Ads in lower left corner of browser (displayed in flash player)

[Lunarpac]

I noticed that some parts of the ComboFix log were in swedish, I'd be happy to translate to english if need be.

[Satchfan]

Apologies for the late reply but I was not notified that you had responded.

I noticed that some parts of the ComboFix log were in swedish, I'd be happy to translate to english if need be.

Thanks but we are pretty used to CF turning up in different languages.

=======================

Can you send the previous results of TDSSKiller

The oldTDSSKiller report can be found in your root directory, (usually the C:\ folder) and will reflect the date that it was run

=======================

I probably won't reply until tomorrow. It is 11 50pm here in the UK and I have an early start tomorrow.

Cheers

Satchfan

[Lunarpac]

Don't worry about late replies.
Hehe, yeah I figured you'd seen enough of those things to know what's what, even if some elements were in foreign languages. I've done a couple of scans using TDSSKiller, I've provided the log for the first scan I did, which was completed October 9.

TDSSKiller.2.8.10.0_09.10.2012_20.02.06_log
20:02:06.0577 2968 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
20:02:06.0843 2968 ============================================================
20:02:06.0843 2968 Current date / time: 2012/10/09 20:02:06.0843
20:02:06.0843 2968 SystemInfo:
20:02:06.0843 2968
20:02:06.0843 2968 OS Version: 6.1.7601 ServicePack: 1.0
20:02:06.0843 2968 Product type: Workstation
20:02:06.0843 2968 ComputerName: MAX-PC
20:02:06.0843 2968 UserName: Max
20:02:06.0843 2968 Windows directory: C:\Windows
20:02:06.0843 2968 System windows directory: C:\Windows
20:02:06.0843 2968 Running under WOW64
20:02:06.0843 2968 Processor architecture: Intel x64
20:02:06.0843 2968 Number of processors: 4
20:02:06.0843 2968 Page size: 0x1000
20:02:06.0843 2968 Boot type: Normal boot
20:02:06.0843 2968 ============================================================
20:02:09.0972 2968 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
20:02:09.0975 2968 ============================================================
20:02:09.0975 2968 \Device\Harddisk0\DR0:
20:02:09.0975 2968 MBR partitions:
20:02:09.0975 2968 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:02:09.0975 2968 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
20:02:09.0975 2968 ============================================================
20:02:09.0997 2968 C: <-> \Device\Harddisk0\DR0\Partition2
20:02:10.0013 2968 E: <-> \Device\Harddisk0\DR0\Partition1
20:02:10.0013 2968 ============================================================
20:02:10.0013 2968 Initialize success
20:02:10.0013 2968 ============================================================
20:02:12.0415 2396 ============================================================
20:02:12.0415 2396 Scan started
20:02:12.0415 2396 Mode: Manual;
20:02:12.0415 2396 ============================================================
20:02:13.0589 2396 ================ Scan system memory ========================
20:02:13.0589 2396 System memory - ok
20:02:13.0589 2396 ================ Scan services =============================
20:02:13.0688 2396 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
20:02:13.0689 2396 !SASCORE - ok
20:02:13.0786 2396 1394hub - ok
20:02:13.0831 2396 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
20:02:13.0833 2396 1394ohci - ok
20:02:13.0844 2396 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:02:13.0847 2396 ACPI - ok
20:02:13.0858 2396 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:02:13.0859 2396 AcpiPmi - ok
20:02:13.0895 2396 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:02:13.0899 2396 adp94xx - ok
20:02:13.0904 2396 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:02:13.0906 2396 adpahci - ok
20:02:13.0921 2396 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:02:13.0924 2396 adpu320 - ok
20:02:13.0962 2396 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:02:13.0962 2396 AeLookupSvc - ok
20:02:14.0024 2396 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:02:14.0028 2396 AFD - ok
20:02:14.0048 2396 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:02:14.0049 2396 agp440 - ok
20:02:14.0070 2396 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:02:14.0071 2396 ALG - ok
20:02:14.0095 2396 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:02:14.0097 2396 aliide - ok
20:02:14.0590 2396 ALSysIO - ok
20:02:14.0688 2396 [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:02:14.0689 2396 AMD External Events Utility - ok
20:02:14.0748 2396 AMD FUEL Service - ok
20:02:14.0789 2396 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:02:14.0791 2396 amdide - ok
20:02:14.0809 2396 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
20:02:14.0810 2396 amdiox64 - ok
20:02:14.0854 2396 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:02:14.0856 2396 AmdK8 - ok
20:02:15.0001 2396 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:02:15.0136 2396 amdkmdag - ok
20:02:15.0152 2396 [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:02:15.0153 2396 amdkmdap - ok
20:02:15.0179 2396 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:02:15.0180 2396 AmdPPM - ok
20:02:15.0212 2396 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:02:15.0217 2396 amdsata - ok
20:02:15.0250 2396 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:02:15.0253 2396 amdsbs - ok
20:02:15.0266 2396 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:02:15.0267 2396 amdxata - ok
20:02:15.0290 2396 AODDriver4.01 - ok
20:02:15.0296 2396 AODDriver4.1 - ok
20:02:15.0338 2396 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:02:15.0340 2396 AppID - ok
20:02:15.0368 2396 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:02:15.0369 2396 AppIDSvc - ok
20:02:15.0398 2396 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:02:15.0398 2396 Appinfo - ok
20:02:15.0438 2396 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
20:02:15.0440 2396 AppMgmt - ok
20:02:15.0450 2396 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:02:15.0451 2396 arc - ok
20:02:15.0457 2396 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:02:15.0459 2396 arcsas - ok
20:02:15.0592 2396 [ 6E3F4538B33BC19259E99BE1826286A3 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
20:02:15.0595 2396 asComSvc - ok
20:02:15.0619 2396 [ A63173897EA1A73A75D0E65036DE5B15 ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
20:02:15.0622 2396 asHmComSvc - ok
20:02:15.0667 2396 [ FEF9DD9EA587F8886ADE43C1BEFBDAFE ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
20:02:15.0668 2396 AsIO - ok
20:02:15.0694 2396 [ 6D9C024AA8F24065A6DBEAB1F431D854 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
20:02:15.0695 2396 asmthub3 - ok
20:02:15.0760 2396 [ ECAD22F15D8F17CC04F24E9A6FB00F2F ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
20:02:15.0762 2396 asmtxhci - ok
20:02:15.0851 2396 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:02:15.0883 2396 aspnet_state - ok
20:02:15.0945 2396 [ 5C31DFB196CB3A488A041881634D86D2 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
20:02:15.0947 2396 AsSysCtrlService - ok
20:02:15.0973 2396 [ 1392B92179B07B672720763D9B1028A5 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
20:02:15.0973 2396 AsUpIO - ok
20:02:16.0019 2396 [ A5E4CDB420540095D1293C874B5F89AA ] ASUSFILTER C:\Windows\syswow64\drivers\ASUSFILTER.sys
20:02:16.0019 2396 ASUSFILTER - ok
20:02:16.0058 2396 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:02:16.0059 2396 AsyncMac - ok
20:02:16.0095 2396 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:02:16.0096 2396 atapi - ok
20:02:16.0131 2396 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
20:02:16.0132 2396 AtiHDAudioService - ok
20:02:16.0165 2396 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
20:02:16.0174 2396 AtiHdmiService - ok
20:02:16.0196 2396 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
20:02:16.0197 2396 atksgt - ok
20:02:16.0237 2396 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:02:16.0239 2396 AudioEndpointBuilder - ok
20:02:16.0246 2396 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:02:16.0248 2396 AudioSrv - ok
20:02:16.0290 2396 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:02:16.0292 2396 AxInstSV - ok
20:02:16.0334 2396 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:02:16.0339 2396 b06bdrv - ok
20:02:16.0359 2396 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:02:16.0362 2396 b57nd60a - ok
20:02:16.0393 2396 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:02:16.0395 2396 BDESVC - ok
20:02:16.0417 2396 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:02:16.0418 2396 Beep - ok
20:02:16.0457 2396 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:02:16.0459 2396 BFE - ok
20:02:16.0475 2396 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:02:16.0482 2396 BITS - ok
20:02:16.0487 2396 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:02:16.0488 2396 blbdrive - ok
20:02:16.0502 2396 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:02:16.0504 2396 bowser - ok
20:02:16.0513 2396 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:02:16.0515 2396 BrFiltLo - ok
20:02:16.0526 2396 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:02:16.0527 2396 BrFiltUp - ok
20:02:16.0563 2396 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:02:16.0564 2396 Browser - ok
20:02:16.0583 2396 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:02:16.0586 2396 Brserid - ok
20:02:16.0599 2396 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:02:16.0601 2396 BrSerWdm - ok
20:02:16.0615 2396 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:02:16.0616 2396 BrUsbMdm - ok
20:02:16.0630 2396 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:02:16.0630 2396 BrUsbSer - ok
20:02:16.0675 2396 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:02:16.0676 2396 BthEnum - ok
20:02:16.0682 2396 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:02:16.0683 2396 BTHMODEM - ok
20:02:16.0709 2396 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:02:16.0711 2396 BthPan - ok
20:02:16.0753 2396 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:02:16.0759 2396 BTHPORT - ok
20:02:16.0805 2396 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:02:16.0806 2396 bthserv - ok
20:02:16.0840 2396 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:02:16.0841 2396 BTHUSB - ok
20:02:16.0894 2396 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:02:16.0896 2396 cdfs - ok
20:02:16.0918 2396 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:02:16.0920 2396 cdrom - ok
20:02:16.0961 2396 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:02:16.0963 2396 CertPropSvc - ok
20:02:16.0985 2396 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:02:16.0986 2396 circlass - ok
20:02:17.0004 2396 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:02:17.0007 2396 CLFS - ok
20:02:17.0082 2396 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:02:17.0084 2396 clr_optimization_v2.0.50727_32 - ok
20:02:17.0131 2396 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:02:17.0133 2396 clr_optimization_v2.0.50727_64 - ok
20:02:17.0199 2396 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:02:17.0282 2396 clr_optimization_v4.0.30319_32 - ok
20:02:17.0300 2396 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:02:17.0342 2396 clr_optimization_v4.0.30319_64 - ok
20:02:17.0352 2396 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:02:17.0353 2396 CmBatt - ok
20:02:17.0378 2396 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:02:17.0379 2396 cmdide - ok
20:02:17.0428 2396 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:02:17.0432 2396 CNG - ok
20:02:17.0469 2396 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:02:17.0471 2396 Compbatt - ok
20:02:17.0494 2396 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:02:17.0495 2396 CompositeBus - ok
20:02:17.0497 2396 COMSysApp - ok
20:02:17.0566 2396 [ 75DBD5DB9892D7451D0429BEC1AABE1A ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
20:02:17.0566 2396 cpuz135 - ok
20:02:17.0578 2396 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:02:17.0579 2396 crcdisk - ok
20:02:17.0612 2396 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:02:17.0613 2396 CryptSvc - ok
20:02:17.0649 2396 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
20:02:17.0653 2396 CSC - ok
20:02:17.0671 2396 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
20:02:17.0673 2396 CscService - ok
20:02:17.0764 2396 [ 914A7156B0C0F10BE645A02E13F576B2 ] DAUpdaterSvc C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
20:02:17.0766 2396 DAUpdaterSvc - ok
20:02:17.0790 2396 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:02:17.0792 2396 DcomLaunch - ok
20:02:17.0833 2396 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:02:17.0836 2396 defragsvc - ok
20:02:17.0866 2396 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:02:17.0868 2396 DfsC - ok
20:02:17.0889 2396 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:02:17.0891 2396 Dhcp - ok
20:02:17.0929 2396 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:02:17.0930 2396 discache - ok
20:02:17.0950 2396 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:02:17.0951 2396 Disk - ok
