Free Malware Removal Forum

[bpiper90]

I could really use some help. I recently completely eradicated a Root-kit virus that was causing pop-ups and extension problems on my Windows 7 64 bit operating system. Although it is completely gone, I now have over 19,000 files that have been made into .block files that were before that .docx, .doc, .txt, and more. I figured out how to change individual documents back into their proper extensions (.block - .doc ) but would rather not go through all 19,000 files individually and change back the file extension.

I have also noticed that after I change a .block back into a .txt that all the characters come up as a series of random numbers and characters. Also when I change a .block back into a .doc Microsoft Office 2010 refuses to open the document. (Microsoft Offices document recovery program built into Microsoft Office doesn't seem to do the job) I have about 20-30 documents that I really need to open and cannot replace ...

Does anyone have any idea how I can fix either of these problems?

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
Run by Gaming at 11:06:28 on 2012-09-25
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.12271.9783 [GMT -4:00]
.
AV: Lavasoft Ad-Aware *Enabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: Lavasoft Ad-Aware *Enabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\HitmanPro\hmpsched.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\HitmanPro\HitmanPro.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\CISVC.EXE
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Windows\system32\efsui.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Gaming\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Users\Gaming\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Users\Gaming\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\CyberLink\Shared Files\brs.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\PROGRA~2\AD-AWA~1\AdAware.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
TB: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Google Update] "C:\Users\Gaming\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
mRun: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{09484FCD-3F8A-4579-A6DC-5397E9138F66} : DhcpNameServer = 205.152.144.23 205.152.132.23
TCP: Interfaces\{2F40C316-F178-4CB7-85A5-302B6657847B} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{C0328E81-733D-4AFE-9DBE-42B20E0830C5} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{C0328E81-733D-4AFE-9DBE-42B20E0830C5}\4786560296E6475627E6564702 : DhcpNameServer = 65.32.5.111 65.32.5.112
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB-X64: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
TB-X64: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
TB-X64: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
mRun-x64: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
mRun-x64: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
mRun-x64: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\uovnso3g.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Users\Gaming\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 SBRE;SBRE;C:\Windows\System32\drivers\SBREDrv.sys [2011-10-26 101112]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2011/06/26 19:44:30];C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [2009-8-28 146928]
R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-7-12 1239952]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-2-11 913792]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-8-13 5167736]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2012-9-24 108392]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-8-11 2214504]
R2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
R2 sbapifs;sbapifs;C:\Windows\system32\DRIVERS\sbapifs.sys --> C:\Windows\system32\DRIVERS\sbapifs.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
R3 hitmanpro36;HitmanPro 3.6 Support Driver;\??\C:\Windows\system32\drivers\hitmanpro36.sys --> C:\Windows\system32\drivers\hitmanpro36.sys [?]
R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-6 250288]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 sbhips;sbhips;C:\Windows\system32\drivers\sbhips.sys --> C:\Windows\system32\drivers\sbhips.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S4 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Edimax\Common\RaRegistry.exe [2011-3-8 185632]
S4 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe [2011-3-8 212256]
.
=============== Created Last 30 ================
.
2012-09-25 14:52:46 30496 ----a-w- C:\Windows\System32\drivers\hitmanpro36.sys
2012-09-25 04:09:01 -------- d-----w- C:\Users\Gaming\AppData\Roaming\IsolatedStorage
2012-09-25 04:09:01 -------- d-----w- C:\ProgramData\IsolatedStorage
2012-09-25 04:08:56 -------- d-----w- C:\Users\Gaming\AppData\Local\_
2012-09-25 04:08:50 -------- d-----w- C:\Program Files\FileViewPro
2012-09-25 03:56:19 -------- d-----w- C:\Program Files (x86)\NCH Software
2012-09-25 01:29:08 -------- d-----w- C:\Program Files\HitmanPro
2012-09-25 01:28:16 -------- d-----w- C:\ProgramData\HitmanPro
2012-09-25 00:55:55 16200 ----a-w- C:\Windows\stinger.sys
2012-09-25 00:55:43 -------- d-----w- C:\Program Files (x86)\stinger
2012-09-25 00:44:41 -------- d-----w- C:\Users\Gaming\Pavark
2012-09-24 23:41:13 -------- d-----w- C:\Users\Gaming\AppData\Roaming\AVG2012
2012-09-24 23:40:45 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2012-09-24 23:40:42 -------- d-----w- C:\Windows\System32\drivers\AVG
2012-09-24 23:28:15 -------- d-----w- C:\Users\Gaming\AppData\Local\adaware
2012-09-24 23:28:14 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
2012-09-24 23:28:02 60536 ----a-w- C:\Windows\System32\drivers\sbhips.sys
2012-09-24 23:28:01 57976 ----a-w- C:\Windows\System32\drivers\sbredrv.sys
2012-09-24 23:28:01 45936 ----a-w- C:\Windows\System32\sbbd.exe
2012-09-24 21:41:48 -------- d-s---w- C:\ComboFix
2012-09-21 20:18:31 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34515EC9-DEFA-429C-9212-DEA465660240}\mpengine.dll
2012-09-21 17:00:27 10213296 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-09-13 13:16:21 -------- d-----r- C:\Program Files (x86)\Skype
2012-09-12 14:40:22 503808 ----a-w- C:\Windows\System32\srcore.dll
2012-09-12 14:40:22 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2012-09-12 14:40:20 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-09-12 14:40:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-09-12 14:29:01 751104 ----a-w- C:\Windows\System32\win32spl.dll
2012-09-12 14:29:01 67072 ----a-w- C:\Windows\splwow64.exe
2012-09-12 14:29:01 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2012-09-12 14:29:01 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-09-12 14:29:00 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-09-12 14:29:00 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2012-09-12 14:28:57 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-09-12 14:28:57 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-09-12 14:28:57 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-09-12 13:46:38 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-09-12 13:46:38 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-09-12 13:46:38 136704 ----a-w- C:\Windows\System32\browser.dll
2012-09-12 13:44:35 -------- d-----w- C:\Windows\PCHEALTH
2012-09-12 13:44:29 956928 ----a-w- C:\Windows\System32\localspl.dll
2012-09-12 03:02:01 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-09-11 21:37:18 -------- d-sh--w- C:\$RECYCLE.BIN
2012-09-11 19:01:47 -------- d-----w- C:\ProgramData\GFI Software
2012-09-11 18:57:28 98816 ----a-w- C:\Windows\sed.exe
2012-09-11 18:57:28 518144 ----a-w- C:\Windows\SWREG.exe
2012-09-11 18:57:28 256000 ----a-w- C:\Windows\PEV.exe
2012-09-11 18:57:28 208896 ----a-w- C:\Windows\MBR.exe
2012-08-31 00:17:57 -------- d-----w- C:\Users\Gaming\AppData\Roaming\Ythy
2012-08-31 00:17:57 -------- d-----w- C:\Users\Gaming\AppData\Roaming\Ixud
2012-08-31 00:17:57 -------- d-----w- C:\Users\Gaming\AppData\Roaming\Heba
2012-08-30 17:19:22 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-08-30 17:19:07 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-27 15:09:00 -------- d--h--w- C:\$AVG
2012-08-27 15:09:00 -------- d-----w- C:\ProgramData\AVG2012
2012-08-27 15:08:37 -------- d-----w- C:\Program Files (x86)\AVG
2012-08-27 15:05:29 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus
2012-08-27 15:05:22 -------- d-----w- C:\Users\Gaming\AppData\Local\Downloaded Installations
2012-08-27 15:04:27 -------- d-----w- C:\Users\Gaming\AppData\Roaming\Ad-Aware Antivirus
2012-08-27 15:02:24 -------- d--h--w- C:\ProgramData\Common Files
2012-08-27 15:02:24 -------- d-----w- C:\ProgramData\MFAData
.
==================== Find3M ====================
.
2012-09-21 17:00:41 73136 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-21 17:00:41 696240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-08-30 17:18:56 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-08-24 19:43:16 384352 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-22 17:37:12 328704 ----a-w- C:\Windows\System32\services.exe.2910E623D5BD277F
2012-08-22 17:34:48 328704 ----a-w- C:\Windows\System32\services.exe.68B1F57FDE349081
2012-08-22 17:32:38 328704 ----a-w- C:\Windows\System32\services.exe.00A63C867C2C94C8
2012-08-22 17:30:27 328704 ----a-w- C:\Windows\System32\services.exe.2A5B165FE0783959
2012-08-16 00:11:48 955888 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-08-16 00:11:48 839152 ----a-w- C:\Windows\System32\deployJava1.dll
2012-07-26 07:21:28 291680 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
.
============= FINISH: 11:06:50.21 ===============

[askey127]

Hi bpiper90,
You have too many antivirus apps on your machine. That will DECREASE your security.
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features
Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

Ad-Aware
Advanced System Care 5

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
---------------------------------------------
Run a Scan with OTL

• Right click the OTL icon and choose "Run as administrator" to run it.
• Check the box at the top, labeled Include 64 bit scans
• Check the boxes labeled :
  • Scan All Users
  • LOP check
  • Purity check
  • Extra Registry > Use SafeList
• Make sure all other windows are closed to let it run uninterrupted.
• Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
OTL.txt will be open on your desktop, and Extras.txt will be minimized in your taskbar.
The Extras.txt file will only appear the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.
--------------------------------------------
TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!

1. Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
   (Vista - W7 users: Right-click and select "Run As Administrator")
   If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
   If you don't see file extensions, please see: How to change the file extension.
   If you try to change the filename and extension, you may get a warning message from Windows because of the change of file extension. OK the change.
2. Click the Start Scan button. Do not use the computer during the scan!
3. If the scan completes with nothing found, click Close to exit.
4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
   • Ensure Cure (default) is selected... then click Continue > Reboot now to finish the cleaning process.
   • If Cure is not offered as an option, choose Skip.
5. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the main directory of C:
   (the dd.mm.yyyy_hh.mm.ss numbers in the filename represent the time/date stamp)
6. Copy and paste the contents of that file in your next reply.

If, for some reason,you can't locate the text file to paste into your reply, just tell me, but DO NOT run the program a second time.
---------------------------------------------------
So, In Your Reply, we will be looking for the following :
The contents of:

• TDSSKiller log
• OTL.txt
• Extras.txt

Please feel free to use separate replies.
The Extras.txt file will only show up the very first time you run OTL.

askey127

[bpiper90]

I really appreciate the help, didn't know you could use too many anti-virus programs and I'll have to read about that.
here is the OTL.txt

OTL logfile created on: 9/28/2012 11:20:32 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gaming\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.98 Gb Total Physical Memory | 9.77 Gb Available Physical Memory | 81.54% Memory free
23.96 Gb Paging File | 21.74 Gb Available in Paging File | 90.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.68 Gb Total Space | 14.09 Gb Free Space | 12.62% Space Free | Partition Type: NTFS
Drive E: | 644.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 3.92 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 930.86 Gb Total Space | 255.79 Gb Free Space | 27.48% Space Free | Partition Type: NTFS
Drive J: | 1862.89 Gb Total Space | 1037.29 Gb Free Space | 55.68% Space Free | Partition Type: NTFS

Computer Name: GAMING-PC | User Name: Gaming | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/28 11:13:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gaming\Desktop\OTL.exe
PRC - [2012/09/17 20:47:13 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Users\Gaming\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012/08/15 13:38:30 | 000,584,664 | ---- | M] (Binary Fortress Software) -- C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe
PRC - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/31 03:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/10/21 05:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/05/21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010/11/17 09:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/06/11 18:11:48 | 001,349,632 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
PRC - [2009/08/28 06:36:28 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared Files\brs.exe
PRC - [2009/07/16 20:08:20 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/14 17:08:05 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
MOD - [2012/06/14 11:46:59 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012/06/14 11:46:52 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 11:46:48 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/14 11:46:45 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012/05/11 14:27:35 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012/05/11 14:27:26 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/11 14:27:00 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/11 14:26:57 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/11 14:26:55 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/11 14:26:55 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/11 14:26:52 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/07/28 19:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/05/04 10:59:00 | 000,182,272 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL


========== Services (SafeList) ==========

SRV:64bit: - [2012/09/24 21:29:09 | 000,108,392 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2010/05/20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 21:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2012/09/21 13:00:41 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012/01/05 12:00:58 | 000,419,624 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/05/21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/16 14:49:12 | 000,212,256 | ---- | M] (Ralink Technology, Corp.) [Disabled | Stopped] -- C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe -- (RalinkRegistryWriter64)
SRV - [2009/12/16 14:49:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Disabled | Stopped] -- C:\Program Files (x86)\Edimax\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/24 15:43:16 | 000,384,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/07/26 03:21:28 | 000,291,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/15 17:10:13 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2012/03/15 17:10:13 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/09/01 16:05:38 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/08/10 17:40:58 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2011/08/01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/18 09:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/23 13:23:50 | 000,867,064 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/02/10 14:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/02/10 14:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 07:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/10/20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/07/28 05:14:06 | 001,241,952 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2010/05/20 15:26:28 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VX1000.sys -- (VX1000)
DRV:64bit: - [2009/11/17 19:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/08/13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2009/08/28 18:36:26 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/06/26 19:44:30] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2275724728-3675510102-248958625-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2275724728-3675510102-248958625-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2275724728-3675510102-248958625-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AD 01 C4 07 07 D2 CB 01 [binary data]
IE - HKU\S-1-5-21-2275724728-3675510102-248958625-1000\..\SearchScopes,DefaultScope = {4B596747-6256-415E-8509-691CBE7EA790}
IE - HKU\S-1-5-21-2275724728-3675510102-248958625-1000\..\SearchScopes\{4B596747-6256-415E-8509-691CBE7EA790}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-2275724728-3675510102-248958625-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.param.yahoo-fr: "&hsimp=yhs-affiliate_a_ff&hspart=greentree&type=685749_yhs2tst"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: {15312e9a-4905-48da-aae4-15b24bdc2a24}:1.0.5
FF - prefs.js..extensions.enabledAddons: {4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}:0.7.7
FF - prefs.js..extensions.enabledAddons: {E6C1199F-E687-42da-8C24-E7770CC3AE66}:1.8.0
FF - prefs.js..extensions.enabledAddons: gencrawler@some.com:2.0
FF - prefs.js..extensions.enabledAddons: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189
FF - prefs.js..extensions.enabledAddons: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..keyword.URL: " http://www.google.com/search?ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.startup.homepage: "I%20could%20really%20use%20some%20help.%20%20I%20recently%20completely%20eradicated%20a%20Root-kit%20virus%20that%20was%20causing%20pop-ups%20and%20extension%20problems%20on%20my%20Windows%207%2064%20bit%20operating%20system.%20%20Although%20it%20is%20completely%20gone,%20I%20now%20have%20over%2019,000%20files%20that%20have%20been%20made%20into%20.block%20files%20that%20were%20before%20that%20.docx,%20.doc,%20.txt,%20and%20more.%20%20I%20figured%20out%20how%20to%20change%20individual%20documents%20back%20into%20their%20proper%20extensions%20(.block%20-%20.doc%20)%20but%20would%20rather%20not%20go%20through%20all%2019,000%20files%20individually%20and%20change%20back%20the%20file%20extension.%0A%0AI%20have%20also%20noticed%20that%20after%20I%20change%20a%20.block%20back%20into%20a%20.txt%20that%20all%20the%20characters%20come%20up%20as%20a%20series%20of%20random%20numbers%20and%20characters.%20%20Also%20when%20I%20change%20a%20.block%20back%20into%20a%20.doc%20Microsoft%20Office%202010%20refuses%20to%20open%20the%20document.%20%20(Microsoft%20Offices%20document%20recovery%20program%20built%20into%20Microsoft%20Office%20doesn't%20seem%20%20to%20do%20the%20job)%20I%20have%20about%2020-30%20documents%20that%20I%20really%20need%20to%20open%20and%20cannot%20replace%20...%0A%0ADoes%20anyone%20have%20any%20idea%20how%20I%20can%20fix%20either%20of%20these%20problems?%0A%0A.%0ADDS%20(Ver_2011-08-26.01)%20-%20NTFSAMD64%20%0AInternet%20Explorer:%209.0.8112.16421%20%20BrowserJavaVersion:%2010.7.2%0ARun%20by%20Gaming%20at%2011:06:28%20on%202012-09-25%0AMicrosoft%20Windows%207%20Ultimate%20%20%206.1.7601.1.1252.1.1033.18.12271.9783%20%5BGMT%20-4:00%5D%0A.%0AAV:%20Lavasoft%20Ad-Aware%20*Enabled/Updated*%20%7B445B48C3-0FA4-6B16-8F07-6506F305D800%7D%0AAV:%20AVG%20Anti-Virus%20Free%20Edition%202012%20*Enabled/Updated*%20%7B5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0%7D%0ASP:%20Lavasoft%20Ad-Aware%20*Enabled/Updated*%20%7BFF3AA927-299E-6498-B5B7-5E74888292BD%7D%0ASP:%20AVG%20Anti-Virus%20Free%20Edition%202012%20*Enabled/Updated*%20%7BE146A755-F8D3-F7D4-C17D-96C36DBE8F4D%7D%0ASP:%20Windows%20Defender%20*Disabled/Updated*%20%7BD68DDC3A-831F-4fae-9E44-DA132C1ACF46%7D%0AFW:%20Lavasoft%20Ad-Aware%20*Disabled*%20%7B7C60C9E6-45CB-6A4E-A458-CC330DD69F7B%7D%0A.%0A==============%20Running%20Processes%20===============%0A.%0AC:%5CPROGRA~2%5CAVG%5CAVG2012%5Cavgrsa.exe%0AC:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgcsrva.exe%0AC:%5CWindows%5Csystem32%5Cwininit.exe%0AC:%5CWindows%5Csystem32%5Clsm.exe%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20DcomLaunch%0AC:%5CProgram%20Files%20(x86)%5CIObit%5CAdvanced%20SystemCare%205%5CASCService.exe%0AC:%5CWindows%5Csystem32%5Cnvvsvc.exe%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20RPCSS%0AC:%5CWindows%5CSystem32%5Csvchost.exe%20-k%20LocalServiceNetworkRestricted%0AC:%5CWindows%5CSystem32%5Csvchost.exe%20-k%20LocalSystemNetworkRestricted%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20netsvcs%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20LocalService%0AC:%5CProgram%20Files%5CHitmanPro%5Chmpsched.exe%0AC:%5CProgram%20Files%5CNVIDIA%20Corporation%5CDisplay%5Cnvxdsync.exe%0AC:%5CWindows%5Csystem32%5Cnvvsvc.exe%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20NetworkService%0AC:%5CWindows%5CSystem32%5Cspoolsv.exe%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20LocalServiceNoNetwork%0AC:%5CProgram%20Files%20(x86)%5CAd-Aware%20Antivirus%5CAdAwareService.exe%0AC:%5CProgram%20Files%20(x86)%5CCommon%20Files%5CAdobe%5CARM%5C1.0%5Carmsvc.exe%0AC:%5CProgram%20Files%20(x86)%5CCommon%20Files%5CApple%5CMobile%20Device%20Support%5CAppleMobileDeviceService.exe%0AC:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgwdsvc.exe%0AC:%5CWindows%5Csystem32%5Ctaskhost.exe%0AC:%5CProgram%20Files%5CHitmanPro%5CHitmanPro.exe%0AC:%5CWindows%5Csystem32%5CDwm.exe%0AC:%5CWindows%5Csystem32%5Ctaskeng.exe%0AC:%5CWindows%5CExplorer.EXE%0AC:%5CProgram%20Files%5CBonjour%5CmDNSResponder.exe%0AC:%5CWindows%5Csystem32%5CCISVC.EXE%0AC:%5CProgram%20Files%5CMicrosoft%20LifeCam%5CMSCamS64.exe%0AC:%5CWindows%5Csystem32%5Cefsui.exe%0AC:%5CProgram%20Files%5CCore%20Temp%5CCore%20Temp.exe%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20imgsvc%0AC:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgidsagent.exe%0AC:%5CProgram%20Files%5CRealtek%5CAudio%5CHDA%5CRtkNGUI64.exe%0AC:%5CProgram%20Files%5CMicrosoft%20IntelliType%20Pro%5Citype.exe%0AC:%5CProgram%20Files%5CMicrosoft%20IntelliPoint%5Cipoint.exe%0AC:%5CProgram%20Files%20(x86)%5CDisplayFusion%5CDisplayFusion.exe%0AC:%5CProgram%20Files%5CWindows%20Sidebar%5Csidebar.exe%0AC:%5CUsers%5CGaming%5CAppData%5CLocal%5CGoogle%5CUpdate%5CGoogleUpdate.exe%0AC:%5CProgram%20Files%5CMicrosoft%20IntelliType%20Pro%5Cdpupdchk.exe%0AC:%5CUsers%5CGaming%5CAppData%5CLocal%5CGoogle%5CUpdate%5C1.3.21.123%5CGoogleCrashHandler.exe%0AC:%5CUsers%5CGaming%5CAppData%5CLocal%5CGoogle%5CUpdate%5C1.3.21.123%5CGoogleCrashHandler64.exe%0AC:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgnsa.exe%0AC:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgemca.exe%0AC:%5CProgram%20Files%20(x86)%5CCreative%5CTHX%20TruStudio%20Pro%5CTHXAudioCP%5CTHXAudio.exe%0AC:%5CProgram%20Files%20(x86)%5CCyberLink%5CPowerDVD8%5CPDVD8Serv.exe%0AC:%5CProgram%20Files%20(x86)%5CRenesas%20Electronics%5CUSB%203.0%20Host%20Controller%20Driver%5CApplication%5Cnusb3mon.exe%0AC:%5CProgram%20Files%20(x86)%5CiTunes%5CiTunesHelper.exe%0AC:%5CProgram%20Files%20(x86)%5CDivX%5CDivX%20Update%5CDivXUpdate.exe%0AC:%5CProgram%20Files%20(x86)%5CCyberLink%5CShared%20Files%5Cbrs.exe%0AC:%5CProgramData%5CAd-Aware%20Browsing%20Protection%5Cadawarebp.exe%0AC:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgtray.exe%0AC:%5CProgram%20Files%5CNVIDIA%20Corporation%5CDisplay%5Cnvtray.exe%0AC:%5CPROGRA~2%5CAD-AWA~1%5CAdAware.exe%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20LocalServiceAndNoImpersonation%0AC:%5CWindows%5Csystem32%5Cwbem%5Cwmiprvse.exe%0AC:%5CProgram%20Files%20(x86)%5CAd-Aware%20Antivirus%5CSBAMSvc.exe%0AC:%5CWindows%5Csystem32%5CSearchIndexer.exe%0AC:%5CProgram%20Files%5CiPod%5Cbin%5CiPodService.exe%0AC:%5CWindows%5CMicrosoft.Net%5CFramework64%5Cv3.0%5CWPF%5CPresentationFontCache.exe%0AC:%5CProgram%20Files%5CWindows%20Media%20Player%5Cwmpnetwk.exe%0AC:%5CWindows%5CSystem32%5Csvchost.exe%20-k%20LocalServicePeerNet%0AC:%5CProgram%20Files%20(x86)%5CDisplayFusion%5CDisplayFusionAppHook.exe%0AC:%5CProgram%20Files%20(x86)%5CMozilla%20Firefox%5Cfirefox.exe%0AC:%5CProgram%20Files%20(x86)%5CMozilla%20Firefox%5Cplugin-container.exe%0AC:%5CWindows%5CSysWOW64%5CMacromed%5CFlash%5CFlashPlayerPlugin_11_4_402_278.exe%0AC:%5CWindows%5CSysWOW64%5CMacromed%5CFlash%5CFlashPlayerPlugin_11_4_402_278.exe%0AC:%5CProgram%20Files%20(x86)%5CNVIDIA%20Corporation%5CNVIDIA%20Updatus%5Cdaemonu.exe%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20SDRSVC%0AC:%5CWindows%5Csystem32%5CSearchProtocolHost.exe%0AC:%5CWindows%5Csystem32%5CSearchFilterHost.exe%0AC:%5CWindows%5Csystem32%5CDllHost.exe%0AC:%5CWindows%5CSysWOW64%5Ccmd.exe%0AC:%5CWindows%5Csystem32%5Cconhost.exe%0AC:%5CWindows%5CSysWOW64%5Ccscript.exe%0A.%0A==============%20Pseudo%20HJT%20Report%20===============%0A.%0AuStart%20Page%20=%20hxxp://www.google.com/%0AmURLSearchHooks:%20H%20-%20No%20File%0ABHO:%20Adobe%20PDF%20Link%20Helper:%20%7B18df081c-e8ad-4283-a596-fa578c2ebdc3%7D%20-%20C:%5CProgram%20Files%20(x86)%5CCommon%20Files%5CAdobe%5CAcrobat%5CActiveX%5CAcroIEHelperShim.dll%0ABHO:%20AVG%20Do%20Not%20Track:%20%7B31332eef-cb9f-458f-afeb-d30e9a66b6ba%7D%20-%20C:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgdtiex.dll%0ABHO:%20DivX%20Plus%20Web%20Player%20HTML5%20%3Cvideo%3E:%20%7B326e768d-4182-46fd-9c16-1449a49795f4%7D%20-%20C:%5CProgram%20Files%20(x86)%5CDivX%5CDivX%20Plus%20Web%20Player%5Cie%5CDivXHTML5%5CDivXHTML5.dll%0ABHO:%20Java(tm)%20Plug-In%20SSV%20Helper:%20%7B761497bb-d6f0-462c-b6eb-d4daf1d92d43%7D%20-%20C:%5CProgram%20Files%20(x86)%5CJava%5Cjre7%5Cbin%5Cssv.dll%0ABHO:%20Office%20Document%20Cache%20Handler:%20%7Bb4f3a835-0e21-4959-ba22-42b3008e02ff%7D%20-%20C:%5CPROGRA~2%5CMICROS~1%5COffice14%5CURLREDIR.DLL%0ABHO:%20Java(tm)%20Plug-In%202%20SSV%20Helper:%20%7Bdbc80044-a445-435b-bc74-9c25c1c588a9%7D%20-%20C:%5CProgram%20Files%20(x86)%5CJava%5Cjre7%5Cbin%5Cjp2ssv.dll%0ATB:%20%7B32099AAC-C132-4136-9E9A-4E364A424E17%7D%20-%20No%20File%0ATB:%20%7B687578B9-7132-4A7A-80E4-30EE31099E03%7D%20-%20No%20File%0ATB:%20%7B4B3803EA-5230-4DC3-A7FC-33638F3D3542%7D%20-%20No%20File%0AuRun:%20%5BDAEMON%20Tools%20Lite%5D%20%22C:%5CProgram%20Files%20(x86)%5CDAEMON%20Tools%20Lite%5CDTLite.exe%22%20-autorun%0AuRun:%20%5BDisplayFusion%5D%20%22C:%5CProgram%20Files%20(x86)%5CDisplayFusion%5CDisplayFusion.exe%22%0AuRun:%20%5BSidebar%5D%20C:%5CProgram%20Files%5CWindows%20Sidebar%5Csidebar.exe%20/autoRun%0AuRun:%20%5BGoogle%20Update%5D%20%22C:%5CUsers%5CGaming%5CAppData%5CLocal%5CGoogle%5CUpdate%5CGoogleUpdate.exe%22%20/c%0AmRun:%20%5BTHX%20Audio%20Control%20Panel%5D%20%22C:%5CProgram%20Files%20(x86)%5CCreative%5CTHX%20TruStudio%20Pro%5CTHXAudioCP%5CTHXAudio.exe%22%20/r%0AmRun:%20%5BRemoteControl8%5D%20%22C:%5CProgram%20Files%20(x86)%5CCyberLink%5CPowerDVD8%5CPDVD8Serv.exe%22%0AmRun:%20%5BNUSB3MON%5D%20%22C:%5CProgram%20Files%20(x86)%5CRenesas%20Electronics%5CUSB%203.0%20Host%20Controller%20Driver%5CApplication%5Cnusb3mon.exe%22%0AmRun:%20%5BLifeCam%5D%20%22C:%5CProgram%20Files%20(x86)%5CMicrosoft%20LifeCam%5CLifeExp.exe%22%0AmRun:%20%5BiTunesHelper%5D%20%22C:%5CProgram%20Files%20(x86)%5CiTunes%5CiTunesHelper.exe%22%0AmRun:%20%5BDivXUpdate%5D%20%22C:%5CProgram%20Files%20(x86)%5CDivX%5CDivX%20Update%5CDivXUpdate.exe%22%20/CHECKNOW%0AmRun:%20%5BBDRegion%5D%20C:%5CProgram%20Files%20(x86)%5CCyberlink%5CShared%20Files%5Cbrs.exe%0AmRun:%20%5BBCSSync%5D%20%22C:%5CProgram%20Files%20(x86)%5CMicrosoft%20Office%5COffice14%5CBCSSync.exe%22%20/DelayServices%0AmRun:%20%5BAdobe%20ARM%5D%20%22C:%5CProgram%20Files%20(x86)%5CCommon%20Files%5CAdobe%5CARM%5C1.0%5CAdobeARM.exe%22%0AmRun:%20%5BAd-Aware%20Antivirus%5D%20%22C:%5CProgram%20Files%20(x86)%5CAd-Aware%20Antivirus%5CAdAwareLauncher%22%20--windows-run%0AmRun:%20%5BAd-Aware%20Browsing%20Protection%5D%20%22C:%5CProgramData%5CAd-Aware%20Browsing%20Protection%5Cadawarebp.exe%22%0AmRun:%20%5BAVG_TRAY%5D%20%22C:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgtray.exe%22%0AmPolicies-system:%20ConsentPromptBehaviorAdmin%20=%200%20(0x0)%0AmPolicies-system:%20ConsentPromptBehaviorUser%20=%203%20(0x3)%0AmPolicies-system:%20EnableLUA%20=%200%20(0x0)%0AmPolicies-system:%20EnableUIADesktopToggle%20=%200%20(0x0)%0AmPolicies-system:%20PromptOnSecureDesktop%20=%200%20(0x0)%0AIE:%20%7B68BCFFE1-A2DA-4B40-9068-87ECBFC19D16%7D%20-%20%7B68BCFFE1-A2DA-4B40-9068-87ECBFC19D16%7D%20-%20C:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgdtiex.dll%0ADPF:%20%7B8AD9C840-044E-11D1-B3E9-00805F499D93%7D%20-%20hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab%0ADPF:%20%7BCAFEEFAC-0016-0000-0031-ABCDEFFEDCBA%7D%20-%20hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab%0ADPF:%20%7BCAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA%7D%20-%20hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab%0ATCP:%20DhcpNameServer%20=%20192.168.2.1%0ATCP:%20Interfaces%5C%7B09484FCD-3F8A-4579-A6DC-5397E9138F66%7D%20:%20DhcpNameServer%20=%20205.152.144.23%20205.152.132.23%0ATCP:%20Interfaces%5C%7B2F40C316-F178-4CB7-85A5-302B6657847B%7D%20:%20DhcpNameServer%20=%20192.168.2.1%0ATCP:%20Interfaces%5C%7BC0328E81-733D-4AFE-9DBE-42B20E0830C5%7D%20:%20DhcpNameServer%20=%20192.168.2.1%0ATCP:%20Interfaces%5C%7BC0328E81-733D-4AFE-9DBE-42B20E0830C5%7D%5C4786560296E6475627E6564702%20:%20DhcpNameServer%20=%2065.32.5.111%2065.32.5.112%0AFilter:%20text/xml%20-%20%7B807573E5-5146-11D5-A672-00B0D022E945%7D%20-%20C:%5CProgram%20Files%20(x86)%5CCommon%20Files%5Cmicrosoft%20shared%5COFFICE14%5CMSOXMLMF.DLL%0AHandler:%20linkscanner%20-%20%7BF274614C-63F8-47D5-A4D1-FBDDE494F8D1%7D%20-%20C:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgpp.dll%0AHandler:%20skype4com%20-%20%7BFFC8B962-9B40-4DFF-9458-1830C7DD7F5D%7D%20-%20C:%5CPROGRA~2%5CCOMMON~1%5CSkype%5CSKYPE4~1.DLL%0ASEH:%20Groove%20GFS%20Stub%20Execution%20Hook:%20%7Bb5a7f190-dda6-4420-b3ba-52453494e6cd%7D%20-%20C:%5CPROGRA~2%5CMICROS~1%5COffice14%5CGROOVEEX.DLL%0ABHO-X64:%20Adobe%20PDF%20Link%20Helper:%20%7B18DF081C-E8AD-4283-A596-FA578C2EBDC3%7D%20-%20C:%5CProgram%20Files%20(x86)%5CCommon%20Files%5CAdobe%5CAcrobat%5CActiveX%5CAcroIEHelperShim.dll%0ABHO-X64:%20%20%20%20%20AcroIEHelperStub%20-%20No%20File%0ABHO-X64:%20AVG%20Do%20Not%20Track:%20%7B31332EEF-CB9F-458F-AFEB-D30E9A66B6BA%7D%20-%20C:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgdtiex.dll%0ABHO-X64:%20%20%20%20%20AVG%20Do%20Not%20Track%20-%20No%20File%0ABHO-X64:%20DivX%20Plus%20Web%20Player%20HTML5%20%3Cvideo%3E:%20%7B326E768D-4182-46FD-9C16-1449A49795F4%7D%20-%20C:%5CProgram%20Files%20(x86)%5CDivX%5CDivX%20Plus%20Web%20Player%5Cie%5CDivXHTML5%5CDivXHTML5.dll%0ABHO-X64:%20%20%20%20%20Increase%20performance%20and%20video%20formats%20for%20your%20HTML5%20%3Cvideo%3E%20-%20No%20File%0ABHO-X64:%20Java(tm)%20Plug-In%20SSV%20Helper:%20%7B761497BB-D6F0-462C-B6EB-D4DAF1D92D43%7D%20-%20C:%5CProgram%20Files%20(x86)%5CJava%5Cjre7%5Cbin%5Cssv.dll%0ABHO-X64:%20Office%20Document%20Cache%20Handler:%20%7BB4F3A835-0E21-4959-BA22-42B3008E02FF%7D%20-%20C:%5CPROGRA~2%5CMICROS~1%5COffice14%5CURLREDIR.DLL%0ABHO-X64:%20%20%20%20%20URLRedirectionBHO%20-%20No%20File%0ABHO-X64:%20Java(tm)%20Plug-In%202%20SSV%20Helper:%20%7BDBC80044-A445-435b-BC74-9C25C1C588A9%7D%20-%20C:%5CProgram%20Files%20(x86)%5CJava%5Cjre7%5Cbin%5Cjp2ssv.dll%0ATB-X64:%20%7B32099AAC-C132-4136-9E9A-4E364A424E17%7D%20-%20No%20File%0ATB-X64:%20%7B687578B9-7132-4A7A-80E4-30EE31099E03%7D%20-%20No%20File%0ATB-X64:%20%7B4B3803EA-5230-4DC3-A7FC-33638F3D3542%7D%20-%20No%20File%0AmRun-x64:%20%5BTHX%20Audio%20Control%20Panel%5D%20%22C:%5CProgram%20Files%20(x86)%5CCreative%5CTHX%20TruStudio%20Pro%5CTHXAudioCP%5CTHXAudio.exe%22%20/r%0AmRun-x64:%20%5BRemoteControl8%5D%20%22C:%5CProgram%20Files%20(x86)%5CCyberLink%5CPowerDVD8%5CPDVD8Serv.exe%22%0AmRun-x64:%20%5BNUSB3MON%5D%20%22C:%5CProgram%20Files%20(x86)%5CRenesas%20Electronics%5CUSB%203.0%20Host%20Controller%20Driver%5CApplication%5Cnusb3mon.exe%22%0AmRun-x64:%20%5BLifeCam%5D%20%22C:%5CProgram%20Files%20(x86)%5CMicrosoft%20LifeCam%5CLifeExp.exe%22%0AmRun-x64:%20%5BiTunesHelper%5D%20%22C:%5CProgram%20Files%20(x86)%5CiTunes%5CiTunesHelper.exe%22%0AmRun-x64:%20%5BDivXUpdate%5D%20%22C:%5CProgram%20Files%20(x86)%5CDivX%5CDivX%20Update%5CDivXUpdate.exe%22%20/CHECKNOW%0AmRun-x64:%20%5BBDRegion%5D%20C:%5CProgram%20Files%20(x86)%5CCyberlink%5CShared%20Files%5Cbrs.exe%0AmRun-x64:%20%5BBCSSync%5D%20%22C:%5CProgram%20Files%20(x86)%5CMicrosoft%20Office%5COffice14%5CBCSSync.exe%22%20/DelayServices%0AmRun-x64:%20%5BAdobe%20ARM%5D%20%22C:%5CProgram%20Files%20(x86)%5CCommon%20Files%5CAdobe%5CARM%5C1.0%5CAdobeARM.exe%22%0AmRun-x64:%20%5BAd-Aware%20Antivirus%5D%20%22C:%5CProgram%20Files%20(x86)%5CAd-Aware%20Antivirus%5CAdAwareLauncher%22%20--windows-run%0AmRun-x64:%20%5BAd-Aware%20Browsing%20Protection%5D%20%22C:%5CProgramData%5CAd-Aware%20Browsing%20Protection%5Cadawarebp.exe%22%0AmRun-x64:%20%5BAVG_TRAY%5D%20%22C:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgtray.exe%22%0ASEH-X64:%20Groove%20GFS%20Stub%20Execution%20Hook:%20%7BB5A7F190-DDA6-4420-B3BA-52453494E6CD%7D%20-%20C:%5CPROGRA~2%5CMICROS~1%5COffice14%5CGROOVEEX.DLL%0A.%0A=================%20FIREFOX%20===================%0A.%0AFF%20-%20ProfilePath%20-%20C:%5CUsers%5CGaming%5CAppData%5CRoaming%5CMozilla%5CFirefox%5CProfiles%5Cuovnso3g.default%5C%0AFF%20-%20prefs.js:%20browser.search.selectedEngine%20-%20Google%0AFF%20-%20prefs.js:%20browser.startup.homepage%20-%20hxxp://www.google.com/%0AFF%20-%20prefs.js:%20keyword.URL%20-%20%20hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&q=%0AFF%20-%20plugin:%20C:%5CPROGRA~2%5CMICROS~1%5COffice14%5CNPAUTHZ.DLL%0AFF%20-%20plugin:%20C:%5CPROGRA~2%5CMICROS~1%5COffice14%5CNPSPWRAP.DLL%0AFF%20-%20plugin:%20C:%5CProgram%20Files%20(x86)%5CAdobe%5CReader%2010.0%5CReader%5CAIR%5Cnppdf32.dll%0AFF%20-%20plugin:%20C:%5CProgram%20Files%20(x86)%5CDivX%5CDivX%20OVS%20Helper%5Cnpovshelper.dll%0AFF%20-%20plugin:%20C:%5CProgram%20Files%20(x86)%5CDivX%5CDivX%20Plus%20Web%20Player%5Cnpdivx32.dll%0AFF%20-%20plugin:%20C:%5CProgram%20Files%20(x86)%5CJava%5Cjre7%5Cbin%5Cplugin2%5Cnpjp2.dll%0AFF%20-%20plugin:%20C:%5CProgram%20Files%20(x86)%5CMicrosoft%20Silverlight%5C5.1.10411.0%5Cnpctrlui.dll%0AFF%20-%20plugin:%20C:%5CUsers%5CGaming%5CAppData%5CLocal%5CGoogle%5CUpdate%5C1.3.21.123%5CnpGoogleUpdate3.dll%0AFF%20-%20plugin:%20C:%5CWindows%5Csystem32%5CWat%5CnpWatWeb.dll%0AFF%20-%20plugin:%20C:%5CWindows%5CSysWOW64%5CMacromed%5CFlash%5CNPSWF32_11_3_300_271.dll%0AFF%20-%20plugin:%20C:%5CWindows%5CSysWOW64%5CMacromed%5CFlash%5CNPSWF32_11_4_402_278.dll%0AFF%20-%20plugin:%20C:%5CWindows%5CSysWOW64%5CnpDeployJava1.dll%0AFF%20-%20plugin:%20C:%5CWindows%5CSysWOW64%5Cnpmproxy.dll%0A.%0A----%20FIREFOX%20POLICIES%20----%0AFF%20-%20user.js:%20network.cookie.cookieBehavior%20-%200%0AFF%20-%20user.js:%20privacy.clearOnShutdown.cookies%20-%20false%0AFF%20-%20user.js:%20security.warn_viewing_mixed%20-%20false%0AFF%20-%20user.js:%20security.warn_viewing_mixed.show_once%20-%20false%0AFF%20-%20user.js:%20security.warn_submit_insecure%20-%20false%0AFF%20-%20user.js:%20security.warn_submit_insecure.show_once%20-%20false%0A.%0A=============%20SERVICES%20/%20DRIVERS%20===============%0A.%0AR0%20AVGIDSHA;AVGIDSHA;C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgidsha.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgidsha.sys%20%5B?%5D%0AR0%20Avgrkx64;AVG%20Anti-Rootkit%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgrkx64.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgrkx64.sys%20%5B?%5D%0AR1%20Avgldx64;AVG%20AVI%20Loader%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgldx64.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgldx64.sys%20%5B?%5D%0AR1%20Avgmfx64;AVG%20Mini-Filter%20Resident%20Anti-Virus%20Shield;C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgmfx64.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgmfx64.sys%20%5B?%5D%0AR1%20Avgtdia;AVG%20TDI%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgtdia.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgtdia.sys%20%5B?%5D%0AR1%20dtsoftbus01;DAEMON%20Tools%20Virtual%20Bus%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cdtsoftbus01.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cdtsoftbus01.sys%20%5B?%5D%0AR1%20SBRE;SBRE;C:%5CWindows%5CSystem32%5Cdrivers%5CSBREDrv.sys%20%5B2011-10-26%20101112%5D%0AR1%20vwififlt;Virtual%20WiFi%20Filter%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cvwififlt.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cvwififlt.sys%20%5B?