.0104 3200 CertPropSvc - ok
14:06:13.0117 3200 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
14:06:13.0127 3200 circlass - ok
14:06:13.0137 3200 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:06:13.0147 3200 CLFS - ok
14:06:13.0191 3200 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:06:13.0197 3200 clr_optimization_v2.0.50727_32 - ok
14:06:13.0223 3200 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:06:13.0229 3200 clr_optimization_v2.0.50727_64 - ok
14:06:13.0270 3200 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:06:13.0279 3200 clr_optimization_v4.0.30319_32 - ok
14:06:13.0297 3200 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:06:13.0305 3200 clr_optimization_v4.0.30319_64 - ok
14:06:13.0314 3200 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:06:13.0321 3200 CmBatt - ok
14:06:13.0330 3200 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:06:13.0336 3200 cmdide - ok
14:06:13.0361 3200 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
14:06:13.0376 3200 CNG - ok
14:06:13.0389 3200 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:06:13.0395 3200 Compbatt - ok
14:06:13.0418 3200 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:06:13.0428 3200 CompositeBus - ok
14:06:13.0430 3200 COMSysApp - ok
14:06:13.0466 3200 [ 45011C620D8016BB0F9EEE7BA37184A0 ] CorsairAudioFilter C:\Windows\system32\DRIVERS\corsveng2kamd64.sys
14:06:13.0469 3200 CorsairAudioFilter ( UnsignedFile.Multi.Generic ) - warning
14:06:13.0469 3200 CorsairAudioFilter - detected UnsignedFile.Multi.Generic (1)
14:06:13.0485 3200 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:06:13.0491 3200 crcdisk - ok
14:06:13.0521 3200 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:06:13.0530 3200 CryptSvc - ok
14:06:13.0553 3200 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
14:06:13.0583 3200 CSC - ok
14:06:13.0603 3200 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
14:06:13.0626 3200 CscService - ok
14:06:13.0657 3200 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:06:13.0682 3200 DcomLaunch - ok
14:06:13.0707 3200 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:06:13.0730 3200 defragsvc - ok
14:06:13.0738 3200 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:06:13.0770 3200 DfsC - ok
14:06:13.0794 3200 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:06:13.0822 3200 Dhcp - ok
14:06:13.0835 3200 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:06:13.0863 3200 discache - ok
14:06:13.0874 3200 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:06:13.0880 3200 Disk - ok
14:06:13.0898 3200 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
14:06:13.0915 3200 dmvsc - ok
14:06:13.0941 3200 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:06:13.0954 3200 Dnscache - ok
14:06:13.0964 3200 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:06:13.0996 3200 dot3svc - ok
14:06:14.0009 3200 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:06:14.0043 3200 DPS - ok
14:06:14.0071 3200 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:06:14.0086 3200 drmkaud - ok
14:06:14.0120 3200 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:06:14.0135 3200 DXGKrnl - ok
14:06:14.0153 3200 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:06:14.0184 3200 EapHost - ok
14:06:14.0224 3200 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:06:14.0254 3200 ebdrv - ok
14:06:14.0265 3200 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:06:14.0272 3200 EFS - ok
14:06:14.0310 3200 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:06:14.0342 3200 ehRecvr - ok
14:06:14.0353 3200 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:06:14.0360 3200 ehSched - ok
14:06:14.0397 3200 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
14:06:14.0404 3200 ElbyCDIO - ok
14:06:14.0422 3200 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:06:14.0434 3200 elxstor - ok
14:06:14.0441 3200 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:06:14.0461 3200 ErrDev - ok
14:06:14.0485 3200 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:06:14.0509 3200 EventSystem - ok
14:06:14.0521 3200 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:06:14.0543 3200 exfat - ok
14:06:14.0546 3200 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:06:14.0576 3200 fastfat - ok
14:06:14.0592 3200 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:06:14.0619 3200 Fax - ok
14:06:14.0627 3200 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
14:06:14.0644 3200 fdc - ok
14:06:14.0655 3200 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:06:14.0677 3200 fdPHost - ok
14:06:14.0686 3200 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:06:14.0707 3200 FDResPub - ok
14:06:14.0712 3200 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:06:14.0719 3200 FileInfo - ok
14:06:14.0725 3200 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:06:14.0753 3200 Filetrace - ok
14:06:14.0770 3200 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:06:14.0777 3200 flpydisk - ok
14:06:14.0799 3200 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:06:14.0808 3200 FltMgr - ok
14:06:14.0847 3200 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
14:06:14.0874 3200 FontCache - ok
14:06:14.0904 3200 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:06:14.0910 3200 FontCache3.0.0.0 - ok
14:06:14.0916 3200 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:06:14.0922 3200 FsDepends - ok
14:06:14.0938 3200 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:06:14.0944 3200 Fs_Rec - ok
14:06:14.0996 3200 [ 290EBA98AD0CE0D1B880B5D71194B069 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
14:06:15.0004 3200 Futuremark SystemInfo Service - ok
14:06:15.0034 3200 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:06:15.0044 3200 fvevol - ok