20:02:17.0973 2396 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:02:17.0974 2396 Dnscache - ok
20:02:18.0009 2396 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:02:18.0012 2396 dot3svc - ok
20:02:18.0022 2396 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:02:18.0023 2396 DPS - ok
20:02:18.0065 2396 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:02:18.0066 2396 drmkaud - ok
20:02:18.0089 2396 dump_wmimmc - ok
20:02:18.0117 2396 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:02:18.0120 2396 DXGKrnl - ok
20:02:18.0165 2396 [ 6BAFD9819D9FEC2EDBAEBC8493C711A4 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
20:02:18.0166 2396 e1cexpress - ok
20:02:18.0193 2396 EagleX64 - ok
20:02:18.0224 2396 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:02:18.0225 2396 EapHost - ok
20:02:18.0287 2396 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:02:18.0346 2396 ebdrv - ok
20:02:18.0386 2396 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:02:18.0386 2396 EFS - ok
20:02:18.0430 2396 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:02:18.0437 2396 ehRecvr - ok
20:02:18.0464 2396 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:02:18.0466 2396 ehSched - ok
20:02:18.0502 2396 [ 9A47AC3DFCF81D30922CDAAF1C2D579F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
20:02:18.0502 2396 ElbyCDIO - ok
20:02:18.0525 2396 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:02:18.0530 2396 elxstor - ok
20:02:18.0550 2396 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:02:18.0551 2396 ErrDev - ok
20:02:18.0595 2396 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:02:18.0596 2396 EventSystem - ok
20:02:18.0624 2396 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:02:18.0626 2396 exfat - ok
20:02:18.0638 2396 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:02:18.0640 2396 fastfat - ok
20:02:18.0686 2396 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:02:18.0692 2396 Fax - ok
20:02:18.0705 2396 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:02:18.0706 2396 fdc - ok
20:02:18.0728 2396 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:02:18.0728 2396 fdPHost - ok
20:02:18.0736 2396 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:02:18.0737 2396 FDResPub - ok
20:02:18.0742 2396 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:02:18.0743 2396 FileInfo - ok
20:02:18.0751 2396 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:02:18.0752 2396 Filetrace - ok
20:02:18.0763 2396 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:02:18.0765 2396 flpydisk - ok
20:02:18.0796 2396 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:02:18.0799 2396 FltMgr - ok
20:02:18.0839 2396 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:02:18.0843 2396 FontCache - ok
20:02:18.0901 2396 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:02:18.0901 2396 FontCache3.0.0.0 - ok
20:02:18.0906 2396 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:02:18.0907 2396 FsDepends - ok
20:02:18.0938 2396 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:02:18.0939 2396 Fs_Rec - ok
20:02:18.0962 2396 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:02:18.0964 2396 fvevol - ok
20:02:18.0977 2396 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:02:18.0979 2396 gagp30kx - ok
20:02:19.0075 2396 GGSAFERDriver - ok
20:02:19.0114 2396 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:02:19.0117 2396 gpsvc - ok
20:02:19.0156 2396 [ 7EEC4281639DC7E9A67C661EFD414F3A ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
20:02:19.0189 2396 hamachi - ok
20:02:19.0200 2396 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:02:19.0202 2396 hcw85cir - ok
20:02:19.0242 2396 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:02:19.0245 2396 HdAudAddService - ok
20:02:19.0264 2396 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:02:19.0265 2396 HDAudBus - ok
20:02:19.0280 2396 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:02:19.0281 2396 HidBatt - ok
20:02:19.0290 2396 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:02:19.0292 2396 HidBth - ok
20:02:19.0300 2396 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:02:19.0302 2396 HidIr - ok
20:02:19.0331 2396 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:02:19.0332 2396 hidserv - ok
20:02:19.0353 2396 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:02:19.0354 2396 HidUsb - ok
20:02:19.0385 2396 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:02:19.0387 2396 hkmsvc - ok
20:02:19.0418 2396 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:02:19.0420 2396 HomeGroupListener - ok
20:02:19.0458 2396 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:02:19.0459 2396 HomeGroupProvider - ok
20:02:19.0473 2396 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:02:19.0474 2396 HpSAMD - ok
20:02:19.0514 2396 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
20:02:19.0515 2396 HTCAND64 - ok
20:02:19.0575 2396 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
20:02:19.0577 2396 htcnprot - ok
20:02:19.0625 2396 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:02:19.0631 2396 HTTP - ok
20:02:19.0665 2396 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:02:19.0666 2396 hwpolicy - ok
20:02:19.0683 2396 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:02:19.0689 2396 i8042prt - ok
20:02:19.0739 2396 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:02:19.0743 2396 iaStorV - ok
20:02:19.0794 2396 [ C1010ADD3DDAE1196ED21057AF7B2AAE ] ICCWDT C:\Windows\system32\DRIVERS\ICCWDT.sys
20:02:19.0794 2396 ICCWDT - ok
20:02:19.0839 2396 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:02:19.0847 2396 idsvc - ok
20:02:19.0878 2396 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:02:19.0880 2396 iirsp - ok
20:02:19.0919 2396 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:02:19.0921 2396 IKEEXT - ok
20:02:19.0996 2396 [ 589B94A9B73A0E819FF873743A480834 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:02:20.0004 2396 IntcAzAudAddService - ok
20:02:20.0033 2396 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:02:20.0034 2396 intelide - ok
20:02:20.0058 2396 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:02:20.0058 2396 intelppm - ok
20:02:20.0103 2396 [ 068EC06F3B6DD7B81B365D8FD2CE27E6 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
20:02:20.0104 2396 Intel® PROSet Monitoring Service - ok
20:02:20.0138 2396 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:02:20.0140 2396 IPBusEnum - ok
20:02:20.0179 2396 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:02:20.0181 2396 IpFilterDriver - ok
20:02:20.0199 2396 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:02:20.0201 2396 iphlpsvc - ok
20:02:20.0226 2396 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:02:20.0228 2396 IPMIDRV - ok
20:02:20.0241 2396 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:02:20.0242 2396 IPNAT - ok
20:02:20.0260 2396 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:02:20.0261 2396 IRENUM - ok
20:02:20.0273 2396 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:02:20.0274 2396 isapnp - ok
20:02:20.0285 2396 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:02:20.0289 2396 iScsiPrt - ok
20:02:20.0306 2396 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:02:20.0306 2396 kbdclass - ok
20:02:20.0318 2396 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:02:20.0319 2396 kbdhid - ok
20:02:20.0342 2396 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:02:20.0343 2396 KeyIso - ok
20:02:20.0378 2396 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:02:20.0380 2396 KSecDD - ok
20:02:20.0415 2396 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:02:20.0417 2396 KSecPkg - ok
20:02:20.0443 2396 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:02:20.0444 2396 ksthunk - ok
20:02:20.0485 2396 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:02:20.0488 2396 KtmRm - ok
20:02:20.0521 2396 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:02:20.0522 2396 LanmanServer - ok
20:02:20.0559 2396 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:02:20.0560 2396 LanmanWorkstation - ok
20:02:20.0656 2396 [ 88E52495B47C67126B510AF53FDB0BC7 ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
20:02:20.0660 2396 LBTServ - ok
20:02:20.0702 2396 [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:02:20.0702 2396 LHidFilt - ok
20:02:20.0737 2396 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
20:02:20.0738 2396 lirsgt - ok
20:02:20.0768 2396 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:02:20.0769 2396 lltdio - ok
20:02:20.0805 2396 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:02:20.0807 2396 lltdsvc - ok
20:02:20.0826 2396 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:02:20.0827 2396 lmhosts - ok
20:02:20.0834 2396 [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
20:02:20.0834 2396 LMouFilt - ok
20:02:20.0853 2396 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:02:20.0854 2396 LSI_FC - ok
20:02:20.0891 2396 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:02:20.0893 2396 LSI_SAS - ok
20:02:20.0905 2396 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:02:20.0907 2396 LSI_SAS2 - ok
20:02:20.0922 2396 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:02:20.0924 2396 LSI_SCSI - ok
20:02:20.0939 2396 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:02:20.0941 2396 luafv - ok
20:02:20.0978 2396 [ 9D9714E78EAC9E5368208649489C920E ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
20:02:20.0978 2396 LUsbFilt - ok
20:02:21.0009 2396 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
20:02:21.0020 2396 mcdbus - ok
20:02:21.0046 2396 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:02:21.0049 2396 Mcx2Svc - ok
20:02:21.0055 2396 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:02:21.0056 2396 megasas - ok
20:02:21.0077 2396 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:02:21.0080 2396 MegaSR - ok
20:02:21.0099 2396 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:02:21.0100 2396 MEIx64 - ok
20:02:21.0145 2396 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:02:21.0146 2396 MMCSS - ok
20:02:21.0158 2396 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:02:21.0160 2396 Modem - ok
20:02:21.0180 2396 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:02:21.0180 2396 monitor - ok
20:02:21.0198 2396 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:02:21.0199 2396 mouclass - ok
20:02:21.0211 2396 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:02:21.0212 2396 mouhid - ok
20:02:21.0250 2396 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:02:21.0251 2396 mountmgr - ok
20:02:21.0285 2396 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
20:02:21.0287 2396 MpFilter - ok
20:02:21.0304 2396 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:02:21.0306 2396 mpio - ok
20:02:21.0320 2396 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:02:21.0321 2396 mpsdrv - ok
20:02:21.0359 2396 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:02:21.0362 2396 MpsSvc - ok
20:02:21.0393 2396 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:02:21.0395 2396 MRxDAV - ok
20:02:21.0419 2396 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:02:21.0420 2396 mrxsmb - ok
20:02:21.0459 2396 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:02:21.0461 2396 mrxsmb10 - ok
20:02:21.0480 2396 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:02:21.0482 2396 mrxsmb20 - ok
20:02:21.0499 2396 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
20:02:21.0500 2396 msahci - ok
20:02:21.0512 2396 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:02:21.0515 2396 msdsm - ok
20:02:21.0530 2396 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:02:21.0532 2396 MSDTC - ok
20:02:21.0583 2396 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:02:21.0584 2396 Msfs - ok
20:02:21.0597 2396 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:02:21.0599 2396 mshidkmdf - ok
20:02:21.0603 2396 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:02:21.0605 2396 msisadrv - ok
20:02:21.0643 2396 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:02:21.0646 2396 MSiSCSI - ok
20:02:21.0648 2396 msiserver - ok
20:02:21.0674 2396 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:02:21.0683 2396 MSKSSRV - ok
20:02:21.0733 2396 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:02:21.0733 2396 MsMpSvc - ok
20:02:21.0743 2396 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:02:21.0745 2396 MSPCLOCK - ok
20:02:21.0748 2396 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:02:21.0750 2396 MSPQM - ok
20:02:21.0785 2396 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:02:21.0788 2396 MsRPC - ok
20:02:21.0810 2396 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:02:21.0811 2396 mssmbios - ok
20:02:21.0822 2396 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:02:21.0824 2396 MSTEE - ok
20:02:21.0835 2396 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:02:21.0836 2396 MTConfig - ok
20:02:21.0848 2396 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:02:21.0850 2396 Mup - ok
20:02:21.0870 2396 [ 34D08C9C64F657D194961E96C47E9C69 ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
20:02:21.0871 2396 mv91xx - ok
20:02:21.0886 2396 [ 582AC6D9873E31DFA28A4547270862DD ]