%5D%0AR2%20%7BFE4C91E7-22C2-4D0C-9F6B-82F1B7742054%7D;Power%20Control%20%5B2011/06/26%2019:44:30%5D;C:%5CProgram%20Files%20(x86)%5CCyberLink%5CPowerDVD8%5C000.fcl%20%5B2009-8-28%20146928%5D%0AR2%20Ad-Aware%20Service;Ad-Aware%20Service;C:%5CProgram%20Files%20(x86)%5CAd-Aware%20Antivirus%5CAdAwareService.exe%20%5B2012-7-12%201239952%5D%0AR2%20AdobeARMservice;Adobe%20Acrobat%20Update%20Service;C:%5CProgram%20Files%20(x86)%5CCommon%20Files%5CAdobe%5CARM%5C1.0%5Carmsvc.exe%20%5B2012-7-27%2063960%5D%0AR2%20AdvancedSystemCareService5;Advanced%20SystemCare%20Service%205;C:%5CProgram%20Files%20(x86)%5CIObit%5CAdvanced%20SystemCare%205%5CASCService.exe%20%5B2012-2-11%20913792%5D%0AR2%20AVGIDSAgent;AVGIDSAgent;C:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgidsagent.exe%20%5B2012-8-13%205167736%5D%0AR2%20avgwd;AVG%20WatchDog;C:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgwdsvc.exe%20%5B2012-2-14%20193288%5D%0AR2%20HitmanProScheduler;HitmanPro%20Scheduler;C:%5CProgram%20Files%5CHitmanPro%5Chmpsched.exe%20%5B2012-9-24%20108392%5D%0AR2%20nvUpdatusService;NVIDIA%20Update%20Service%20Daemon;C:%5CProgram%20Files%20(x86)%5CNVIDIA%20Corporation%5CNVIDIA%20Updatus%5Cdaemonu.exe%20%5B2011-8-11%202214504%5D%0AR2%20SBAMSvc;Ad-Aware;C:%5CProgram%20Files%20(x86)%5CAd-Aware%20Antivirus%5CSBAMSvc.exe%20%5B2011-12-19%203289032%5D%0AR2%20sbapifs;sbapifs;C:%5CWindows%5Csystem32%5CDRIVERS%5Csbapifs.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Csbapifs.sys%20%5B?%5D%0AR3%20AVGIDSDriver;AVGIDSDriver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgidsdrivera.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgidsdrivera.sys%20%5B?%5D%0AR3%20AVGIDSFilter;AVGIDSFilter;C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgidsfiltera.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgidsfiltera.sys%20%5B?%5D%0AR3%20hitmanpro36;HitmanPro%203.6%20Support%20Driver;%5C??%5CC:%5CWindows%5Csystem32%5Cdrivers%5Chitmanpro36.sys%20--%3E%20C:%5CWindows%5Csystem32%5Cdrivers%5Chitmanpro36.sys%20%5B?%5D%0AR3%20MBfilt;MBfilt;C:%5CWindows%5Csystem32%5Cdrivers%5CMBfilt64.sys%20--%3E%20C:%5CWindows%5Csystem32%5Cdrivers%5CMBfilt64.sys%20%5B?%5D%0AR3%20MEIx64;Intel(R)%20Management%20Engine%20Interface%20;C:%5CWindows%5Csystem32%5CDRIVERS%5CHECIx64.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5CHECIx64.sys%20%5B?%5D%0AR3%20nusb3hub;Renesas%20Electronics%20USB%203.0%20Hub%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cnusb3hub.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cnusb3hub.sys%20%5B?%5D%0AR3%20nusb3xhc;Renesas%20Electronics%20USB%203.0%20Host%20Controller%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cnusb3xhc.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cnusb3xhc.sys%20%5B?%5D%0AR3%20RTL8167;Realtek%208167%20NT%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5CRt64win7.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5CRt64win7.sys%20%5B?%5D%0AR3%20WDC_SAM;WD%20SCSI%20Pass%20Thru%20driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cwdcsam64.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cwdcsam64.sys%20%5B?%5D%0AS2%20clr_optimization_v4.0.30319_32;Microsoft%20.NET%20Framework%20NGEN%20v4.0.30319_X86;C:%5CWindows%5CMicrosoft.NET%5CFramework%5Cv4.0.30319%5Cmscorsvw.exe%20%5B2010-3-18%20130384%5D%0AS2%20clr_optimization_v4.0.30319_64;Microsoft%20.NET%20Framework%20NGEN%20v4.0.30319_X64;C:%5CWindows%5CMicrosoft.NET%5CFramework64%5Cv4.0.30319%5Cmscorsvw.exe%20%5B2010-3-18%20138576%5D%0AS2%20SkypeUpdate;Skype%20Updater;C:%5CProgram%20Files%20(x86)%5CSkype%5CUpdater%5CUpdater.exe%20%5B2012-6-7%20160944%5D%0AS3%20AdobeFlashPlayerUpdateSvc;Adobe%20Flash%20Player%20Update%20Service;C:%5CWindows%5CSysWOW64%5CMacromed%5CFlash%5CFlashPlayerUpdateService.exe%20%5B2012-5-6%20250288%5D%0AS3%20Microsoft%20SharePoint%20Workspace%20Audit%20Service;Microsoft%20SharePoint%20Workspace%20Audit%20Service;C:%5CProgram%20Files%20(x86)%5CMicrosoft%20Office%5COffice14%5CGROOVE.EXE%20%5B2011-6-12%2031125880%5D%0AS3%20netr28ux;RT2870%20USB%20Extensible%20Wireless%20LAN%20Card%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cnetr28ux.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cnetr28ux.sys%20%5B?%5D%0AS3%20osppsvc;Office%20Software%20Protection%20Platform;C:%5CProgram%20Files%5CCommon%20Files%5CMicrosoft%20Shared%5COfficeSoftwareProtectionPlatform%5COSPPSVC.EXE%20%5B2010-1-9%204925184%5D%0AS3%20RdpVideoMiniport;Remote%20Desktop%20Video%20Miniport%20Driver;C:%5CWindows%5Csystem32%5Cdrivers%5Crdpvideominiport.sys%20--%3E%20C:%5CWindows%5Csystem32%5Cdrivers%5Crdpvideominiport.sys%20%5B?%5D%0AS3%20sbhips;sbhips;C:%5CWindows%5Csystem32%5Cdrivers%5Csbhips.sys%20--%3E%20C:%5CWindows%5Csystem32%5Cdrivers%5Csbhips.sys%20%5B?%5D%0AS3%20TsUsbFlt;TsUsbFlt;C:%5CWindows%5Csystem32%5Cdrivers%5Ctsusbflt.sys%20--%3E%20C:%5CWindows%5Csystem32%5Cdrivers%5Ctsusbflt.sys%20%5B?%5D%0AS3%20USBAAPL64;Apple%20Mobile%20USB%20Driver;C:%5CWindows%5Csystem32%5CDrivers%5Cusbaapl64.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDrivers%5Cusbaapl64.sys%20%5B?%5D%0AS3%20vwifimp;Microsoft%20Virtual%20WiFi%20Miniport%20Service;C:%5CWindows%5Csystem32%5CDRIVERS%5Cvwifimp.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cvwifimp.sys%20%5B?%5D%0AS3%20WatAdminSvc;Windows%20Activation%20Technologies%20Service;C:%5CWindows%5Csystem32%5CWat%5CWatAdminSvc.exe%20--%3E%20C:%5CWindows%5Csystem32%5CWat%5CWatAdminSvc.exe%20%5B?%5D%0AS3%20WSDPrintDevice;WSD%20Print%20Support%20via%20UMB;C:%5CWindows%5Csystem32%5CDRIVERS%5CWSDPrint.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5CWSDPrint.sys%20%5B?%5D%0AS4%20RalinkRegistryWriter;Ralink%20Registry%20Writer;C:%5CProgram%20Files%20(x86)%5CEdimax%5CCommon%5CRaRegistry.exe%20%5B2011-3-8%20185632%5D%0AS4%20RalinkRegistryWriter64;Ralink%20Registry%20Writer%2064;C:%5CProgram%20Files%20(x86)%5CEdimax%5CCommon%5CRaRegistry64.exe%20%5B2011-3-8%20212256%5D%0A.%0A===============%20Created%20Last%2030%20================%0A.%0A2012-09-25%2014:52:46%0930496%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5Chitmanpro36.sys%0A2012-09-25%2004:09:01%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CRoaming%5CIsolatedStorage%0A2012-09-25%2004:09:01%09--------%09d-----w-%09C:%5CProgramData%5CIsolatedStorage%0A2012-09-25%2004:08:56%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CLocal%5C%7F_%0A2012-09-25%2004:08:50%09--------%09d-----w-%09C:%5CProgram%20Files%5CFileViewPro%0A2012-09-25%2003:56:19%09--------%09d-----w-%09C:%5CProgram%20Files%20(x86)%5CNCH%20Software%0A2012-09-25%2001:29:08%09--------%09d-----w-%09C:%5CProgram%20Files%5CHitmanPro%0A2012-09-25%2001:28:16%09--------%09d-----w-%09C:%5CProgramData%5CHitmanPro%0A2012-09-25%2000:55:55%0916200%09----a-w-%09C:%5CWindows%5Cstinger.sys%0A2012-09-25%2000:55:43%09--------%09d-----w-%09C:%5CProgram%20Files%20(x86)%5Cstinger%0A2012-09-25%2000:44:41%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CPavark%0A2012-09-24%2023:41:13%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CRoaming%5CAVG2012%0A2012-09-24%2023:40:45%09--------%09d-----w-%09C:%5CWindows%5CSysWow64%5Cdrivers%5CAVG%0A2012-09-24%2023:40:42%09--------%09d-----w-%09C:%5CWindows%5CSystem32%5Cdrivers%5CAVG%0A2012-09-24%2023:28:15%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CLocal%5Cadaware%0A2012-09-24%2023:28:14%09--------%09d-----w-%09C:%5CProgramData%5CAd-Aware%20Browsing%20Protection%0A2012-09-24%2023:28:02%0960536%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5Csbhips.sys%0A2012-09-24%2023:28:01%0957976%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5Csbredrv.sys%0A2012-09-24%2023:28:01%0945936%09----a-w-%09C:%5CWindows%5CSystem32%5Csbbd.exe%0A2012-09-24%2021:41:48%09--------%09d-s---w-%09C:%5CComboFix%0A2012-09-21%2020:18:31%099308616%09----a-w-%09C:%5CProgramData%5CMicrosoft%5CWindows%20Defender%5CDefinition%20Updates%5C%7B34515EC9-DEFA-429C-9212-DEA465660240%7D%5Cmpengine.dll%0A2012-09-21%2017:00:27%0910213296%09----a-w-%09C:%5CWindows%5CSysWow64%5CFlashPlayerInstaller.exe%0A2012-09-13%2013:16:21%09--------%09d-----r-%09C:%5CProgram%20Files%20(x86)%5CSkype%0A2012-09-12%2014:40:22%09503808%09----a-w-%09C:%5CWindows%5CSystem32%5Csrcore.dll%0A2012-09-12%2014:40:22%0943008%09----a-w-%09C:%5CWindows%5CSysWow64%5Csrclient.dll%0A2012-09-12%2014:40:20%09574464%09----a-w-%09C:%5CWindows%5CSystem32%5Cd3d10level9.dll%0A2012-09-12%2014:40:20%09490496%09----a-w-%09C:%5CWindows%5CSysWow64%5Cd3d10level9.dll%0A2012-09-12%2014:29:01%09751104%09----a-w-%09C:%5CWindows%5CSystem32%5Cwin32spl.dll%0A2012-09-12%2014:29:01%0967072%09----a-w-%09C:%5CWindows%5Csplwow64.exe%0A2012-09-12%2014:29:01%09559104%09----a-w-%09C:%5CWindows%5CSystem32%5Cspoolsv.exe%0A2012-09-12%2014:29:01%09492032%09----a-w-%09C:%5CWindows%5CSysWow64%5Cwin32spl.dll%0A2012-09-12%2014:29:00%09950128%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5Cndis.sys%0A2012-09-12%2014:29:00%0941472%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5CRNDISMP.sys%0A2012-09-12%2014:28:57%09376688%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5Cnetio.sys%0A2012-09-12%2014:28:57%09288624%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5CFWPKCLNT.SYS%0A2012-09-12%2014:28:57%091913200%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5Ctcpip.sys%0A2012-09-12%2013:46:38%0959392%09----a-w-%09C:%5CWindows%5CSystem32%5Cbrowcli.dll%0A2012-09-12%2013:46:38%0941984%09----a-w-%09C:%5CWindows%5CSysWow64%5Cbrowcli.dll%0A2012-09-12%2013:46:38%09136704%09----a-w-%09C:%5CWindows%5CSystem32%5Cbrowser.dll%0A2012-09-12%2013:44:35%09--------%09d-----w-%09C:%5CWindows%5CPCHEALTH%0A2012-09-12%2013:44:29%09956928%09----a-w-%09C:%5CWindows%5CSystem32%5Clocalspl.dll%0A2012-09-12%2003:02:01%093148800%09----a-w-%09C:%5CWindows%5CSystem32%5Cwin32k.sys%0A2012-09-11%2021:37:18%09--------%09d-sh--w-%09C:%5C$RECYCLE.BIN%0A2012-09-11%2019:01:47%09--------%09d-----w-%09C:%5CProgramData%5CGFI%20Software%0A2012-09-11%2018:57:28%0998816%09----a-w-%09C:%5CWindows%5Csed.exe%0A2012-09-11%2018:57:28%09518144%09----a-w-%09C:%5CWindows%5CSWREG.exe%0A2012-09-11%2018:57:28%09256000%09----a-w-%09C:%5CWindows%5CPEV.exe%0A2012-09-11%2018:57:28%09208896%09----a-w-%09C:%5CWindows%5CMBR.exe%0A2012-08-31%2000:17:57%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CRoaming%5CYthy%0A2012-08-31%2000:17:57%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CRoaming%5CIxud%0A2012-08-31%2000:17:57%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CRoaming%5CHeba%0A2012-08-30%2017:19:22%09821736%09----a-w-%09C:%5CWindows%5CSysWow64%5CnpDeployJava1.dll%0A2012-08-30%2017:19:07%0995208%09----a-w-%09C:%5CWindows%5CSysWow64%5CWindowsAccessBridge-32.dll%0A2012-08-27%2015:09:00%09--------%09d--h--w-%09C:%5C$AVG%0A2012-08-27%2015:09:00%09--------%09d-----w-%09C:%5CProgramData%5CAVG2012%0A2012-08-27%2015:08:37%09--------%09d-----w-%09C:%5CProgram%20Files%20(x86)%5CAVG%0A2012-08-27%2015:05:29%09--------%09d-----w-%09C:%5CProgram%20Files%20(x86)%5CAd-Aware%20Antivirus%0A2012-08-27%2015:05:22%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CLocal%5CDownloaded%20Installations%0A2012-08-27%2015:04:27%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CRoaming%5CAd-Aware%20Antivirus%0A2012-08-27%2015:02:24%09--------%09d--h--w-%09C:%5CProgramData%5CCommon%20Files%0A2012-08-27%2015:02:24%09--------%09d-----w-%09C:%5CProgramData%5CMFAData%0A.%0A====================%20Find3M%20%20====================%0A.%0A2012-09-21%2017:00:41%0973136%09----a-w-%09C:%5CWindows%5CSysWow64%5CFlashPlayerCPLApp.cpl%0A2012-09-21%2017:00:41%09696240%09----a-w-%09C:%5CWindows%5CSysWow64%5CFlashPlayerApp.exe%0A2012-08-30%2017:18:56%09746984%09----a-w-%09C:%5CWindows%5CSysWow64%5CdeployJava1.dll%0A2012-08-24%2019:43:16%09384352%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5Cavgtdia.sys%0A2012-08-24%2010:31:32%092312704%09----a-w-%09C:%5CWindows%5CSystem32%5Cjscript9.dll%0A2012-08-24%2010:21:18%091392128%09----a-w-%09C:%5CWindows%5CSystem32%5Cwininet.dll%0A2012-08-24%2010:20:11%091494528%09----a-w-%09C:%5CWindows%5CSystem32%5Cinetcpl.cpl%0A2012-08-24%2010:14:45%09173056%09----a-w-%09C:%5CWindows%5CSystem32%5CieUnatt.exe%0A2012-08-24%2010:13:29%09599040%09----a-w-%09C:%5CWindows%5CSystem32%5Cvbscript.dll%0A2012-08-24%2010:09:42%092382848%09----a-w-%09C:%5CWindows%5CSystem32%5Cmshtml.tlb%0A2012-08-24%2006:59:17%091800704%09----a-w-%09C:%5CWindows%5CSysWow64%5Cjscript9.dll%0A2012-08-24%2006:51:27%091129472%09----a-w-%09C:%5CWindows%5CSysWow64%5Cwininet.dll%0A2012-08-24%2006:51:02%091427968%09----a-w-%09C:%5CWindows%5CSysWow64%5Cinetcpl.cpl%0A2012-08-24%2006:47:26%09142848%09----a-w-%09C:%5CWindows%5CSysWow64%5CieUnatt.exe%0A2012-08-24%2006:47:12%09420864%09----a-w-%09C:%5CWindows%5CSysWow64%5Cvbscript.dll%0A2012-08-24%2006:43:58%092382848%09----a-w-%09C:%5CWindows%5CSysWow64%5Cmshtml.tlb%0A2012-08-22%2017:37:12%09328704%09----a-w-%09C:%5CWindows%5CSystem32%5Cservices.exe.2910E623D5BD277F%0A2012-08-22%2017:34:48%09328704%09----a-w-%09C:%5CWindows%5CSystem32%5Cservices.exe.68B1F57FDE349081%0A2012-08-22%2017:32:38%09328704%09----a-w-%09C:%5CWindows%5CSystem32%5Cservices.exe.00A63C867C2C94C8%0A2012-08-22%2017:30:27%09328704%09----a-w-%09C:%5CWindows%5CSystem32%5Cservices.exe.2A5B165FE0783959%0A2012-08-16%2000:11:48%09955888%09----a-w-%09C:%5CWindows%5CSystem32%5CnpDeployJava1.dll%0A2012-08-16%2000:11:48%09839152%09----a-w-%09C:%5CWindows%5CSystem32%5CdeployJava1.dll%0A2012-07-26%2007:21:28%09291680%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5Cavgldx64.sys%0A.%0A=============%20FINISH:%2011:06:50.21%20===============%0A"
FF - prefs.js..browser.startup.homepage: "I%20could%20really%20use%20some%20help.%20I%20recently%20completely%20eradicated%20a%20Root-kit%20virus%20that%20was%20causing%20pop-ups%20and%20extension%20problems%20on%20my%20Windows%207%2064%20bit%20operating%20system.%20Although%20it%20is%20completely%20gone,%20I%20now%20have%20over%2019,000%20files%20that%20have%20been%20made%20into%20.block%20files%20that%20were%20before%20that%20.docx,%20.doc,%20.txt,%20and%20more.%20I%20figured%20out%20how%20to%20change%20individual%20documents%20back%20into%20their%20proper%20extensions%20(.block%20-%20.doc%20)%20but%20would%20rather%20not%20go%20through%20all%2019,000%20files%20individually%20and%20change%20back%20the%20file%20extension.%0A%0AI%20have%20also%20noticed%20that%20after%20I%20change%20a%20.block%20back%20into%20a%20.txt%20that%20all%20the%20characters%20come%20up%20as%20a%20series%20of%20random%20numbers%20and%20characters.%20Also%20when%20I%20change%20a%20.block%20back%20into%20a%20.doc%20Microsoft%20Office%202010%20refuses%20to%20open%20the%20document.%20(Microsoft%20Offices%20document%20recovery%20program%20built%20into%20Microsoft%20Office%20doesn't%20seem%20to%20do%20the%20job)%20I%20have%20about%2020-30%20documents%20that%20I%20really%20need%20to%20open%20and%20cannot%20replace%20...%0A%0ADoes%20anyone%20have%20any%20idea%20how%20I%20can%20fix%20either%20of%20these%20problems?%0A%0A%0A.%0ADDS%20(Ver_2011-08-26.01)%20-%20NTFSAMD64%20%0AInternet%20Explorer:%209.0.8112.16421%20%20BrowserJavaVersion:%2010.7.2%0ARun%20by%20Gaming%20at%2011:06:28%20on%202012-09-25%0AMicrosoft%20Windows%207%20Ultimate%20%20%206.1.7601.1.1252.1.1033.18.12271.9783%20%5BGMT%20-4:00%5D%0A.%0AAV:%20Lavasoft%20Ad-Aware%20*Enabled/Updated*%20%7B445B48C3-0FA4-6B16-8F07-6506F305D800%7D%0AAV:%20AVG%20Anti-Virus%20Free%20Edition%202012%20*Enabled/Updated*%20%7B5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0%7D%0ASP:%20Lavasoft%20Ad-Aware%20*Enabled/Updated*%20%7BFF3AA927-299E-6498-B5B7-5E74888292BD%7D%0ASP:%20AVG%20Anti-Virus%20Free%20Edition%202012%20*Enabled/Updated*%20%7BE146A755-F8D3-F7D4-C17D-96C36DBE8F4D%7D%0ASP:%20Windows%20Defender%20*Disabled/Updated*%20%7BD68DDC3A-831F-4fae-9E44-DA132C1ACF46%7D%0AFW:%20Lavasoft%20Ad-Aware%20*Disabled*%20%7B7C60C9E6-45CB-6A4E-A458-CC330DD69F7B%7D%0A.%0A==============%20Running%20Processes%20===============%0A.%0AC:%5CPROGRA~2%5CAVG%5CAVG2012%5Cavgrsa.exe%0AC:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgcsrva.exe%0AC:%5CWindows%5Csystem32%5Cwininit.exe%0AC:%5CWindows%5Csystem32%5Clsm.exe%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20DcomLaunch%0AC:%5CProgram%20Files%20(x86)%5CIObit%5CAdvanced%20SystemCare%205%5CASCService.exe%0AC:%5CWindows%5Csystem32%5Cnvvsvc.exe%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20RPCSS%0AC:%5CWindows%5CSystem32%5Csvchost.exe%20-k%20LocalServiceNetworkRestricted%0AC:%5CWindows%5CSystem32%5Csvchost.exe%20-k%20LocalSystemNetworkRestricted%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20netsvcs%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20LocalService%0AC:%5CProgram%20Files%5CHitmanPro%5Chmpsched.exe%0AC:%5CProgram%20Files%5CNVIDIA%20Corporation%5CDisplay%5Cnvxdsync.exe%0AC:%5CWindows%5Csystem32%5Cnvvsvc.exe%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20NetworkService%0AC:%5CWindows%5CSystem32%5Cspoolsv.exe%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20LocalServiceNoNetwork%0AC:%5CProgram%20Files%20(x86)%5CAd-Aware%20Antivirus%5CAdAwareService.exe%0AC:%5CProgram%20Files%20(x86)%5CCommon%20Files%5CAdobe%5CARM%5C1.0%5Carmsvc.exe%0AC:%5CProgram%20Files%20(x86)%5CCommon%20Files%5CApple%5CMobile%20Device%20Support%5CAppleMobileDeviceService.exe%0AC:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgwdsvc.exe%0AC:%5CWindows%5Csystem32%5Ctaskhost.exe%0AC:%5CProgram%20Files%5CHitmanPro%5CHitmanPro.exe%0AC:%5CWindows%5Csystem32%5CDwm.exe%0AC:%5CWindows%5Csystem32%5Ctaskeng.exe%0AC:%5CWindows%5CExplorer.EXE%0AC:%5CProgram%20Files%5CBonjour%5CmDNSResponder.exe%0AC:%5CWindows%5Csystem32%5CCISVC.EXE%0AC:%5CProgram%20Files%5CMicrosoft%20LifeCam%5CMSCamS64.exe%0AC:%5CWindows%5Csystem32%5Cefsui.exe%0AC:%5CProgram%20Files%5CCore%20Temp%5CCore%20Temp.exe%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20imgsvc%0AC:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgidsagent.exe%0AC:%5CProgram%20Files%5CRealtek%5CAudio%5CHDA%5CRtkNGUI64.exe%0AC:%5CProgram%20Files%5CMicrosoft%20IntelliType%20Pro%5Citype.exe%0AC:%5CProgram%20Files%5CMicrosoft%20IntelliPoint%5Cipoint.exe%0AC:%5CProgram%20Files%20(x86)%5CDisplayFusion%5CDisplayFusion.exe%0AC:%5CProgram%20Files%5CWindows%20Sidebar%5Csidebar.exe%0AC:%5CUsers%5CGaming%5CAppData%5CLocal%5CGoogle%5CUpdate%5CGoogleUpdate.exe%0AC:%5CProgram%20Files%5CMicrosoft%20IntelliType%20Pro%5Cdpupdchk.exe%0AC:%5CUsers%5CGaming%5CAppData%5CLocal%5CGoogle%5CUpdate%5C1.3.21.123%5CGoogleCrashHandler.exe%0AC:%5CUsers%5CGaming%5CAppData%5CLocal%5CGoogle%5CUpdate%5C1.3.21.123%5CGoogleCrashHandler64.exe%0AC:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgnsa.exe%0AC:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgemca.exe%0AC:%5CProgram%20Files%20(x86)%5CCreative%5CTHX%20TruStudio%20Pro%5CTHXAudioCP%5CTHXAudio.exe%0AC:%5CProgram%20Files%20(x86)%5CCyberLink%5CPowerDVD8%5CPDVD8Serv.exe%0AC:%5CProgram%20Files%20(x86)%5CRenesas%20Electronics%5CUSB%203.0%20Host%20Controller%20Driver%5CApplication%5Cnusb3mon.exe%0AC:%5CProgram%20Files%20(x86)%5CiTunes%5CiTunesHelper.exe%0AC:%5CProgram%20Files%20(x86)%5CDivX%5CDivX%20Update%5CDivXUpdate.exe%0AC:%5CProgram%20Files%20(x86)%5CCyberLink%5CShared%20Files%5Cbrs.exe%0AC:%5CProgramData%5CAd-Aware%20Browsing%20Protection%5Cadawarebp.exe%0AC:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgtray.exe%0AC:%5CProgram%20Files%5CNVIDIA%20Corporation%5CDisplay%5Cnvtray.exe%0AC:%5CPROGRA~2%5CAD-AWA~1%5CAdAware.exe%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20LocalServiceAndNoImpersonation%0AC:%5CWindows%5Csystem32%5Cwbem%5Cwmiprvse.exe%0AC:%5CProgram%20Files%20(x86)%5CAd-Aware%20Antivirus%5CSBAMSvc.exe%0AC:%5CWindows%5Csystem32%5CSearchIndexer.exe%0AC:%5CProgram%20Files%5CiPod%5Cbin%5CiPodService.exe%0AC:%5CWindows%5CMicrosoft.Net%5CFramework64%5Cv3.0%5CWPF%5CPresentationFontCache.exe%0AC:%5CProgram%20Files%5CWindows%20Media%20Player%5Cwmpnetwk.exe%0AC:%5CWindows%5CSystem32%5Csvchost.exe%20-k%20LocalServicePeerNet%0AC:%5CProgram%20Files%20(x86)%5CDisplayFusion%5CDisplayFusionAppHook.exe%0AC:%5CProgram%20Files%20(x86)%5CMozilla%20Firefox%5Cfirefox.exe%0AC:%5CProgram%20Files%20(x86)%5CMozilla%20Firefox%5Cplugin-container.exe%0AC:%5CWindows%5CSysWOW64%5CMacromed%5CFlash%5CFlashPlayerPlugin_11_4_402_278.exe%0AC:%5CWindows%5CSysWOW64%5CMacromed%5CFlash%5CFlashPlayerPlugin_11_4_402_278.exe%0AC:%5CProgram%20Files%20(x86)%5CNVIDIA%20Corporation%5CNVIDIA%20Updatus%5Cdaemonu.exe%0AC:%5CWindows%5Csystem32%5Csvchost.exe%20-k%20SDRSVC%0AC:%5CWindows%5Csystem32%5CSearchProtocolHost.exe%0AC:%5CWindows%5Csystem32%5CSearchFilterHost.exe%0AC:%5CWindows%5Csystem32%5CDllHost.exe%0AC:%5CWindows%5CSysWOW64%5Ccmd.exe%0AC:%5CWindows%5Csystem32%5Cconhost.exe%0AC:%5CWindows%5CSysWOW64%5Ccscript.exe%0A.%0A==============%20Pseudo%20HJT%20Report%20===============%0A.