14:06:15.0058 3200 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:06:15.0065 3200 gagp30kx - ok
14:06:15.0079 3200 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:06:15.0084 3200 GEARAspiWDM - ok
14:06:15.0093 3200 GPCIDrv - ok
14:06:15.0114 3200 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:06:15.0140 3200 gpsvc - ok
14:06:15.0162 3200 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:06:15.0169 3200 gupdate - ok
14:06:15.0171 3200 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:06:15.0177 3200 gupdatem - ok
14:06:15.0184 3200 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:06:15.0209 3200 hcw85cir - ok
14:06:15.0219 3200 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:06:15.0236 3200 HdAudAddService - ok
14:06:15.0251 3200 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:06:15.0271 3200 HDAudBus - ok
14:06:15.0280 3200 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:06:15.0299 3200 HidBatt - ok
14:06:15.0302 3200 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:06:15.0314 3200 HidBth - ok
14:06:15.0325 3200 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:06:15.0333 3200 HidIr - ok
14:06:15.0340 3200 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
14:06:15.0362 3200 hidserv - ok
14:06:15.0366 3200 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:06:15.0373 3200 HidUsb - ok
14:06:15.0384 3200 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:06:15.0418 3200 hkmsvc - ok
14:06:15.0435 3200 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:06:15.0456 3200 HomeGroupListener - ok
14:06:15.0479 3200 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:06:15.0488 3200 HomeGroupProvider - ok
14:06:15.0491 3200 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:06:15.0497 3200 HpSAMD - ok
14:06:15.0511 3200 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:06:15.0543 3200 HTTP - ok
14:06:15.0556 3200 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:06:15.0562 3200 hwpolicy - ok
14:06:15.0565 3200 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:06:15.0573 3200 i8042prt - ok
14:06:15.0591 3200 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:06:15.0601 3200 iaStorV - ok
14:06:15.0665 3200 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:06:15.0675 3200 IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:06:15.0675 3200 IDriverT - detected UnsignedFile.Multi.Generic (1)
14:06:15.0718 3200 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:06:15.0731 3200 idsvc - ok
14:06:15.0738 3200 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:06:15.0745 3200 iirsp - ok
14:06:15.0773 3200 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:06:15.0801 3200 IKEEXT - ok
14:06:15.0856 3200 [ 8524178B895E4BC04776B319DA3A70EC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:06:15.0902 3200 IntcAzAudAddService - ok
14:06:15.0912 3200 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:06:15.0918 3200 intelide - ok
14:06:15.0926 3200 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
14:06:15.0943 3200 intelppm - ok
14:06:15.0955 3200 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:06:15.0978 3200 IPBusEnum - ok
14:06:15.0986 3200 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:06:16.0006 3200 IpFilterDriver - ok
14:06:16.0031 3200 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:06:16.0063 3200 iphlpsvc - ok
14:06:16.0066 3200 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:06:16.0083 3200 IPMIDRV - ok
14:06:16.0086 3200 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:06:16.0112 3200 IPNAT - ok
14:06:16.0160 3200 [ 2872B90D57C8310194A78A9787406467 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:06:16.0171 3200 iPod Service - ok
14:06:16.0190 3200 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:06:16.0200 3200 IRENUM - ok
14:06:16.0221 3200 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:06:16.0227 3200 isapnp - ok
14:06:16.0238 3200 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:06:16.0247 3200 iScsiPrt - ok
14:06:16.0257 3200 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:06:16.0263 3200 kbdclass - ok
14:06:16.0266 3200 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:06:16.0285 3200 kbdhid - ok
14:06:16.0288 3200 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:06:16.0295 3200 KeyIso - ok
14:06:16.0317 3200 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:06:16.0324 3200 KSecDD - ok
14:06:16.0353 3200 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:06:16.0361 3200 KSecPkg - ok
14:06:16.0364 3200 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:06:16.0398 3200 ksthunk - ok
14:06:16.0419 3200 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:06:16.0451 3200 KtmRm - ok
14:06:16.0466 3200 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:06:16.0491 3200 LanmanServer - ok
14:06:16.0502 3200 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:06:16.0524 3200 LanmanWorkstation - ok
14:06:16.0536 3200 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:06:16.0558 3200 lltdio - ok
14:06:16.0579 3200 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:06:16.0602 3200 lltdsvc - ok
14:06:16.0611 3200 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:06:16.0633 3200 lmhosts - ok
14:06:16.0646 3200 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:06:16.0654 3200 LSI_FC - ok
14:06:16.0657 3200 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:06:16.0664 3200 LSI_SAS - ok
14:06:16.0667 3200 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:06:16.0673 3200 LSI_SAS2 - ok
14:06:16.0677 3200 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:06:16.0684 3200 LSI_SCSI - ok
14:06:16.0699 3200 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:06:16.0729 3200 luafv - ok