...

[Lunarpac]

TDSSKiller.2.8.10.0_09.10.2012_20.02.06_log (mv91xx included)

20:02:21.0871 2396 mv91xx - ok
20:02:21.0886 2396 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:02:21.0890 2396 napagent - ok
20:02:21.0922 2396 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:02:21.0925 2396 NativeWifiP - ok
20:02:21.0978 2396 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:02:21.0984 2396 NDIS - ok
20:02:22.0004 2396 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:02:22.0005 2396 NdisCap - ok
20:02:22.0016 2396 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:02:22.0017 2396 NdisTapi - ok
20:02:22.0053 2396 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:02:22.0054 2396 Ndisuio - ok
20:02:22.0087 2396 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:02:22.0089 2396 NdisWan - ok
20:02:22.0099 2396 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:02:22.0100 2396 NDProxy - ok
20:02:22.0108 2396 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:02:22.0110 2396 NetBIOS - ok
20:02:22.0140 2396 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:02:22.0142 2396 NetBT - ok
20:02:22.0148 2396 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:02:22.0149 2396 Netlogon - ok
20:02:22.0178 2396 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:02:22.0180 2396 Netman - ok
20:02:22.0221 2396 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:02:22.0236 2396 NetMsmqActivator - ok
20:02:22.0240 2396 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:02:22.0241 2396 NetPipeActivator - ok
20:02:22.0251 2396 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:02:22.0252 2396 netprofm - ok
20:02:22.0282 2396 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:02:22.0282 2396 NetTcpActivator - ok
20:02:22.0284 2396 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:02:22.0285 2396 NetTcpPortSharing - ok
20:02:22.0323 2396 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:02:22.0325 2396 nfrd960 - ok
20:02:22.0344 2396 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:02:22.0345 2396 NisDrv - ok
20:02:22.0380 2396 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
20:02:22.0381 2396 NisSrv - ok
20:02:22.0429 2396 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:02:22.0430 2396 NlaSvc - ok
20:02:22.0446 2396 [ 88F2F2CB9FAEE2E14BCCF384F4C88061 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
20:02:22.0447 2396 nmwcd - ok
20:02:22.0456 2396 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:02:22.0457 2396 Npfs - ok
20:02:22.0469 2396 npggsvc - ok
20:02:22.0471 2396 NPPTNT2 - ok
20:02:22.0501 2396 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:02:22.0502 2396 nsi - ok
20:02:22.0537 2396 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:02:22.0539 2396 nsiproxy - ok
20:02:22.0588 2396 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:02:22.0614 2396 Ntfs - ok
20:02:22.0619 2396 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:02:22.0620 2396 Null - ok
20:02:22.0658 2396 [ C4F1EDFD01DB4E6382018DC87F8AB45D ] NVFLASH C:\Windows\system32\drivers\nvflash.sys
20:02:22.0660 2396 NVFLASH - ok
20:02:22.0672 2396 NVHDA - ok
20:02:22.0698 2396 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:02:22.0701 2396 nvraid - ok
20:02:22.0719 2396 [ E58D81FB8616D0CB55C1E36AA0B213C9 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
20:02:22.0721 2396 nvsmu - ok
20:02:22.0736 2396 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:02:22.0739 2396 nvstor - ok
20:02:22.0753 2396 [ 1E45F96342429D63DC30E0D9117DA3D8 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
20:02:22.0755 2396 nvstor64 - ok
20:02:22.0783 2396 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:02:22.0785 2396 nv_agp - ok
20:02:22.0876 2396 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:02:22.0881 2396 odserv - ok
20:02:22.0895 2396 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:02:22.0897 2396 ohci1394 - ok
20:02:22.0936 2396 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:02:22.0939 2396 ose - ok
20:02:22.0984 2396 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:02:22.0987 2396 p2pimsvc - ok
20:02:23.0002 2396 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:02:23.0006 2396 p2psvc - ok
20:02:23.0042 2396 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:02:23.0044 2396 Parport - ok
20:02:23.0082 2396 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:02:23.0084 2396 partmgr - ok
20:02:23.0164 2396 [ 39B9DCD7040654C2E57D7396736C718E ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
20:02:23.0164 2396 PassThru Service - ok
20:02:23.0194 2396 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:02:23.0195 2396 PcaSvc - ok
20:02:23.0230 2396 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
20:02:23.0232 2396 pccsmcfd - ok
20:02:23.0251 2396 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:02:23.0253 2396 pci - ok
20:02:23.0270 2396 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:02:23.0272 2396 pciide - ok
20:02:23.0307 2396 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:02:23.0310 2396 pcmcia - ok
20:02:23.0326 2396 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:02:23.0328 2396 pcw - ok
20:02:23.0345 2396 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:02:23.0350 2396 PEAUTH - ok
20:02:23.0388 2396 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:02:23.0405 2396 PeerDistSvc - ok
20:02:23.0463 2396 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:02:23.0465 2396 PerfHost - ok
20:02:23.0513 2396 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:02:23.0530 2396 pla - ok
20:02:23.0555 2396 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:02:23.0557 2396 PlugPlay - ok
20:02:23.0590 2396 PnkBstrA - ok
20:02:23.0603 2396 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:02:23.0605 2396 PNRPAutoReg - ok
20:02:23.0617 2396 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:02:23.0618 2396 PNRPsvc - ok
20:02:23.0659 2396 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:02:23.0661 2396 PolicyAgent - ok
20:02:23.0713 2396 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:02:23.0714 2396 Power - ok
20:02:23.0752 2396 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:02:23.0754 2396 PptpMiniport - ok
20:02:23.0789 2396 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:02:23.0791 2396 Processor - ok
20:02:23.0832 2396 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:02:23.0833 2396 ProfSvc - ok
20:02:23.0838 2396 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:02:23.0839 2396 ProtectedStorage - ok
20:02:23.0868 2396 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:02:23.0869 2396 Psched - ok
20:02:23.0907 2396 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:02:23.0932 2396 ql2300 - ok
20:02:23.0958 2396 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:02:23.0961 2396 ql40xx - ok
20:02:24.0001 2396 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:02:24.0003 2396 QWAVE - ok
20:02:24.0015 2396 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:02:24.0020 2396 QWAVEdrv - ok
20:02:24.0104 2396 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
20:02:24.0133 2396 RapiMgr - ok
20:02:24.0512 2396 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:02:24.0513 2396 RasAcd - ok
20:02:24.0564 2396 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:02:24.0565 2396 RasAgileVpn - ok
20:02:24.0609 2396 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:02:24.0611 2396 RasAuto - ok
20:02:24.0652 2396 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:02:24.0654 2396 Rasl2tp - ok
20:02:24.0718 2396 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:02:24.0719 2396 RasMan - ok
20:02:24.0805 2396 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:02:24.0806 2396 RasPppoe - ok
20:02:24.0815 2396 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:02:24.0816 2396 RasSstp - ok
20:02:24.0827 2396 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:02:24.0830 2396 rdbss - ok
20:02:24.0837 2396 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:02:24.0839 2396 rdpbus - ok
20:02:24.0863 2396 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:02:24.0864 2396 RDPCDD - ok
20:02:24.0893 2396 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:02:24.0895 2396 RDPDR - ok
20:02:24.0909 2396 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:02:24.0910 2396 RDPENCDD - ok
20:02:24.0916 2396 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:02:24.0916 2396 RDPREFMP - ok
20:02:24.0955 2396 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:02:24.0957 2396 RDPWD - ok
20:02:24.0996 2396 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:02:24.0998 2396 rdyboost - ok
20:02:25.0035 2396 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:02:25.0037 2396 RemoteAccess - ok
20:02:25.0048 2396 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:02:25.0050 2396 RemoteRegistry - ok
20:02:25.0082 2396 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:02:25.0083 2396 RFCOMM - ok
20:02:25.0092 2396 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:02:25.0093 2396 RpcEptMapper - ok
20:02:25.0118 2396 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:02:25.0119 2396 RpcLocator - ok
20:02:25.0157 2396 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:02:25.0159 2396 RpcSs - ok
20:02:25.0198 2396 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:02:25.0199 2396 rspndr - ok
20:02:25.0224 2396 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:02:25.0227 2396 RTL8167 - ok
20:02:25.0250 2396 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:02:25.0251 2396 s3cap - ok
20:02:25.0262 2396 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:02:25.0262 2396 SamSs - ok
20:02:25.0301 2396 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
20:02:25.0301 2396 SASDIFSV - ok
20:02:25.0330 2396 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
20:02:25.0330 2396 SASKUTIL - ok
20:02:25.0337 2396 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:02:25.0339 2396 sbp2port - ok
20:02:25.0352 2396 SBRE - ok
20:02:25.0385 2396 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:02:25.0387 2396 SCardSvr - ok
20:02:25.0420 2396 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:02:25.0421 2396 scfilter - ok
20:02:25.0464 2396 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:02:25.0468 2396 Schedule - ok
20:02:25.0502 2396 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:02:25.0502 2396 SCPolicySvc - ok
20:02:25.0510 2396 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:02:25.0512 2396 SDRSVC - ok
20:02:25.0550 2396 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:02:25.0551 2396 secdrv - ok
20:02:25.0560 2396 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:02:25.0561 2396 seclogon - ok
20:02:25.0602 2396 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:02:25.0603 2396 SENS - ok
20:02:25.0609 2396 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:02:25.0611 2396 SensrSvc - ok
20:02:25.0639 2396 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:02:25.0640 2396 Serenum - ok
20:02:25.0660 2396 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:02:25.0661 2396 Serial - ok
20:02:25.0686 2396 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:02:25.0690 2396 sermouse - ok
20:02:25.0779 2396 [ 8C1F87F5FDD92229D1754B98F073913F ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
20:02:25.0842 2396 ServiceLayer - ok
20:02:25.0893 2396 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:02:25.0895 2396 SessionEnv - ok
20:02:25.0911 2396 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:02:25.0912 2396 sffdisk - ok
20:02:25.0923 2396 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:02:25.0924 2396 sffp_mmc - ok
20:02:25.0931 2396 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:02:25.0932 2396 sffp_sd - ok
20:02:25.0964 2396 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:02:25.0965 2396 sfloppy - ok
20:02:26.0016 2396 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:02:26.0018 2396 SharedAccess - ok
20:02:26.0049 2396 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:02:26.0051 2396 ShellHWDetection - ok
20:02:26.0063 2396 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:02:26.0064 2396 SiSRaid2 - ok
20:02:26.0073 2396 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:02:26.0076 2396 SiSRaid4 - ok
20:02:26.0163 2396 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:02:26.0164 2396 SkypeUpdate - ok
20:02:26.0183 2396 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:02:26.0185 2396 Smb - ok
20:02:26.0234 2396 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:02:26.0236 2396 SNMPTRAP - ok
20:02:26.0265 2396 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:02:26.0266 2396 spldr - ok
20:02:26.0307 2396 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:02:26.0309 2396 Spooler - ok
20:02:26.0373 2396 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:02:26.0384 2396 sppsvc - ok
20:02:26.0424 2396 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:02:26.0425 2396 sppuinotify - ok