%0AuStart%20Page%20=%20hxxp://www.google.com/%0AmURLSearchHooks:%20H%20-%20No%20File%0ABHO:%20Adobe%20PDF%20Link%20Helper:%20%7B18df081c-e8ad-4283-a596-fa578c2ebdc3%7D%20-%20C:%5CProgram%20Files%20(x86)%5CCommon%20Files%5CAdobe%5CAcrobat%5CActiveX%5CAcroIEHelperShim.dll%0ABHO:%20AVG%20Do%20Not%20Track:%20%7B31332eef-cb9f-458f-afeb-d30e9a66b6ba%7D%20-%20C:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgdtiex.dll%0ABHO:%20DivX%20Plus%20Web%20Player%20HTML5%20%3Cvideo%3E:%20%7B326e768d-4182-46fd-9c16-1449a49795f4%7D%20-%20C:%5CProgram%20Files%20(x86)%5CDivX%5CDivX%20Plus%20Web%20Player%5Cie%5CDivXHTML5%5CDivXHTML5.dll%0ABHO:%20Java(tm)%20Plug-In%20SSV%20Helper:%20%7B761497bb-d6f0-462c-b6eb-d4daf1d92d43%7D%20-%20C:%5CProgram%20Files%20(x86)%5CJava%5Cjre7%5Cbin%5Cssv.dll%0ABHO:%20Office%20Document%20Cache%20Handler:%20%7Bb4f3a835-0e21-4959-ba22-42b3008e02ff%7D%20-%20C:%5CPROGRA~2%5CMICROS~1%5COffice14%5CURLREDIR.DLL%0ABHO:%20Java(tm)%20Plug-In%202%20SSV%20Helper:%20%7Bdbc80044-a445-435b-bc74-9c25c1c588a9%7D%20-%20C:%5CProgram%20Files%20(x86)%5CJava%5Cjre7%5Cbin%5Cjp2ssv.dll%0ATB:%20%7B32099AAC-C132-4136-9E9A-4E364A424E17%7D%20-%20No%20File%0ATB:%20%7B687578B9-7132-4A7A-80E4-30EE31099E03%7D%20-%20No%20File%0ATB:%20%7B4B3803EA-5230-4DC3-A7FC-33638F3D3542%7D%20-%20No%20File%0AuRun:%20%5BDAEMON%20Tools%20Lite%5D%20%22C:%5CProgram%20Files%20(x86)%5CDAEMON%20Tools%20Lite%5CDTLite.exe%22%20-autorun%0AuRun:%20%5BDisplayFusion%5D%20%22C:%5CProgram%20Files%20(x86)%5CDisplayFusion%5CDisplayFusion.exe%22%0AuRun:%20%5BSidebar%5D%20C:%5CProgram%20Files%5CWindows%20Sidebar%5Csidebar.exe%20/autoRun%0AuRun:%20%5BGoogle%20Update%5D%20%22C:%5CUsers%5CGaming%5CAppData%5CLocal%5CGoogle%5CUpdate%5CGoogleUpdate.exe%22%20/c%0AmRun:%20%5BTHX%20Audio%20Control%20Panel%5D%20%22C:%5CProgram%20Files%20(x86)%5CCreative%5CTHX%20TruStudio%20Pro%5CTHXAudioCP%5CTHXAudio.exe%22%20/r%0AmRun:%20%5BRemoteControl8%5D%20%22C:%5CProgram%20Files%20(x86)%5CCyberLink%5CPowerDVD8%5CPDVD8Serv.exe%22%0AmRun:%20%5BNUSB3MON%5D%20%22C:%5CProgram%20Files%20(x86)%5CRenesas%20Electronics%5CUSB%203.0%20Host%20Controller%20Driver%5CApplication%5Cnusb3mon.exe%22%0AmRun:%20%5BLifeCam%5D%20%22C:%5CProgram%20Files%20(x86)%5CMicrosoft%20LifeCam%5CLifeExp.exe%22%0AmRun:%20%5BiTunesHelper%5D%20%22C:%5CProgram%20Files%20(x86)%5CiTunes%5CiTunesHelper.exe%22%0AmRun:%20%5BDivXUpdate%5D%20%22C:%5CProgram%20Files%20(x86)%5CDivX%5CDivX%20Update%5CDivXUpdate.exe%22%20/CHECKNOW%0AmRun:%20%5BBDRegion%5D%20C:%5CProgram%20Files%20(x86)%5CCyberlink%5CShared%20Files%5Cbrs.exe%0AmRun:%20%5BBCSSync%5D%20%22C:%5CProgram%20Files%20(x86)%5CMicrosoft%20Office%5COffice14%5CBCSSync.exe%22%20/DelayServices%0AmRun:%20%5BAdobe%20ARM%5D%20%22C:%5CProgram%20Files%20(x86)%5CCommon%20Files%5CAdobe%5CARM%5C1.0%5CAdobeARM.exe%22%0AmRun:%20%5BAd-Aware%20Antivirus%5D%20%22C:%5CProgram%20Files%20(x86)%5CAd-Aware%20Antivirus%5CAdAwareLauncher%22%20--windows-run%0AmRun:%20%5BAd-Aware%20Browsing%20Protection%5D%20%22C:%5CProgramData%5CAd-Aware%20Browsing%20Protection%5Cadawarebp.exe%22%0AmRun:%20%5BAVG_TRAY%5D%20%22C:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgtray.exe%22%0AmPolicies-system:%20ConsentPromptBehaviorAdmin%20=%200%20(0x0)%0AmPolicies-system:%20ConsentPromptBehaviorUser%20=%203%20(0x3)%0AmPolicies-system:%20EnableLUA%20=%200%20(0x0)%0AmPolicies-system:%20EnableUIADesktopToggle%20=%200%20(0x0)%0AmPolicies-system:%20PromptOnSecureDesktop%20=%200%20(0x0)%0AIE:%20%7B68BCFFE1-A2DA-4B40-9068-87ECBFC19D16%7D%20-%20%7B68BCFFE1-A2DA-4B40-9068-87ECBFC19D16%7D%20-%20C:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgdtiex.dll%0ADPF:%20%7B8AD9C840-044E-11D1-B3E9-00805F499D93%7D%20-%20hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab%0ADPF:%20%7BCAFEEFAC-0016-0000-0031-ABCDEFFEDCBA%7D%20-%20hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab%0ADPF:%20%7BCAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA%7D%20-%20hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab%0ATCP:%20DhcpNameServer%20=%20192.168.2.1%0ATCP:%20Interfaces%5C%7B09484FCD-3F8A-4579-A6DC-5397E9138F66%7D%20:%20DhcpNameServer%20=%20205.152.144.23%20205.152.132.23%0ATCP:%20Interfaces%5C%7B2F40C316-F178-4CB7-85A5-302B6657847B%7D%20:%20DhcpNameServer%20=%20192.168.2.1%0ATCP:%20Interfaces%5C%7BC0328E81-733D-4AFE-9DBE-42B20E0830C5%7D%20:%20DhcpNameServer%20=%20192.168.2.1%0ATCP:%20Interfaces%5C%7BC0328E81-733D-4AFE-9DBE-42B20E0830C5%7D%5C4786560296E6475627E6564702%20:%20DhcpNameServer%20=%2065.32.5.111%2065.32.5.112%0AFilter:%20text/xml%20-%20%7B807573E5-5146-11D5-A672-00B0D022E945%7D%20-%20C:%5CProgram%20Files%20(x86)%5CCommon%20Files%5Cmicrosoft%20shared%5COFFICE14%5CMSOXMLMF.DLL%0AHandler:%20linkscanner%20-%20%7BF274614C-63F8-47D5-A4D1-FBDDE494F8D1%7D%20-%20C:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgpp.dll%0AHandler:%20skype4com%20-%20%7BFFC8B962-9B40-4DFF-9458-1830C7DD7F5D%7D%20-%20C:%5CPROGRA~2%5CCOMMON~1%5CSkype%5CSKYPE4~1.DLL%0ASEH:%20Groove%20GFS%20Stub%20Execution%20Hook:%20%7Bb5a7f190-dda6-4420-b3ba-52453494e6cd%7D%20-%20C:%5CPROGRA~2%5CMICROS~1%5COffice14%5CGROOVEEX.DLL%0ABHO-X64:%20Adobe%20PDF%20Link%20Helper:%20%7B18DF081C-E8AD-4283-A596-FA578C2EBDC3%7D%20-%20C:%5CProgram%20Files%20(x86)%5CCommon%20Files%5CAdobe%5CAcrobat%5CActiveX%5CAcroIEHelperShim.dll%0ABHO-X64:%20%20%20%20%20AcroIEHelperStub%20-%20No%20File%0ABHO-X64:%20AVG%20Do%20Not%20Track:%20%7B31332EEF-CB9F-458F-AFEB-D30E9A66B6BA%7D%20-%20C:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgdtiex.dll%0ABHO-X64:%20%20%20%20%20AVG%20Do%20Not%20Track%20-%20No%20File%0ABHO-X64:%20DivX%20Plus%20Web%20Player%20HTML5%20%3Cvideo%3E:%20%7B326E768D-4182-46FD-9C16-1449A49795F4%7D%20-%20C:%5CProgram%20Files%20(x86)%5CDivX%5CDivX%20Plus%20Web%20Player%5Cie%5CDivXHTML5%5CDivXHTML5.dll%0ABHO-X64:%20%20%20%20%20Increase%20performance%20and%20video%20formats%20for%20your%20HTML5%20%3Cvideo%3E%20-%20No%20File%0ABHO-X64:%20Java(tm)%20Plug-In%20SSV%20Helper:%20%7B761497BB-D6F0-462C-B6EB-D4DAF1D92D43%7D%20-%20C:%5CProgram%20Files%20(x86)%5CJava%5Cjre7%5Cbin%5Cssv.dll%0ABHO-X64:%20Office%20Document%20Cache%20Handler:%20%7BB4F3A835-0E21-4959-BA22-42B3008E02FF%7D%20-%20C:%5CPROGRA~2%5CMICROS~1%5COffice14%5CURLREDIR.DLL%0ABHO-X64:%20%20%20%20%20URLRedirectionBHO%20-%20No%20File%0ABHO-X64:%20Java(tm)%20Plug-In%202%20SSV%20Helper:%20%7BDBC80044-A445-435b-BC74-9C25C1C588A9%7D%20-%20C:%5CProgram%20Files%20(x86)%5CJava%5Cjre7%5Cbin%5Cjp2ssv.dll%0ATB-X64:%20%7B32099AAC-C132-4136-9E9A-4E364A424E17%7D%20-%20No%20File%0ATB-X64:%20%7B687578B9-7132-4A7A-80E4-30EE31099E03%7D%20-%20No%20File%0ATB-X64:%20%7B4B3803EA-5230-4DC3-A7FC-33638F3D3542%7D%20-%20No%20File%0AmRun-x64:%20%5BTHX%20Audio%20Control%20Panel%5D%20%22C:%5CProgram%20Files%20(x86)%5CCreative%5CTHX%20TruStudio%20Pro%5CTHXAudioCP%5CTHXAudio.exe%22%20/r%0AmRun-x64:%20%5BRemoteControl8%5D%20%22C:%5CProgram%20Files%20(x86)%5CCyberLink%5CPowerDVD8%5CPDVD8Serv.exe%22%0AmRun-x64:%20%5BNUSB3MON%5D%20%22C:%5CProgram%20Files%20(x86)%5CRenesas%20Electronics%5CUSB%203.0%20Host%20Controller%20Driver%5CApplication%5Cnusb3mon.exe%22%0AmRun-x64:%20%5BLifeCam%5D%20%22C:%5CProgram%20Files%20(x86)%5CMicrosoft%20LifeCam%5CLifeExp.exe%22%0AmRun-x64:%20%5BiTunesHelper%5D%20%22C:%5CProgram%20Files%20(x86)%5CiTunes%5CiTunesHelper.exe%22%0AmRun-x64:%20%5BDivXUpdate%5D%20%22C:%5CProgram%20Files%20(x86)%5CDivX%5CDivX%20Update%5CDivXUpdate.exe%22%20/CHECKNOW%0AmRun-x64:%20%5BBDRegion%5D%20C:%5CProgram%20Files%20(x86)%5CCyberlink%5CShared%20Files%5Cbrs.exe%0AmRun-x64:%20%5BBCSSync%5D%20%22C:%5CProgram%20Files%20(x86)%5CMicrosoft%20Office%5COffice14%5CBCSSync.exe%22%20/DelayServices%0AmRun-x64:%20%5BAdobe%20ARM%5D%20%22C:%5CProgram%20Files%20(x86)%5CCommon%20Files%5CAdobe%5CARM%5C1.0%5CAdobeARM.exe%22%0AmRun-x64:%20%5BAd-Aware%20Antivirus%5D%20%22C:%5CProgram%20Files%20(x86)%5CAd-Aware%20Antivirus%5CAdAwareLauncher%22%20--windows-run%0AmRun-x64:%20%5BAd-Aware%20Browsing%20Protection%5D%20%22C:%5CProgramData%5CAd-Aware%20Browsing%20Protection%5Cadawarebp.exe%22%0AmRun-x64:%20%5BAVG_TRAY%5D%20%22C:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgtray.exe%22%0ASEH-X64:%20Groove%20GFS%20Stub%20Execution%20Hook:%20%7BB5A7F190-DDA6-4420-B3BA-52453494E6CD%7D%20-%20C:%5CPROGRA~2%5CMICROS~1%5COffice14%5CGROOVEEX.DLL%0A.%0A=================%20FIREFOX%20===================%0A.%0AFF%20-%20ProfilePath%20-%20C:%5CUsers%5CGaming%5CAppData%5CRoaming%5CMozilla%5CFirefox%5CProfiles%5Cuovnso3g.default%5C%0AFF%20-%20prefs.js:%20browser.search.selectedEngine%20-%20Google%0AFF%20-%20prefs.js:%20browser.startup.homepage%20-%20hxxp://www.google.com/%0AFF%20-%20prefs.js:%20keyword.URL%20-%20%20hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&q=%0AFF%20-%20plugin:%20C:%5CPROGRA~2%5CMICROS~1%5COffice14%5CNPAUTHZ.DLL%0AFF%20-%20plugin:%20C:%5CPROGRA~2%5CMICROS~1%5COffice14%5CNPSPWRAP.DLL%0AFF%20-%20plugin:%20C:%5CProgram%20Files%20(x86)%5CAdobe%5CReader%2010.0%5CReader%5CAIR%5Cnppdf32.dll%0AFF%20-%20plugin:%20C:%5CProgram%20Files%20(x86)%5CDivX%5CDivX%20OVS%20Helper%5Cnpovshelper.dll%0AFF%20-%20plugin:%20C:%5CProgram%20Files%20(x86)%5CDivX%5CDivX%20Plus%20Web%20Player%5Cnpdivx32.dll%0AFF%20-%20plugin:%20C:%5CProgram%20Files%20(x86)%5CJava%5Cjre7%5Cbin%5Cplugin2%5Cnpjp2.dll%0AFF%20-%20plugin:%20C:%5CProgram%20Files%20(x86)%5CMicrosoft%20Silverlight%5C5.1.10411.0%5Cnpctrlui.dll%0AFF%20-%20plugin:%20C:%5CUsers%5CGaming%5CAppData%5CLocal%5CGoogle%5CUpdate%5C1.3.21.123%5CnpGoogleUpdate3.dll%0AFF%20-%20plugin:%20C:%5CWindows%5Csystem32%5CWat%5CnpWatWeb.dll%0AFF%20-%20plugin:%20C:%5CWindows%5CSysWOW64%5CMacromed%5CFlash%5CNPSWF32_11_3_300_271.dll%0AFF%20-%20plugin:%20C:%5CWindows%5CSysWOW64%5CMacromed%5CFlash%5CNPSWF32_11_4_402_278.dll%0AFF%20-%20plugin:%20C:%5CWindows%5CSysWOW64%5CnpDeployJava1.dll%0AFF%20-%20plugin:%20C:%5CWindows%5CSysWOW64%5Cnpmproxy.dll%0A.%0A----%20FIREFOX%20POLICIES%20----%0AFF%20-%20user.js:%20network.cookie.cookieBehavior%20-%200%0AFF%20-%20user.js:%20privacy.clearOnShutdown.cookies%20-%20false%0AFF%20-%20user.js:%20security.warn_viewing_mixed%20-%20false%0AFF%20-%20user.js:%20security.warn_viewing_mixed.show_once%20-%20false%0AFF%20-%20user.js:%20security.warn_submit_insecure%20-%20false%0AFF%20-%20user.js:%20security.warn_submit_insecure.show_once%20-%20false%0A.%0A=============%20SERVICES%20/%20DRIVERS%20===============%0A.%0AR0%20AVGIDSHA;AVGIDSHA;C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgidsha.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgidsha.sys%20%5B?%5D%0AR0%20Avgrkx64;AVG%20Anti-Rootkit%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgrkx64.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgrkx64.sys%20%5B?%5D%0AR1%20Avgldx64;AVG%20AVI%20Loader%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgldx64.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgldx64.sys%20%5B?%5D%0AR1%20Avgmfx64;AVG%20Mini-Filter%20Resident%20Anti-Virus%20Shield;C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgmfx64.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgmfx64.sys%20%5B?%5D%0AR1%20Avgtdia;AVG%20TDI%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgtdia.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgtdia.sys%20%5B?%5D%0AR1%20dtsoftbus01;DAEMON%20Tools%20Virtual%20Bus%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cdtsoftbus01.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cdtsoftbus01.sys%20%5B?%5D%0AR1%20SBRE;SBRE;C:%5CWindows%5CSystem32%5Cdrivers%5CSBREDrv.sys%20%5B2011-10-26%20101112%5D%0AR1%20vwififlt;Virtual%20WiFi%20Filter%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cvwififlt.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cvwififlt.sys%20%5B?%5D%0AR2%20%7BFE4C91E7-22C2-4D0C-9F6B-82F1B7742054%7D;Power%20Control%20%5B2011/06/26%2019:44:30%5D;C:%5CProgram%20Files%20(x86)%5CCyberLink%5CPowerDVD8%5C000.fcl%20%5B2009-8-28%20146928%5D%0AR2%20Ad-Aware%20Service;Ad-Aware%20Service;C:%5CProgram%20Files%20(x86)%5CAd-Aware%20Antivirus%5CAdAwareService.exe%20%5B2012-7-12%201239952%5D%0AR2%20AdobeARMservice;Adobe%20Acrobat%20Update%20Service;C:%5CProgram%20Files%20(x86)%5CCommon%20Files%5CAdobe%5CARM%5C1.0%5Carmsvc.exe%20%5B2012-7-27%2063960%5D%0AR2%20AdvancedSystemCareService5;Advanced%20SystemCare%20Service%205;C:%5CProgram%20Files%20(x86)%5CIObit%5CAdvanced%20SystemCare%205%5CASCService.exe%20%5B2012-2-11%20913792%5D%0AR2%20AVGIDSAgent;AVGIDSAgent;C:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgidsagent.exe%20%5B2012-8-13%205167736%5D%0AR2%20avgwd;AVG%20WatchDog;C:%5CProgram%20Files%20(x86)%5CAVG%5CAVG2012%5Cavgwdsvc.exe%20%5B2012-2-14%20193288%5D%0AR2%20HitmanProScheduler;HitmanPro%20Scheduler;C:%5CProgram%20Files%5CHitmanPro%5Chmpsched.exe%20%5B2012-9-24%20108392%5D%0AR2%20nvUpdatusService;NVIDIA%20Update%20Service%20Daemon;C:%5CProgram%20Files%20(x86)%5CNVIDIA%20Corporation%5CNVIDIA%20Updatus%5Cdaemonu.exe%20%5B2011-8-11%202214504%5D%0AR2%20SBAMSvc;Ad-Aware;C:%5CProgram%20Files%20(x86)%5CAd-Aware%20Antivirus%5CSBAMSvc.exe%20%5B2011-12-19%203289032%5D%0AR2%20sbapifs;sbapifs;C:%5CWindows%5Csystem32%5CDRIVERS%5Csbapifs.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Csbapifs.sys%20%5B?%5D%0AR3%20AVGIDSDriver;AVGIDSDriver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgidsdrivera.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgidsdrivera.sys%20%5B?%5D%0AR3%20AVGIDSFilter;AVGIDSFilter;C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgidsfiltera.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cavgidsfiltera.sys%20%5B?%5D%0AR3%20hitmanpro36;HitmanPro%203.6%20Support%20Driver;%5C??%5CC:%5CWindows%5Csystem32%5Cdrivers%5Chitmanpro36.sys%20--%3E%20C:%5CWindows%5Csystem32%5Cdrivers%5Chitmanpro36.sys%20%5B?%5D%0AR3%20MBfilt;MBfilt;C:%5CWindows%5Csystem32%5Cdrivers%5CMBfilt64.sys%20--%3E%20C:%5CWindows%5Csystem32%5Cdrivers%5CMBfilt64.sys%20%5B?%5D%0AR3%20MEIx64;Intel(R)%20Management%20Engine%20Interface%20;C:%5CWindows%5Csystem32%5CDRIVERS%5CHECIx64.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5CHECIx64.sys%20%5B?%5D%0AR3%20nusb3hub;Renesas%20Electronics%20USB%203.0%20Hub%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cnusb3hub.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cnusb3hub.sys%20%5B?%5D%0AR3%20nusb3xhc;Renesas%20Electronics%20USB%203.0%20Host%20Controller%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cnusb3xhc.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cnusb3xhc.sys%20%5B?%5D%0AR3%20RTL8167;Realtek%208167%20NT%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5CRt64win7.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5CRt64win7.sys%20%5B?%5D%0AR3%20WDC_SAM;WD%20SCSI%20Pass%20Thru%20driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cwdcsam64.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cwdcsam64.sys%20%5B?%5D%0AS2%20clr_optimization_v4.0.30319_32;Microsoft%20.NET%20Framework%20NGEN%20v4.0.30319_X86;C:%5CWindows%5CMicrosoft.NET%5CFramework%5Cv4.0.30319%5Cmscorsvw.exe%20%5B2010-3-18%20130384%5D%0AS2%20clr_optimization_v4.0.30319_64;Microsoft%20.NET%20Framework%20NGEN%20v4.0.30319_X64;C:%5CWindows%5CMicrosoft.NET%5CFramework64%5Cv4.0.30319%5Cmscorsvw.exe%20%5B2010-3-18%20138576%5D%0AS2%20SkypeUpdate;Skype%20Updater;C:%5CProgram%20Files%20(x86)%5CSkype%5CUpdater%5CUpdater.exe%20%5B2012-6-7%20160944%5D%0AS3%20AdobeFlashPlayerUpdateSvc;Adobe%20Flash%20Player%20Update%20Service;C:%5CWindows%5CSysWOW64%5CMacromed%5CFlash%5CFlashPlayerUpdateService.exe%20%5B2012-5-6%20250288%5D%0AS3%20Microsoft%20SharePoint%20Workspace%20Audit%20Service;Microsoft%20SharePoint%20Workspace%20Audit%20Service;C:%5CProgram%20Files%20(x86)%5CMicrosoft%20Office%5COffice14%5CGROOVE.EXE%20%5B2011-6-12%2031125880%5D%0AS3%20netr28ux;RT2870%20USB%20Extensible%20Wireless%20LAN%20Card%20Driver;C:%5CWindows%5Csystem32%5CDRIVERS%5Cnetr28ux.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cnetr28ux.sys%20%5B?%5D%0AS3%20osppsvc;Office%20Software%20Protection%20Platform;C:%5CProgram%20Files%5CCommon%20Files%5CMicrosoft%20Shared%5COfficeSoftwareProtectionPlatform%5COSPPSVC.EXE%20%5B2010-1-9%204925184%5D%0AS3%20RdpVideoMiniport;Remote%20Desktop%20Video%20Miniport%20Driver;C:%5CWindows%5Csystem32%5Cdrivers%5Crdpvideominiport.sys%20--%3E%20C:%5CWindows%5Csystem32%5Cdrivers%5Crdpvideominiport.sys%20%5B?%5D%0AS3%20sbhips;sbhips;C:%5CWindows%5Csystem32%5Cdrivers%5Csbhips.sys%20--%3E%20C:%5CWindows%5Csystem32%5Cdrivers%5Csbhips.sys%20%5B?%5D%0AS3%20TsUsbFlt;TsUsbFlt;C:%5CWindows%5Csystem32%5Cdrivers%5Ctsusbflt.sys%20--%3E%20C:%5CWindows%5Csystem32%5Cdrivers%5Ctsusbflt.sys%20%5B?%5D%0AS3%20USBAAPL64;Apple%20Mobile%20USB%20Driver;C:%5CWindows%5Csystem32%5CDrivers%5Cusbaapl64.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDrivers%5Cusbaapl64.sys%20%5B?%5D%0AS3%20vwifimp;Microsoft%20Virtual%20WiFi%20Miniport%20Service;C:%5CWindows%5Csystem32%5CDRIVERS%5Cvwifimp.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5Cvwifimp.sys%20%5B?%5D%0AS3%20WatAdminSvc;Windows%20Activation%20Technologies%20Service;C:%5CWindows%5Csystem32%5CWat%5CWatAdminSvc.exe%20--%3E%20C:%5CWindows%5Csystem32%5CWat%5CWatAdminSvc.exe%20%5B?%5D%0AS3%20WSDPrintDevice;WSD%20Print%20Support%20via%20UMB;C:%5CWindows%5Csystem32%5CDRIVERS%5CWSDPrint.sys%20--%3E%20C:%5CWindows%5Csystem32%5CDRIVERS%5CWSDPrint.sys%20%5B?%5D%0AS4%20RalinkRegistryWriter;Ralink%20Registry%20Writer;C:%5CProgram%20Files%20(x86)%5CEdimax%5CCommon%5CRaRegistry.exe%20%5B2011-3-8%20185632%5D%0AS4%20RalinkRegistryWriter64;Ralink%20Registry%20Writer%2064;C:%5CProgram%20Files%20(x86)%5CEdimax%5CCommon%5CRaRegistry64.exe%20%5B2011-3-8%20212256%5D%0A.%0A===============%20Created%20Last%2030%20================%0A.%0A2012-09-25%2014:52:46%0930496%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5Chitmanpro36.sys%0A2012-09-25%2004:09:01%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CRoaming%5CIsolatedStorage%0A2012-09-25%2004:09:01%09--------%09d-----w-%09C:%5CProgramData%5CIsolatedStorage%0A2012-09-25%2004:08:56%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CLocal%5C%7F_%0A2012-09-25%2004:08:50%09--------%09d-----w-%09C:%5CProgram%20Files%5CFileViewPro%0A2012-09-25%2003:56:19%09--------%09d-----w-%09C:%5CProgram%20Files%20(x86)%5CNCH%20Software%0A2012-09-25%2001:29:08%09--------%09d-----w-%09C:%5CProgram%20Files%5CHitmanPro%0A2012-09-25%2001:28:16%09--------%09d-----w-%09C:%5CProgramData%5CHitmanPro%0A2012-09-25%2000:55:55%0916200%09----a-w-%09C:%5CWindows%5Cstinger.sys%0A2012-09-25%2000:55:43%09--------%09d-----w-%09C:%5CProgram%20Files%20(x86)%5Cstinger%0A2012-09-25%2000:44:41%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CPavark%0A2012-09-24%2023:41:13%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CRoaming%5CAVG2012%0A2012-09-24%2023:40:45%09--------%09d-----w-%09C:%5CWindows%5CSysWow64%5Cdrivers%5CAVG%0A2012-09-24%2023:40:42%09--------%09d-----w-%09C:%5CWindows%5CSystem32%5Cdrivers%5CAVG%0A2012-09-24%2023:28:15%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CLocal%5Cadaware%0A2012-09-24%2023:28:14%09--------%09d-----w-%09C:%5CProgramData%5CAd-Aware%20Browsing%20Protection%0A2012-09-24%2023:28:02%0960536%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5Csbhips.sys%0A2012-09-24%2023:28:01%0957976%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5Csbredrv.sys%0A2012-09-24%2023:28:01%0945936%09----a-w-%09C:%5CWindows%5CSystem32%5Csbbd.exe%0A2012-09-24%2021:41:48%09--------%09d-s---w-%09C:%5CComboFix%0A2012-09-21%2020:18:31%099308616%09----a-w-%09C:%5CProgramData%5CMicrosoft%5CWindows%20Defender%5CDefinition%20Updates%5C%7B34515EC9-DEFA-429C-9212-DEA465660240%7D%5Cmpengine.dll%0A2012-09-21%2017:00:27%0910213296%09----a-w-%09C:%5CWindows%5CSysWow64%5CFlashPlayerInstaller.exe%0A2012-09-13%2013:16:21%09--------%09d-----r-%09C:%5CProgram%20Files%20(x86)%5CSkype%0A2012-09-12%2014:40:22%09503808%09----a-w-%09C:%5CWindows%5CSystem32%5Csrcore.dll%0A2012-09-12%2014:40:22%0943008%09----a-w-%09C:%5CWindows%5CSysWow64%5Csrclient.dll%0A2012-09-12%2014:40:20%09574464%09----a-w-%09C:%5CWindows%5CSystem32%5Cd3d10level9.dll%0A2012-09-12%2014:40:20%09490496%09----a-w-%09C:%5CWindows%5CSysWow64%5Cd3d10level9.dll%0A2012-09-12%2014:29:01%09751104%09----a-w-%09C:%5CWindows%5CSystem32%5Cwin32spl.dll%0A2012-09-12%2014:29:01%0967072%09----a-w-%09C:%5CWindows%5Csplwow64.exe%0A2012-09-12%2014:29:01%09559104%09----a-w-%09C:%5CWindows%5CSystem32%5Cspoolsv.exe%0A2012-09-12%2014:29:01%09492032%09----a-w-%09C:%5CWindows%5CSysWow64%5Cwin32spl.dll%0A2012-09-12%2014:29:00%09950128%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5Cndis.sys%0A2012-09-12%2014:29:00%0941472%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5CRNDISMP.sys%0A2012-09-12%2014:28:57%09376688%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5Cnetio.sys%0A2012-09-12%2014:28:57%09288624%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5CFWPKCLNT.SYS%0A2012-09-12%2014:28:57%091913200%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5Ctcpip.sys%0A2012-09-12%2013:46:38%0959392%09----a-w-%09C:%5CWindows%5CSystem32%5Cbrowcli.dll%0A2012-09-12%2013:46:38%0941984%09----a-w-%09C:%5CWindows%5CSysWow64%5Cbrowcli.dll%0A2012-09-12%2013:46:38%09136704%09----a-w-%09C:%5CWindows%5CSystem32%5Cbrowser.dll%0A2012-09-12%2013:44:35%09--------%09d-----w-%09C:%5CWindows%5CPCHEALTH%0A2012-09-12%2013:44:29%09956928%09----a-w-%09C:%5CWindows%5CSystem32%5Clocalspl.dll%0A2012-09-12%2003:02:01%093148800%09----a-w-%09C:%5CWindows%5CSystem32%5Cwin32k.sys%0A2012-09-11%2021:37:18%09--------%09d-sh--w-%09C:%5C$RECYCLE.BIN%0A2012-09-11%2019:01:47%09--------%09d-----w-%09C:%5CProgramData%5CGFI%20Software%0A2012-09-11%2018:57:28%0998816%09----a-w-%09C:%5CWindows%5Csed.exe%0A2012-09-11%2018:57:28%09518144%09----a-w-%09C:%5CWindows%5CSWREG.exe%0A2012-09-11%2018:57:28%09256000%09----a-w-%09C:%5CWindows%5CPEV.exe%0A2012-09-11%2018:57:28%09208896%09----a-w-%09C:%5CWindows%5CMBR.exe%0A2012-08-31%2000:17:57%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CRoaming%5CYthy%0A2012-08-31%2000:17:57%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CRoaming%5CIxud%0A2012-08-31%2000:17:57%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CRoaming%5CHeba%0A2012-08-30%2017:19:22%09821736%09----a-w-%09C:%5CWindows%5CSysWow64%5CnpDeployJava1.dll%0A2012-08-30%2017:19:07%0995208%09----a-w-%09C:%5CWindows%5CSysWow64%5CWindowsAccessBridge-32.dll%0A2012-08-27%2015:09:00%09--------%09d--h--w-%09C:%5C$AVG%0A2012-08-27%2015:09:00%09--------%09d-----w-%09C:%5CProgramData%5CAVG2012%0A2012-08-27%2015:08:37%09--------%09d-----w-%09C:%5CProgram%20Files%20(x86)%5CAVG%0A2012-08-27%2015:05:29%09--------%09d-----w-%09C:%5CProgram%20Files%20(x86)%5CAd-Aware%20Antivirus%0A2012-08-27%2015:05:22%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CLocal%5CDownloaded%20Installations%0A2012-08-27%2015:04:27%09--------%09d-----w-%09C:%5CUsers%5CGaming%5CAppData%5CRoaming%5CAd-Aware%20Antivirus%0A2012-08-27%2015:02:24%09--------%09d--h--w-%09C:%5CProgramData%5CCommon%20Files%0A2012-08-27%2015:02:24%09--------%09d-----w-%09C:%5CProgramData%5CMFAData%0A.%0A====================%20Find3M%20%20====================%0A.%0A2012-09-21%2017:00:41%0973136%09----a-w-%09C:%5CWindows%5CSysWow64%5CFlashPlayerCPLApp.cpl%0A2012-09-21%2017:00:41%09696240%09----a-w-%09C:%5CWindows%5CSysWow64%5CFlashPlayerApp.exe%0A2012-08-30%2017:18:56%09746984%09----a-w-%09C:%5CWindows%5CSysWow64%5CdeployJava1.dll%0A2012-08-24%2019:43:16%09384352%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5Cavgtdia.sys%0A2012-08-24%2010:31:32%092312704%09----a-w-%09C:%5CWindows%5CSystem32%5Cjscript9.dll%0A2012-08-24%2010:21:18%091392128%09----a-w-%09C:%5CWindows%5CSystem32%5Cwininet.dll%0A2012-08-24%2010:20:11%091494528%09----a-w-%09C:%5CWindows%5CSystem32%5Cinetcpl.cpl%0A2012-08-24%2010:14:45%09173056%09----a-w-%09C:%5CWindows%5CSystem32%5CieUnatt.exe%0A2012-08-24%2010:13:29%09599040%09----a-w-%09C:%5CWindows%5CSystem32%5Cvbscript.dll%0A2012-08-24%2010:09:42%092382848%09----a-w-%09C:%5CWindows%5CSystem32%5Cmshtml.tlb%0A2012-08-24%2006:59:17%091800704%09----a-w-%09C:%5CWindows%5CSysWow64%5Cjscript9.dll%0A2012-08-24%2006:51:27%091129472%09----a-w-%09C:%5CWindows%5CSysWow64%5Cwininet.dll%0A2012-08-24%2006:51:02%091427968%09----a-w-%09C:%5CWindows%5CSysWow64%5Cinetcpl.cpl%0A2012-08-24%2006:47:26%09142848%09----a-w-%09C:%5CWindows%5CSysWow64%5CieUnatt.exe%0A2012-08-24%2006:47:12%09420864%09----a-w-%09C:%5CWindows%5CSysWow64%5Cvbscript.dll%0A2012-08-24%2006:43:58%092382848%09----a-w-%09C:%5CWindows%5CSysWow64%5Cmshtml.tlb%0A2012-08-22%2017:37:12%09328704%09----a-w-%09C:%5CWindows%5CSystem32%5Cservices.exe.2910E623D5BD277F%0A2012-08-22%2017:34:48%09328704%09----a-w-%09C:%5CWindows%5CSystem32%5Cservices.exe.68B1F57FDE349081%0A2012-08-22%2017:32:38%09328704%09----a-w-%09C:%5CWindows%5CSystem32%5Cservices.exe.00A63C867C2C94C8%0A2012-08-22%2017:30:27%09328704%09----a-w-%09C:%5CWindows%5CSystem32%5Cservices.exe.2A5B165FE0783959%0A2012-08-16%2000:11:48%09955888%09----a-w-%09C:%5CWindows%5CSystem32%5CnpDeployJava1.dll%0A2012-08-16%2000:11:48%09839152%09----a-w-%09C:%5CWindows%5CSystem32%5CdeployJava1.dll%0A2012-07-26%2007:21:28%09291680%09----a-w-%09C:%5CWindows%5CSystem32%5Cdrivers%5Cavgldx64.sys%0A.%0A=============%20FINISH:%2011:06:50.21%20===============%0A"