14:06:16.0781 3200 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:06:16.0791 3200 MBAMScheduler - ok
14:06:16.0808 3200 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:06:16.0816 3200 Mcx2Svc - ok
14:06:16.0826 3200 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:06:16.0833 3200 megasas - ok
14:06:16.0838 3200 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:06:16.0846 3200 MegaSR - ok
14:06:16.0867 3200 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:06:16.0898 3200 MMCSS - ok
14:06:16.0907 3200 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:06:16.0929 3200 Modem - ok
14:06:16.0952 3200 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:06:16.0975 3200 monitor - ok
14:06:17.0001 3200 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:06:17.0008 3200 mouclass - ok
14:06:17.0020 3200 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:06:17.0027 3200 mouhid - ok
14:06:17.0040 3200 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:06:17.0047 3200 mountmgr - ok
14:06:17.0050 3200 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:06:17.0058 3200 mpio - ok
14:06:17.0068 3200 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:06:17.0090 3200 mpsdrv - ok
14:06:17.0106 3200 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:06:17.0134 3200 MpsSvc - ok
14:06:17.0137 3200 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:06:17.0162 3200 MRxDAV - ok
14:06:17.0181 3200 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:06:17.0200 3200 mrxsmb - ok
14:06:17.0239 3200 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:06:17.0248 3200 mrxsmb10 - ok
14:06:17.0270 3200 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:06:17.0278 3200 mrxsmb20 - ok
14:06:17.0289 3200 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:06:17.0296 3200 msahci - ok
14:06:17.0299 3200 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:06:17.0306 3200 msdsm - ok
14:06:17.0321 3200 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:06:17.0330 3200 MSDTC - ok
14:06:17.0349 3200 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:06:17.0370 3200 Msfs - ok
14:06:17.0378 3200 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:06:17.0399 3200 mshidkmdf - ok
14:06:17.0408 3200 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:06:17.0414 3200 msisadrv - ok
14:06:17.0430 3200 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:06:17.0452 3200 MSiSCSI - ok
14:06:17.0455 3200 msiserver - ok
14:06:17.0471 3200 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:06:17.0492 3200 MSKSSRV - ok
14:06:17.0508 3200 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:06:17.0528 3200 MSPCLOCK - ok
14:06:17.0531 3200 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:06:17.0563 3200 MSPQM - ok
14:06:17.0576 3200 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:06:17.0585 3200 MsRPC - ok
14:06:17.0590 3200 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:06:17.0596 3200 mssmbios - ok
14:06:17.0608 3200 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:06:17.0629 3200 MSTEE - ok
14:06:17.0640 3200 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:06:17.0647 3200 MTConfig - ok
14:06:17.0655 3200 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:06:17.0662 3200 Mup - ok
14:06:17.0679 3200 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:06:17.0712 3200 napagent - ok
14:06:17.0735 3200 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:06:17.0747 3200 NativeWifiP - ok
14:06:17.0787 3200 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:06:17.0802 3200 NDIS - ok
14:06:17.0823 3200 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:06:17.0851 3200 NdisCap - ok
14:06:17.0882 3200 [ 270B10B8BD822DD4673781E0A1935DFB ] ndisrd C:\Windows\system32\DRIVERS\ndisrd.sys
14:06:17.0888 3200 ndisrd - ok
14:06:17.0904 3200 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:06:17.0925 3200 NdisTapi - ok
14:06:17.0932 3200 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:06:17.0964 3200 Ndisuio - ok
14:06:17.0974 3200 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:06:18.0006 3200 NdisWan - ok
14:06:18.0026 3200 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:06:18.0047 3200 NDProxy - ok
14:06:18.0050 3200 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:06:18.0080 3200 NetBIOS - ok
14:06:18.0097 3200 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:06:18.0118 3200 NetBT - ok
14:06:18.0122 3200 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:06:18.0129 3200 Netlogon - ok
14:06:18.0144 3200 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:06:18.0169 3200 Netman - ok
14:06:18.0194 3200 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:06:18.0202 3200 NetMsmqActivator - ok
14:06:18.0205 3200 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:06:18.0213 3200 NetPipeActivator - ok
14:06:18.0227 3200 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:06:18.0256 3200 netprofm - ok
14:06:18.0259 3200 netr28ux - ok
14:06:18.0262 3200 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:06:18.0271 3200 NetTcpActivator - ok
14:06:18.0273 3200 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:06:18.0282 3200 NetTcpPortSharing - ok
14:06:18.0302 3200 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:06:18.0309 3200 nfrd960 - ok
14:06:18.0320 3200 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:06:18.0330 3200 NlaSvc - ok
14:06:18.0336 3200 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:06:18.0357 3200 Npfs - ok
14:06:18.0364 3200 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:06:18.0386 3200 nsi - ok
14:06:18.0396 3200 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:06:18.0419 3200 nsiproxy - ok
14:06:18.0461 3200 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:06:18.0484 3200 Ntfs - ok