20:02:26.0482 2396 [ 51DE15CA5C05BCA46D8B110CD00A02FB ] sptd C:\Windows\system32\Drivers\sptd.sys
20:02:26.0482 2396 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 51DE15CA5C05BCA46D8B110CD00A02FB
20:02:26.0490 2396 sptd ( LockedFile.Multi.Generic ) - warning
20:02:26.0491 2396 sptd - detected LockedFile.Multi.Generic (1)
20:02:26.0509 2396 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:02:26.0512 2396 srv - ok
20:02:26.0524 2396 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:02:26.0527 2396 srv2 - ok
20:02:26.0535 2396 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:02:26.0537 2396 srvnet - ok
20:02:26.0579 2396 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:02:26.0580 2396 SSDPSRV - ok
20:02:26.0588 2396 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:02:26.0589 2396 SstpSvc - ok
20:02:26.0616 2396 Steam Client Service - ok
20:02:26.0651 2396 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:02:26.0653 2396 stexstor - ok
20:02:26.0685 2396 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:02:26.0687 2396 stisvc - ok
20:02:26.0706 2396 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:02:26.0707 2396 storflt - ok
20:02:26.0733 2396 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
20:02:26.0735 2396 StorSvc - ok
20:02:26.0750 2396 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:02:26.0751 2396 storvsc - ok
20:02:26.0764 2396 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:02:26.0764 2396 swenum - ok
20:02:26.0868 2396 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:02:26.0871 2396 SwitchBoard - ok
20:02:26.0910 2396 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:02:26.0915 2396 swprv - ok
20:02:26.0961 2396 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:02:26.0967 2396 SysMain - ok
20:02:27.0002 2396 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:02:27.0004 2396 TabletInputService - ok
20:02:27.0012 2396 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:02:27.0013 2396 TapiSrv - ok
20:02:27.0022 2396 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:02:27.0023 2396 TBS - ok
20:02:27.0070 2396 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:02:27.0095 2396 Tcpip - ok
20:02:27.0136 2396 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:02:27.0142 2396 TCPIP6 - ok
20:02:27.0181 2396 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:02:27.0182 2396 tcpipreg - ok
20:02:27.0219 2396 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:02:27.0220 2396 TDPIPE - ok
20:02:27.0245 2396 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:02:27.0246 2396 TDTCP - ok
20:02:27.0281 2396 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:02:27.0282 2396 tdx - ok
20:02:27.0305 2396 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:02:27.0306 2396 TermDD - ok
20:02:27.0317 2396 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:02:27.0323 2396 TermService - ok
20:02:27.0354 2396 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:02:27.0354 2396 Themes - ok
20:02:27.0388 2396 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:02:27.0389 2396 THREADORDER - ok
20:02:27.0399 2396 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:02:27.0400 2396 TrkWks - ok
20:02:27.0469 2396 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:02:27.0471 2396 TrustedInstaller - ok
20:02:27.0500 2396 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:02:27.0501 2396 tssecsrv - ok
20:02:27.0547 2396 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:02:27.0548 2396 TsUsbFlt - ok
20:02:27.0590 2396 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:02:27.0592 2396 tunnel - ok
20:02:27.0623 2396 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:02:27.0625 2396 uagp35 - ok
20:02:27.0661 2396 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:02:27.0663 2396 udfs - ok
20:02:27.0696 2396 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:02:27.0698 2396 UI0Detect - ok
20:02:27.0714 2396 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:02:27.0715 2396 uliagpkx - ok
20:02:27.0743 2396 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:02:27.0745 2396 umbus - ok
20:02:27.0760 2396 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:02:27.0761 2396 UmPass - ok
20:02:27.0795 2396 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
20:02:27.0797 2396 UmRdpService - ok
20:02:27.0809 2396 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:02:27.0813 2396 upnphost - ok
20:02:27.0830 2396 upperdev - ok
20:02:27.0843 2396 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:02:27.0846 2396 usbaudio - ok
20:02:27.0880 2396 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:02:27.0881 2396 usbccgp - ok
20:02:27.0902 2396 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:02:27.0904 2396 usbcir - ok
20:02:27.0921 2396 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:02:27.0923 2396 usbehci - ok
20:02:27.0939 2396 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:02:27.0941 2396 usbhub - ok
20:02:27.0960 2396 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:02:27.0962 2396 usbohci - ok
20:02:28.0007 2396 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:02:28.0008 2396 usbprint - ok
20:02:28.0043 2396 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:02:28.0045 2396 usbscan - ok
20:02:28.0075 2396 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
20:02:28.0077 2396 usbser - ok
20:02:28.0079 2396 UsbserFilt - ok
20:02:28.0108 2396 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:02:28.0110 2396 USBSTOR - ok
20:02:28.0139 2396 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:02:28.0141 2396 usbuhci - ok
20:02:28.0182 2396 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
20:02:28.0183 2396 usb_rndisx - ok
20:02:28.0197 2396 usj - ok
20:02:28.0231 2396 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:02:28.0232 2396 UxSms - ok
20:02:28.0242 2396 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:02:28.0242 2396 VaultSvc - ok
20:02:28.0259 2396 [ 84BB306B7863883018D7F3EB0C453BD5 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
20:02:28.0261 2396 VClone - ok
20:02:28.0291 2396 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:02:28.0292 2396 vdrvroot - ok
20:02:28.0336 2396 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:02:28.0340 2396 vds - ok
20:02:28.0373 2396 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:02:28.0374 2396 vga - ok
20:02:28.0385 2396 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:02:28.0386 2396 VgaSave - ok
20:02:28.0406 2396 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:02:28.0408 2396 vhdmp - ok
20:02:28.0431 2396 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:02:28.0432 2396 viaide - ok
20:02:28.0445 2396 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:02:28.0448 2396 vmbus - ok
20:02:28.0464 2396 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:02:28.0465 2396 VMBusHID - ok
20:02:28.0493 2396 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:02:28.0494 2396 volmgr - ok
20:02:28.0533 2396 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:02:28.0536 2396 volmgrx - ok
20:02:28.0574 2396 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:02:28.0576 2396 volsnap - ok
20:02:28.0607 2396 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:02:28.0609 2396 vsmraid - ok
20:02:28.0655 2396 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:02:28.0684 2396 VSS - ok
20:02:28.0695 2396 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:02:28.0696 2396 vwifibus - ok
20:02:28.0743 2396 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:02:28.0747 2396 W32Time - ok
20:02:28.0778 2396 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:02:28.0780 2396 WacomPen - ok
20:02:28.0829 2396 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:02:28.0830 2396 WANARP - ok
20:02:28.0832 2396 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:02:28.0833 2396 Wanarpv6 - ok
20:02:28.0902 2396 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:02:28.0919 2396 WatAdminSvc - ok
20:02:28.0964 2396 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:02:28.0989 2396 wbengine - ok
20:02:29.0022 2396 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:02:29.0024 2396 WbioSrvc - ok
20:02:29.0050 2396 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
20:02:29.0052 2396 WcesComm - ok
20:02:29.0091 2396 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:02:29.0094 2396 wcncsvc - ok
20:02:29.0100 2396 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:02:29.0102 2396 WcsPlugInService - ok
20:02:29.0133 2396 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:02:29.0135 2396 Wd - ok
20:02:29.0146 2396 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:02:29.0152 2396 Wdf01000 - ok
20:02:29.0162 2396 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:02:29.0163 2396 WdiServiceHost - ok
20:02:29.0166 2396 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:02:29.0167 2396 WdiSystemHost - ok
20:02:29.0198 2396 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:02:29.0200 2396 WebClient - ok
20:02:29.0237 2396 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:02:29.0239 2396 Wecsvc - ok
20:02:29.0252 2396 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:02:29.0253 2396 wercplsupport - ok
20:02:29.0274 2396 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:02:29.0275 2396 WerSvc - ok
20:02:29.0294 2396 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:02:29.0295 2396 WfpLwf - ok
20:02:29.0331 2396 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:02:29.0333 2396 WIMMount - ok
20:02:29.0344 2396 WinDefend - ok
20:02:29.0348 2396 WinHttpAutoProxySvc - ok
20:02:29.0401 2396 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:02:29.0402 2396 Winmgmt - ok
20:02:29.0465 2396 WinRing0_1_2_0 - ok
20:02:29.0524 2396 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:02:29.0550 2396 WinRM - ok
20:02:29.0579 2396 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:02:29.0580 2396 WinUsb - ok
20:02:29.0621 2396 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:02:29.0628 2396 Wlansvc - ok
20:02:29.0741 2396 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:02:29.0748 2396 wlidsvc - ok
20:02:29.0769 2396 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:02:29.0769 2396 WmiAcpi - ok
20:02:29.0817 2396 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:02:29.0818 2396 wmiApSrv - ok
20:02:29.0942 2396 WMPNetworkSvc - ok
20:02:29.0992 2396 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:02:29.0996 2396 WPCSvc - ok
20:02:30.0046 2396 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:02:30.0047 2396 WPDBusEnum - ok
20:02:30.0144 2396 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:02:30.0145 2396 ws2ifsl - ok
20:02:30.0218 2396 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:02:30.0220 2396 wscsvc - ok
20:02:30.0222 2396 WSearch - ok
20:02:30.0565 2396 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:02:30.0607 2396 wuauserv - ok
20:02:30.0645 2396 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:02:30.0647 2396 WudfPf - ok
20:02:30.0679 2396 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:02:30.0710 2396 WUDFRd - ok
20:02:30.0847 2396 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:02:30.0848 2396 wudfsvc - ok
20:02:30.0866 2396 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:02:30.0868 2396 WwanSvc - ok
20:02:30.0897 2396 ================ Scan global ===============================
20:02:30.0930 2396 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:02:30.0960 2396 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:02:30.0964 2396 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:02:31.0004 2396 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:02:31.0038 2396 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:02:31.0040 2396 [Global] - ok
20:02:31.0040 2396 ================ Scan MBR ==================================
20:02:31.0051 2396 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:02:31.0177 2396 \Device\Harddisk0\DR0 - ok
20:02:31.0177 2396 ================ Scan VBR ==================================
20:02:31.0178 2396 [ 96D4526AA1A26C13EBCBF8703210F703 ] \Device\Harddisk0\DR0\Partition1
20:02:31.0179 2396 \Device\Harddisk0\DR0\Partition1 - ok
20:02:31.0180 2396 [ 80C7AF66DA8A3213015CBE9184140825 ] \Device\Harddisk0\DR0\Partition2
20:02:31.0181 2396 \Device\Harddisk0\DR0\Partition2 - ok
20:02:31.0181 2396 ============================================================
20:02:31.0181 2396 Scan finished
20:02:31.0181 2396 ============================================================
20:02:31.0186 2692 Detected object count: 1
20:02:31.0186 2692 Actual detected object count: 1
20:02:50.0569 2692 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
20:02:50.0587 2692 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
20:02:50.0749 2692 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
20:02:51.0578 2692 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot
20:02:51.0579 2692 sptd ( LockedFile.Multi.Generic ) - User select action: Delete
20:03:00.0984 5740 Deinitialize success