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Gaming\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Gaming\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/03 18:37:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fbphotozoom@installdaddy.com: C:\Program Files (x86)\fbphotozoom\fbphotozoom15.xpi
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/09/24 19:40:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/20 00:01:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/02/28 00:43:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gaming\AppData\Roaming\Mozilla\Extensions
[2012/05/22 18:44:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\extensions
[2012/09/24 18:44:13 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012/09/24 18:44:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2012/06/14 12:20:17 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com
[2012/08/15 19:56:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\uovnso3g.default\extensions
[2012/08/15 19:10:03 | 000,122,054 | ---- | M] () (No name found) -- C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\uovnso3g.default\extensions\{15312e9a-4905-48da-aae4-15b24bdc2a24}.xpi
[2012/08/15 19:10:03 | 000,013,345 | ---- | M] () (No name found) -- C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\uovnso3g.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
[2012/08/15 19:56:39 | 000,014,714 | ---- | M] () (No name found) -- C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\uovnso3g.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
[2012/09/20 00:01:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/24 19:40:43 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012/01/03 18:37:18 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/02/28 00:43:02 | 000,000,000 | ---D | M] (General Crawler) -- C:\USERS\GAMING\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\GENCRAWLER@SOME.COM
[2012/09/20 00:01:18 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/08/28 22:05:26 | 000,003,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/09/15 12:37:33 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2007/07/26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml
[2012/09/15 12:37:33 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