14:06:18.0493 3200 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:06:18.0514 3200 Null - ok
14:06:18.0530 3200 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:06:18.0537 3200 nvraid - ok
14:06:18.0550 3200 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:06:18.0558 3200 nvstor - ok
14:06:18.0571 3200 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:06:18.0580 3200 nv_agp - ok
14:06:18.0583 3200 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:06:18.0590 3200 ohci1394 - ok
14:06:18.0641 3200 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:06:18.0647 3200 ose64 - ok
14:06:18.0727 3200 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:06:18.0782 3200 osppsvc - ok
14:06:18.0798 3200 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:06:18.0818 3200 p2pimsvc - ok
14:06:18.0832 3200 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:06:18.0842 3200 p2psvc - ok
14:06:18.0846 3200 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
14:06:18.0854 3200 Parport - ok
14:06:18.0877 3200 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:06:18.0884 3200 partmgr - ok
14:06:18.0892 3200 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:06:18.0916 3200 PcaSvc - ok
14:06:18.0926 3200 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:06:18.0934 3200 pci - ok
14:06:18.0941 3200 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:06:18.0947 3200 pciide - ok
14:06:18.0951 3200 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:06:18.0959 3200 pcmcia - ok
14:06:18.0966 3200 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:06:18.0973 3200 pcw - ok
14:06:18.0986 3200 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:06:19.0020 3200 PEAUTH - ok
14:06:19.0060 3200 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:06:19.0096 3200 PeerDistSvc - ok
14:06:19.0151 3200 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:06:19.0166 3200 PerfHost - ok
14:06:19.0192 3200 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:06:19.0224 3200 pla - ok
14:06:19.0261 3200 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:06:19.0292 3200 PlugPlay - ok
14:06:19.0316 3200 PnkBstrA - ok
14:06:19.0326 3200 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:06:19.0343 3200 PNRPAutoReg - ok
14:06:19.0356 3200 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:06:19.0365 3200 PNRPsvc - ok
14:06:19.0384 3200 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:06:19.0410 3200 PolicyAgent - ok
14:06:19.0423 3200 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:06:19.0459 3200 Power - ok
14:06:19.0472 3200 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:06:19.0508 3200 PptpMiniport - ok
14:06:19.0516 3200 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:06:19.0534 3200 Processor - ok
14:06:19.0553 3200 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:06:19.0582 3200 ProfSvc - ok
14:06:19.0592 3200 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:06:19.0599 3200 ProtectedStorage - ok
14:06:19.0609 3200 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:06:19.0638 3200 Psched - ok
14:06:19.0663 3200 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:06:19.0684 3200 ql2300 - ok
14:06:19.0688 3200 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:06:19.0695 3200 ql40xx - ok
14:06:19.0705 3200 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:06:19.0718 3200 QWAVE - ok
14:06:19.0722 3200 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:06:19.0733 3200 QWAVEdrv - ok
14:06:19.0742 3200 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:06:19.0765 3200 RasAcd - ok
14:06:19.0787 3200 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:06:19.0810 3200 RasAgileVpn - ok
14:06:19.0815 3200 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:06:19.0839 3200 RasAuto - ok
14:06:19.0847 3200 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:06:19.0870 3200 Rasl2tp - ok
14:06:19.0888 3200 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:06:19.0913 3200 RasMan - ok
14:06:19.0920 3200 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:06:19.0943 3200 RasPppoe - ok
14:06:19.0953 3200 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:06:19.0976 3200 RasSstp - ok
14:06:19.0986 3200 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:06:20.0011 3200 rdbss - ok
14:06:20.0021 3200 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:06:20.0035 3200 rdpbus - ok
14:06:20.0045 3200 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:06:20.0067 3200 RDPCDD - ok
14:06:20.0091 3200 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:06:20.0108 3200 RDPDR - ok
14:06:20.0119 3200 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:06:20.0141 3200 RDPENCDD - ok
14:06:20.0151 3200 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:06:20.0185 3200 RDPREFMP - ok
14:06:20.0209 3200 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:06:20.0222 3200 RdpVideoMiniport - ok
14:06:20.0249 3200 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:06:20.0268 3200 RDPWD - ok
14:06:20.0280 3200 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:06:20.0288 3200 rdyboost - ok
14:06:20.0303 3200 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:06:20.0331 3200 RemoteAccess - ok
14:06:20.0344 3200 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:06:20.0367 3200 RemoteRegistry - ok
14:06:20.0370 3200 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:06:20.0391 3200 RpcEptMapper - ok
14:06:20.0403 3200 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:06:20.0410 3200 RpcLocator - ok
14:06:20.0426 3200 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
14:06:20.0450 3200 RpcSs - ok
14:06:20.0460 3200 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:06:20.0482 3200 rspndr - ok