[Satchfan]

Do you have a flash drive? I think w may need a different approach if this doesn’t work.


Run OTL

• double click on the icon to run it.
• copy/paste ALL the following text written inside the code box into the Custom Scans/Fixes box located at the bottom of OTL
  
  
  Code:

  :Services
  
  :OTL
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.entru.com/?s=21983
  IE - HKU\S-1-5-21-1666464932-787091987-3193995767-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.entru.com/?s=21983
  FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
  FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found
  O1 - Hosts: 78.46.61.26 www.google-analytics.com.
  O1 - Hosts: 78.46.61.26 ad-emea.doubleclick.net.
  O1 - Hosts: 78.46.61.26 www.statcounter.com.
  O1 - Hosts: 108.163.215.51 www.google-analytics.com.
  O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net.
  O1 - Hosts: 108.163.215.51 www.statcounter.com.
  O3 - HKU\S-1-5-21-1666464932-787091987-3193995767-1000\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found
  O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
  O4 - HKU\S-1-5-21-1666464932-787091987-3193995767-1000..\Run: [AdobeBridge]  File not found
  O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
  O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
  O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
  O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
  O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
  O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
  O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
  O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
  O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
  O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
  O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
  O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
  O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
  O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
  O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
  O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
  O15 - HKU\S-1-5-21-1666464932-787091987-3193995767-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
  O15 - HKU\S-1-5-21-1666464932-787091987-3193995767-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
  O15 - HKU\S-1-5-21-1666464932-787091987-3193995767-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
  O15 - HKU\S-1-5-21-1666464932-787091987-3193995767-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
  O33 - MountPoints2\{3cf5a0ce-88d4-11e1-be62-806e6f6e6963}\Shell\AutoRun\command - "" = D:\ncd.exe
  [2012-08-23 22:13:45 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{10377690-8118-0bba-4e71-c5658b5fc4ae}\L
  [2012-08-23 19:29:57 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{10377690-8118-0bba-4e71-c5658b5fc4ae}\U
  [2011-11-17 08:41:18 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Local\{10377690-8118-0bba-4e71-c5658b5fc4ae}\L
  [2011-11-17 08:41:18 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Local\{10377690-8118-0bba-4e71-c5658b5fc4ae}\U
  @Alternate Data Stream - 6144 bytes -> C:\ProgramData:gs5sys
  @Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:DFC5A2B2
  @Alternate Data Stream - 1536 bytes -> C:\Users\Public\Documents\desktop.ini:gs5sys
  @Alternate Data Stream - 1536 bytes -> C:\Users\Max\Documents\desktop.ini:gs5sys
  @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:CB0AACC9
  @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:05EE1EEF
  @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8CE646EE
  @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
  
  
  :Commands
  [purity]
  [emptytemp]
  [Reboot]

  
  
• click the Run Fix button at the top
• let the program run unhindered, reboot when it is done
• post a new OTL log (don't check the boxes beside LOP Check or Purity this time)

Logs to include in the next post:

OTL fix log
New OTL log

[Lunarpac]

Yes, I have a flash drive available.
When you say "new OTL log", does that mean that I run another scan and post the generated log, or that I run another fix and post that log? I assumed it was scan, so I've provided the log for the custom fix (10182012_134042.txt) and the log for the scan I did after the forced reboot (OTL.txt).