[bpiper90]

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Gaming\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Gaming\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Gaming\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Gaming\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Gaming\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - Extension: YouTube = C:\Users\Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Google Search = C:\Users\Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: JavaScript Popup Blocker = C:\Users\Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiajdlfgbgnnjakkbnpdhmhfhklkbiol\1.0.5_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: AT_DJTiesto = C:\Users\Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\okmcbgkkeagngnijeiighgblfljbekip\2_0\
CHR - Extension: Gmail = C:\Users\Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/09/11 15:49:58 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-2275724728-3675510102-248958625-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-2275724728-3675510102-248958625-1000\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-2275724728-3675510102-248958625-1000\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O4:64bit: - HKLM..\Run: [APSDaemon] c:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [APSDaemon] c:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-2275724728-3675510102-248958625-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2275724728-3675510102-248958625-1000..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKU\S-1-5-21-2275724728-3675510102-248958625-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2275724728-3675510102-248958625-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2275724728-3675510102-248958625-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2275724728-3675510102-248958625-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2275724728-3675510102-248958625-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2275724728-3675510102-248958625-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2275724728-3675510102-248958625-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2275724728-3675510102-248958625-1003\Software\Policies\Microsoft\Internet Explorer\Recovery present
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{09484FCD-3F8A-4579-A6DC-5397E9138F66}: DhcpNameServer = 205.152.144.23 205.152.132.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F40C316-F178-4CB7-85A5-302B6657847B}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0328E81-733D-4AFE-9DBE-42B20E0830C5}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/18 17:12:18 | 000,000,088 | ---- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2007/11/08 17:32:36 | 000,000,056 | R--- | M] () - G:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2007/11/20 20:12:32 | 001,283,448 | R--- | M] (Petroglyph Games, Inc.) - G:\AutorunUAW.exe -- [ UDF ]
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/28 11:13:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gaming\Desktop\OTL.exe
[2012/09/25 21:07:50 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/09/25 14:27:00 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012/09/25 11:06:26 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Gaming\Desktop\dds.scr
[2012/09/25 00:09:01 | 000,000,000 | ---D | C] -- C:\Users\Gaming\AppData\Roaming\IsolatedStorage
[2012/09/25 00:09:01 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2012/09/25 00:08:56 | 000,000,000 | ---D | C] -- C:\Users\Gaming\AppData\Local\_
[2012/09/24 23:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2012/09/24 23:56:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Software
[2012/09/24 21:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2012/09/24 21:29:08 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2012/09/24 21:28:16 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/09/24 20:55:55 | 000,016,200 | ---- | C] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2012/09/24 20:55:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stinger
[2012/09/24 20:44:41 | 000,000,000 | ---D | C] -- C:\Users\Gaming\Pavark
[2012/09/24 19:41:13 | 000,000,000 | ---D | C] -- C:\Users\Gaming\AppData\Roaming\AVG2012
[2012/09/24 19:40:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012/09/24 19:40:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2012/09/24 19:28:15 | 000,000,000 | ---D | C] -- C:\Users\Gaming\AppData\Local\adaware
[2012/09/24 19:28:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012/09/24 19:22:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/09/24 19:22:52 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/09/24 19:22:52 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/09/24 19:22:51 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/09/24 19:22:51 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/09/24 19:22:51 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/09/24 19:22:51 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/09/24 19:22:51 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/09/24 19:22:51 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/09/24 19:22:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/09/24 19:22:51 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/09/24 19:22:51 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/09/24 19:22:50 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/09/24 19:22:50 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/09/24 19:22:50 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/09/24 17:41:48 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/09/21 13:00:27 | 010,213,296 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/09/20 00:01:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/09/13 09:16:21 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/09/13 09:16:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/09/13 09:16:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/09/12 10:40:22 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/09/12 10:40:20 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/09/12 10:29:01 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/09/12 10:29:01 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/09/12 10:29:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/09/12 10:29:00 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/09/12 10:28:57 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/09/12 10:28:57 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/09/12 09:46:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/09/12 09:46:38 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/09/12 09:46:38 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/09/12 09:44:35 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/09/12 09:44:29 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/09/11 17:37:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/09/11 16:10:18 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/09/11 15:01:47 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software
[2012/09/11 14:57:28 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/09/11 14:57:28 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/09/11 14:57:28 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/09/11 14:51:23 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/09/11 14:49:49 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/09/11 14:49:26 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/09/11 14:40:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/09/10 20:48:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Calendar Sync
[2012/09/10 20:48:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/09/10 20:43:53 | 000,000,000 | ---D | C] -- C:\Users\Gaming\Documents\Outlook Files
[2012/09/05 12:05:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/08/30 20:17:57 | 000,000,000 | ---D | C] -- C:\Users\Gaming\AppData\Roaming\Ythy
[2012/08/30 20:17:57 | 000,000,000 | ---D | C] -- C:\Users\Gaming\AppData\Roaming\Ixud
[2012/08/30 20:17:57 | 000,000,000 | ---D | C] -- C:\Users\Gaming\AppData\Roaming\Heba
[2012/08/30 13:19:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/08/30 13:19:22 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/08/30 13:19:22 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/28 11:19:39 | 000,014,224 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/28 11:19:39 | 000,014,224 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/28 11:19:28 | 000,787,770 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/28 11:19:28 | 000,665,786 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/28 11:19:28 | 000,123,414 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/28 11:13:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gaming\Desktop\OTL.exe
[2012/09/28 11:12:34 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/09/28 11:12:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/28 11:12:24 | 1060,081,662 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/28 10:59:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/28 10:53:25 | 095,969,172 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/09/25 21:07:47 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/09/25 21:07:45 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/09/25 21:07:45 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/09/25 21:07:45 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/09/25 21:07:45 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/09/25 20:33:58 | 000,027,520 | ---- | M] () -- C:\Users\Gaming\AppData\Local\dt.dat
[2012/09/25 11:06:27 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Gaming\Desktop\dds.scr
[2012/09/25 10:50:30 | 000,416,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/09/24 21:30:26 | 000,036,228 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2012/09/24 21:02:24 | 000,016,200 | ---- | M] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2012/09/24 19:40:45 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/09/24 19:40:45 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/09/24 19:13:12 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2275724728-3675510102-248958625-1000UA.job
[2012/09/24 19:13:12 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2275724728-3675510102-248958625-1000Core.job
[2012/09/21 13:00:41 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/09/21 13:00:41 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/09/21 13:00:27 | 010,213,296 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/09/11 15:49:58 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/09/10 20:53:04 | 000,002,210 | ---- | M] () -- C:\Users\Gaming\Desktop\Google Calendar Sync.lnk
[2012/08/30 20:15:01 | 000,000,355 | ---- | M] () -- C:\Users\Gaming\AppData\Roaming\Network Meter_Settings.ini
[2012/08/30 13:18:56 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/28 10:53:25 | 095,969,172 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/09/25 20:33:58 | 000,027,520 | ---- | C] () -- C:\Users\Gaming\AppData\Local\dt.dat
[2012/09/25 10:50:19 | 000,416,760 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/09/24 21:30:26 | 000,036,228 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2012/09/24 19:40:45 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/09/24 19:40:45 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/09/11 14:57:28 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/09/11 14:57:28 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/09/11 14:57:28 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/09/11 14:57:28 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/09/11 14:57:28 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/09/11 14:53:11 | 000,065,536 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2012/09/10 20:53:04 | 000,002,210 | ---- | C] () -- C:\Users\Gaming\Desktop\Google Calendar Sync.lnk
[2012/08/13 03:35:49 | 000,000,064 | ---- | C] () -- C:\ProgramData\-U0szaEdwMWvWPMr
[2012/08/13 03:35:49 | 000,000,064 | ---- | C] () -- C:\ProgramData\-U0szaEdwMWvWPM
[2012/07/27 11:48:59 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/07/27 11:48:59 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/07/05 10:27:25 | 000,000,244 | ---- | C] () -- C:\Users\Gaming\AppData\Roaming\GPU Meter_Settings.ini
[2012/07/01 17:02:45 | 000,000,121 | ---- | C] () -- C:\Windows\disney.ini
[2012/07/01 17:02:31 | 000,000,208 | ---- | C] () -- C:\Windows\disneysy.ini
[2012/07/01 16:38:41 | 000,000,632 | ---- | C] () -- C:\Windows\Q3ta.INI
[2012/07/01 16:37:36 | 000,000,551 | ---- | C] () -- C:\Windows\SIERRA.INI
[2012/04/19 10:49:57 | 000,186,844 | ---- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/02/02 18:22:20 | 000,000,355 | ---- | C] () -- C:\Users\Gaming\AppData\Roaming\Network Meter_Settings.ini
[2012/02/02 18:20:33 | 000,000,412 | ---- | C] () -- C:\Users\Gaming\AppData\Roaming\All CPU Meter_Settings.ini
[2011/11/07 13:48:50 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\Converter_sysquict.dat
[2011/10/09 14:24:31 | 000,002,630 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011/09/24 23:58:29 | 000,001,200 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2011/09/24 23:58:29 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2011/09/24 23:58:29 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2011/09/24 23:58:27 | 000,182,272 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/09/24 23:58:27 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/09/22 00:31:39 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2011/03/08 22:53:08 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2011/02/21 23:15:45 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/02/21 22:59:35 | 000,804,864 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/21 22:34:15 | 000,007,600 | ---- | C] () -- C:\Users\Gaming\AppData\Local\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2012/09/11 14:51:05 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{e6ce7fce-545a-3e31-9b59-f1260620b2ee}\L
[2012/09/11 14:51:13 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{e6ce7fce-545a-3e31-9b59-f1260620b2ee}\U
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/03/22 12:13:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Lite
[2012/03/22 12:11:53 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IObit
[2012/09/26 21:44:27 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\.minecraft
[2012/07/06 00:00:48 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\AnvSoft
[2012/09/24 19:41:13 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\AVG2012
[2012/06/15 11:34:48 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\Binary Fortress Software
[2012/05/20 16:49:14 | 000,000,000 | -HSD | M] -- C:\Users\Gaming\AppData\Roaming\Common
[2012/08/26 22:05:51 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\DAEMON Tools Lite
[2012/07/01 17:54:43 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\Disney Interactive Studios
[2012/09/24 19:02:57 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\DisplayFusion
[2012/09/26 20:36:39 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\EVEMon
[2012/08/16 10:40:06 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\Firefly Studios
[2012/08/30 20:17:57 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\Heba
[2012/02/11 23:43:42 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\IObit
[2012/09/25 00:09:01 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\IsolatedStorage
[2012/09/05 11:43:31 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\Ixud
[2012/07/03 12:07:56 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\Kalypso Media
[2012/06/26 19:40:12 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\Leadertech
[2012/02/28 13:56:43 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\Media Finder
[2011/08/31 22:50:38 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\The Creative Assembly
[2012/09/14 22:56:42 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\TS3Client
[2011/10/13 09:10:31 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\ts3overlay
[2012/09/28 00:49:57 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\uTorrent
[2011/05/31 21:33:19 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\Windows Live Writer
[2012/07/24 13:41:42 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\Wireshark
[2012/07/03 12:17:27 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\YourFileDownloader
[2012/09/06 10:01:05 | 000,000,000 | ---D | M] -- C:\Users\Gaming\AppData\Roaming\Ythy

========== Purity Check ==========



< End of report >

[bpiper90]

OTL Extras logfile created on: 9/28/2012 11:20:32 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gaming\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.98 Gb Total Physical Memory | 9.77 Gb Available Physical Memory | 81.54% Memory free
23.96 Gb Paging File | 21.74 Gb Available in Paging File | 90.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.68 Gb Total Space | 14.09 Gb Free Space | 12.62% Space Free | Partition Type: NTFS
Drive E: | 644.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 3.92 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 930.86 Gb Total Space | 255.79 Gb Free Space | 27.48% Space Free | Partition Type: NTFS
Drive J: | 1862.89 Gb Total Space | 1037.29 Gb Free Space | 55.68% Space Free | Partition Type: NTFS

Computer Name: GAMING-PC | User Name: Gaming | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-2275724728-3675510102-248958625-1000\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{091CFA8D-89C8-4DC6-ACA5-3EC0525C5716}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{14A4FB9A-5165-4A14-8ED1-4248EBACCD68}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{277B2360-12EF-4274-8B44-C7AD9326C5EC}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{3C46F109-ABB6-4356-97FE-579D0671F8B4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{43C357BC-A6E1-4348-A505-67FBFA1E108D}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7D19FAC7-5313-4C4B-B2D9-D0FBE66E5F08}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A7F2BF3E-DA80-44EF-B439-08AE22E1F7A9}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{C9D3F4DE-1754-4E8D-B579-595EBC1F3F4A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D5E02B06-CAEC-430C-9742-413EE1E106E3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{DAB10E5E-51E5-4499-A81A-3B34C4F09973}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{DBF92D7E-1AE2-4AA1-B166-1BB3B2F4E9CF}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0D40741C-8982-484B-AA8C-4F7687F5CE58}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{3E778E81-2F6F-41F3-AFB7-1162DD104A24}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{A9E5234A-0087-454D-898D-E254A0752B8F}C:\program files (x86)\ccp\eve\bin\exefile.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ccp\eve\bin\exefile.exe |
"TCP Query User{B0E42116-4CE4-45DD-83E7-BB453F5A497D}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{07D10826-7385-4827-B6BB-F001073CB5BB}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{0B36F51D-4DB3-40A3-9F06-98920FA0EDAE}C:\program files (x86)\ccp\eve\bin\exefile.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ccp\eve\bin\exefile.exe |
"UDP Query User{0EF81C83-2ACB-4305-A343-B54BB032C78D}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{372525AE-77D0-4ACA-9BEE-D6473D6694AD}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.7
"{26A24AE4-039D-4CA4-87B4-2F86416029FF}" = Java(TM) 6 Update 29 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{344C0D46-2EF4-4BC8-AE03-3DACDA9B9485}" = AVG 2012
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BF46C84D-1AC3-4CC3-A45C-EF6257B80984}" = AVG 2012
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2012
"CCleaner" = CCleaner
"HitmanPro36" = HitmanPro 3.6
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Edimax nLite Wireless USB Adapter
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}" = THX TruStudio Pro
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{68DED384-1F74-4AEE-8B8E-95AF15572FE3}" = Port Royale 3
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0081-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B49C924C-A651-4378-94F6-5D9BF44A959F}" = Empire Earth - The Art of Conquest
"{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}" = Microsoft Games for Windows - LIVE Redistributable
"{D4658131-9D1A-4395-876D-968E38FE8ED5}" = Universe at War Earth Assault
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ant War" = Ant War
"Any Video Converter_is1" = Any Video Converter 3.4.0
"B076073A-5527-4f4f-B46B-B10692277DA2_is1" = DisplayFusion 4.1
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"DivX Setup" = DivX Setup
"EVE" = EVE Online (remove only)
"EVEMon" = EVEMon
"Google Calendar Sync" = Google Calendar Sync
"HijackThis" = HijackThis 2.0.2
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{D4658131-9D1A-4395-876D-968E38FE8ED5}" = Universe at War Earth Assault
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Mozilla Firefox 15.0.1 (x86 en-US)" = Mozilla Firefox 15.0.1 (x86 en-US)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Steam App 40100" = Supreme Commander 2
"Steam App 440" = Team Fortress 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"thinkorswim from TD AMERITRADE" = thinkorswim from TD AMERITRADE
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"VLC media player" = VLC media player 1.1.10
"Wireshark" = Wireshark 1.1.2
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Xvid Video Codec 1.3.1" = Xvid Video Codec

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2275724728-3675510102-248958625-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/23/2012 11:59:58 AM | Computer Name = Gaming-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 3/23/2012 2:52:46 PM | Computer Name = Gaming-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 3/23/2012 3:19:21 PM | Computer Name = Gaming-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 3/23/2012 9:13:28 PM | Computer Name = Gaming-PC | Source = Application Hang | ID = 1002
Description = The program Sins of a Solar Empire.exe version 1.0.5.0 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1140 Start
Time: 01cd095b4afe28c2 Termination Time: 14 Application Path: I:\Games\Stardock Games\Sins
of a Solar Empire\Sins of a Solar Empire.exe Report Id: 8e042a39-754e-11e1-b205-6c626de873b4


Error - 3/23/2012 9:14:41 PM | Computer Name = Gaming-PC | Source = Application Hang | ID = 1002
Description = The program Sins of a Solar Empire.exe version 1.0.5.0 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1268 Start
Time: 01cd095b52865ebe Termination Time: 56 Application Path: I:\Games\Stardock Games\Sins
of a Solar Empire\Sins of a Solar Empire.exe Report Id: ba054e1c-754e-11e1-b205-6c626de873b4


Error - 3/24/2012 12:11:47 PM | Computer Name = Gaming-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 3/24/2012 2:16:35 PM | Computer Name = Gaming-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 3/24/2012 2:16:35 PM | Computer Name = Gaming-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 17.0.963.83, time
stamp: 0x4f69866e Faulting module name: coreclr.dll, version: 4.1.10111.0, time stamp:
0x4f0e0e4f Exception code: 0x8013150a Fault offset: 0x0013d2a6 Faulting process id:
0x17d8 Faulting application start time: 0x01cd09ea0bb7a3f1 Faulting application path:
C:\Users\Gaming\AppData\Local\Google\Chrome\Application\chrome.exe Faulting module
path: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\coreclr.dll Report
Id: 7ce1632b-75dd-11e1-9aae-6c626de873b4

Error - 3/24/2012 2:39:02 PM | Computer Name = Gaming-PC | Source = SideBySide | ID = 16842824
Description = Activation context generation failed for "c:\program files\microsoft
security client\MSESysprep.dll".Error in manifest or policy file "c:\program files\microsoft
security client\MSESysprep.dll" on line 10. The element imaging appears as a child
of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by
this version of Windows.

Error - 3/24/2012 2:39:04 PM | Computer Name = Gaming-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

[ Media Center Events ]
Error - 8/22/2012 9:59:12 PM | Computer Name = Gaming-PC | Source = MCUpdate | ID = 0
Description = 9:59:12 PM - Failed to retrieve dSM-2.cab (Error: BITS 0x80070424)
9:59:12
PM - Failed to retrieve Logos-2.cab (Error: BITS 0x80070424) 9:59:12 PM - Failed
to retrieve SMTiles-2.cab (Error: BITS 0x80070424) 9:59:12 PM - Failed to retrieve
UpdateableMarkup.cab (Error: BITS 0x80070424)

Error - 8/22/2012 9:59:14 PM | Computer Name = Gaming-PC | Source = MCUpdate | ID = 0
Description = 9:59:14 PM - Failed to retrieve SportsSchedule-2.enc (Error: BITS
0x80070424)

Error - 8/22/2012 9:59:16 PM | Computer Name = Gaming-PC | Source = MCUpdate | ID = 0
Description = 9:59:16 PM - Failed to retrieve ScheduleSupplement.cab (Error: BITS
0x80070424) 9:59:16 PM - Failed to retrieve SportsTemplate-2.cab (Error: BITS 0x80070424)
9:59:16
PM - Failed to retrieve SportsTemplateCore-2.cab (Error: BITS 0x80070424)

Error - 8/22/2012 9:59:19 PM | Computer Name = Gaming-PC | Source = MCUpdate | ID = 0
Description = 9:59:17 PM - Failed to retrieve Broadband.enc (Error: BITS 0x80070424)


Error - 8/23/2012 12:24:51 PM | Computer Name = Gaming-PC | Source = MCUpdate | ID = 0
Description = 12:24:51 PM - Error connecting to the internet. 12:24:51 PM - Unable
to contact server..

Error - 8/23/2012 12:25:12 PM | Computer Name = Gaming-PC | Source = MCUpdate | ID = 0
Description = 12:25:12 PM - Failed to retrieve MCESpotlight.cab (Error: BITS 0x80070424)


Error - 8/23/2012 12:25:12 PM | Computer Name = Gaming-PC | Source = MCUpdate | ID = 0
Description = 12:25:12 PM - Failed to retrieve dSM-2.cab (Error: BITS 0x80070424)
12:25:12
PM - Failed to retrieve Logos-2.cab (Error: BITS 0x80070424) 12:25:12 PM - Failed
to retrieve SMTiles-2.cab (Error: BITS 0x80070424) 12:25:12 PM - Failed to retrieve
UpdateableMarkup.cab (Error: BITS 0x80070424)

Error - 8/23/2012 12:25:13 PM | Computer Name = Gaming-PC | Source = MCUpdate | ID = 0
Description = 12:25:13 PM - Failed to retrieve SportsSchedule-2.enc (Error: BITS
0x80070424)

Error - 8/23/2012 12:25:14 PM | Computer Name = Gaming-PC | Source = MCUpdate | ID = 0
Description = 12:25:13 PM - Failed to retrieve ScheduleSupplement.cab (Error: BITS
0x80070424) 12:25:13 PM - Failed to retrieve SportsTemplate-2.cab (Error: BITS 0x80070424)
12:25:13
PM - Failed to retrieve SportsTemplateCore-2.cab (Error: BITS 0x80070424)

Error - 8/23/2012 12:25:17 PM | Computer Name = Gaming-PC | Source = MCUpdate | ID = 0
Description = 12:25:14 PM - Failed to retrieve Broadband.enc (Error: BITS 0x80070424)


[ System Events ]
Error - 9/27/2012 1:43:40 PM | Computer Name = Gaming-PC | Source = DCOM | ID = 10016
Description =

Error - 9/28/2012 12:22:44 AM | Computer Name = Gaming-PC | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 9/28/2012 12:23:06 AM | Computer Name = Gaming-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
sptd

Error - 9/28/2012 12:24:04 AM | Computer Name = Gaming-PC | Source = DCOM | ID = 10016
Description =

Error - 9/28/2012 10:47:25 AM | Computer Name = Gaming-PC | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 9/28/2012 10:47:47 AM | Computer Name = Gaming-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
sptd

Error - 9/28/2012 10:48:45 AM | Computer Name = Gaming-PC | Source = DCOM | ID = 10016
Description =

Error - 9/28/2012 11:12:15 AM | Computer Name = Gaming-PC | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 9/28/2012 11:12:37 AM | Computer Name = Gaming-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SBRE sptd

Error - 9/28/2012 11:13:35 AM | Computer Name = Gaming-PC | Source = DCOM | ID = 10016
Description =


< End of report >

[bpiper90]

11:28:35.0795 6796 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
11:28:36.0061 6796 ============================================================
11:28:36.0061 6796 Current date / time: 2012/09/28 11:28:36.0061
11:28:36.0061 6796 SystemInfo:
11:28:36.0061 6796
11:28:36.0061 6796 OS Version: 6.1.7601 ServicePack: 1.0
11:28:36.0061 6796 Product type: Workstation
11:28:36.0061 6796 ComputerName: GAMING-PC
11:28:36.0061 6796 UserName: Gaming
11:28:36.0061 6796 Windows directory: C:\Windows
11:28:36.0061 6796 System windows directory: C:\Windows
11:28:36.0061 6796 Running under WOW64
11:28:36.0061 6796 Processor architecture: Intel x64
11:28:36.0061 6796 Number of processors: 8
11:28:36.0061 6796 Page size: 0x1000
11:28:36.0061 6796 Boot type: Normal boot
11:28:36.0061 6796 ============================================================
11:28:36.0248 6796 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:28:36.0248 6796 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:28:36.0248 6796 Drive \Device\Harddisk2\DR2 - Size: 0xE8B6F00000 (930.86 Gb), SectorSize: 0x200, Cylinders: 0x1DAAB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:28:36.0248 6796 ============================================================
11:28:36.0248 6796 \Device\Harddisk0\DR0:
11:28:36.0248 6796 MBR partitions:
11:28:36.0248 6796 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:28:36.0248 6796 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF5ABB0
11:28:36.0248 6796 \Device\Harddisk1\DR1:
11:28:36.0248 6796 GPT partitions:
11:28:36.0248 6796 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {B454305A-8C36-45F6-8C0D-069CCAD8D9AD}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
11:28:36.0248 6796 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {185225C9-DE91-4A26-B71D-743C40C4C581}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xE8DC8000
11:28:36.0248 6796 MBR partitions:
11:28:36.0248 6796 \Device\Harddisk2\DR2:
11:28:36.0248 6796 MBR partitions:
11:28:36.0248 6796 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x745B7000
11:28:36.0248 6796 ============================================================
11:28:36.0248 6796 C: <-> \Device\Harddisk0\DR0\Partition2
11:28:36.0263 6796 I: <-> \Device\Harddisk2\DR2\Partition1
11:28:36.0482 6796 J: <-> \Device\Harddisk1\DR1\Partition2
11:28:36.0482 6796 ============================================================
11:28:36.0482 6796 Initialize success
11:28:36.0482 6796 ============================================================
11:28:38.0432 5876 ============================================================
11:28:38.0432 5876 Scan started
11:28:38.0432 5876 Mode: Manual;
11:28:38.0432 5876 ============================================================
11:28:38.0525 5876 ================ Scan system memory ========================
11:28:38.0525 5876 System memory - ok
11:28:38.0525 5876 ================ Scan services =============================
11:28:38.0557 5876 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
11:28:38.0557 5876 1394ohci - ok
11:28:38.0557 5876 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:28:38.0557 5876 ACPI - ok
11:28:38.0572 5876 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:28:38.0572 5876 AcpiPmi - ok
11:28:38.0572 5876 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:28:38.0572 5876 AdobeARMservice - ok
11:28:38.0588 5876 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:28:38.0588 5876 AdobeFlashPlayerUpdateSvc - ok
11:28:38.0588 5876 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:28:38.0603 5876 adp94xx - ok
11:28:38.0603 5876 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:28:38.0603 5876 adpahci - ok
11:28:38.0619 5876 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:28:38.0619 5876 adpu320 - ok
11:28:38.0619 5876 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:28:38.0619 5876 AeLookupSvc - ok
11:28:38.0619 5876 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:28:38.0635 5876 AFD - ok
11:28:38.0635 5876 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:28:38.0635 5876 agp440 - ok
11:28:38.0635 5876 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:28:38.0635 5876 ALG - ok
11:28:38.0635 5876 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:28:38.0635 5876 aliide - ok
11:28:38.0650 5876 ALSysIO - ok
11:28:38.0650 5876 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:28:38.0650 5876 amdide - ok
11:28:38.0650 5876 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:28:38.0650 5876 AmdK8 - ok
11:28:38.0650 5876 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:28:38.0650 5876 AmdPPM - ok
11:28:38.0666 5876 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:28:38.0666 5876 amdsata - ok
11:28:38.0666 5876 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:28:38.0666 5876 amdsbs - ok
11:28:38.0666 5876 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:28:38.0666 5876 amdxata - ok
11:28:38.0666 5876 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:28:38.0666 5876 AppID - ok
11:28:38.0681 5876 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:28:38.0681 5876 AppIDSvc - ok
11:28:38.0681 5876 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:28:38.0681 5876 Appinfo - ok
11:28:38.0681 5876 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:28:38.0681 5876 Apple Mobile Device - ok
11:28:38.0681 5876 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
11:28:38.0697 5876 AppMgmt - ok
11:28:38.0697 5876 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
11:28:38.0697 5876 arc - ok
11:28:38.0697 5876 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:28:38.0697 5876 arcsas - ok
11:28:38.0697 5876 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:28:38.0713 5876 aspnet_state - ok
11:28:38.0713 5876 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:28:38.0713 5876 AsyncMac - ok
11:28:38.0713 5876 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:28:38.0713 5876 atapi - ok
11:28:38.0713 5876 [ B4BDE3F758A34658A37DFED3D9783CD8 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
11:28:38.0713 5876 atksgt - ok
11:28:38.0713 5876 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:28:38.0728 5876 AudioEndpointBuilder - ok
11:28:38.0728 5876 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:28:38.0728 5876 AudioSrv - ok
11:28:38.0775 5876 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
11:28:38.0791 5876 AVGIDSAgent - ok
11:28:38.0806 5876 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:28:38.0806 5876 AVGIDSDriver - ok
11:28:38.0806 5876 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
11:28:38.0806 5876 AVGIDSFilter - ok
11:28:38.0806 5876 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
11:28:38.0806 5876 AVGIDSHA - ok
11:28:38.0806 5876 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
11:28:38.0806 5876 Avgldx64 - ok
11:28:38.0822 5876 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
11:28:38.0822 5876 Avgmfx64 - ok
11:28:38.0822 5876 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
11:28:38.0822 5876 Avgrkx64 - ok
11:28:38.0822 5876 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
11:28:38.0822 5876 Avgtdia - ok
11:28:38.0822 5876 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
11:28:38.0822 5876 avgwd - ok
11:28:38.0837 5876 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:28:38.0837 5876 AxInstSV - ok
11:28:38.0837 5876 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:28:38.0837 5876 b06bdrv - ok
11:28:38.0853 5876 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:28:38.0853 5876 b57nd60a - ok
11:28:38.0853 5876 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:28:38.0853 5876 BDESVC - ok
11:28:38.0853 5876 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:28:38.0853 5876 Beep - ok
11:28:38.0869 5876 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:28:38.0869 5876 BFE - ok
11:28:38.0884 5876 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
11:28:38.0900 5876 BITS - ok
11:28:38.0900 5876 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:28:38.0900 5876 blbdrive - ok
11:28:38.0900 5876 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:28:38.0900 5876 Bonjour Service - ok
11:28:38.0915 5876 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:28:38.0915 5876 bowser - ok
11:28:38.0915 5876 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:28:38.0915 5876 BrFiltLo - ok
11:28:38.0915 5876 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:28:38.0915 5876 BrFiltUp - ok
11:28:38.0915 5876 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
11:28:38.0915 5876 BridgeMP - ok
11:28:38.0915 5876 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:28:38.0915 5876 Browser - ok
11:28:38.0931 5876 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:28:38.0931 5876 Brserid - ok
11:28:38.0931 5876 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:28:38.0931 5876 BrSerWdm - ok
11:28:38.0931 5876 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:28:38.0931 5876 BrUsbMdm - ok
11:28:38.0931 5876 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:28:38.0931 5876 BrUsbSer - ok
11:28:38.0931 5876 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:28:38.0947 5876 BTHMODEM - ok
11:28:38.0947 5876 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:28:38.0947 5876 bthserv - ok
11:28:38.0947 5876 catchme - ok
11:28:38.0947 5876 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:28:38.0947 5876 cdfs - ok
11:28:38.0962 5876 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:28:38.0962 5876 cdrom - ok
11:28:38.0962 5876 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:28:38.0962 5876 CertPropSvc - ok
11:28:38.0962 5876 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:28:38.0962 5876 circlass - ok
11:28:38.0962 5876 [ FF60401F1C659CA2ED4BAE85D3FD14DA ] CISVC C:\Windows\system32\CISVC.EXE
11:28:38.0962 5876 CISVC - ok
11:28:38.0978 5876 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:28:38.0978 5876 CLFS - ok
11:28:38.0978 5876 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:28:38.0978 5876 clr_optimization_v2.0.50727_32 - ok
11:28:38.0978 5876 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:28:38.0978 5876 clr_optimization_v2.0.50727_64 - ok
11:28:38.0993 5876 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:28:38.0993 5876 clr_optimization_v4.0.30319_32 - ok
11:28:38.0993 5876 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:28:38.0993 5876 clr_optimization_v4.0.30319_64 - ok
11:28:38.0993 5876 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:28:38.0993 5876 CmBatt - ok
11:28:38.0993 5876 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:28:38.0993 5876 cmdide - ok
11:28:39.0009 5876 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:28:39.0009 5876 CNG - ok
11:28:39.0009 5876 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:28:39.0009 5876 Compbatt - ok
11:28:39.0009 5876 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:28:39.0009 5876 CompositeBus - ok
11:28:39.0009 5876 COMSysApp - ok
11:28:39.0009 5876 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:28:39.0009 5876 crcdisk - ok
11:28:39.0025 5876 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:28:39.0025 5876 CryptSvc - ok
11:28:39.0025 5876 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
11:28:39.0040 5876 CSC - ok
11:28:39.0040 5876 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
11:28:39.0040 5876 CscService - ok
11:28:39.0056 5876 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
11:28:39.0056 5876 dc3d - ok
11:28:39.0056 5876 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:28:39.0056 5876 DcomLaunch - ok
11:28:39.0071 5876 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:28:39.0071 5876 defragsvc - ok
11:28:39.0071 5876 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:28:39.0071 5876 DfsC - ok
11:28:39.0071 5876 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:28:39.0071 5876 Dhcp - ok
11:28:39.0087 5876 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:28:39.0087 5876 discache - ok
11:28:39.0087 5876 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:28:39.0087 5876 Disk - ok
11:28:39.0087 5876 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:28:39.0087 5876 Dnscache - ok
11:28:39.0087 5876 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:28:39.0103 5876 dot3svc - ok
11:28:39.0103 5876 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:28:39.0103 5876 DPS - ok
11:28:39.0103 5876 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:28:39.0103 5876 drmkaud - ok
11:28:39.0103 5876 [ D3D64CF7B2BCEAA34A270F45A3FFFB36 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:28:39.0103 5876 dtsoftbus01 - ok
11:28:39.0118 5876 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:28:39.0118 5876 DXGKrnl - ok
11:28:39.0118 5876 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:28:39.0118 5876 EapHost - ok
11:28:39.0149 5876 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:28:39.0181 5876 ebdrv - ok
11:28:39.0181 5876 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:28:39.0181 5876 EFS - ok
11:28:39.0196 5876 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:28:39.0196 5876 ehRecvr - ok
11:28:39.0196 5876 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:28:39.0196 5876 ehSched - ok
11:28:39.0212 5876 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:28:39.0212 5876 elxstor - ok
11:28:39.0212 5876 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:28:39.0212 5876 ErrDev - ok
11:28:39.0227 5876 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:28:39.0227 5876 EventSystem - ok
11:28:39.0227 5876 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:28:39.0227 5876 exfat - ok
11:28:39.0243 5876 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:28:39.0243 5876 fastfat - ok
11:28:39.0243 5876 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:28:39.0259 5876 Fax - ok
11:28:39.0259 5876 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:28:39.0259 5876 fdc - ok
11:28:39.0259 5876 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:28:39.0259 5876 fdPHost - ok
11:28:39.0259 5876 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:28:39.0259 5876 FDResPub - ok
11:28:39.0259 5876 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:28:39.0259 5876 FileInfo - ok
11:28:39.0274 5876 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:28:39.0274 5876 Filetrace - ok
11:28:39.0274 5876 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:28:39.0274 5876 flpydisk - ok
11:28:39.0274 5876 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:28:39.0274 5876 FltMgr - ok
11:28:39.0290 5876 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:28:39.0290 5876 FontCache - ok
11:28:39.0305 5876 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:28:39.0305 5876 FontCache3.0.0.0 - ok
11:28:39.0305 5876 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:28:39.0305 5876 FsDepends - ok
11:28:39.0305 5876 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:28:39.0305 5876 Fs_Rec - ok
11:28:39.0305 5876 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:28:39.0305 5876 fvevol - ok
11:28:39.0321 5876 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:28:39.0321 5876 gagp30kx - ok
11:28:39.0321 5876 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:28:39.0321 5876 GEARAspiWDM - ok
11:28:39.0321 5876 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:28:39.0321 5876 gpsvc - ok
11:28:39.0337 5876 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
11:28:39.0337 5876 hamachi - ok
11:28:39.0337 5876 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:28:39.0337 5876 hcw85cir - ok
11:28:39.0337 5876 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:28:39.0337 5876 HdAudAddService - ok
11:28:39.0352 5876 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:28:39.0352 5876 HDAudBus - ok
11:28:39.0352 5876 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:28:39.0352 5876 HidBatt - ok
11:28:39.0352 5876 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:28:39.0352 5876 HidBth - ok
11:28:39.0352 5876 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:28:39.0352 5876 HidIr - ok
11:28:39.0352 5876 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
11:28:39.0352 5876 hidserv - ok
11:28:39.0368 5876 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:28:39.0368 5876 HidUsb - ok
11:28:39.0368 5876 [ 0926C3B5CBF64C88F432FF449B211807 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
11:28:39.0368 5876 HitmanProScheduler - ok
11:28:39.0368 5876 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:28:39.0368 5876 hkmsvc - ok
11:28:39.0368 5876 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:28:39.0368 5876 HomeGroupListener - ok
11:28:39.0383 5876 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:28:39.0383 5876 HomeGroupProvider - ok
11:28:39.0383 5876 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:28:39.0383 5876 HpSAMD - ok
11:28:39.0399 5876 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:28:39.0399 5876 HTTP - ok
11:28:39.0399 5876 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:28:39.0399 5876 hwpolicy - ok
11:28:39.0399 5876 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:28:39.0399 5876 i8042prt - ok
11:28:39.0399 5876 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:28:39.0415 5876 iaStorV - ok
11:28:39.0415 5876 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:28:39.0430 5876 idsvc - ok
11:28:39.0430 5876 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:28:39.0430 5876 iirsp - ok
11:28:39.0446 5876 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:28:39.0446 5876 IKEEXT - ok
11:28:39.0477 5876 [ C03463214D23B46B991F582821C8DF69 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:28:39.0477 5876 IntcAzAudAddService - ok
11:28:39.0477 5876 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:28:39.0493 5876 intelide - ok
11:28:39.0493 5876 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:28:39.0493 5876 intelppm - ok
11:28:39.0493 5876 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:28:39.0493 5876 IPBusEnum - ok
11:28:39.0493 5876 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:28:39.0493 5876 IpFilterDriver - ok
11:28:39.0508 5876 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:28:39.0508 5876 iphlpsvc - ok
11:28:39.0508 5876 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:28:39.0508 5876 IPMIDRV - ok
11:28:39.0524 5876 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:28:39.0524 5876 IPNAT - ok
11:28:39.0524 5876 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:28:39.0524 5876 iPod Service - ok
11:28:39.0539 5876 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:28:39.0539 5876 IRENUM - ok
11:28:39.0539 5876 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:28:39.0539 5876 isapnp - ok
11:28:39.0539 5876 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:28:39.0539 5876 iScsiPrt - ok
11:28:39.0555 5876 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:28:39.0555 5876 kbdclass - ok
11:28:39.0555 5876 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:28:39.0555 5876 kbdhid - ok
11:28:39.0555 5876 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:28:39.0555 5876 KeyIso - ok
11:28:39.0555 5876 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:28:39.0555 5876 KSecDD - ok
11:28:39.0555 5876 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:28:39.0555 5876 KSecPkg - ok
11:28:39.0571 5876 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:28:39.0571 5876 ksthunk - ok
11:28:39.0571 5876 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:28:39.0571 5876 KtmRm - ok
11:28:39.0571 5876 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
11:28:39.0586 5876 LanmanServer - ok
11:28:39.0586 5876 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:28:39.0586 5876 LanmanWorkstation - ok
11:28:39.0586 5876 [ 955982BF4421B77722196552B62E8DC2 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
11:28:39.0586 5876 lirsgt - ok
11:28:39.0586 5876 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:28:39.0586 5876 lltdio - ok
11:28:39.0602 5876 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:28:39.0602 5876 lltdsvc - ok
11:28:39.0602 5876 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:28:39.0602 5876 lmhosts - ok
11:28:39.0602 5876 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:28:39.0602 5876 LSI_FC - ok
11:28:39.0617 5876 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:28:39.0617 5876 LSI_SAS - ok
11:28:39.0617 5876 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:28:39.0617 5876 LSI_SAS2 - ok
11:28:39.0617 5876 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:28:39.0617 5876 LSI_SCSI - ok
11:28:39.0617 5876 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:28:39.0617 5876 luafv - ok
11:28:39.0617 5876 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
11:28:39.0633 5876 MBfilt - ok
11:28:39.0633 5876 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:28:39.0633 5876 Mcx2Svc - ok
11:28:39.0633 5876 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:28:39.0633 5876 megasas - ok
11:28:39.0633 5876 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:28:39.0633 5876 MegaSR - ok
11:28:39.0649 5876 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:28:39.0649 5876 MEIx64 - ok
11:28:39.0649 5876 Microsoft SharePoint Workspace Audit Service - ok
11:28:39.0649 5876 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:28:39.0649 5876 MMCSS - ok
11:28:39.0649 5876 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:28:39.0649 5876 Modem - ok
11:28:39.0664 5876 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:28:39.0664 5876 monitor - ok
11:28:39.0664 5876 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:28:39.0664 5876 mouclass - ok
11:28:39.0664 5876 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:28:39.0664 5876 mouhid - ok
11:28:39.0664 5876 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:28:39.0664 5876 mountmgr - ok
11:28:39.0664 5876 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:28:39.0680 5876 mpio - ok
11:28:39.0680 5876 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:28:39.0680 5876 mpsdrv - ok
11:28:39.0680 5876 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:28:39.0695 5876 MpsSvc - ok
11:28:39.0695 5876 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:28:39.0695 5876 MRxDAV - ok
11:28:39.0695 5876 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:28:39.0695 5876 mrxsmb - ok
11:28:39.0711 5876 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:28:39.0711 5876 mrxsmb10 - ok
11:28:39.0711 5876 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:28:39.0711 5876 mrxsmb20 - ok
11:28:39.0711 5876 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:28:39.0711 5876 msahci - ok
11:28:39.0711 5876 [ A592A054D78750B4D73ABAA4C94DECDF ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
11:28:39.0711 5876 MSCamSvc - ok
11:28:39.0727 5876 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:28:39.0727 5876 msdsm - ok
11:28:39.0727 5876 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:28:39.0727 5876 MSDTC - ok
11:28:39.0727 5876 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:28:39.0727 5876 Msfs - ok
11:28:39.0742 5876 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:28:39.0742 5876 mshidkmdf - ok
11:28:39.0742 5876 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:28:39.0742 5876 msisadrv - ok
11:28:39.0742 5876 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:28:39.0742 5876 MSiSCSI - ok
11:28:39.0742 5876 msiserver - ok
11:28:39.0742 5876 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:28:39.0758 5876 MSKSSRV - ok
11:28:39.0758 5876 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:28:39.0758 5876 MSPCLOCK - ok
11:28:39.0758 5876 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:28:39.0758 5876 MSPQM - ok
11:28:39.0758 5876 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:28:39.0758 5876 MsRPC - ok
11:28:39.0773 5876 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:28:39.0773 5876 mssmbios - ok
11:28:39.0773 5876 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:28:39.0773 5876 MSTEE - ok
11:28:39.0773 5876 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:28:39.0773 5876 MTConfig - ok
11:28:39.0773 5876 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:28:39.0773 5876 Mup - ok
11:28:39.0789 5876 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:28:39.0789 5876 napagent - ok
11:28:39.0789 5876 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:28:39.0789 5876 NativeWifiP - ok
11:28:39.0805 5876 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:28:39.0805 5876 NDIS - ok
11:28:39.0805 5876 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:28:39.0820 5876 NdisCap - ok
11:28:39.0820 5876 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:28:39.0820 5876 NdisTapi - ok
11:28:39.0820 5876 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:28:39.0820 5876 Ndisuio - ok
11:28:39.0820 5876 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:28:39.0820 5876 NdisWan - ok
11:28:39.0820 5876 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:28:39.0820 5876 NDProxy - ok
11:28:39.0836 5876 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:28:39.0836 5876 NetBIOS - ok
11:28:39.0836 5876 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:28:39.0836 5876 NetBT - ok
11:28:39.0836 5876 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:28:39.0836 5876 Netlogon - ok
11:28:39.0851 5876 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:28:39.0851 5876 Netman - ok
11:28:39.0851 5876 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:28:39.0851 5876 NetMsmqActivator - ok
11:28:39.0851 5876 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:28:39.0851 5876 NetPipeActivator - ok
11:28:39.0867 5876 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:28:39.0867 5876 netprofm - ok
11:28:39.0883 5876 [ 5EB01F698C4E2C11598934D4540047CA ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
11:28:39.0883 5876 netr28ux - ok
11:28:39.0898 5876 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:28:39.0898 5876 NetTcpActivator - ok
11:28:39.0898 5876 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:28:39.0898 5876 NetTcpPortSharing - ok
11:28:39.0898 5876 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:28:39.0898 5876 nfrd960 - ok
11:28:39.0898 5876 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:28:39.0914 5876 NlaSvc - ok
11:28:39.0914 5876 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:28:39.0914 5876 Npfs - ok
11:28:39.0914 5876 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:28:39.0914 5876 nsi - ok
11:28:39.0914 5876 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:28:39.0914 5876 nsiproxy - ok
11:28:39.0929 5876 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:28:39.0945 5876 Ntfs - ok
11:28:39.0945 5876 [ 317020D31F1696334679B9D0416EB62E ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
11:28:39.0945 5876 NuidFltr - ok
11:28:39.0945 5876 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:28:39.0945 5876 Null - ok
11:28:39.0945 5876 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
11:28:39.0945 5876 nusb3hub - ok
11:28:39.0961 5876 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:28:39.0961 5876 nusb3xhc - ok
11:28:39.0961 5876 NVHDA - ok
11:28:40.0085 5876 [ 9C1996DD3C0469BC8933321F15709F5A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:28:40.0132 5876 nvlddmkm - ok
11:28:40.0132 5876 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:28:40.0132 5876 nvraid - ok
11:28:40.0148 5876 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:28:40.0148 5876 nvstor - ok
11:28:40.0148 5876 [ DFDA089BB2CD0FF7E789E2EF6BA1E4BA ] nvsvc C:\Windows\system32\nvvsvc.exe
11:28:40.0163 5876 nvsvc - ok
11:28:40.0179 5876 [ E7818CD4FB51284C948D68A7A85A69B8 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
11:28:40.0195 5876 nvUpdatusService - ok
11:28:40.0195 5876 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:28:40.0195 5876 nv_agp - ok
11:28:40.0210 5876 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:28:40.0210 5876 ohci1394 - ok
11:28:40.0210 5876 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:28:40.0210 5876 ose - ok
11:28:40.0257 5876 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:28:40.0288 5876 osppsvc - ok
11:28:40.0304 5876 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:28:40.0304 5876 p2pimsvc - ok
11:28:40.0304 5876 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:28:40.0319 5876 p2psvc - ok
11:28:40.0319 5876 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:28:40.0319 5876 Parport - ok
11:28:40.0319 5876 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:28:40.0319 5876 partmgr - ok
11:28:40.0319 5876 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:28:40.0319 5876 PcaSvc - ok
11:28:40.0335 5876 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:28:40.0335 5876 pci - ok
11:28:40.0335 5876 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:28:40.0335 5876 pciide - ok
11:28:40.0335 5876 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:28:40.0335 5876 pcmcia - ok
11:28:40.0351 5876 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:28:40.0351 5876 pcw - ok
11:28:40.0351 5876 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:28:40.0351 5876 PEAUTH - ok
11:28:40.0366 5876 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:28:40.0382 5876 PeerDistSvc - ok
11:28:40.0397 5876 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:28:40.0397 5876 PerfHost - ok
11:28:40.0413 5876 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:28:40.0429 5876 pla - ok
11:28:40.0429 5876 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:28:40.0429 5876 PlugPlay - ok
11:28:40.0444 5876 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:28:40.0444 5876 PNRPAutoReg - ok
11:28:40.0444 5876 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:28:40.0444 5876 PNRPsvc - ok
11:28:40.0444 5876 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
11:28:40.0444 5876 Point64 - ok
11:28:40.0460 5876 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:28:40.0460 5876 PolicyAgent - ok
11:28:40.0460 5876 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:28:40.0475 5876 Power - ok
11:28:40.0475 5876 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:28:40.0475 5876 PptpMiniport - ok
11:28:40.0475 5876 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:28:40.0475 5876 Processor - ok
11:28:40.0475 5876 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:28:40.0475 5876 ProfSvc - ok
11:28:40.0491 5876 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:28:40.0491 5876 ProtectedStorage - ok
11:28:40.0491 5876 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:28:40.0491 5876 Psched - ok
11:28:40.0507 5876 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:28:40.0522 5876 ql2300 - ok
11:28:40.0522 5876 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:28:40.0522 5876 ql40xx - ok
11:28:40.0522 5876 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:28:40.0538 5876 QWAVE - ok
11:28:40.0538 5876 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:28:40.0538 5876 QWAVEdrv - ok
11:28:40.0538 5876 [ 720FEA3AAA15FE7E0BEAB10AC2E6D2B0 ] RalinkRegistryWriter C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
11:28:40.0538 5876 RalinkRegistryWriter - ok
11:28:40.0553 5876 [ 178CEF55E09DC320FF6561D4EEB4F632 ] RalinkRegistryWriter64 C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
11:28:40.0553 5876 RalinkRegistryWriter64 - ok
11:28:40.0553 5876 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:28:40.0553 5876 RasAcd - ok
11:28:40.0553 5876 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:28:40.0553 5876 RasAgileVpn - ok
11:28:40.0553 5876 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:28:40.0553 5876 RasAuto - ok
11:28:40.0569 5876 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:28:40.0569 5876 Rasl2tp - ok
11:28:40.0569 5876 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:28:40.0569 5876 RasMan - ok
11:28:40.0569 5876 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:28:40.0585 5876 RasPppoe - ok
11:28:40.0585 5876 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:28:40.0585 5876 RasSstp - ok
11:28:40.0585 5876 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:28:40.0585 5876 rdbss - ok
11:28:40.0600 5876 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:28:40.0600 5876 rdpbus - ok
11:28:40.0600 5876 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:28:40.0600 5876 RDPCDD - ok
11:28:40.0600 5876 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:28:40.0600 5876 RDPDR - ok
11:28:40.0600 5876 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:28:40.0600 5876 RDPENCDD - ok
11:28:40.0616 5876 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:28:40.0616 5876 RDPREFMP - ok
11:28:40.0616 5876 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:28:40.0616 5876 RdpVideoMiniport - ok
11:28:40.0616 5876 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:28:40.0631 5876 RDPWD - ok
11:28:40.0631 5876 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:28:40.0631 5876 rdyboost - ok
11:28:40.0631 5876 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:28:40.0631 5876 RemoteAccess - ok
11:28:40.0647 5876 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:28:40.0647 5876 RemoteRegistry - ok
11:28:40.0647 5876 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:28:40.0647 5876 RpcEptMapper - ok
11:28:40.0647 5876 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:28:40.0647 5876 RpcLocator - ok
11:28:40.0663 5876 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:28:40.0663 5876 RpcSs - ok
11:28:40.0663 5876 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:28:40.0663 5876 rspndr - ok
11:28:40.0678 5876 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:28:40.0678 5876 RTL8167 - ok
11:28:40.0678 5876 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:28:40.0678 5876 s3cap - ok
11:28:40.0678 5876 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:28:40.0678 5876 SamSs - ok
11:28:40.0678 5876 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:28:40.0694 5876 sbp2port - ok
11:28:40.0694 5876 SBRE - ok
11:28:40.0694 5876 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:28:40.0694 5876 SCardSvr - ok
11:28:40.0694 5876 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:28:40.0694 5876 scfilter - ok
11:28:40.0709 5876 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:28:40.0709 5876 Schedule - ok
11:28:40.0725 5876 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:28:40.0725 5876 SCPolicySvc - ok
11:28:40.0725 5876 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:28:40.0725 5876 SDRSVC - ok
11:28:40.0725 5876 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:28:40.0725 5876 secdrv - ok
11:28:40.0741 5876 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:28:40.0741 5876 seclogon - ok
11:28:40.0741 5876 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
11:28:40.0741 5876 SENS - ok
11:28:40.0741 5876 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:28:40.0741 5876 SensrSvc - ok
11:28:40.0741 5876 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:28:40.0741 5876 Serenum - ok
11:28:40.0756 5876 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:28:40.0756 5876 Serial - ok
11:28:40.0756 5876 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:28:40.0756 5876 sermouse - ok
11:28:40.0756 5876 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:28:40.0772 5876 SessionEnv - ok
11:28:40.0772 5876 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:28:40.0772 5876 sffdisk - ok
11:28:40.0772 5876 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:28:40.0772 5876 sffp_mmc - ok
11:28:40.0772 5876 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:28:40.0772 5876 sffp_sd - ok
11:28:40.0772 5876 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:28:40.0772 5876 sfloppy - ok
11:28:40.0787 5876 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:28:40.0787 5876 SharedAccess - ok
11:28:40.0803 5876 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:28:40.0803 5876 ShellHWDetection - ok
11:28:40.0803 5876 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:28:40.0803 5876 SiSRaid2 - ok
11:28:40.0803 5876 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:28:40.0803 5876 SiSRaid4 - ok
11:28:40.0819 5876 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:28:40.0819 5876 SkypeUpdate - ok
11:28:40.0819 5876 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:28:40.0819 5876 Smb - ok
11:28:40.0819 5876 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:28:40.0819 5876 SNMPTRAP - ok
11:28:40.0834 5876 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:28:40.0834 5876 spldr - ok
11:28:40.0834 5876 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:28:40.0834 5876 Spooler - ok
11:28:40.0865 5876 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:28:40.0897 5876 sppsvc - ok
11:28:40.0897 5876 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:28:40.0897 5876 sppuinotify - ok
11:28:40.0912 5876 [ AA90A319BB067E0D149B4C95608C4B05 ] sptd C:\Windows\system32\Drivers\sptd.sys
11:28:40.0912 5876 sptd - ok
11:28:40.0928 5876 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:28:40.0928 5876 srv - ok
11:28:40.0943 5876 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:28:40.0943 5876 srv2 - ok
11:28:40.0943 5876 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:28:40.0943 5876 srvnet - ok
11:28:40.0943 5876 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:28:40.0943 5876 SSDPSRV - ok
11:28:40.0959 5876 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:28:40.0959 5876 SstpSvc - ok
11:28:40.0959 5876 Steam Client Service - ok
11:28:40.0959 5876 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:28:40.0959 5876 stexstor - ok
11:28:40.0975 5876 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:28:40.0975 5876 stisvc - ok
11:28:40.0975 5876 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
11:28:40.0975 5876 storflt - ok
11:28:40.0975 5876 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:28:40.0975 5876 storvsc - ok
11:28:40.0990 5876 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:28:40.0990 5876 swenum - ok
11:28:40.0990 5876 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:28:41.0006 5876 swprv - ok
11:28:41.0006 5876 Synth3dVsc - ok
11:28:41.0021 5876 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:28:41.0037 5876 SysMain - ok
11:28:41.0037 5876 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:28:41.0037 5876 TabletInputService - ok
11:28:41.0053 5876 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:28:41.0053 5876 TapiSrv - ok
11:28:41.0053 5876 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:28:41.0053 5876 TBS - ok
11:28:41.0068 5876 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:28:41.0084 5876 Tcpip - ok
11:28:41.0099 5876 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:28:41.0099 5876 TCPIP6 - ok
11:28:41.0115 5876 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:28:41.0115 5876 tcpipreg - ok
11:28:41.0115 5876 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:28:41.0115 5876 TDPIPE - ok
11:28:41.0115 5876 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:28:41.0115 5876 TDTCP - ok
11:28:41.0131 5876 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:28:41.0131 5876 tdx - ok
11:28:41.0131 5876 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:28:41.0131 5876 TermDD - ok
11:28:41.0131 5876 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:28:41.0146 5876 TermService - ok
11:28:41.0146 5876 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:28:41.0146 5876 Themes - ok
11:28:41.0146 5876 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:28:41.0146 5876 THREADORDER - ok
11:28:41.0162 5876 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:28:41.0162 5876 TrkWks - ok
11:28:41.0162 5876 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:28:41.0162 5876 TrustedInstaller - ok
11:28:41.0177 5876 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:28:41.0177 5876 tssecsrv - ok
11:28:41.0177 5876 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:28:41.0177 5876 TsUsbFlt - ok
11:28:41.0177 5876 tsusbhub - ok
11:28:41.0177 5876 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:28:41.0177 5876 tunnel - ok
11:28:41.0193 5876 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:28:41.0193 5876 uagp35 - ok
11:28:41.0193 5876 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:28:41.0193 5876 udfs - ok
11:28:41.0209 5876 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:28:41.0209 5876 UI0Detect - ok
11:28:41.0209 5876 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:28:41.0209 5876 uliagpkx - ok
11:28:41.0209 5876 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:28:41.0209 5876 umbus - ok
11:28:41.0209 5876 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:28:41.0209 5876 UmPass - ok
11:28:41.0224 5876 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
11:28:41.0224 5876 UmRdpService - ok
11:28:41.0224 5876 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:28:41.0240 5876 upnphost - ok
11:28:41.0240 5876 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:28:41.0240 5876 USBAAPL64 - ok
11:28:41.0240 5876 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
11:28:41.0240 5876 usbaudio - ok
11:28:41.0240 5876 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:28:41.0240 5876 usbccgp - ok
11:28:41.0255 5876 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:28:41.0255 5876 usbcir - ok
11:28:41.0255 5876 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
11:28:41.0255 5876 usbehci - ok
11:28:41.0255 5876 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:28:41.0271 5876 usbhub - ok
11:28:41.0271 5876 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:28:41.0271 5876 usbohci - ok
11:28:41.0271 5876 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:28:41.0271 5876 usbprint - ok
11:28:41.0271 5876 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:28:41.0271 5876 usbscan - ok
11:28:41.0287 5876 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:28:41.0287 5876 USBSTOR - ok
11:28:41.0287 5876 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:28:41.0287 5876 usbuhci - ok
11:28:41.0287 5876 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:28:41.0287 5876 UxSms - ok
11:28:41.0287 5876 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:28:41.0287 5876 VaultSvc - ok
11:28:41.0302 5876 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:28:41.0302 5876 vdrvroot - ok
11:28:41.0302 5876 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:28:41.0318 5876 vds - ok
11:28:41.0318 5876 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:28:41.0318 5876 vga - ok
11:28:41.0318 5876 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:28:41.0318 5876 VgaSave - ok
11:28:41.0318 5876 VGPU - ok
11:28:41.0333 5876 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:28:41.0333 5876 vhdmp - ok
11:28:41.0333 5876 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:28:41.0333 5876 viaide - ok
11:28:41.0333 5876 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
11:28:41.0333 5876 vmbus - ok
11:28:41.0349 5876 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:28:41.0349 5876 VMBusHID - ok
11:28:41.0349 5876 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:28:41.0349 5876 volmgr - ok
11:28:41.0349 5876 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:28:41.0349 5876 volmgrx - ok
11:28:41.0365 5876 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:28:41.0365 5876 volsnap - ok
11:28:41.0365 5876 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:28:41.0365 5876 vsmraid - ok
11:28:41.0380 5876 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:28:41.0396 5876 VSS - ok
11:28:41.0396 5876 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:28:41.0396 5876 vwifibus - ok
11:28:41.0411 5876 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:28:41.0411 5876 vwififlt - ok
11:28:41.0411 5876 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:28:41.0411 5876 vwifimp - ok
11:28:41.0427 5876 [ CE6C085771812D5EE863CC7EF93CAEF2 ] VX1000 C:\Windows\system32\DRIVERS\VX1000.sys
11:28:41.0443 5876 VX1000 - ok
11:28:41.0443 5876 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:28:41.0443 5876 W32Time - ok
11:28:41.0458 5876 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:28:41.0458 5876 WacomPen - ok
11:28:41.0458 5876 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:28:41.0458 5876 WANARP - ok
11:28:41.0458 5876 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:28:41.0458 5876 Wanarpv6 - ok
11:28:41.0474 5876 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:28:41.0489 5876 WatAdminSvc - ok
11:28:41.0505 5876 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:28:41.0521 5876 wbengine - ok
11:28:41.0521 5876 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:28:41.0521 5876 WbioSrvc - ok
11:28:41.0536 5876 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:28:41.0536 5876 wcncsvc - ok
11:28:41.0536 5876 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:28:41.0536 5876 WcsPlugInService - ok
11:28:41.0552 5876 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:28:41.0552 5876 Wd - ok
11:28:41.0552 5876 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
11:28:41.0552 5876 WDC_SAM - ok
11:28:41.0552 5876 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:28:41.0567 5876 Wdf01000 - ok
11:28:41.0567 5876 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:28:41.0567 5876 WdiServiceHost - ok
11:28:41.0567 5876 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:28:41.0567 5876 WdiSystemHost - ok
11:28:41.0583 5876 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:28:41.0583 5876 WebClient - ok
11:28:41.0583 5876 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:28:41.0583 5876 Wecsvc - ok
11:28:41.0599 5876 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:28:41.0599 5876 wercplsupport - ok
11:28:41.0599 5876 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:28:41.0599 5876 WerSvc - ok
11:28:41.0599 5876 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:28:41.0599 5876 WfpLwf - ok
11:28:41.0614 5876 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:28:41.0614 5876 WIMMount - ok
11:28:41.0614 5876 WinDefend - ok
11:28:41.0614 5876 WinHttpAutoProxySvc - ok
11:28:41.0630 5876 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:28:41.0630 5876 Winmgmt - ok
11:28:41.0645 5876 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:28:41.0661 5876 WinRM - ok
11:28:41.0677 5876 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:28:41.0677 5876 WinUsb - ok
11:28:41.0692 5876 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:28:41.0692 5876 Wlansvc - ok
11:28:41.0692 5876 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:28:41.0692 5876 WmiAcpi - ok
11:28:41.0708 5876 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:28:41.0708 5876 wmiApSrv - ok
11:28:41.0708 5876 WMPNetworkSvc - ok
11:28:41.0708 5876 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:28:41.0708 5876 WPCSvc - ok
11:28:41.0708 5876 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:28:41.0723 5876 WPDBusEnum - ok
11:28:41.0723 5876 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:28:41.0723 5876 ws2ifsl - ok
11:28:41.0723 5876 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
11:28:41.0723 5876 wscsvc - ok
11:28:41.0739 5876 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
11:28:41.0739 5876 WSDPrintDevice - ok
11:28:41.0739 5876 WSearch - ok
11:28:41.0755 5876 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:28:41.0786 5876 wuauserv - ok
11:28:41.0786 5876 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:28:41.0786 5876 WudfPf - ok
11:28:41.0786 5876 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:28:41.0786 5876 WUDFRd - ok
11:28:41.0801 5876 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:28:41.0801 5876 wudfsvc - ok
11:28:41.0801 5876 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:28:41.0801 5876 WwanSvc - ok
11:28:41.0817 5876 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
11:28:41.0817 5876 xusb21 - ok
11:28:41.0833 5876 [ 74983ADDCA2D9618512C088D856D6615 ] {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl
11:28:41.0833 5876 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} - ok
11:28:41.0833 5876 ================ Scan global ===============================
11:28:41.0833 5876 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:28:41.0833 5876 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
11:28:41.0848 5876 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
11:28:41.0848 5876 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:28:41.0848 5876 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:28:41.0848 5876 [Global] - ok
11:28:41.0848 5876 ================ Scan MBR ==================================
11:28:41.0848 5876 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:28:42.0004 5876 \Device\Harddisk0\DR0 - ok
11:28:42.0004 5876 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
11:28:42.0004 5876 \Device\Harddisk1\DR1 - ok
11:28:42.0004 5876 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
11:28:42.0004 5876 \Device\Harddisk2\DR2 - ok
11:28:42.0004 5876 ================ Scan VBR ==================================
11:28:42.0020 5876 [ 7E9B1C51812CEDD5D82017D3881745DA ] \Device\Harddisk0\DR0\Partition1
11:28:42.0020 5876 \Device\Harddisk0\DR0\Partition1 - ok
11:28:42.0020 5876 [ A42358AADA15EDE224502743480320BE ] \Device\Harddisk0\DR0\Partition2
11:28:42.0020 5876 \Device\Harddisk0\DR0\Partition2 - ok
11:28:42.0020 5876 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
11:28:42.0020 5876 \Device\Harddisk1\DR1\Partition1 - ok
11:28:42.0020 5876 [ 3299AC58CA9C46C7FE69793B5A276C8E ] \Device\Harddisk1\DR1\Partition2
11:28:42.0020 5876 \Device\Harddisk1\DR1\Partition2 - ok
11:28:42.0020 5876 [ EE3DC49BBC7BDFB67117D318E9B51AA1 ] \Device\Harddisk2\DR2\Partition1
11:28:42.0020 5876 \Device\Harddisk2\DR2\Partition1 - ok
11:28:42.0020 5876 ============================================================
11:28:42.0020 5876 Scan finished
11:28:42.0020 5876 ============================================================
11:28:42.0035 6056 Detected object count: 0
11:28:42.0035 6056 Actual detected object count: 0