14:06:20.0506 3200 [ 3713DACCA1025B05A6343104112708D9 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:06:20.0519 3200 RTL8167 - ok
14:06:20.0561 3200 [ D02BB80374C77D8FFF9FBC6BC4997AE5 ] rzendpt C:\Windows\system32\DRIVERS\rzendpt.sys
14:06:20.0568 3200 rzendpt - ok
14:06:20.0595 3200 [ 7B276C40AF1D1513B8D644ECFB42A741 ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
14:06:20.0602 3200 rzudd - ok
14:06:20.0622 3200 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:06:20.0634 3200 s3cap - ok
14:06:20.0650 3200 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:06:20.0657 3200 SamSs - ok
14:06:20.0668 3200 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:06:20.0674 3200 sbp2port - ok
14:06:20.0688 3200 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:06:20.0712 3200 SCardSvr - ok
14:06:20.0716 3200 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:06:20.0750 3200 scfilter - ok
14:06:20.0774 3200 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:06:20.0803 3200 Schedule - ok
14:06:20.0811 3200 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:06:20.0832 3200 SCPolicySvc - ok
14:06:20.0844 3200 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:06:20.0864 3200 SDRSVC - ok
14:06:20.0879 3200 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:06:20.0911 3200 secdrv - ok
14:06:20.0927 3200 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:06:20.0948 3200 seclogon - ok
14:06:20.0957 3200 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
14:06:20.0981 3200 SENS - ok
14:06:20.0993 3200 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:06:21.0025 3200 SensrSvc - ok
14:06:21.0038 3200 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:06:21.0052 3200 Serenum - ok
14:06:21.0071 3200 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:06:21.0090 3200 Serial - ok
14:06:21.0105 3200 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:06:21.0120 3200 sermouse - ok
14:06:21.0134 3200 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:06:21.0163 3200 SessionEnv - ok
14:06:21.0177 3200 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:06:21.0186 3200 sffdisk - ok
14:06:21.0191 3200 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:06:21.0200 3200 sffp_mmc - ok
14:06:21.0208 3200 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:06:21.0229 3200 sffp_sd - ok
14:06:21.0255 3200 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:06:21.0263 3200 sfloppy - ok
14:06:21.0288 3200 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:06:21.0311 3200 SharedAccess - ok
14:06:21.0325 3200 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:06:21.0349 3200 ShellHWDetection - ok
14:06:21.0363 3200 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:06:21.0370 3200 SiSRaid2 - ok
14:06:21.0376 3200 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:06:21.0383 3200 SiSRaid4 - ok
14:06:21.0408 3200 [ 0A0A0183711EFB04F9BCC32BB44471F2 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:06:21.0415 3200 SkypeUpdate - ok
14:06:21.0421 3200 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:06:21.0452 3200 Smb - ok
14:06:21.0475 3200 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:06:21.0492 3200 SNMPTRAP - ok
14:06:21.0503 3200 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:06:21.0509 3200 spldr - ok
14:06:21.0557 3200 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:06:21.0569 3200 Spooler - ok
14:06:21.0611 3200 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:06:21.0664 3200 sppsvc - ok
14:06:21.0677 3200 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:06:21.0699 3200 sppuinotify - ok
14:06:21.0731 3200 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:06:21.0762 3200 srv - ok
14:06:21.0768 3200 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:06:21.0788 3200 srv2 - ok
14:06:21.0812 3200 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:06:21.0820 3200 srvnet - ok
14:06:21.0832 3200 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:06:21.0854 3200 SSDPSRV - ok
14:06:21.0867 3200 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:06:21.0889 3200 SstpSvc - ok
14:06:21.0904 3200 Steam Client Service - ok
14:06:21.0916 3200 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:06:21.0922 3200 stexstor - ok
14:06:21.0951 3200 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:06:21.0977 3200 stisvc - ok
14:06:21.0992 3200 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:06:21.0999 3200 storflt - ok
14:06:22.0008 3200 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:06:22.0015 3200 storvsc - ok
14:06:22.0025 3200 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:06:22.0031 3200 swenum - ok
14:06:22.0041 3200 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:06:22.0078 3200 swprv - ok
14:06:22.0097 3200 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
14:06:22.0103 3200 Synth3dVsc - ok
14:06:22.0134 3200 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:06:22.0166 3200 SysMain - ok
14:06:22.0170 3200 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:06:22.0181 3200 TabletInputService - ok
14:06:22.0198 3200 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:06:22.0221 3200 TapiSrv - ok
14:06:22.0227 3200 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:06:22.0249 3200 TBS - ok
14:06:22.0287 3200 [ DB74544B75566C974815E79A62433F29 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:06:22.0311 3200 Tcpip - ok
14:06:22.0334 3200 [ DB74544B75566C974815E79A62433F29 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:06:22.0359 3200 TCPIP6 - ok
14:06:22.0387 3200 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:06:22.0394 3200 tcpipreg - ok
14:06:22.0406 3200 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:06:22.0425 3200 TDPIPE - ok