10182012_134042.txt

All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1666464932-787091987-3193995767-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5.5ServiceManager deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge not found.
Registry key HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
Registry key HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ not found.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3cf5a0ce-88d4-11e1-be62-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3cf5a0ce-88d4-11e1-be62-806e6f6e6963}\ not found.
File D:\ncd.exe not found.
Folder C:\Windows\Installer\{10377690-8118-0bba-4e71-c5658b5fc4ae}\L\ not found.
Folder C:\Windows\Installer\{10377690-8118-0bba-4e71-c5658b5fc4ae}\U\ not found.
Folder C:\Users\Max\AppData\Local\{10377690-8118-0bba-4e71-c5658b5fc4ae}\L\ not found.
Folder C:\Users\Max\AppData\Local\{10377690-8118-0bba-4e71-c5658b5fc4ae}\U\ not found.
ADS C:\ProgramData:gs5sys deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Users\Public\Documents\desktop.ini:gs5sys deleted successfully.
ADS C:\Users\Max\Documents\desktop.ini:gs5sys deleted successfully.
ADS C:\ProgramData\TEMP:CB0AACC9 deleted successfully.
ADS C:\ProgramData\TEMP:05EE1EEF deleted successfully.
ADS C:\ProgramData\TEMP:8CE646EE deleted successfully.
ADS C:\ProgramData\TEMP:A8ADE5D8 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Max
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 4622725 bytes
->Java cache emptied: 25258924 bytes
->FireFox cache emptied: 186899610 bytes
->Google Chrome cache emptied: 361567143 bytes
->Apple Safari cache emptied: 68596736 bytes
->Flash cache emptied: 58583 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 868352 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18364 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 618.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10182012_134042

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Lunarpac]

OTL.txt

OTL logfile created on: 2012-10-18 13:46:21 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Max\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

7.97 Gb Total Physical Memory | 5.87 Gb Available Physical Memory | 73.72% Memory free
13.96 Gb Paging File | 11.26 Gb Available in Paging File | 80.60% Paging File free
Paging file location(s): c:\pagefile.sys 6142 6142 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 73.77 Gb Free Space | 15.84% Space Free | Partition Type: NTFS
Drive E: | 100.00 Mb Total Space | 70.28 Mb Free Space | 70.28% Space Free | Partition Type: NTFS

Computer Name: MAX-PC | User Name: Max | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-10-16 18:09:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL.exe
PRC - [2012-10-11 03:05:57 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012-08-10 21:14:58 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-06-14 20:36:50 | 000,932,528 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012-04-17 15:05:00 | 000,651,264 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
PRC - [2011-09-15 12:06:04 | 000,088,576 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2011-06-13 10:36:54 | 000,922,240 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
PRC - [2011-05-24 20:54:46 | 001,426,048 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2011-04-26 11:20:48 | 001,101,440 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2011-01-11 16:21:14 | 001,214,080 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2010-12-02 04:15:14 | 000,915,584 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
PRC - [2010-11-26 21:50:04 | 002,931,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2010-10-21 11:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
PRC - [2010-09-24 21:29:32 | 001,115,776 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe


========== Modules (No Company Name) ==========

MOD - [2012-10-11 03:05:59 | 002,294,240 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012-06-26 20:03:08 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012-06-26 20:02:59 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012-06-26 20:02:57 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012-06-26 20:02:56 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012-06-26 20:02:53 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012-06-14 20:36:50 | 000,932,528 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012-04-17 15:05:00 | 001,515,520 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll
MOD - [2012-04-17 15:05:00 | 000,651,264 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
MOD - [2012-04-17 15:05:00 | 000,559,244 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll
MOD - [2012-04-17 15:05:00 | 000,516,599 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll
MOD - [2012-04-17 15:05:00 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetect.dll
MOD - [2012-04-17 15:05:00 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll
MOD - [2012-04-17 15:05:00 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll
MOD - [2012-04-17 15:05:00 | 000,103,936 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\OutputLog.dll
MOD - [2012-04-17 15:05:00 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll
MOD - [2011-05-20 09:12:18 | 000,881,152 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2011-05-16 17:35:56 | 000,965,632 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2011-04-07 17:33:18 | 001,607,168 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2011-03-04 10:33:44 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2011-02-24 10:19:36 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2011-01-07 16:39:36 | 001,246,208 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2010-11-05 03:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010-10-15 17:40:30 | 001,031,680 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
MOD - [2010-08-23 04:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
MOD - [2010-08-06 18:13:48 | 000,886,272 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2010-08-06 18:11:20 | 000,850,944 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2010-06-21 15:21:22 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
MOD - [2010-06-21 15:21:22 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2009-08-12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2009-05-21 10:14:14 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012-09-12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012-09-12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012-07-11 20:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2012-04-06 04:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010-08-12 15:00:20 | 000,133,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel® PROSet Monitoring Service)
SRV:64bit: - [2009-07-20 13:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-10-15 23:58:54 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-10-11 03:05:59 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-10-04 17:54:07 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-08-10 21:14:58 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-07-13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-09-15 12:06:04 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011-06-13 10:36:54 | 000,922,240 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe -- (asComSvc)
SRV - [2011-06-08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011-03-28 21:51:25 | 004,323,256 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010-12-02 04:15:14 | 000,915,584 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010-10-21 11:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-12-15 22:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007-05-31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.1)
DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012-08-30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012-04-06 07:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012-04-06 03:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012-03-09 10:57:36 | 000,023,816 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-23 14:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011-10-19 18:33:12 | 000,021,832 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2011-09-14 17:05:34 | 000,394,216 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011-09-14 17:05:34 | 000,129,000 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011-07-22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011-07-12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011-05-18 10:14:12 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010-10-19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010-10-08 03:41:18 | 000,013,416 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvflash.sys -- (NVFLASH)
DRV:64bit: - [2010-09-21 08:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2010-08-27 19:53:22 | 000,297,000 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2010-08-17 19:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2010-07-13 18:19:38 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010-07-13 18:19:38 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010-06-25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010-02-18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010-01-28 16:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009-12-18 00:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009-11-02 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009-08-09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (1394hub)
DRV:64bit: - [2009-07-14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009-06-17 18:54:46 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2009-06-17 18:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009-06-17 18:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-03-01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2012-06-08 09:28:32 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005-01-02 23:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 32 20 81 AA D5 CA 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.se/ig"
FF - prefs.js..extensions.enabledAddons: artur.dubovoy@gmail.com:3.7.6
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-10-15 23:23:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-08-23 22:13:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2012-10-15 23:17:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\Mozilla\Extensions
[2012-10-12 16:47:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com
[2012-10-18 13:16:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\go2atoz2.default\extensions
[2012-10-18 13:16:10 | 000,221,098 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\go2atoz2.default\extensions\artur.dubovoy@gmail.com.xpi
[2012-10-15 23:26:33 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\go2atoz2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012-10-15 23:23:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012-10-11 03:06:18 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-03-07 13:28:56 | 000,244,544 | ---- | M] (SecMaker AB) -- C:\Program Files (x86)\mozilla firefox\plugins\npiidplg.dll
[2012-10-11 03:05:38 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012-10-11 03:05:38 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/ig
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Max\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Max\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Max\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Net iD (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npiidplg.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Max\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - Extension: YouTube = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: S\u00F6k p\u00E5 Google = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Kalender = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Google Theme = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\imoaoigekmpoalkbfohhjgkcocjdapne\1.0.1_0\
CHR - Extension: Google Mail Checker = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: Google Reader = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.2_0\
CHR - Extension: Gmail = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012-10-17 13:12:09 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Net iD] C:\Program Files\Net iD\iid.exe (SecMaker AB)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [Net iD] C:\Program Files (x86)\Net iD\iid.exe (SecMaker AB)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Max\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 79.138.0.180 85.8.31.209
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39A85E31-4D53-438C-8BF9-DB3B5F11B375}: DhcpNameServer = 79.138.0.180 85.8.31.209
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB2B4FA5-6527-4A2D-8E86-925589073BAF}: DhcpNameServer = 79.138.0.180 85.8.31.209
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-10-18 13:40:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-10-18 13:17:45 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\futurama
[2012-10-17 13:20:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-10-17 13:14:55 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012-10-17 12:57:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012-10-17 12:57:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012-10-17 12:57:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012-10-17 12:57:54 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012-10-17 12:57:53 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012-10-17 12:57:39 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012-10-17 12:19:45 | 004,981,258 | R--- | C] (Swearware) -- C:\Users\Max\Desktop\ComboFix.exe
[2012-10-16 18:09:58 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\RK_Quarantine
[2012-10-16 18:09:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL.exe
[2012-10-16 00:05:46 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Macromedia
[2012-10-15 23:58:54 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-10-15 23:58:54 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-10-15 23:52:20 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012-10-15 23:51:49 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Max\Desktop\aswMBR.exe
[2012-10-15 23:51:43 | 000,706,431 | R--- | C] (Swearware) -- C:\Users\Max\Desktop\dds.scr
[2012-10-15 23:51:17 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\2012-10-15
[2012-10-15 23:50:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012-10-15 23:50:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012-10-15 23:23:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012-10-15 23:04:36 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\24476593.sys
[2012-10-15 23:04:32 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\tdsskiller
[2012-10-15 21:17:23 | 000,000,000 | ---D | C] -- C:\Users\Max\Documents\RIFT
[2012-10-15 20:42:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIFT
[2012-10-15 20:42:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RIFT Game
[2012-10-14 16:40:36 | 000,000,000 | ---D | C] -- C:\ProgramData\TERA
[2012-10-14 00:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2012-10-12 21:56:05 | 000,000,000 | ---D | C] -- C:\CCE_Quarantine
[2012-10-12 17:06:13 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Apple Computer
[2012-10-12 16:47:02 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Songbird2
[2012-10-12 16:47:02 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Songbird2
[2012-10-12 16:33:32 | 000,109,360 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012-10-12 16:33:32 | 000,015,664 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\drivers\GEARAspiWDM.sys
[2012-10-12 16:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Songbird
[2012-10-12 16:33:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Songbird
[2012-10-12 16:26:40 | 000,000,000 | ---D | C] -- C:\Users\Max\.local
[2012-10-12 16:12:38 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\.kde
[2012-10-12 16:12:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amarok
[2012-10-12 16:08:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amarok
[2012-10-11 15:37:47 | 062,968,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2012-10-10 07:10:57 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012-10-10 07:10:56 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012-10-10 07:10:55 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-10-10 07:10:38 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012-10-10 07:10:31 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012-10-10 07:10:31 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012-10-10 07:10:31 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012-10-10 07:10:31 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012-10-10 07:10:29 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012-10-10 07:10:29 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012-10-10 07:10:29 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012-10-10 07:10:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012-10-10 07:10:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012-10-10 07:10:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012-10-10 07:10:29 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012-10-10 07:10:29 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012-10-10 07:10:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012-10-10 07:10:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012-10-10 07:10:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012-10-10 07:10:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012-10-10 07:10:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012-10-10 07:10:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012-10-10 07:10:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012-10-10 07:10:28 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012-10-10 07:10:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012-10-10 07:10:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012-10-10 07:10:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012-10-10 07:10:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012-10-10 07:10:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012-10-10 07:10:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012-10-10 07:10:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012-10-10 07:10:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012-10-10 07:10:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012-10-10 07:10:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012-10-10 07:10:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012-10-10 07:10:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012-10-10 07:10:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012-10-10 07:10:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012-10-10 07:10:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012-10-10 07:10:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012-10-10 07:10:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012-10-10 07:10:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012-10-10 07:10:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012-10-10 07:10:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012-10-10 07:10:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012-10-10 07:10:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012-10-10 07:10:25 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012-10-10 07:10:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012-10-10 07:10:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012-10-10 07:10:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012-10-10 07:10:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012-10-10 07:10:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012-10-10 07:10:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012-10-10 07:10:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012-10-10 07:09:57 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012-10-10 07:09:56 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012-10-09 20:02:50 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012-10-09 18:49:58 | 000,000,000 | R--D | C] -- C:\Users\Max\Documents\Scanned Documents
[2012-10-09 18:49:58 | 000,000,000 | ---D | C] -- C:\Users\Max\Documents\Fax
[2012-10-07 22:13:23 | 000,000,000 | ---D | C] -- C:\Users\Max\Documents\My Cheat Tables
[2012-10-03 17:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Sports
[2012-10-01 23:02:31 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\SUPERAntiSpyware.com
[2012-10-01 23:02:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012-10-01 23:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012-10-01 23:02:05 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012-10-01 23:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2012-09-30 21:22:33 | 000,000,000 | ---D | C] -- C:\Users\Max\Documents\Microsoft Hardware
[2012-09-28 14:21:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-09-28 14:21:23 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\LavasoftStatistics
[2012-09-28 14:19:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2012-09-28 14:11:19 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Threat Expert
[2012-09-27 07:47:05 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012-09-26 08:07:36 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012-09-23 14:21:15 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012-09-23 14:21:13 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-09-23 14:21:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-09-23 14:21:12 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-09-23 14:21:12 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-09-23 14:21:10 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-09-23 14:21:10 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

========== Files - Modified Within 30 Days ==========

[2012-10-18 13:49:10 | 000,013,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-10-18 13:49:10 | 000,013,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-10-18 13:41:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-10-18 13:41:41 | 2121,633,791 | -HS- | M] () -- C:\hiberfil.sys
[2012-10-18 13:17:01 | 000,077,439 | ---- | M] () -- C:\Users\Max\Desktop\[kat.ph]futurama.complete.torrent
[2012-10-18 08:58:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-10-17 13:12:09 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012-10-17 12:19:55 | 004,981,258 | R--- | M] (Swearware) -- C:\Users\Max\Desktop\ComboFix.exe
[2012-10-16 18:45:26 | 000,000,132 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012-10-16 18:09:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL.exe
[2012-10-16 18:09:24 | 000,538,941 | ---- | M] () -- C:\Users\Max\Desktop\adwcleaner.exe
[2012-10-16 18:09:17 | 001,425,920 | ---- | M] () -- C:\Users\Max\Desktop\RogueKiller.exe
[2012-10-16 08:07:00 | 005,337,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-10-16 00:08:46 | 000,000,512 | ---- | M] () -- C:\Users\Max\Desktop\MBR.dat
[2012-10-15 23:58:54 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-10-15 23:58:54 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-10-15 23:51:57 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Max\Desktop\aswMBR.exe
[2012-10-15 23:51:45 | 000,706,431 | R--- | M] (Swearware) -- C:\Users\Max\Desktop\dds.scr
[2012-10-15 23:04:37 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\24476593.sys
[2012-10-15 20:45:02 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\RIFT.lnk
[2012-10-15 12:58:13 | 000,002,047 | ---- | M] () -- C:\Users\Public\Desktop\NBA 2K13.lnk
[2012-10-10 17:55:39 | 000,001,143 | ---- | M] () -- C:\Users\Max\Desktop\MTI.lnk
[2012-10-02 09:43:06 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012-10-02 09:43:04 | 000,663,838 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-10-02 09:43:04 | 000,125,968 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-09-30 17:09:53 | 000,800,222 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-09-28 00:32:12 | 062,968,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2012-09-20 18:17:27 | 000,000,222 | ---- | M] () -- C:\Users\Max\Desktop\Torchlight II.url
[2012-09-20 09:32:31 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012-09-20 09:32:31 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012-09-20 09:32:31 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012-09-20 09:32:31 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012-09-19 17:35:41 | 000,000,221 | ---- | M] () -- C:\Users\Max\Desktop\Borderlands 2.url

========== Files Created - No Company Name ==========

[2012-10-18 13:17:01 | 000,077,439 | ---- | C] () -- C:\Users\Max\Desktop\[kat.ph]futurama.complete.torrent
[2012-10-17 12:57:56 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012-10-17 12:57:56 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012-10-17 12:57:56 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012-10-17 12:57:56 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012-10-17 12:57:56 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012-10-16 18:09:21 | 000,538,941 | ---- | C] () -- C:\Users\Max\Desktop\adwcleaner.exe
[2012-10-16 18:09:15 | 001,425,920 | ---- | C] () -- C:\Users\Max\Desktop\RogueKiller.exe
[2012-10-16 08:06:42 | 005,337,872 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-10-16 00:08:46 | 000,000,512 | ---- | C] () -- C:\Users\Max\Desktop\MBR.dat
[2012-10-15 23:58:56 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-10-15 23:23:37 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-10-15 20:45:02 | 000,001,931 | ---- | C] () -- C:\Users\Public\Desktop\RIFT.lnk
[2012-10-10 17:55:39 | 000,001,143 | ---- | C] () -- C:\Users\Max\Desktop\MTI.lnk
[2012-10-03 17:48:14 | 000,002,047 | ---- | C] () -- C:\Users\Public\Desktop\NBA 2K13.lnk
[2012-09-20 18:17:27 | 000,000,222 | ---- | C] () -- C:\Users\Max\Desktop\Torchlight II.url
[2012-09-19 17:35:41 | 000,000,221 | ---- | C] () -- C:\Users\Max\Desktop\Borderlands 2.url
[2012-09-16 15:22:24 | 000,000,132 | ---- | C] () -- C:\Users\Max\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012-09-16 15:15:37 | 000,001,456 | ---- | C] () -- C:\Users\Max\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012-07-24 22:09:36 | 000,000,132 | ---- | C] () -- C:\Users\Max\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
[2012-07-23 19:49:18 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012-07-07 15:43:38 | 000,298,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-07-07 15:43:36 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012-07-07 15:43:36 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-06-26 21:06:42 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-06-16 18:57:47 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2012-05-23 22:45:00 | 000,000,285 | ---- | C] () -- C:\Windows\EReg072.dat
[2012-05-23 22:44:45 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2012-05-19 22:11:44 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2012-05-18 21:13:57 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2012-05-14 00:28:03 | 000,136,760 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012-05-11 00:41:31 | 000,045,270 | ---- | C] () -- C:\Users\Max\AppData\Roaming\room_v3.dat
[2012-04-18 18:11:04 | 004,049,616 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2012-04-17 23:51:43 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012-04-17 23:51:39 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012-04-17 23:31:26 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012-04-17 23:31:24 | 000,027,129 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012-04-03 08:25:05 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2012-03-25 16:28:27 | 000,004,096 | -H-- | C] () -- C:\Users\Max\AppData\Local\keyfile3.drm
[2012-03-16 22:56:31 | 000,000,132 | ---- | C] () -- C:\Users\Max\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012-03-13 08:45:06 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012-03-13 08:45:06 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012-03-09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012-02-15 04:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-02-15 04:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-01-10 03:59:55 | 000,060,905 | ---- | C] () -- C:\Users\Max\AppData\Roaming\icarus-dxdiag.xml
[2012-01-08 02:51:46 | 000,000,040 | ---- | C] () -- C:\Users\Max\jagex_cl_runescape_LIVE.dat
[2011-10-19 19:02:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2011-10-04 08:10:47 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011-10-02 21:43:47 | 000,007,600 | ---- | C] () -- C:\Users\Max\AppData\Local\Resmon.ResmonCfg
[2011-09-13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-05-31 08:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011-05-31 08:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011-05-20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-02-24 15:02:33 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2011-02-24 15:02:33 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2010-09-13 22:02:43 | 000,033,762 | ---- | C] () -- C:\Users\Max\install.xml
[2010-09-13 21:56:29 | 000,000,000 | ---- | C] () -- C:\Users\Max\jagex__preferences3.dat
[2010-09-13 21:56:19 | 000,000,129 | ---- | C] () -- C:\Users\Max\jagex_runescape_preferences2.dat
[2010-09-13 21:54:29 | 000,000,046 | ---- | C] () -- C:\Users\Max\jagex_runescape_preferences.dat
[2010-07-12 16:16:00 | 000,000,091 | ---- | C] () -- C:\Users\Max\AppData\Local\fusioncache.dat

========== ZeroAccess Check ==========

[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

[Satchfan]

Thanks for the logs.

It seems that the last run fixed your hosts file and a few other issues.

I am re-examining your ComboFix log and have found a couple of things I missed. I'll finish checking it shortly and will send new instructions.

Satchfan

[Satchfan]

Let’s see if this will get rid of what I found – if not we’ll do it another way.

Please restart your computer in safe mode.

Open ComboFix

Please do the following:

• close any open browsers.
• close/disable all anti virus and anti malware programs so that they do not interfere with the running of ComboFix.
• open notepad and copy/paste the text in the codebox below into it:

Code:

Driver::
ssuhop
uezndl

Save this as "CFScript.txt", and as Type: All Files (*.*) in the same location as ComboFix.exe



Referring to the picture above, drag CFScript into ComboFix.exe

When finished, it produces a log at C:\ComboFix.txt. Post the contents of Combofix.txt in your next reply.

Satchfan

[Lunarpac]

Started in safe mode, turned off MSE Real Time Protection, ran ComboFix using the script.

ComboFix Log
ComboFix 12-10-16.02 - Max 2012-10-18 19:43:42.3.4 - x64 MINIMAL
Microsoft Windows 7 Professional 6.1.7601.1.1252.46.1033.18.8159.6847 [GMT 2:00]
Körs från: c:\users\Max\Desktop\ComboFix.exe
Kommandoväxlar som använts :: c:\users\Max\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Skapade en ny återställningspunkt
.
.
((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivrutiner/Tjänster )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SSUHOP
-------\Legacy_UEZNDL
-------\Service_ssuhop
-------\Service_uezndl
.
.
(((((((((((((((((((((((( Filer skapade från 2012-09-18 till 2012-10-18 ))))))))))))))))))))))))))))))
.
.
2012-10-18 17:47 . 2012-10-18 17:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-18 17:47 . 2012-10-18 17:47 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-10-18 11:40 . 2012-10-18 11:40 -------- d-----w- C:\_OTL
2012-10-18 11:16 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FF2B16EB-6769-44A1-AA53-B1ACFFFF0B4D}\mpengine.dll
2012-10-17 11:20 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-15 22:05 . 2012-10-15 22:05 -------- d-----w- c:\users\Max\AppData\Local\Macromedia
2012-10-15 21:58 . 2012-10-15 21:58 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-15 21:58 . 2012-10-15 21:58 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-15 21:50 . 2012-10-15 21:52 -------- d-----w- c:\program files (x86)\ERUNT
2012-10-15 21:04 . 2012-10-15 21:04 208216 ----a-w- c:\windows\system32\drivers\24476593.sys
2012-10-15 18:42 . 2012-10-18 06:29 -------- d-----w- c:\program files (x86)\RIFT Game
2012-10-14 14:40 . 2012-10-14 14:40 -------- d-----w- c:\programdata\TERA
2012-10-13 22:11 . 2012-10-13 22:11 -------- d-----w- c:\programdata\Sophos
2012-10-12 19:56 . 2012-10-14 15:23 -------- d-----w- C:\CCE_Quarantine
2012-10-12 15:06 . 2012-10-12 15:06 -------- d-----w- c:\users\Max\AppData\Roaming\Apple Computer
2012-10-12 14:47 . 2012-10-12 14:57 -------- d-----w- c:\users\Max\AppData\Local\Songbird2
2012-10-12 14:47 . 2012-10-12 14:47 -------- d-----w- c:\users\Max\AppData\Roaming\Songbird2
2012-10-12 14:33 . 2012-06-08 07:28 15664 ----a-w- c:\windows\SysWow64\drivers\GEARAspiWDM.sys
2012-10-12 14:33 . 2012-06-08 07:28 109360 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-10-12 14:33 . 2012-10-12 14:33 -------- d-----w- c:\program files (x86)\Songbird
2012-10-12 14:26 . 2012-10-12 14:26 -------- d-----w- c:\users\Max\.local
2012-10-12 14:12 . 2012-10-12 14:15 -------- d-----w- c:\users\Max\AppData\Roaming\.kde
2012-10-12 14:08 . 2012-10-12 14:12 -------- d-----w- c:\program files (x86)\Amarok
2012-10-10 05:11 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-10 05:09 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 05:09 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 05:09 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 05:09 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 05:09 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 05:09 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-09 18:02 . 2012-10-15 21:08 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-06 07:26 . 2012-10-03 11:57 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1512DAF9-2307-44C6-A6E3-BC5A4DE8F42A}\gapaengine.dll
2012-10-01 21:02 . 2012-10-01 21:02 -------- d-----w- c:\users\Max\AppData\Roaming\SUPERAntiSpyware.com
2012-10-01 21:02 . 2012-10-17 06:05 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-10-01 21:02 . 2012-10-01 21:02 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-10-01 21:00 . 2012-10-01 21:00 -------- d-----w- c:\program files\Common Files\Bitdefender
2012-09-28 12:21 . 2012-09-28 14:31 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-09-28 12:21 . 2012-09-28 12:21 -------- d-----w- c:\users\Max\AppData\Roaming\LavasoftStatistics
2012-09-28 12:19 . 2012-10-13 23:11 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
2012-09-28 12:11 . 2012-09-28 12:11 -------- d-----w- c:\users\Max\AppData\Local\Threat Expert
2012-09-27 05:47 . 2012-09-27 05:47 -------- d-----w- c:\users\Max\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
2012-09-26 06:07 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-03 11:57 . 2011-03-27 18:50 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-27 22:18 . 2010-04-11 10:35 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-09-20 07:32 . 2011-10-16 14:24 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-09-20 07:32 . 2011-10-16 14:24 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-09-20 07:32 . 2011-10-16 14:24 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-09-20 07:32 . 2011-10-16 14:24 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-08-30 20:03 . 2012-08-30 20:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2010-10-24 20:25 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-22 18:12 . 2012-09-12 10:21 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 10:21 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 10:21 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 10:21 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-20 17:38 . 2012-10-10 05:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-20 15:27 . 2012-07-07 13:43 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-08-20 15:27 . 2011-09-29 11:25 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-08-19 15:18 . 2011-09-29 11:19 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-08-10 19:14 . 2012-07-07 13:43 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-08-10 18:47 . 2012-07-07 13:43 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe
2012-08-02 17:58 . 2012-09-12 10:21 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 10:21 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Not* tomma poster & legitima standardposter visas inte.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Spotify Web Helper"="c:\users\Max\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-06-14 932528]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-10-17 5628800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-17 651264]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-05 641664]
"Net iD"="c:\program files (x86)\Net iD\iid.exe" [2012-03-07 100160]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
R2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-06-13 922240]
R2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-02 915584]
R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2012-03-09 23816]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-08-12 133800]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-15 250808]
R3 ALSysIO;ALSysIO;c:\users\Max\AppData\Local\Temp\ALSysIO64.sys [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [x]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [2010-09-21 313520]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-11 115168]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 NVFLASH;NVFLASH;c:\windows\system32\drivers\nvflash.sys [2010-10-08 13416]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 usj;usj;c:\aeriagames\EdenEternal\avital\ussjcs64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-26 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Max\Desktop\RealTemp_370\WinRing0x64.sys [x]
R4 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [2010-08-27 297000]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-09-14 129000]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-09-14 394216]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys [2010-08-17 26136]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
.
.
Innehåll i mappen 'Schemalagda aktiviteter':
.
2012-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-15 21:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
"Net iD"="c:\program files\Net iD\iid.exe" [2012-03-07 110912]
.
------- Extra genomsökning -------
.
uStart Page =
mStart Page =
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 79.138.0.180 85.8.31.209
FF - ProfilePath - c:\users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\go2atoz2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.se/ig
FF - ExtSQL: 2012-10-15 23:26; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\go2atoz2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-10-15 23:27; artur.dubovoy@gmail.com; c:\users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\go2atoz2.default\extensions\artur.dubovoy@gmail.com.xpi
.
- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LÅSTA REGISTERNYCKLAR ---------------------
.
[HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*l*v*ˆ1h\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*l*v*»‰”s**ˆx<\]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*l*v*»‰”s**ˆx<\\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*l*ÿP9J\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*áU¿x]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*áU¿x\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-1666464932-787091987-3193995767-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-1666464932-787091987-3193995767-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-1666464932-787091987-3193995767-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-1666464932-787091987-3193995767-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-1666464932-787091987-3193995767-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1666464932-787091987-3193995767-1000\Software\SecuROM\License information*]
"datasecu"=hex:a3,c7,21,cb,0f,eb,f2,1d,f9,ff,fe,05,86,ce,c2,b8,91,ff,a2,16,66,
9d,47,06,29,dd,e9,df,75,55,cf,3e,0e,16,b8,24,fd,00,b5,7c,8c,b5,db,c8,b5,64,\
"rkeysecu"=hex:bd,89,9c,70,7d,ab,53,33,bd,8c,0b,3a,57,f1,85,17
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Sluttid: 2012-10-18 19:53:36 - datorn startades om.
ComboFix-quarantined-files.txt 2012-10-18 17:53
ComboFix2.txt 2012-10-18 17:42
ComboFix3.txt 2012-10-17 11:14
.
Före genomsökningen: 88*913*686*528 bytes free
Efter genomsökningen: 88*644*927*488 bytes free
.
- - End Of File - - 2DC759E9DCE586A15477CFEFE62ADE8D