[askey127]

bpiper90,
-----------------------------------------------------------
Your logs show signs of a Remote Access Infection on your computer.

[2012/09/11 14:51:05 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{e6ce7fce-545a-3e31-9b59-f1260620b2ee}\L
[2012/09/11 14:51:13 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{e6ce7fce-545a-3e31-9b59-f1260620b2ee}\U
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
...and others

These indicate you have this named infection : .... Zero Access Trojan
See this Antivirus analysis :

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Win32%2fSirefef

A Remote Access Infection will allow the person who infected your computer to use your computer as if he were sitting in front of it, and he may ....

• Steal bank account details.
• Steal credit card numbers.
• Steal your personal details.
• Modify your computer to make it easier to infect.
• Use your computer as part of a botnet, to distribute porn or spam.
• Anything else he cares to think of ..... and most attackers are very inventive people.

You are strongly advised to do the following immediately ....

• Disconnect the infected computer from the internet and from any networked computers.
• Call all of your banks, credit card companies, and financial institutions, and inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.
• From a clean computer, change all your online passwords -- for email, for banks, financial accounts, PayPal, eBay, online companies, any online forums or groups you belong to.

Do not change passwords or do any transactions while using the infected computer, because the attacker will get the new passwords and transaction information.

The only way to remove these type of infections and leave yourself with a secure computer, is to re-format your hard drive and re-install Windows.

It is impossible to discover all of the modifications that your attacker may have made to your computer while he had access to it, and though we may be able to remove all the obvious signs of infection from your computer, and leave you with an apparently fully functioning machine, that does not mean it is secure.

If you use your computer for any of the following ....

• Online Banking.
• Finances or credit of any kind.
• Filling out your tax forms online or offline.
• Filling out Social Security or Personal Insurance forms online or offline.
• Making online purchases or payments of any type.
• Anything involving the use of confidential data.

.... then a re-format and re-install should be the only choice you should make.

If you insist, we are prepared to help you "clean" your machine, but we strongly advise you against this course of action, and you must understand that although we may be able to restore your computer to a usable condition, it will NOT be secure until a re-format and re-install is performed, and should not be used for any of the activities listed above.
To help you decide, please take some time to read the following articles, then let me know how you want to proceed.

• Devastating Effects Of Remote Access Trojans
• Help: I Got Hacked. Now What Do I Do?
• Help: I Got Hacked. Now What Do I Do? Part II
• Our tutorial here on Remote Access Trojans and Full System Recovery methods: http://www.malwareremoval.com/forum/viewtopic.php?f=4&t=60204
  It includes methods to perform a full system recovery on OEM machines that came with Windows installed.

askey127

[bpiper90]

I think that re-formating is the best solution here, I appreciate all the help you are awesome.

[askey127]

Since it has been determined the best resolution of this issue requires a ReFormat and Re-Installation of Windows, this topic will now be closed.