14:06:22.0437 3200 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:06:22.0444 3200 TDTCP - ok
14:06:22.0453 3200 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:06:22.0474 3200 tdx - ok
14:06:22.0480 3200 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:06:22.0486 3200 TermDD - ok
14:06:22.0504 3200 [ EF4469AB69EB15E5D3754E6AEAFBCD3D ] terminpt C:\Windows\system32\drivers\terminpt.sys
14:06:22.0511 3200 terminpt - ok
14:06:22.0529 3200 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:06:22.0555 3200 TermService - ok
14:06:22.0566 3200 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:06:22.0577 3200 Themes - ok
14:06:22.0600 3200 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:06:22.0622 3200 THREADORDER - ok
14:06:22.0626 3200 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:06:22.0660 3200 TrkWks - ok
14:06:22.0695 3200 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:06:22.0716 3200 TrustedInstaller - ok
14:06:22.0745 3200 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:06:22.0762 3200 tssecsrv - ok
14:06:22.0778 3200 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:06:22.0796 3200 TsUsbFlt - ok
14:06:22.0805 3200 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:06:22.0812 3200 TsUsbGD - ok
14:06:22.0826 3200 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
14:06:22.0844 3200 tsusbhub - ok
14:06:22.0869 3200 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:06:22.0903 3200 tunnel - ok
14:06:22.0918 3200 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:06:22.0925 3200 uagp35 - ok
14:06:22.0930 3200 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:06:22.0957 3200 udfs - ok
14:06:22.0962 3200 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:06:22.0980 3200 UI0Detect - ok
14:06:22.0983 3200 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:06:22.0989 3200 uliagpkx - ok
14:06:23.0000 3200 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:06:23.0018 3200 umbus - ok
14:06:23.0032 3200 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
14:06:23.0045 3200 UmPass - ok
14:06:23.0070 3200 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
14:06:23.0085 3200 UmRdpService - ok
14:06:23.0100 3200 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:06:23.0136 3200 upnphost - ok
14:06:23.0163 3200 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:06:23.0181 3200 USBAAPL64 - ok
14:06:23.0217 3200 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:06:23.0227 3200 usbaudio - ok
14:06:23.0245 3200 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:06:23.0261 3200 usbccgp - ok
14:06:23.0274 3200 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:06:23.0284 3200 usbcir - ok
14:06:23.0292 3200 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:06:23.0299 3200 usbehci - ok
14:06:23.0312 3200 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:06:23.0321 3200 usbhub - ok
14:06:23.0331 3200 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:06:23.0344 3200 usbohci - ok
14:06:23.0353 3200 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
14:06:23.0361 3200 usbprint - ok
14:06:23.0381 3200 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:06:23.0399 3200 USBSTOR - ok
14:06:23.0401 3200 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:06:23.0412 3200 usbuhci - ok
14:06:23.0424 3200 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:06:23.0458 3200 UxSms - ok
14:06:23.0466 3200 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:06:23.0473 3200 VaultSvc - ok
14:06:23.0509 3200 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
14:06:23.0536 3200 VClone - ok
14:06:23.0549 3200 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:06:23.0555 3200 vdrvroot - ok
14:06:23.0571 3200 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:06:23.0597 3200 vds - ok
14:06:23.0605 3200 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:06:23.0614 3200 vga - ok
14:06:23.0622 3200 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:06:23.0653 3200 VgaSave - ok
14:06:23.0655 3200 VGPU - ok
14:06:23.0660 3200 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:06:23.0670 3200 vhdmp - ok
14:06:23.0680 3200 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:06:23.0686 3200 viaide - ok
14:06:23.0700 3200 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:06:23.0709 3200 vmbus - ok
14:06:23.0726 3200 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:06:23.0738 3200 VMBusHID - ok
14:06:23.0751 3200 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:06:23.0758 3200 volmgr - ok
14:06:23.0771 3200 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:06:23.0780 3200 volmgrx - ok
14:06:23.0805 3200 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:06:23.0814 3200 volsnap - ok
14:06:23.0819 3200 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:06:23.0826 3200 vsmraid - ok
14:06:23.0853 3200 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:06:23.0890 3200 VSS - ok
14:06:23.0904 3200 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:06:23.0912 3200 vwifibus - ok
14:06:23.0925 3200 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:06:23.0948 3200 vwififlt - ok
14:06:23.0972 3200 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:06:23.0996 3200 W32Time - ok
14:06:24.0005 3200 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:06:24.0012 3200 WacomPen - ok
14:06:24.0028 3200 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:06:24.0058 3200 WANARP - ok
14:06:24.0061 3200 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:06:24.0081 3200 Wanarpv6 - ok
14:06:24.0129 3200 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:06:24.0147 3200 WatAdminSvc - ok
14:06:24.0172 3200 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:06:24.0197 3200 wbengine - ok
14:06:24.0201 3200 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:06:24.0213 3200 WbioSrvc - ok
14:06:24.0223 3200 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:06:24.0237 3200 wcncsvc - ok
14:06:24.0248 3200 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:06:24.0261 3200 WcsPlugInService - ok
14:06:24.0272 3200 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
14:06:24.0279 3200 Wd - ok
14:06:24.0301 3200 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:06:24.0316 3200 Wdf01000 - ok
14:06:24.0323 3200 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:06:24.0368 3200 WdiServiceHost - ok
14:06:24.0370 3200 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:06:24.0381 3200 WdiSystemHost - ok
14:06:24.0394 3200 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:06:24.0420 3200 WebClient - ok
14:06:24.0436 3200 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:06:24.0459 3200 Wecsvc - ok
14:06:24.0466 3200 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:06:24.0489 3200 wercplsupport - ok
14:06:24.0504 3200 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:06:24.0527 3200 WerSvc - ok
14:06:24.0541 3200 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:06:24.0562 3200 WfpLwf - ok
14:06:24.0572 3200 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:06:24.0579 3200 WIMMount - ok
14:06:24.0594 3200 WinDefend - ok
14:06:24.0601 3200 WinHttpAutoProxySvc - ok
14:06:24.0633 3200 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:06:24.0657 3200 Winmgmt - ok
14:06:24.0701 3200 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\Corsair\CorsairLINK2\CorsairLINK_HardwareMonitor.sys
14:06:24.0708 3200 WinRing0_1_2_0 - ok
14:06:24.0740 3200 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:06:24.0776 3200 WinRM - ok
14:06:24.0812 3200 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:06:24.0821 3200 WinUsb - ok
14:06:24.0844 3200 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:06:24.0873 3200 Wlansvc - ok
14:06:24.0947 3200 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:06:24.0976 3200 wlidsvc - ok
14:06:25.0023 3200 [ 680A7846370000D20D7E74917D5B7936 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
14:06:25.0029 3200 WmBEnum - ok
14:06:25.0048 3200 [ 14C35BA8189C6F65D839163AA285E954 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
14:06:25.0054 3200 WmFilter - ok
14:06:25.0079 3200 [ AC4331AF118A720F13C9C5CABBFE27BD ] WmHidLo C:\Windows\system32\drivers\WmHidLo.sys
14:06:25.0084 3200 WmHidLo - ok
14:06:25.0102 3200 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:06:25.0118 3200 WmiAcpi - ok
14:06:25.0136 3200 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:06:25.0157 3200 wmiApSrv - ok
14:06:25.0180 3200 WMPNetworkSvc - ok
14:06:25.0204 3200 [ 8488DD91A3EE54A8E29F02AD7BB8201E ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
14:06:25.0209 3200 WmVirHid - ok
14:06:25.0221 3200 [ 14802B3A30AA849C97CB968CCC813BF3 ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
14:06:25.0227 3200 WmXlCore - ok
14:06:25.0237 3200 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:06:25.0257 3200 WPCSvc - ok
14:06:25.0268 3200 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:06:25.0285 3200 WPDBusEnum - ok
14:06:25.0296 3200 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:06:25.0317 3200 ws2ifsl - ok
14:06:25.0324 3200 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
14:06:25.0342 3200 wscsvc - ok
14:06:25.0344 3200 WSearch - ok
14:06:25.0390 3200 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:06:25.0421 3200 wuauserv - ok
14:06:25.0451 3200 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:06:25.0466 3200 WudfPf - ok
14:06:25.0483 3200 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:06:25.0499 3200 WUDFRd - ok
14:06:25.0526 3200 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:06:25.0546 3200 wudfsvc - ok
14:06:25.0568 3200 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:06:25.0587 3200 WwanSvc - ok
14:06:25.0591 3200 ================ Scan global ===============================
14:06:25.0611 3200 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:06:25.0636 3200 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:06:25.0641 3200 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:06:25.0657 3200 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:06:25.0676 3200 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:06:25.0679 3200 [Global] - ok
14:06:25.0679 3200 ================ Scan MBR ==================================
14:06:25.0687 3200 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:06:25.0873 3200 \Device\Harddisk0\DR0 - ok
14:06:25.0874 3200 ================ Scan VBR ==================================
14:06:25.0875 3200 [ 550A69D7E065278D8387DB21D0861A32 ] \Device\Harddisk0\DR0\Partition1
14:06:25.0876 3200 \Device\Harddisk0\DR0\Partition1 - ok
14:06:25.0902 3200 [ DB4A33D76EE0D76198CE725DE5FA5331 ] \Device\Harddisk0\DR0\Partition2
14:06:25.0904 3200 \Device\Harddisk0\DR0\Partition2 - ok
14:06:25.0904 3200 ============================================================
14:06:25.0904 3200 Scan finished
14:06:25.0904 3200 ============================================================
14:06:25.0910 3968 Detected object count: 3
14:06:25.0910 3968 Actual detected object count: 3
14:07:10.0827 3968 BEService ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:10.0827 3968 BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:10.0828 3968 CorsairAudioFilter ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:10.0828 3968 CorsairAudioFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:10.0829 3968 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:10.0829 3968 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:22.0347 4340 Deinitialize success


MBAM Log:

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.04.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Timothy :: SIKORSKY14 [administrator]

Protection: Disabled

4/09/2013 2:10:30 PM
mbam-log-2013-09-04 (14-10-30).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 225570
Time elapsed: 2 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,002 posts
  • MVP
No sign of malware but some odd errors.

Log: 'System' Date/Time: 03/09/2013 5:42:00 AM
Type: Error Category: 0
Event: 10001 Source: Microsoft-Windows-DistributedCOM
Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding

Log: 'System' Date/Time: 03/09/2013 5:39:26 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 02/09/2013 8:13:11 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.



The first one reports an error 5 which is really Access Denied and the same problem as the third one.

For the second one: In the search box type: services.msc and wait for it to find it then right click on it and Run As Admin. Find:
Function Discovery Resource Publication service. Right click on it and make sure the Startup Type is set to Automatic. (Change it and Apply if not). Try to Start the service. Does it Start or do you get an error?

For the Access Denied:


Let's try Windows Repair All in One:

http://www.tweaking....all_in_one.html

Download, Save and run the program by right clicking on it an Run As Admin. I think we can go straight to the program and bypass the other steps. I think it's Step 5 if I remember correctly. It gives you the same window as shown on the page. Just check:

Reset Registry Permissions
Reset File Permissions
Register System Files

(we don't need the rest. They won't hurt anything but it will take longer.)

Then Start.
Once it finishes,
Clear the alarms:

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Run VEW as before and post the System log.

2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply
  • 0

#14
megaman186

megaman186

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hmmm more errors?

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 04/09/2013 6:06:19 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 04/09/2013 8:02:04 AM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 04/09/2013 8:02:06 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.


  • 0

#15
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,002 posts
  • MVP
This last error is caused by AVG's self protection:

Go into AVG and Options/Advanced Settings and turn off " AVG Self Protection"

Way past my bed time. Got to go to bed now.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP