Vr5fx Posted March 3, 2013 Posted March 3, 2013 (edited) Oh no. I have a problem. Every now and then I start up my computer and there is a random "something" that will take focus approximately every 60 seconds. There is no window for the "something" but as I type this, it interacts with Firefox and goes to the background, as if a window is in front. Full screen programs will minimize to the task-bar. Task Manager will only show currently open programs (File explorer, Firefox, Skype, FRAPS and Guild Wars) My last reboot was a hard reset, as Speccy had a brain-fart. If I were to restart the problem would go away, for a few days. It's not a problem but while it is happening I would like to know what this "something" is. [EDIT] I just lost internet connection briefly and the problem stopped. Sorcery? Help for hugs? Thanks! Edited April 20, 2013 by Vr5fx Quote AMD FX 6100 @ 3.9Ghz / Asus M5A99X EVO 990X / G-Skill 8GB DDR3 1600Mhz RipjawsX / Zotac GeForce GTX 660 Ti / Corsair TX 750W V2 PSU / Antec Kuhler 620 / Win7 64 / NZXT Tempest 410 Elite / NZXT 6 channel fan controller / Kingston 240GB HyperX 3K SSD / 1TB HDD Intel Pentium G2020 2.90GHz / Gigabyte GA-Z77N-WIFI / Kingston 4GB DDR3 1600MHz HyperX Genesis / Corsair 430W CXM / Fractal Design Node 304 Mini ITX Case / 2TB WD Greenhttp://steamsignature.com/status/default/76561197986113115.png
Plastic Nev Posted March 3, 2013 Posted March 3, 2013 Sounds too suspiciously malware related to me, in fact any unwanted activity can be quite often traced to something unwanted has installed itself. A check and scan with Malwarebytes and also Superantispyware might at least find it, SAS will if it is some sort of adware. If after that and still problems, post in security and let Starbuck or etavares have a look at the logs. Nev. Quote Need help with your computer problems? Then why not join Free PC Help. Register here. If Free PC Help has helped you then please consider a donation. Click here We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs. -------------------------------------------------------------------- I have installed Windows, now how do I install the curtains? 😄
Vr5fx Posted March 3, 2013 Author Posted March 3, 2013 Nothing hit up on Malwarebytes, a few tracking cookies on SAS with a false positive (game related). It probably wont happen for a week now, but I will return if it happens again! Hugs! -Vr Quote AMD FX 6100 @ 3.9Ghz / Asus M5A99X EVO 990X / G-Skill 8GB DDR3 1600Mhz RipjawsX / Zotac GeForce GTX 660 Ti / Corsair TX 750W V2 PSU / Antec Kuhler 620 / Win7 64 / NZXT Tempest 410 Elite / NZXT 6 channel fan controller / Kingston 240GB HyperX 3K SSD / 1TB HDD Intel Pentium G2020 2.90GHz / Gigabyte GA-Z77N-WIFI / Kingston 4GB DDR3 1600MHz HyperX Genesis / Corsair 430W CXM / Fractal Design Node 304 Mini ITX Case / 2TB WD Greenhttp://steamsignature.com/status/default/76561197986113115.png
KenB Posted March 3, 2013 Posted March 3, 2013 Hi Steve Ask Pete or Gene to take a look at your system - they will pick up on stuff that MBAM doesn't. If there is malware there - they will soon tell you :) Quote There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !! MiniToolBoxNetwork TestWireless Test
Vr5fx Posted March 4, 2013 Author Posted March 4, 2013 Moved my thread into here. 2 days on the trot is new, but alas here it is. Again today there is something taking focus. I've not done much this morning. Avast has updated, and I have been watching YouTube videos with light browsing. I tried Alt-space to see if there is anything to maximize but the window is 0x0 in size. I don't want to see if closing it works because I would like to know what is doing it. :) Quote AMD FX 6100 @ 3.9Ghz / Asus M5A99X EVO 990X / G-Skill 8GB DDR3 1600Mhz RipjawsX / Zotac GeForce GTX 660 Ti / Corsair TX 750W V2 PSU / Antec Kuhler 620 / Win7 64 / NZXT Tempest 410 Elite / NZXT 6 channel fan controller / Kingston 240GB HyperX 3K SSD / 1TB HDD Intel Pentium G2020 2.90GHz / Gigabyte GA-Z77N-WIFI / Kingston 4GB DDR3 1600MHz HyperX Genesis / Corsair 430W CXM / Fractal Design Node 304 Mini ITX Case / 2TB WD Greenhttp://steamsignature.com/status/default/76561197986113115.png
etavares Posted March 4, 2013 Posted March 4, 2013 Hi Vr5fx, Please follow these instructions: Before posting for Malware Removal help. And we'll see what's there. Try to run OTL when you're having that issue. I'll look for the logs and we'll see if we can't fix it. -etavares Quote etavares is a member of:Alliance of Security Analysis ProfessionalsUnified Network of Instructors and Trained Eliminators
Vr5fx Posted March 4, 2013 Author Posted March 4, 2013 Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.03.03.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Cougar :: COUGAR-PC [administrator] 04/03/2013 11:43:58 mbam-log-2013-03-04 (11-43-58).txt Scan type: Full scan (C:\|D:\|E:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 450240 Time elapsed: 23 minute(s), 2 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) OTL logfile created on: 04/03/2013 11:50:11 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cougar\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 7.95 Gb Total Physical Memory | 6.09 Gb Available Physical Memory | 76.59% Memory free 15.89 Gb Paging File | 13.80 Gb Available in Paging File | 86.83% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 223.47 Gb Total Space | 151.64 Gb Free Space | 67.86% Space Free | Partition Type: NTFS Drive D: | 100.00 Mb Total Space | 70.34 Mb Free Space | 70.35% Space Free | Partition Type: NTFS Drive E: | 931.41 Gb Total Space | 584.04 Gb Free Space | 62.70% Space Free | Partition Type: NTFS Computer Name: COUGAR-PC | User Name: Cougar | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Cougar\Downloads\OTL.scr (OldTimer Tools) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Fraps\fraps.exe (Beepa P/L) PRC - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () PRC - C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMHID4.exe () PRC - C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMTray4.exe () PRC - C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe () PRC - C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe () PRC - C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe () PRC - C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe (ASUSTeK Computer Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll () MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.dll () MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll () MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll () MOD - C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMHID4.exe () MOD - C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMTray4.exe () MOD - C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll () MOD - C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll () ========== Services (SafeList) ========== SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (lxdo_device) -- C:\Windows\SysNative\lxdocoms.exe ( ) SRV:64bit: - (lxdoCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdoserv.exe () SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (asComSvc) -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe () SRV - (asHmComSvc) -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe () SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (lxdo_device) -- C:\Windows\SysWOW64\lxdocoms.exe ( ) SRV - (lxdoCATSCustConnectService) -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdoserv.exe () ========== Driver Services (SafeList) ========== DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys () DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software) DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys () DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (athur) -- C:\Windows\SysNative\drivers\athurx.sys (Atheros Communications, Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc) DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc) DRV:64bit: - (SSMO4Filter) -- C:\Windows\SysNative\drivers\MO4Driver.sys (Sagatek Co. Ltd.) DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices) DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (AiChargerPlus) -- C:\Windows\SysNative\drivers\AiChargerPlus.sys (ASUSTek Computer Inc.) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb201?a=6R8S6LLoAz&i=26 IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb201/?search={searchTerms}&loc=IB_DS&a=6R8S6LLoAz&i=26 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/03 18:03:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/02/20 10:26:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/10/01 16:01:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cougar\AppData\Roaming\Mozilla\Extensions [2013/02/14 23:20:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cougar\AppData\Roaming\Mozilla\Firefox\Profiles\103hclsb.default-1358867749764\extensions [2013/02/14 23:20:25 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Cougar\AppData\Roaming\Mozilla\Firefox\Profiles\103hclsb.default-1358867749764\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013/02/20 10:26:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013/02/20 10:26:47 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/10/03 15:49:05 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013/02/20 10:26:47 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [steelSeries World of Warcraft® MMO Gaming Mouse Legendary Edition] C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMHID4.exe () O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0482F6B8-8AAB-4356-98D7-7DA8BFCEA021}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0EC16170-0141-4B7B-9A46-C8614AE6E74F}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD19197F-2A20-4012-A502-E5633D11E474}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{78d57699-649b-11e2-8832-c86000dd7b2e}\Shell - "" = AutoRun O33 - MountPoints2\{78d57699-649b-11e2-8832-c86000dd7b2e}\Shell\AutoRun\command - "" = G:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) MsConfig:64bit - StartUpReg: ASUS AiChargerPlus Execute - hkey= - key= - C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.) MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - E:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig:64bit - StartUpReg: JMB36X IDE Setup - hkey= - key= - C:\Windows\RaidTool\xInsIDE.exe () MsConfig:64bit - StartUpReg: Logitech Download Assistant - hkey= - key= - C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: lxdoamon - hkey= - key= - C:\Program Files (x86)\Lexmark 9500 Series\lxdoamon.exe () MsConfig:64bit - StartUpReg: lxdomon.exe - hkey= - key= - C:\Program Files (x86)\Lexmark 9500 Series\lxdomon.exe () MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - File not found MsConfig:64bit - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) MsConfig:64bit - StartUpReg: Pando Media Booster - hkey= - key= - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () MsConfig:64bit - StartUpReg: Steam - hkey= - key= - File not found MsConfig:64bit - StartUpReg: WrtMon.exe - hkey= - key= - C:\Windows\SysNative\spool\drivers\x64\3\WrtMon.exe () MsConfig:64bit - State: "startup" - Reg Error: Key error. CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013/03/03 17:42:51 | 000,000,000 | ---D | C] -- C:\Users\Cougar\AppData\Roaming\SUPERAntiSpyware.com [2013/03/03 17:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2013/03/03 17:42:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2013/03/03 17:42:21 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2013/03/03 12:56:10 | 000,000,000 | ---D | C] -- C:\Users\Cougar\Documents\Guild Wars [2013/03/03 12:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs [2013/03/03 12:53:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guild Wars [2013/02/27 18:08:39 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013/02/27 18:08:39 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013/02/27 18:08:39 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013/02/27 18:08:39 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013/02/27 18:08:37 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013/02/27 18:08:37 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013/02/27 18:08:35 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013/02/27 18:08:35 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013/02/27 18:08:35 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013/02/27 18:08:35 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013/02/27 18:08:35 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/02/27 18:08:35 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/02/27 18:08:35 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/02/27 18:08:35 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/02/27 18:08:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/02/27 18:08:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/02/27 18:08:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013/02/27 18:08:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013/02/27 18:08:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/02/27 18:08:35 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/02/27 18:08:35 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/02/27 18:08:34 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013/02/27 18:08:34 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013/02/27 18:08:34 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013/02/27 18:08:34 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013/02/27 18:08:34 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013/02/27 18:08:34 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013/02/27 18:08:34 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013/02/27 18:08:34 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013/02/27 18:08:34 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013/02/27 18:08:34 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/02/27 18:08:34 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/02/27 18:08:34 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/02/27 18:08:34 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/02/27 18:08:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013/02/27 18:08:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013/02/27 18:08:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/02/27 18:08:33 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013/02/27 18:08:33 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013/02/27 18:08:33 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013/02/27 18:08:33 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013/02/20 17:47:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [2013/02/20 17:47:05 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID [2013/02/20 10:26:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013/02/19 15:43:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies [2013/02/19 15:42:24 | 026,947,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013/02/19 15:42:24 | 007,569,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013/02/19 15:42:24 | 006,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013/02/19 15:42:24 | 000,963,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2013/02/19 15:42:24 | 000,194,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys [2013/02/19 15:42:24 | 000,031,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2013/02/19 15:42:23 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013/02/19 15:42:23 | 020,534,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013/02/19 15:42:23 | 017,987,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2013/02/19 15:42:23 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013/02/19 15:42:23 | 009,422,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013/02/19 15:42:23 | 007,964,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013/02/19 15:42:23 | 002,911,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013/02/19 15:42:23 | 002,726,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013/02/19 15:42:23 | 002,350,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013/02/19 15:42:23 | 001,990,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013/02/19 15:42:23 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll [2013/02/19 15:42:23 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll [2013/02/19 15:42:23 | 000,420,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll [2013/02/19 15:42:23 | 000,364,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll [2013/02/19 15:42:23 | 000,250,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2013/02/19 15:42:23 | 000,205,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2013/02/19 15:36:33 | 000,000,000 | ---D | C] -- C:\NVIDIA [2013/02/19 10:25:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WmpSkype [2013/02/13 06:51:20 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/02/13 06:51:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013/02/13 06:51:20 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/02/13 06:51:20 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/02/13 06:51:19 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/02/13 06:51:19 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/02/13 06:51:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/02/13 06:51:19 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/02/13 06:51:19 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/02/13 06:51:18 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013/02/13 06:51:18 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/02/13 06:51:18 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013/02/13 06:51:17 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013/02/13 06:51:17 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013/02/13 06:51:17 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/02/13 06:28:02 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013/02/13 06:28:02 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013/02/13 06:28:01 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013/02/13 06:27:58 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013/02/13 06:27:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013/02/13 06:27:57 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013/02/13 06:27:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013/02/13 06:27:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013/02/13 06:27:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013/02/13 06:27:56 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013/02/12 17:13:28 | 000,000,000 | ---D | C] -- C:\Users\Cougar\AppData\Roaming\Malwarebytes [2013/02/12 17:13:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/02/12 17:13:22 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013/02/12 17:13:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013/02/12 17:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/02/12 17:12:57 | 000,000,000 | ---D | C] -- C:\Users\Cougar\AppData\Local\Programs [2013/02/10 13:52:29 | 000,000,000 | ---D | C] -- C:\Users\Cougar\Documents\Eden Games [2013/02/10 13:51:14 | 000,000,000 | ---D | C] -- C:\Users\Cougar\AppData\Local\CrashRpt [2013/02/10 12:25:50 | 000,000,000 | ---D | C] -- C:\Users\Cougar\Documents\Bioshock2 [2013/02/10 12:25:50 | 000,000,000 | ---D | C] -- C:\Users\Cougar\AppData\Roaming\Bioshock2 [2013/02/10 12:09:15 | 000,000,000 | ---D | C] -- C:\Users\Cougar\Documents\NFS Most Wanted [2013/02/10 12:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES [2013/02/10 12:04:42 | 000,000,000 | ---D | C] -- C:\Users\Cougar\New folder [2013/02/09 18:43:52 | 000,555,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/03/04 10:57:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/03/04 09:40:16 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/03/04 09:40:16 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/03/04 09:39:06 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/03/04 09:39:06 | 000,628,024 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/03/04 09:39:06 | 000,110,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/03/04 09:33:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/03/04 09:33:07 | 2104,508,415 | -HS- | M] () -- C:\hiberfil.sys [2013/03/03 18:03:47 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013/03/03 17:42:23 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2013/03/03 13:16:16 | 000,001,410 | ---- | M] () -- C:\Users\Cougar\Desktop\Gw.exe - Shortcut (2).lnk [2013/03/03 13:15:31 | 000,001,396 | ---- | M] () -- C:\Users\Cougar\Desktop\Gw.exe - Shortcut.lnk [2013/02/28 08:36:34 | 000,177,672 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013/02/28 08:36:34 | 000,068,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013/02/28 08:36:33 | 001,025,880 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013/02/28 08:36:33 | 000,377,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013/02/28 08:36:33 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013/02/28 08:36:33 | 000,065,408 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013/02/28 08:36:32 | 000,080,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013/02/28 08:36:31 | 000,033,472 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013/02/28 08:36:07 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2013/02/28 08:35:43 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013/02/26 22:06:57 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/02/26 22:06:57 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/02/20 17:47:05 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk [2013/02/13 15:27:13 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/02/12 17:13:23 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/02/10 03:25:27 | 026,947,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013/02/10 03:25:27 | 025,256,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013/02/10 03:25:27 | 020,534,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013/02/10 03:25:27 | 017,987,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2013/02/10 03:25:27 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013/02/10 03:25:27 | 015,275,744 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2013/02/10 03:25:27 | 015,038,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2013/02/10 03:25:27 | 012,862,400 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2013/02/10 03:25:27 | 009,422,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013/02/10 03:25:27 | 007,964,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013/02/10 03:25:27 | 007,569,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013/02/10 03:25:27 | 006,267,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013/02/10 03:25:27 | 002,911,008 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013/02/10 03:25:27 | 002,854,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2013/02/10 03:25:27 | 002,726,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013/02/10 03:25:27 | 002,528,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2013/02/10 03:25:27 | 002,350,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013/02/10 03:25:27 | 001,990,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013/02/10 03:25:27 | 001,807,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll [2013/02/10 03:25:27 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll [2013/02/10 03:25:27 | 001,114,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll [2013/02/10 03:25:27 | 000,963,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2013/02/10 03:25:27 | 000,420,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll [2013/02/10 03:25:27 | 000,364,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll [2013/02/10 03:25:27 | 000,250,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2013/02/10 03:25:27 | 000,205,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2013/02/10 03:25:27 | 000,017,738 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2013/02/10 01:04:31 | 006,393,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2013/02/10 01:04:31 | 003,472,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2013/02/10 01:04:29 | 000,237,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2013/02/10 01:04:29 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2013/02/09 18:43:52 | 000,555,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe [2013/02/09 13:25:36 | 003,035,306 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/03/03 18:03:47 | 000,177,672 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013/03/03 18:03:47 | 000,065,408 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013/03/03 17:42:23 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2013/03/03 13:15:39 | 000,001,410 | ---- | C] () -- C:\Users\Cougar\Desktop\Gw.exe - Shortcut (2).lnk [2013/03/03 13:15:31 | 000,001,396 | ---- | C] () -- C:\Users\Cougar\Desktop\Gw.exe - Shortcut.lnk [2013/02/20 17:47:05 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk [2013/02/12 17:13:23 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/12/25 22:08:11 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012/12/25 22:08:01 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012/10/10 08:17:36 | 000,028,672 | ---- | C] () -- C:\Windows\hookdllX.dll [2012/10/10 08:17:36 | 000,011,776 | ---- | C] () -- C:\Windows\SysWow64\pmsbfn32.dll [2012/10/10 08:16:58 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxdocomx.dll [2012/10/10 08:16:58 | 000,360,448 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdoinpa.dll [2012/10/10 08:16:58 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\lxdoinst.dll [2012/10/10 08:16:58 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdoiesc.dll [2012/10/10 08:16:57 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdopmui.dll [2012/10/10 08:16:56 | 001,069,056 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdoserv.dll [2012/10/10 08:16:56 | 000,954,368 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdousb1.dll [2012/10/10 08:16:56 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdolmpm.dll [2012/10/10 08:16:56 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdoprox.dll [2012/10/10 08:16:55 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdocomc.dll [2012/10/10 08:16:55 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdohbn3.dll [2012/10/10 08:16:55 | 000,589,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdocoms.exe [2012/10/10 08:16:55 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdocomm.dll [2012/10/10 08:16:55 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdoih.exe [2012/10/10 08:16:54 | 000,360,448 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdocfg.exe [2012/10/04 18:41:37 | 000,007,597 | ---- | C] () -- C:\Users\Cougar\AppData\Local\Resmon.ResmonCfg [2012/10/01 15:43:14 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe [2012/10/01 15:36:53 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2012/10/01 15:36:47 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2012/10/01 15:31:02 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012/10/01 15:30:57 | 000,028,896 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011/04/19 21:10:32 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll ========== ZeroAccess Check ========== [2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 05:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 04:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 03:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012/12/28 19:40:12 | 000,000,000 | ---D | M] -- C:\Users\Cougar\AppData\Roaming\.minecraft [2012/12/06 12:41:44 | 000,000,000 | ---D | M] -- C:\Users\Cougar\AppData\Roaming\AnvSoft [2013/02/11 23:09:47 | 000,000,000 | ---D | M] -- C:\Users\Cougar\AppData\Roaming\Bioshock2 [2013/01/22 16:45:49 | 000,000,000 | ---D | M] -- C:\Users\Cougar\AppData\Roaming\DAEMON Tools Lite [2013/01/30 10:46:40 | 000,000,000 | ---D | M] -- C:\Users\Cougar\AppData\Roaming\Play withSIX [2012/10/03 09:01:49 | 000,000,000 | ---D | M] -- C:\Users\Cougar\AppData\Roaming\SteelSeries [2013/02/01 19:14:54 | 000,000,000 | ---D | M] -- C:\Users\Cougar\AppData\Roaming\TP-LINK ========== Purity Check ========== ========== Custom Scans ========== < > [2009/07/14 05:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009/07/14 05:08:49 | 000,032,620 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012/10/10 12:53:39 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job ========== Drive Information ========== Physical Drives --------------- Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media Interface type: SCSI Media Type: Fixed hard disk media Model: ST1000DM 003-9YN162 SCSI Disk Device Partitions: 2 Status: OK Status Info: 0 Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media Interface type: SCSI Media Type: Fixed hard disk media Model: KINGSTON SH103S3240G SCSI Disk Device Partitions: 2 Status: OK Status Info: 0 Partitions --------------- DeviceID: Disk #0, Partition #0 PartitionType: Installable File System Bootable: True BootPartition: True PrimaryPartition: True Size: 100.00MB Starting Offset: 1048576 Hidden sectors: 0 DeviceID: Disk #0, Partition #1 PartitionType: Installable File System Bootable: False BootPartition: False PrimaryPartition: True Size: 931.00GB Starting Offset: 105906176 Hidden sectors: 0 DeviceID: Disk #1, Partition #0 PartitionType: Installable File System Bootable: True BootPartition: True PrimaryPartition: True Size: 100.00MB Starting Offset: 1048576 Hidden sectors: 0 DeviceID: Disk #1, Partition #1 PartitionType: Installable File System Bootable: False BootPartition: False PrimaryPartition: True Size: 223.00GB Starting Offset: 105906176 Hidden sectors: 0 < %SYSTEMDRIVE%\*.* > [2013/03/04 09:26:56 | 000,000,080 | ---- | M] () -- C:\FilterLog.log [2013/03/04 09:33:07 | 2104,508,415 | -HS- | M] () -- C:\hiberfil.sys [2013/03/04 09:33:08 | 4237,668,351 | -HS- | M] () -- C:\pagefile.sys [2013/01/22 14:41:24 | 000,000,448 | ---- | M] () -- C:\user.js < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\system32\*.exe /lockedfiles > < %systemroot%\System32\config\*.sav > < %PROGRAMFILES%\* > [2009/07/14 04:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini < %USERPROFILE%\..|smtmp;true;true;true /FP > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU > < hklm\software\clients\startmenuinternet|command /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013/02/20 10:26:47 | 000,865,704 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013/02/20 10:26:47 | 000,865,704 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013/02/20 10:26:47 | 000,865,704 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2013/02/20 10:26:47 | 000,917,400 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2013/02/20 10:26:47 | 000,917,400 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2013/02/20 10:26:47 | 000,917,400 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/10/01 16:49:05 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/10/01 16:49:05 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/10/01 16:49:05 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2013/01/08 22:42:06 | 000,757,280 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013/01/08 22:42:06 | 000,757,280 | ---- | M] (Microsoft Corporation) < hklm\software\clients\startmenuinternet|command /64 /rs > 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2013/02/20 10:26:47 | 000,865,704 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2013/02/20 10:26:47 | 000,865,704 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2013/02/20 10:26:47 | 000,865,704 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2013/02/20 10:26:47 | 000,917,400 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2013/02/20 10:26:47 | 000,917,400 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2013/02/20 10:26:47 | 000,917,400 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012/10/01 16:49:05 | 000,089,088 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012/10/01 16:49:05 | 000,089,088 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012/10/01 16:49:05 | 000,089,088 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2013/01/08 22:42:06 | 000,757,280 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2013/01/08 22:42:06 | 000,757,280 | ---- | M] (Microsoft Corporation) < End of report > Quote AMD FX 6100 @ 3.9Ghz / Asus M5A99X EVO 990X / G-Skill 8GB DDR3 1600Mhz RipjawsX / Zotac GeForce GTX 660 Ti / Corsair TX 750W V2 PSU / Antec Kuhler 620 / Win7 64 / NZXT Tempest 410 Elite / NZXT 6 channel fan controller / Kingston 240GB HyperX 3K SSD / 1TB HDD Intel Pentium G2020 2.90GHz / Gigabyte GA-Z77N-WIFI / Kingston 4GB DDR3 1600MHz HyperX Genesis / Corsair 430W CXM / Fractal Design Node 304 Mini ITX Case / 2TB WD Greenhttp://steamsignature.com/status/default/76561197986113115.png
Vr5fx Posted March 4, 2013 Author Posted March 4, 2013 OTL Extras logfile created on: 04/03/2013 11:50:11 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cougar\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 7.95 Gb Total Physical Memory | 6.09 Gb Available Physical Memory | 76.59% Memory free 15.89 Gb Paging File | 13.80 Gb Available in Paging File | 86.83% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 223.47 Gb Total Space | 151.64 Gb Free Space | 67.86% Space Free | Partition Type: NTFS Drive D: | 100.00 Mb Total Space | 70.34 Mb Free Space | 70.35% Space Free | Partition Type: NTFS Drive E: | 931.41 Gb Total Space | 584.04 Gb Free Space | 62.70% Space Free | Partition Type: NTFS Computer Name: COUGAR-PC | User Name: Cougar | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{053369AF-D7F8-4915-89FB-92C7304E5F80}" = lport=445 | protocol=6 | dir=in | app=system | "{1A42F068-5879-4142-A891-1D4991AA85E3}" = rport=139 | protocol=6 | dir=out | app=system | "{1C988085-55C5-47EB-B927-70D3E54E76E4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1F423DCD-BE44-4565-AA9F-721B63AD2238}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3BCDD3AA-9B1E-415F-9C0F-E69079C33344}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot | "{426762B1-C790-404C-81EC-55084501AE59}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot | "{60DE4680-CF9F-4F44-B62B-F008B986ECDB}" = rport=445 | protocol=6 | dir=out | app=system | "{761F7E21-FE16-4536-BECC-EA5714AE48B7}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot | "{86075140-D122-49FC-9B2F-7D295F769EA4}" = rport=10243 | protocol=6 | dir=out | app=system | "{8D44B139-1DD7-4721-A7AB-0FD2A22B9524}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{912403E2-2726-4DE7-909B-05F72E874445}" = lport=137 | protocol=17 | dir=in | app=system | "{93ECCEBF-D5B8-43A8-A076-0D52DC45D026}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{95741839-CC14-4827-8924-CD16E201F1CB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{97A67DF6-2CED-4FD9-93EB-5C5930EE2E5C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{995A09B0-25A8-42ED-A852-04317C16F9E8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9E729ADA-4597-402D-9BC1-6A373D11C542}" = rport=137 | protocol=17 | dir=out | app=system | "{A3DB8073-ECA8-4016-B51C-523A898AF534}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{AC26D994-3F45-4665-B173-FFF41DF05B91}" = lport=139 | protocol=6 | dir=in | app=system | "{AFA69128-A10F-4F58-9820-5687D9A4A2B7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{B331668D-5B0C-4EF4-92C9-BB51C81B666F}" = lport=10243 | protocol=6 | dir=in | app=system | "{C76CAC3D-A128-4A04-86B9-3F1934583BBF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CE17ADCF-5C0B-4BE6-81EA-6E9454BCEC46}" = rport=138 | protocol=17 | dir=out | app=system | "{DAB39A9A-6843-4A5D-B1E1-741FC691D397}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{DC4922FC-2097-4AB6-A7F0-A3679C5D197B}" = lport=2869 | protocol=6 | dir=in | app=system | "{F15A47BE-CE85-4886-9E50-18055CEC3C72}" = lport=138 | protocol=17 | dir=in | app=system | "{FD5135BE-A819-4DD6-A3D3-BA34209B7F05}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02A167C6-4B71-4163-A3AD-763FD61BC662}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe | "{02CD43D9-8356-4627-9D63-DE8BE499D787}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\cougar_vr5fx\team fortress 2\hl2.exe | "{058F0646-86F6-4835-B1B4-2D6E3E3873CD}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | "{070D629F-2F9C-4035-ADA4-E5F556A1AB11}" = protocol=6 | dir=in | app=e:\games\steam\steam.exe | "{07463B40-3E6A-4731-BE37-0A155951ED5F}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bioshock\builds\release\bioshock.exe | "{079A393E-041D-430A-A6A3-DA41794DBF0F}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\testdrive2.exe | "{08B70ABB-8FD0-4BF5-8A64-DDCFD27C8D04}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | "{0CD03AA9-FD16-4F29-9E9C-A538FD5BFAC8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{0DDEB3E7-5F1E-447D-99E4-45400797F152}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\dirt 2\dirt2.exe | "{10A43C86-9300-40B2-BCC6-9CBDA64C9F75}" = protocol=17 | dir=in | app=c:\windows\system32\lxdocfg.exe | "{13D9B322-D638-4E1F-9237-626CB55C9C24}" = protocol=17 | dir=in | app=c:\users\cougar\appdata\local\play withsix\tools\mingw\bin\rsync.exe | "{149E603F-DA95-4E41-B4AA-76B69F375ABF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{15491708-117C-4454-8B81-C33718718D88}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{18E4F8FC-277B-4167-9DF2-78D5FC3B5A15}" = protocol=6 | dir=out | app=system | "{1912D37F-19B2-46BF-8B43-9BC66803F201}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe | "{1B1AF5AE-DC8B-4F69-B9B3-ED86402755CE}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\painkiller overdose\bin\overdose.exe | "{1B69BE7E-A503-49D5-9418-CC481E0D918D}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\crysis\bin32\crysis.exe | "{1F1701B1-CA2C-41F2-84E2-FC6E12868FC8}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdocoms.exe | "{1F4508CE-41B7-4176-9C85-FC7F3FC76A24}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\painkiller black edition\bin\painkiller.exe | "{1F5F6D51-ED16-4729-82D3-E82653157CB6}" = protocol=6 | dir=in | app=c:\users\cougar\appdata\local\play withsix\tools\mingw\bin\rsync.exe | "{1FB50848-775D-4BBD-900C-7B2CBFB893E4}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{206CDF81-5994-4C4C-9B23-4349942501EF}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\cogs\cogs.exe | "{20DDCAAD-0200-432E-8FFE-568A9C72E379}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\painkiller black edition\bin\painkiller.exe | "{211EFAB6-0D8C-4315-9E6D-C98A61B34F9E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{234E67C7-46E2-44DB-B00A-663FC4B9282F}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\flatout2\flatout2.exe | "{241A118B-0DDF-48D7-B9CC-7BCDD42E9B6F}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\flatout2\flatout2.exe | "{2532DF1E-405C-4FED-9A62-2C4BD8B82DC5}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\crysis wars\bin32\crysis.exe | "{2539F070-59BE-48D2-B892-2A6BFD837906}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | "{2620E9C9-DB28-4484-990C-A62F570FD5EC}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe | "{2842B464-D461-4B25-AA0E-F7D8466F29C3}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\painkiller recurring evil\bin\recurringevil.exe | "{2AE134B5-4ED7-4C7D-9D15-98B456D92AAA}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\puzzle quest\puzzle quest.exe | "{2CDD7192-082E-4808-96FC-BF72F3085FB9}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{2E4823BE-D344-4E30-AB89-773E3BAE999E}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe | "{2E53BB64-F7AB-4613-B1F5-D2AFE3C22697}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdotime.exe | "{30D0E85E-581C-479D-BD79-2A3611984887}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{32854B83-4F1F-44F9-A0F8-3DE27E20B70E}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\r.u.s.e\ruse.exe | "{3545ACAE-247B-4910-B0BA-2C3E23A90163}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 9500 series\frun.exe | "{3550041F-D5CD-4CB4-A655-B4F283E18220}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{371E8B8A-F4C6-4141-8A9C-7D1FFD1B4032}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe | "{38691016-3D14-4482-981A-B120683836BD}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | "{38905D8F-7ABA-4C1B-B822-5C58E6097FFD}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe | "{39061A1B-31EC-47B5-9E0B-5B4B3E841804}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\the last remnant\binaries\tlr.exe | "{3FDB8331-56D7-4798-86BE-5F3CED61C4D1}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe | "{414D1D81-DDD9-4A52-AC9E-DCAF2744433F}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\audiosurf\engine\questviewer.exe | "{4215D9B5-8160-428E-AB83-8C4FADFA84CE}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{430C041C-2588-471F-B2D3-DC6F1161A628}" = protocol=6 | dir=in | app=c:\windows\system32\lxdocfg.exe | "{430FB724-9735-4189-B1E4-22166003415E}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdocoms.exe | "{441FFACC-892A-41F4-8924-7B3CE79DB2A4}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\crysis warhead\bin32\crysis.exe | "{445DC2BF-8C3A-4CB2-AF21-27E666B964D8}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe | "{459ABDDF-636A-4E95-AC0B-0B735F5B4060}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | "{46AC7016-5E11-4A6E-9A67-D94C6B52D8C7}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2\arma2.exe | "{48A9AC3C-7D06-4046-9ACD-16F3A4917A4B}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\crysis wars\bin32\crysis.exe | "{49D3976C-4CC8-4212-BDB9-277B77F9F7DF}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 9500 series\frun.exe | "{4C0E7163-68E2-46DE-A9B7-4003A82235C0}" = protocol=17 | dir=in | app=c:\windows\system32\lxdocoms.exe | "{4D5B9926-9644-4308-AE46-795417526CBA}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\audiosurf\engine\questviewer.exe | "{4D5E7A2F-2A1F-4B20-AF91-F90846B0D76A}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rage\rage.exe | "{4DE4B40C-BA7F-4CE1-A5D2-1CB2939EB462}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | "{4F069865-07B2-4151-A1B9-578B95C2FDD5}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe | "{4FB03351-2449-4663-A606-30C315426C24}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | "{4FE6EADD-2A93-4D26-A201-3C307F867D18}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arx fatalis\arx.exe | "{515C9859-B2AB-47E8-9E5D-CDC59013F635}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\torchlight ii\torchlight2.exe | "{51846898-0509-477C-9CC5-B0FE0D75F3A2}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe | "{51DC525C-3CD7-44C8-9561-90F6A300AF61}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\testdrive2.exe | "{522F548B-D71F-4C3D-B298-E3DF4393DCDB}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\torchlight ii\torchlight2.exe | "{5245E32A-5272-4B1F-8EA6-F2F355B64474}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | "{550BBA96-DFCB-40E5-B460-12697F7AF2FC}" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | "{55F9A082-3F91-476F-AD4B-C5CBCC03DAC2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{58570DA1-57BD-46FD-95C4-7DA14C324D8C}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{586A9B42-E358-4729-964D-BCDFE58AC508}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm | "{59E1BEBA-1DED-4D66-BA47-7EB9E44E35FA}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bullet candy\bullet candy.exe | "{5ADFF0D2-9B21-44F6-B02C-35FA56626172}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2\arma2.exe | "{5CB26941-1D6F-4B06-A516-01BE4DAEF27F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | "{5EB14B47-6DF4-4B87-A59D-49F72D1550EE}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\painkiller recurring evil\bin\recurringevil.exe | "{60317BC4-9932-4ECE-85E7-80F7E9B63C12}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\batman arkham city goty\runlauncher.bat | "{6117F30F-59AB-4718-9CCB-5112629A40C3}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe | "{6314E163-C3D8-4BC9-B897-4333831AE3D6}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe | "{63A3427F-5738-46F3-9873-A7FAE40431E1}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe | "{6559BDFD-1532-4789-BB91-47E425F9ED3A}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\lumines\lumines.exe | "{656A4687-FB16-4589-A5A0-AA4400925AB3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{6952EAAE-9652-44E9-8A1A-D9EB6DC8CF0E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{6C63E84A-4C5B-4C2F-9360-AA7316143653}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{6E459A14-7C9A-41D4-B92E-0C8F31C4F742}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe | "{704D4180-B120-4AFE-9074-9CE739CCF075}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{736DE0FB-7EB2-4952-8546-AEBA024676EF}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 3\bin\farcry3.exe | "{7458535B-EFD4-433C-886A-F1E1D35B5AC6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{74960711-67FA-42B9-AC97-9CAE1DC5E9FF}" = protocol=6 | dir=in | app=c:\program files (x86)\edimax\11n usb wireless lan utility\rtwlan.exe | "{78DB537C-055F-4A2F-B80E-38450C5DB2AA}" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | "{792586CC-7698-4DB8-890A-27E48206480F}" = protocol=17 | dir=in | app=c:\program files (x86)\edimax\11n usb wireless lan utility\rtwlan.exe | "{797BDD8B-0D79-42E4-9590-75FB485ADFBB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | "{7A374BA9-30AF-443C-8B08-E83DBCD47A68}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\borderlands\binaries\borderlands.exe | "{7C480639-D327-4E6A-9CB4-B6652C2FBCF5}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | "{7C56ED45-36B6-4A44-9407-7D8F404BDCD3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{7C82AD33-2EC6-4809-BC55-648BE6FF11AA}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | "{7DFF4CDF-5429-4BB5-863A-6A1F398F37C8}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe | "{7F3930FA-2465-42F9-BF5F-539F60D7475D}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | "{80105A9C-6E87-4B70-B211-8B62089E8448}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\prey\prey.exe | "{80632835-556D-4CBF-B4B0-A8469EDEAEC4}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bioshock\builds\release\bioshock.exe | "{855D6E89-6803-4666-80AE-EF212213E725}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2editor.exe | "{863CC723-69DF-468A-9BA1-42AF7FA714B6}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | "{86C24DB8-EF7B-4795-A745-942F49EB28BE}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\cougar_vr5fx\team fortress 2\hl2.exe | "{87414D64-0A60-4283-9EE4-EC50DDFA4B7E}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe | "{87679C68-7E45-49A6-A030-7FF62F634304}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\dead island\deadislandgame.exe | "{886C88FF-B3BF-43CA-BB0F-95B103479621}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\crysis\bin32\crysis.exe | "{8A0DEBB9-2BD5-48A9-B0D3-E84844BD8430}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe | "{8B28BC26-9306-4487-90E8-13329C857677}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 3\bin\farcry3.exe | "{8C5C4A1A-1BD2-4031-9016-B12BB6C7EFE2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{8EF85EC2-BE95-4E05-BAED-103BD5DD7CC0}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\prey\prey.exe | "{8F30E729-BDAD-4EE7-8536-0748484F6D1D}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{90A0DEFE-C084-41EE-BF90-10D7CB241BD0}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe | "{91DC65D3-570E-4144-A0A3-90BD9A84F984}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | "{92CD40AF-E12C-4867-B5BC-BFAA6083E36F}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 9500 series\lxdomon.exe | "{939DF903-14B6-45BC-9904-ABE17087AEC1}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe | "{9407F174-C581-41C2-B93D-1A50D91BB635}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{974504A3-782E-45E6-A7A8-8AD9EBD56EAE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{99A61A95-35E4-4B29-95B0-D65C7A9D8344}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\painkiller redemption\bin\redemptioneditor.exe | "{9A8242F8-9A97-46BD-AC09-F876A1775782}" = protocol=6 | dir=in | app=c:\windows\system32\lxdocoms.exe | "{9C3B23DF-94BA-47DE-B5C7-8DDBEA64F07A}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdopswx.exe | "{9D60D28C-BB7A-48ED-BCD4-AF4E2DD14E06}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\r.u.s.e\ruse.exe | "{9F660E17-E30E-4CA0-A77E-6F538C5A4B1A}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rage\rage64.exe | "{A060C3AD-A9FE-42E8-8439-E65AF0A8423E}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | "{A0DF1CAE-B4DE-41D9-94A2-2BE17AB6791C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A119B41F-258B-4C47-8C6B-B1CAE2E76A76}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\painkiller recurring evil\bin\recurringevileditor.exe | "{A2803CF7-DC3D-4791-8D72-56A687257D66}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\poker night at the inventory\celebritypoker.exe | "{A29E884F-C14C-42EE-B84A-707971655255}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\puzzle quest\puzzle quest.exe | "{A4C42798-DEF6-422B-BDEE-C134B38D4DAC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{A62B7C04-7D38-4DD2-BC0B-A026175A1A37}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\dirt 2\dirt2.exe | "{A6CB59AD-3168-4FED-B867-6F638C469AEA}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe | "{A7033A50-9D8D-46F1-B059-B9958337FEAE}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe | "{A720C069-1063-4786-A44B-13EE949C2E96}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{A77A0A6A-0FD2-40E1-B3DC-13A92D704D25}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A7D561F0-46B0-4405-BB4A-86C5A8157FDF}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\uplauncher.exe | "{A81BAC4F-C5B7-43FC-9DCF-2748678D081F}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bullet candy\bullet candy.exe | "{A8A047BF-24FB-464C-BD55-103C964CC064}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AA04DE68-0857-49C5-A928-9307DFF85526}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | "{AC62C632-95F1-43D0-A40E-428C171A0CB3}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\cogs\cogs.exe | "{ADB330D1-BA6C-41F6-B8DA-5782E7E62DF2}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\brink\brink.exe | "{AEB2D593-93D5-4CE7-B3DF-77FE05C3ED88}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\poker night at the inventory\celebritypoker.exe | "{B10C00C0-DFE4-496E-83A7-448F2D74EE73}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{B11FACFC-2794-4167-A043-778749701227}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B457DAD7-BE7B-4D25-93C0-DD53809C00C9}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\painkiller resurrection\bin\resurrection.exe | "{B57E091E-B68B-4883-8A82-B82CED806D9F}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rage\rage64.exe | "{B5F0E42C-E6FA-487D-A9BA-45929BD6D904}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{B663C815-8399-41CD-91A0-5D0C6CE27D51}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\painkiller redemption\bin\redemption.exe | "{B69C78DC-C292-469C-B0F8-02512BA9F272}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{B7181E09-37F3-42AE-8EF0-4DD7CEBA9E2D}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe | "{B83AFBE8-A513-42D5-95AB-5CF2868888D4}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2editor.exe | "{B849D1E8-00DB-4EAE-A5EC-F99668298AAB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{B8828E90-B280-48D3-B23D-4639D27B7B47}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | "{B9A31AFD-0412-4230-A4E2-7F92EE97227F}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe | "{BA3CB463-D8CD-4702-AAF0-DD52B95B2F42}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\the last remnant\binaries\tlr.exe | "{BBE4CD09-70B3-4F13-9844-E151B32251CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{BC2F1D8B-1CB3-4A48-80BA-346B68F29551}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{BC6466E2-7160-466A-8A92-916EEB78245C}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\uplauncher.exe | "{BC868CF9-1B71-4E00-931E-CDA267D6FC8A}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\frozen synapse\frozensynapse.exe | "{BE5255A3-32C7-4E82-B556-8B5A02431ABE}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | "{C335A978-70DC-46BD-AD30-8E8B9BB245A4}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rage\rage.exe | "{C36917D1-1EBE-4F61-999C-E72A1BA0529B}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arx fatalis\arx.exe | "{C4429100-91DE-4C69-86BE-67F50A47080B}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe | "{C4DAE9D9-ED5B-468D-AF9E-FF64A7F75003}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{C8BAFB68-CC3A-4E2B-BAD9-FD4D17A46BEB}" = protocol=17 | dir=in | app=e:\games\steam\steam.exe | "{C8D0E1B5-FE0C-4C3D-9AA1-84A23AE7B60E}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{C9A4E81A-2799-4442-B134-9EEB05C0CFCC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | "{C9C58FFA-0AA0-42BB-B912-050FB713D37B}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe | "{CA248E10-5C62-47C6-A032-819547282255}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe | "{CC15F263-2F7F-454A-83E3-F0000CE0ED3A}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdopswx.exe | "{CC38D476-F9A0-4E06-B236-42DF58261610}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 9500 series\lxdoamon.exe | "{CCCC1AAC-925A-41BF-8B7D-903AAAD85E34}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\hunted\binaries\win32\hunted.exe | "{CD1EC2BB-4DA3-4FA7-9516-B77E0C964CF0}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\painkiller recurring evil\bin\recurringevileditor.exe | "{CF9F86E2-961D-4084-B160-41A95AB24206}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\batman arkham city goty\runlauncher.bat | "{D02B4350-EAFF-4C08-B62D-36C1829EED85}" = protocol=6 | dir=in | app=c:\users\cougar\documents\arma 2\expansion\beta\arma2oa.exe | "{D1223027-0FE7-4F6D-B1E9-AF16922A4074}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{D1801F6F-4012-4959-AC78-CD5BC7BEB519}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{D583F109-6FA3-4537-8AD7-D420E379A227}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{DE478079-EA32-4259-89F0-ABB444E21B7B}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | "{E23ED267-135D-4837-A8D5-2285CD015DA5}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\painkiller redemption\bin\redemption.exe | "{E24ED257-A251-425A-BBCE-D0B8BA815825}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe | "{E3A4B4E2-97B6-4770-B927-2297D08E841B}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\painkiller overdose\bin\overdose.exe | "{E3DC5156-0D34-40FC-AAE7-7442AF80E4BB}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 9500 series\lxdoamon.exe | "{E46E3BE2-628E-4196-A99A-DD732840AA01}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdotime.exe | "{E560FECF-9BD1-4058-8B6E-BDCA205F27A7}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{E57E20EA-B7E0-4CA5-8C00-1F479E4774FD}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\brink\brink.exe | "{E6210C82-F9AB-4650-8617-761F35CCC9EB}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\crysis warhead\bin32\crysis.exe | "{E640C730-2E12-4E45-A812-619CD77C48CE}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\dead island\deadislandgame.exe | "{EB8D933E-C792-42B8-A365-B1F4A968167F}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 9500 series\lxdomon.exe | "{EBDA640A-E48C-45D1-A73E-BAB165058CDC}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe | "{EC550F1A-2B0C-44DE-89DF-C8A7EFFF07AC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | "{ECF21641-F984-4C32-ABFF-F8878B6CDD47}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe | "{ED1DA0D9-7A07-43C3-A0B2-D76F01036A22}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\hunted\binaries\win32\hunted.exe | "{EE093B9D-AC7F-47C8-9D7C-EFD036CD3208}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\farcry2.exe | "{EEE76FE4-AFD5-40B5-AEE2-29F8E6BB13D3}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe | "{F0A50750-3E0F-4092-865C-5EEE26C9E067}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe | "{F0DCC368-4D30-44C9-87D5-431F9BD30509}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\borderlands\binaries\borderlands.exe | "{F2AEC5DA-DB00-4162-A8D9-BBBBA9792965}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\painkiller redemption\bin\redemptioneditor.exe | "{F2C4D66F-A824-4B01-A65F-2B8BE2CE9047}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe | "{F3A47C0D-B4D8-4341-B7C4-C1D39856EECC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F5F2A099-B26F-4FDB-8ED7-71D8E60F1177}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\lumines\lumines.exe | "{F6C88937-1803-4C9D-8757-B0CCB4E69917}" = protocol=17 | dir=in | app=c:\users\cougar\documents\arma 2\expansion\beta\arma2oa.exe | "{FACC250E-5AC9-4338-99B9-177DADCD8CF5}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm | "{FAD50184-56CE-4B0E-BFCE-62EF0969E68F}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\painkiller resurrection\bin\resurrection.exe | "{FF5F48D0-D4EB-4D1C-B9EE-CF59592006AF}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\farcry2.exe | "{FF64ACF8-BDB7-4A32-9AAF-37C1C7C5ACF2}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\frozen synapse\frozensynapse.exe | "TCP Query User{0DA63859-5EC9-40EC-8F9C-8F160D69B4BA}E:\games\steam\steamapps\common\torchlight ii\torchlight2.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\torchlight ii\torchlight2.exe | "TCP Query User{1AA3B8D2-579B-4B1D-9301-1B37014A7946}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | "TCP Query User{1F3C3B69-F26D-4DAF-A661-08AED1913244}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "TCP Query User{2EA4B464-9D6A-4B02-8BB7-610D216AA678}C:\users\cougar\appdata\local\play withsix\tools\mingw\bin\rsync.exe" = protocol=6 | dir=in | app=c:\users\cougar\appdata\local\play withsix\tools\mingw\bin\rsync.exe | "TCP Query User{2F06FCB4-696B-4DA7-A856-4EAB79591DBD}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | "TCP Query User{384D0EDB-F7AA-4970-9E26-13E1A95F2DE9}E:\games\steam\steamapps\cougar_vr5fx\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\cougar_vr5fx\team fortress 2\hl2.exe | "TCP Query User{3A63E268-2759-4971-9670-AC301171176A}E:\games\steam\steamapps\common\test drive unlimited 2\testdrive2.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\testdrive2.exe | "TCP Query User{44524EB9-2E1B-44BF-8E6D-C2EC8DAE0528}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | "TCP Query User{4BA74F7B-C23D-4E8D-9117-6F5728F91391}E:\games\steam\steam.exe" = protocol=6 | dir=in | app=e:\games\steam\steam.exe | "TCP Query User{5FA76B4B-ACDE-46C6-8FB4-6859F01A4BF3}C:\program files (x86)\lexmark 9500 series\lxdomon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 9500 series\lxdomon.exe | "TCP Query User{63FEEE8C-8F02-4A2B-819B-469D5C008468}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | "TCP Query User{651CD768-A669-4D76-A26C-5F3FEBBA13B8}E:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe | "TCP Query User{73F27C17-5F72-4D81-A9D4-BCA5C512B6E7}E:\games\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe | "TCP Query User{878D8325-707B-48B2-9970-A94FFE494017}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | "TCP Query User{8D2F5F5E-CF5B-447A-9E12-5A57525241E7}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | "TCP Query User{9E37D556-6D22-4060-A2B8-3DE2D2BFBABC}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{BACC586B-22A9-4D75-A87A-DAA9EEECB6A7}C:\users\cougar\documents\arma 2\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=c:\users\cougar\documents\arma 2\expansion\beta\arma2oa.exe | "TCP Query User{DA56CF17-D161-48D5-B5E3-73669E05C575}E:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe | "UDP Query User{02FC519D-F03A-4611-92DD-8D222D7CC34E}E:\games\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe | "UDP Query User{095F7A3A-4D4B-49F3-8A37-926979F2EE3A}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | "UDP Query User{12696A9A-3F36-4E40-9F42-7687D6D410D0}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | "UDP Query User{207CEDD4-C87F-41BA-948E-D1FFDCEB9998}C:\users\cougar\appdata\local\play withsix\tools\mingw\bin\rsync.exe" = protocol=17 | dir=in | app=c:\users\cougar\appdata\local\play withsix\tools\mingw\bin\rsync.exe | "UDP Query User{2781CBBF-B617-4536-8320-25E2A14BD13F}E:\games\steam\steam.exe" = protocol=17 | dir=in | app=e:\games\steam\steam.exe | "UDP Query User{35345DD6-2638-4DB6-A61E-121DC4A00B0F}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | "UDP Query User{42F37FB4-1506-4AC4-87B3-F9AE0250FD4B}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "UDP Query User{53062B03-F370-4F3F-98E7-01FA868F4623}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "UDP Query User{60D9CFB5-3972-405F-9369-A8048F5469E0}C:\users\cougar\documents\arma 2\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=c:\users\cougar\documents\arma 2\expansion\beta\arma2oa.exe | "UDP Query User{6A0EBECD-9C35-4F2F-8398-CA642440329C}C:\program files (x86)\lexmark 9500 series\lxdomon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 9500 series\lxdomon.exe | "UDP Query User{93653CC5-2D9F-458C-83F8-996526D7D0C7}E:\games\steam\steamapps\common\test drive unlimited 2\testdrive2.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\testdrive2.exe | "UDP Query User{A5A94001-6770-4977-B5FE-CC3878A3C741}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | "UDP Query User{B0C0C689-81EA-442D-B77C-6DE110CDC65F}E:\games\steam\steamapps\common\torchlight ii\torchlight2.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\torchlight ii\torchlight2.exe | "UDP Query User{B81DA068-BF8A-418E-8529-47F52F9064AC}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | "UDP Query User{CB4DD550-0D16-4D87-AC7C-5662E643731C}E:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe | "UDP Query User{D7345C6B-F5F1-4B6D-986F-731482CF50B6}E:\games\steam\steamapps\cougar_vr5fx\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\cougar_vr5fx\team fortress 2\hl2.exe | "UDP Query User{F25B15F3-2C1E-455E-A269-771C9B54C9B2}E:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe | "UDP Query User{F6D440BF-2496-4F99-A690-9F8C500E6C51}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit) "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A39D1D51-E8DE-4B07-016D-73C232E1E1D8}" = ATI Catalyst Install Manager "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 314.07 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 314.07 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 314.07 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 314.07 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.23.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant "{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2 "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "0F7DD176693D493C7502506ABE5F948A4C14EA2E" = Windows Driver Package - SteelSeries (HidUsb) HIDClass (06/09/2010 1.0.2.0) "CPUID CPU-Z_is1" = CPUID CPU-Z 1.63.0 "Lexmark 9500 Series" = Lexmark 9500 Series "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Speccy" = Speccy "WinRAR archiver" = WinRAR 4.11 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack "{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2 "{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE "{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility "{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver "{42DCB650-F003-4535-A5CD-32AD815CD2DD}" = Play withSIX "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1 "{5454085C-129F-416C-9C0B-8B1000058301}" = BioShock 2 "{5ED2987A-56AF-4240-A854-3EF153B27145}" = WmpSkype "{62FE0726-9652-4CD2-9F09-C769D8699C21}" = TP-LINK TL-WN821N_WN822N Driver "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72CD4C5F-AB0B-4814-8780-9A4F26A2086B}" = Presto! PageManager 7.12.20 "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted "{AA909E80-DC40-4AF0-A693-376F9F1C8582}" = World of Warcraft® MMO Gaming Mouse: Legendary Edition "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{B79920F8-AB6E-45B2-B257-900BBA969FF7}" = Presto! Forms 3.60.10 "{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver "{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Any Video Converter_is1" = Any Video Converter 3.5.7 "avast" = avast! Free Antivirus "BattlEye for A2" = BattlEye Uninstall "BattlEye for OA" = BattlEye for OA Uninstall "DAEMON Tools Lite" = DAEMON Tools Lite "Fraps" = Fraps "Guild Wars" = Guild Wars "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100 "MapleStory" = MapleStory "Mozilla Firefox 19.0 (x86 en-US)" = Mozilla Firefox 19.0 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "PunkBusterSvc" = PunkBuster Services "Steam App 108800" = Crysis 2 Maximum Edition "Steam App 11900" = Lumines "Steam App 12500" = Puzzle Quest "Steam App 12840" = DiRT 2 "Steam App 12900" = Audiosurf "Steam App 1700" = Arx Fatalis "Steam App 17300" = Crysis "Steam App 17330" = Crysis Warhead "Steam App 17340" = Crysis Wars "Steam App 19900" = Far Cry 2 "Steam App 200260" = Batman: Arkham City GOTY "Steam App 200710" = Torchlight II "Steam App 205100" = Dishonored "Steam App 206760" = Painkiller: Recurring Evil "Steam App 219540" = ARMA 2: Operation Arrowhead Beta "Steam App 21970" = R.U.S.E "Steam App 220" = Half-Life 2 "Steam App 220240" = Far Cry® 3 "Steam App 22350" = BRINK "Steam App 22380" = Fallout: New Vegas "Steam App 22450" = Hunted: The Demon's Forge "Steam App 23310" = The Last Remnant "Steam App 24780" = SimCity 4 Deluxe "Steam App 26500" = Cogs "Steam App 2990" = FlatOut 2 "Steam App 31280" = Poker Night at the Inventory "Steam App 3270" = Painkiller Overdose "Steam App 33910" = ARMA 2 "Steam App 33930" = ARMA 2: Operation Arrowhead "Steam App 35140" = Batman: Arkham Asylum GOTY Edition "Steam App 39530" = Painkiller: Black Edition "Steam App 39560" = Painkiller: Resurrection "Steam App 3970" = Prey "Steam App 400" = Portal "Steam App 4000" = Garry's Mod "Steam App 440" = Team Fortress 2 "Steam App 49520" = Borderlands 2 "Steam App 550" = Left 4 Dead 2 "Steam App 65560" = Painkiller: Redemption "Steam App 6600" = Bullet Candy "Steam App 72850" = The Elder Scrolls V: Skyrim "Steam App 7670" = BioShock "Steam App 8850" = BioShock 2 "Steam App 8980" = Borderlands "Steam App 91310" = Dead Island "Steam App 9200" = RAGE "Steam App 98200" = Frozen Synapse "Steam App 9930" = Test Drive Unlimited 2 "Total Annihilation" = Total Annihilation "Uplay" = Uplay "VLC media player" = VLC media player 1.1.11 "WinLiveSuite" = Windows Live Essentials ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 28/02/2013 18:42:54 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = Error - 01/03/2013 05:45:44 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = Error - 02/03/2013 05:29:43 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = Error - 02/03/2013 17:04:55 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = Error - 03/03/2013 06:34:05 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = Error - 03/03/2013 08:52:50 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = Error - 03/03/2013 09:16:13 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = Error - 04/03/2013 05:05:14 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = Error - 04/03/2013 05:26:57 | Computer Name = Cougar-PC | Source = Application Error | ID = 1000 Description = Faulting application name: MsiExec.exe, version: 5.0.7601.17514, time stamp: 0x4ce792c4 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x01f1b5ed Faulting process id: 0x12d8 Faulting application start time: 0x01ce18ba686e1f94 Faulting application path: C:\Windows\syswow64\MsiExec.exe Faulting module path: unknown Report Id: a87aa34b-84ad-11e2-9b2d-c86000dd7b2e Error - 04/03/2013 05:35:01 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 12/01/2013 06:14:00 | Computer Name = Cougar-PC | Source = Disk | ID = 262151 Description = The device, \Device\Harddisk3\DR3, has a bad block. Error - 12/01/2013 06:14:00 | Computer Name = Cougar-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620 Description = Encrypted volume check: Volume information on I: cannot be read. Error - 12/01/2013 06:15:19 | Computer Name = Cougar-PC | Source = Disk | ID = 262151 Description = The device, \Device\Harddisk3\DR4, has a bad block. Error - 12/01/2013 06:15:19 | Computer Name = Cougar-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620 Description = Encrypted volume check: Volume information on I: cannot be read. Error - 12/01/2013 14:01:14 | Computer Name = Cougar-PC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the lxdoCATSCustConnectService service to connect. Error - 12/01/2013 14:01:14 | Computer Name = Cougar-PC | Source = Service Control Manager | ID = 7000 Description = The lxdoCATSCustConnectService service failed to start due to the following error: %%1053 Error - 12/01/2013 20:57:05 | Computer Name = Cougar-PC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the lxdoCATSCustConnectService service to connect. Error - 12/01/2013 20:57:05 | Computer Name = Cougar-PC | Source = Service Control Manager | ID = 7000 Description = The lxdoCATSCustConnectService service failed to start due to the following error: %%1053 Error - 13/01/2013 05:23:43 | Computer Name = Cougar-PC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the lxdoCATSCustConnectService service to connect. Error - 13/01/2013 05:23:43 | Computer Name = Cougar-PC | Source = Service Control Manager | ID = 7000 Description = The lxdoCATSCustConnectService service failed to start due to the following error: %%1053 < End of report > Quote AMD FX 6100 @ 3.9Ghz / Asus M5A99X EVO 990X / G-Skill 8GB DDR3 1600Mhz RipjawsX / Zotac GeForce GTX 660 Ti / Corsair TX 750W V2 PSU / Antec Kuhler 620 / Win7 64 / NZXT Tempest 410 Elite / NZXT 6 channel fan controller / Kingston 240GB HyperX 3K SSD / 1TB HDD Intel Pentium G2020 2.90GHz / Gigabyte GA-Z77N-WIFI / Kingston 4GB DDR3 1600MHz HyperX Genesis / Corsair 430W CXM / Fractal Design Node 304 Mini ITX Case / 2TB WD Greenhttp://steamsignature.com/status/default/76561197986113115.png
Vr5fx Posted March 4, 2013 Author Posted March 4, 2013 OTL Extras logfile created on: 04/03/2013 11:50:11 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cougar\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 7.95 Gb Total Physical Memory | 6.09 Gb Available Physical Memory | 76.59% Memory free 15.89 Gb Paging File | 13.80 Gb Available in Paging File | 86.83% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 223.47 Gb Total Space | 151.64 Gb Free Space | 67.86% Space Free | Partition Type: NTFS Drive D: | 100.00 Mb Total Space | 70.34 Mb Free Space | 70.35% Space Free | Partition Type: NTFS Drive E: | 931.41 Gb Total Space | 584.04 Gb Free Space | 62.70% Space Free | Partition Type: NTFS Computer Name: COUGAR-PC | User Name: Cougar | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{053369AF-D7F8-4915-89FB-92C7304E5F80}" = lport=445 | protocol=6 | dir=in | app=system | "{1A42F068-5879-4142-A891-1D4991AA85E3}" = rport=139 | protocol=6 | dir=out | app=system | "{1C988085-55C5-47EB-B927-70D3E54E76E4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1F423DCD-BE44-4565-AA9F-721B63AD2238}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3BCDD3AA-9B1E-415F-9C0F-E69079C33344}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot | "{426762B1-C790-404C-81EC-55084501AE59}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot | "{60DE4680-CF9F-4F44-B62B-F008B986ECDB}" = rport=445 | protocol=6 | dir=out | app=system | "{761F7E21-FE16-4536-BECC-EA5714AE48B7}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot | "{86075140-D122-49FC-9B2F-7D295F769EA4}" = rport=10243 | protocol=6 | dir=out | app=system | "{8D44B139-1DD7-4721-A7AB-0FD2A22B9524}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{912403E2-2726-4DE7-909B-05F72E874445}" = lport=137 | protocol=17 | dir=in | app=system | "{93ECCEBF-D5B8-43A8-A076-0D52DC45D026}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{95741839-CC14-4827-8924-CD16E201F1CB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{97A67DF6-2CED-4FD9-93EB-5C5930EE2E5C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{995A09B0-25A8-42ED-A852-04317C16F9E8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9E729ADA-4597-402D-9BC1-6A373D11C542}" = rport=137 | protocol=17 | dir=out | app=system | "{A3DB8073-ECA8-4016-B51C-523A898AF534}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{AC26D994-3F45-4665-B173-FFF41DF05B91}" = lport=139 | protocol=6 | dir=in | app=system | "{AFA69128-A10F-4F58-9820-5687D9A4A2B7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{B331668D-5B0C-4EF4-92C9-BB51C81B666F}" = lport=10243 | protocol=6 | dir=in | app=system | "{C76CAC3D-A128-4A04-86B9-3F1934583BBF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CE17ADCF-5C0B-4BE6-81EA-6E9454BCEC46}" = rport=138 | protocol=17 | dir=out | app=system | "{DAB39A9A-6843-4A5D-B1E1-741FC691D397}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{DC4922FC-2097-4AB6-A7F0-A3679C5D197B}" = lport=2869 | protocol=6 | dir=in | app=system | "{F15A47BE-CE85-4886-9E50-18055CEC3C72}" = lport=138 | protocol=17 | dir=in | app=system | "{FD5135BE-A819-4DD6-A3D3-BA34209B7F05}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02A167C6-4B71-4163-A3AD-763FD61BC662}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe | "{02CD43D9-8356-4627-9D63-DE8BE499D787}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\cougar_vr5fx\team fortress 2\hl2.exe | "{058F0646-86F6-4835-B1B4-2D6E3E3873CD}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | "{070D629F-2F9C-4035-ADA4-E5F556A1AB11}" = protocol=6 | dir=in | app=e:\games\steam\steam.exe | "{07463B40-3E6A-4731-BE37-0A155951ED5F}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bioshock\builds\release\bioshock.exe | "{079A393E-041D-430A-A6A3-DA41794DBF0F}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\testdrive2.exe | "{08B70ABB-8FD0-4BF5-8A64-DDCFD27C8D04}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | "{0CD03AA9-FD16-4F29-9E9C-A538FD5BFAC8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{0DDEB3E7-5F1E-447D-99E4-45400797F152}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\dirt 2\dirt2.exe | "{10A43C86-9300-40B2-BCC6-9CBDA64C9F75}" = protocol=17 | dir=in | app=c:\windows\system32\lxdocfg.exe | "{13D9B322-D638-4E1F-9237-626CB55C9C24}" = protocol=17 | dir=in | app=c:\users\cougar\appdata\local\play withsix\tools\mingw\bin\rsync.exe | "{149E603F-DA95-4E41-B4AA-76B69F375ABF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{15491708-117C-4454-8B81-C33718718D88}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{18E4F8FC-277B-4167-9DF2-78D5FC3B5A15}" = protocol=6 | dir=out | app=system | "{1912D37F-19B2-46BF-8B43-9BC66803F201}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe | "{1B1AF5AE-DC8B-4F69-B9B3-ED86402755CE}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\painkiller overdose\bin\overdose.exe | "{1B69BE7E-A503-49D5-9418-CC481E0D918D}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\crysis\bin32\crysis.exe | "{1F1701B1-CA2C-41F2-84E2-FC6E12868FC8}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdocoms.exe | "{1F4508CE-41B7-4176-9C85-FC7F3FC76A24}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\painkiller black edition\bin\painkiller.exe | "{1F5F6D51-ED16-4729-82D3-E82653157CB6}" = protocol=6 | dir=in | app=c:\users\cougar\appdata\local\play withsix\tools\mingw\bin\rsync.exe | "{1FB50848-775D-4BBD-900C-7B2CBFB893E4}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{206CDF81-5994-4C4C-9B23-4349942501EF}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\cogs\cogs.exe | "{20DDCAAD-0200-432E-8FFE-568A9C72E379}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\painkiller black edition\bin\painkiller.exe | "{211EFAB6-0D8C-4315-9E6D-C98A61B34F9E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{234E67C7-46E2-44DB-B00A-663FC4B9282F}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\flatout2\flatout2.exe | "{241A118B-0DDF-48D7-B9CC-7BCDD42E9B6F}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\flatout2\flatout2.exe | "{2532DF1E-405C-4FED-9A62-2C4BD8B82DC5}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\crysis wars\bin32\crysis.exe | "{2539F070-59BE-48D2-B892-2A6BFD837906}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | "{2620E9C9-DB28-4484-990C-A62F570FD5EC}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe | "{2842B464-D461-4B25-AA0E-F7D8466F29C3}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\painkiller recurring evil\bin\recurringevil.exe | "{2AE134B5-4ED7-4C7D-9D15-98B456D92AAA}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\puzzle quest\puzzle quest.exe | "{2CDD7192-082E-4808-96FC-BF72F3085FB9}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{2E4823BE-D344-4E30-AB89-773E3BAE999E}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe | "{2E53BB64-F7AB-4613-B1F5-D2AFE3C22697}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdotime.exe | "{30D0E85E-581C-479D-BD79-2A3611984887}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{32854B83-4F1F-44F9-A0F8-3DE27E20B70E}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\r.u.s.e\ruse.exe | "{3545ACAE-247B-4910-B0BA-2C3E23A90163}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 9500 series\frun.exe | "{3550041F-D5CD-4CB4-A655-B4F283E18220}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{371E8B8A-F4C6-4141-8A9C-7D1FFD1B4032}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe | "{38691016-3D14-4482-981A-B120683836BD}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | "{38905D8F-7ABA-4C1B-B822-5C58E6097FFD}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe | "{39061A1B-31EC-47B5-9E0B-5B4B3E841804}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\the last remnant\binaries\tlr.exe | "{3FDB8331-56D7-4798-86BE-5F3CED61C4D1}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe | "{414D1D81-DDD9-4A52-AC9E-DCAF2744433F}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\audiosurf\engine\questviewer.exe | "{4215D9B5-8160-428E-AB83-8C4FADFA84CE}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{430C041C-2588-471F-B2D3-DC6F1161A628}" = protocol=6 | dir=in | app=c:\windows\system32\lxdocfg.exe | "{430FB724-9735-4189-B1E4-22166003415E}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdocoms.exe | "{441FFACC-892A-41F4-8924-7B3CE79DB2A4}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\crysis warhead\bin32\crysis.exe | "{445DC2BF-8C3A-4CB2-AF21-27E666B964D8}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe | "{459ABDDF-636A-4E95-AC0B-0B735F5B4060}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | "{46AC7016-5E11-4A6E-9A67-D94C6B52D8C7}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2\arma2.exe | "{48A9AC3C-7D06-4046-9ACD-16F3A4917A4B}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\crysis wars\bin32\crysis.exe | "{49D3976C-4CC8-4212-BDB9-277B77F9F7DF}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 9500 series\frun.exe | "{4C0E7163-68E2-46DE-A9B7-4003A82235C0}" = protocol=17 | dir=in | app=c:\windows\system32\lxdocoms.exe | "{4D5B9926-9644-4308-AE46-795417526CBA}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\audiosurf\engine\questviewer.exe | "{4D5E7A2F-2A1F-4B20-AF91-F90846B0D76A}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rage\rage.exe | "{4DE4B40C-BA7F-4CE1-A5D2-1CB2939EB462}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | "{4F069865-07B2-4151-A1B9-578B95C2FDD5}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe | "{4FB03351-2449-4663-A606-30C315426C24}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | "{4FE6EADD-2A93-4D26-A201-3C307F867D18}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arx fatalis\arx.exe | "{515C9859-B2AB-47E8-9E5D-CDC59013F635}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\torchlight ii\torchlight2.exe | "{51846898-0509-477C-9CC5-B0FE0D75F3A2}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe | "{51DC525C-3CD7-44C8-9561-90F6A300AF61}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\testdrive2.exe | "{522F548B-D71F-4C3D-B298-E3DF4393DCDB}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\torchlight ii\torchlight2.exe | "{5245E32A-5272-4B1F-8EA6-F2F355B64474}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | "{550BBA96-DFCB-40E5-B460-12697F7AF2FC}" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | "{55F9A082-3F91-476F-AD4B-C5CBCC03DAC2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{58570DA1-57BD-46FD-95C4-7DA14C324D8C}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{586A9B42-E358-4729-964D-BCDFE58AC508}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm | "{59E1BEBA-1DED-4D66-BA47-7EB9E44E35FA}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bullet candy\bullet candy.exe | "{5ADFF0D2-9B21-44F6-B02C-35FA56626172}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2\arma2.exe | "{5CB26941-1D6F-4B06-A516-01BE4DAEF27F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | "{5EB14B47-6DF4-4B87-A59D-49F72D1550EE}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\painkiller recurring evil\bin\recurringevil.exe | "{60317BC4-9932-4ECE-85E7-80F7E9B63C12}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\batman arkham city goty\runlauncher.bat | "{6117F30F-59AB-4718-9CCB-5112629A40C3}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe | "{6314E163-C3D8-4BC9-B897-4333831AE3D6}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe | "{63A3427F-5738-46F3-9873-A7FAE40431E1}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe | "{6559BDFD-1532-4789-BB91-47E425F9ED3A}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\lumines\lumines.exe | "{656A4687-FB16-4589-A5A0-AA4400925AB3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{6952EAAE-9652-44E9-8A1A-D9EB6DC8CF0E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{6C63E84A-4C5B-4C2F-9360-AA7316143653}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{6E459A14-7C9A-41D4-B92E-0C8F31C4F742}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe | "{704D4180-B120-4AFE-9074-9CE739CCF075}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{736DE0FB-7EB2-4952-8546-AEBA024676EF}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 3\bin\farcry3.exe | "{7458535B-EFD4-433C-886A-F1E1D35B5AC6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{74960711-67FA-42B9-AC97-9CAE1DC5E9FF}" = protocol=6 | dir=in | app=c:\program files (x86)\edimax\11n usb wireless lan utility\rtwlan.exe | "{78DB537C-055F-4A2F-B80E-38450C5DB2AA}" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | "{792586CC-7698-4DB8-890A-27E48206480F}" = protocol=17 | dir=in | app=c:\program files (x86)\edimax\11n usb wireless lan utility\rtwlan.exe | "{797BDD8B-0D79-42E4-9590-75FB485ADFBB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | "{7A374BA9-30AF-443C-8B08-E83DBCD47A68}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\borderlands\binaries\borderlands.exe | "{7C480639-D327-4E6A-9CB4-B6652C2FBCF5}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | "{7C56ED45-36B6-4A44-9407-7D8F404BDCD3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{7C82AD33-2EC6-4809-BC55-648BE6FF11AA}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | "{7DFF4CDF-5429-4BB5-863A-6A1F398F37C8}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe | "{7F3930FA-2465-42F9-BF5F-539F60D7475D}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | "{80105A9C-6E87-4B70-B211-8B62089E8448}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\prey\prey.exe | "{80632835-556D-4CBF-B4B0-A8469EDEAEC4}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bioshock\builds\release\bioshock.exe | "{855D6E89-6803-4666-80AE-EF212213E725}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2editor.exe | "{863CC723-69DF-468A-9BA1-42AF7FA714B6}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | "{86C24DB8-EF7B-4795-A745-942F49EB28BE}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\cougar_vr5fx\team fortress 2\hl2.exe | "{87414D64-0A60-4283-9EE4-EC50DDFA4B7E}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe | "{87679C68-7E45-49A6-A030-7FF62F634304}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\dead island\deadislandgame.exe | "{886C88FF-B3BF-43CA-BB0F-95B103479621}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\crysis\bin32\crysis.exe | "{8A0DEBB9-2BD5-48A9-B0D3-E84844BD8430}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe | "{8B28BC26-9306-4487-90E8-13329C857677}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 3\bin\farcry3.exe | "{8C5C4A1A-1BD2-4031-9016-B12BB6C7EFE2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{8EF85EC2-BE95-4E05-BAED-103BD5DD7CC0}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\prey\prey.exe | "{8F30E729-BDAD-4EE7-8536-0748484F6D1D}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{90A0DEFE-C084-41EE-BF90-10D7CB241BD0}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe | "{91DC65D3-570E-4144-A0A3-90BD9A84F984}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | "{92CD40AF-E12C-4867-B5BC-BFAA6083E36F}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 9500 series\lxdomon.exe | "{939DF903-14B6-45BC-9904-ABE17087AEC1}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe | "{9407F174-C581-41C2-B93D-1A50D91BB635}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{974504A3-782E-45E6-A7A8-8AD9EBD56EAE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{99A61A95-35E4-4B29-95B0-D65C7A9D8344}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\painkiller redemption\bin\redemptioneditor.exe | "{9A8242F8-9A97-46BD-AC09-F876A1775782}" = protocol=6 | dir=in | app=c:\windows\system32\lxdocoms.exe | "{9C3B23DF-94BA-47DE-B5C7-8DDBEA64F07A}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdopswx.exe | "{9D60D28C-BB7A-48ED-BCD4-AF4E2DD14E06}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\r.u.s.e\ruse.exe | "{9F660E17-E30E-4CA0-A77E-6F538C5A4B1A}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rage\rage64.exe | "{A060C3AD-A9FE-42E8-8439-E65AF0A8423E}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | "{A0DF1CAE-B4DE-41D9-94A2-2BE17AB6791C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A119B41F-258B-4C47-8C6B-B1CAE2E76A76}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\painkiller recurring evil\bin\recurringevileditor.exe | "{A2803CF7-DC3D-4791-8D72-56A687257D66}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\poker night at the inventory\celebritypoker.exe | "{A29E884F-C14C-42EE-B84A-707971655255}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\puzzle quest\puzzle quest.exe | "{A4C42798-DEF6-422B-BDEE-C134B38D4DAC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{A62B7C04-7D38-4DD2-BC0B-A026175A1A37}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\dirt 2\dirt2.exe | "{A6CB59AD-3168-4FED-B867-6F638C469AEA}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe | "{A7033A50-9D8D-46F1-B059-B9958337FEAE}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe | "{A720C069-1063-4786-A44B-13EE949C2E96}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{A77A0A6A-0FD2-40E1-B3DC-13A92D704D25}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A7D561F0-46B0-4405-BB4A-86C5A8157FDF}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\uplauncher.exe | "{A81BAC4F-C5B7-43FC-9DCF-2748678D081F}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bullet candy\bullet candy.exe | "{A8A047BF-24FB-464C-BD55-103C964CC064}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AA04DE68-0857-49C5-A928-9307DFF85526}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | "{AC62C632-95F1-43D0-A40E-428C171A0CB3}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\cogs\cogs.exe | "{ADB330D1-BA6C-41F6-B8DA-5782E7E62DF2}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\brink\brink.exe | "{AEB2D593-93D5-4CE7-B3DF-77FE05C3ED88}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\poker night at the inventory\celebritypoker.exe | "{B10C00C0-DFE4-496E-83A7-448F2D74EE73}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{B11FACFC-2794-4167-A043-778749701227}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B457DAD7-BE7B-4D25-93C0-DD53809C00C9}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\painkiller resurrection\bin\resurrection.exe | "{B57E091E-B68B-4883-8A82-B82CED806D9F}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rage\rage64.exe | "{B5F0E42C-E6FA-487D-A9BA-45929BD6D904}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{B663C815-8399-41CD-91A0-5D0C6CE27D51}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\painkiller redemption\bin\redemption.exe | "{B69C78DC-C292-469C-B0F8-02512BA9F272}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{B7181E09-37F3-42AE-8EF0-4DD7CEBA9E2D}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe | "{B83AFBE8-A513-42D5-95AB-5CF2868888D4}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2editor.exe | "{B849D1E8-00DB-4EAE-A5EC-F99668298AAB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{B8828E90-B280-48D3-B23D-4639D27B7B47}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | "{B9A31AFD-0412-4230-A4E2-7F92EE97227F}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe | "{BA3CB463-D8CD-4702-AAF0-DD52B95B2F42}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\the last remnant\binaries\tlr.exe | "{BBE4CD09-70B3-4F13-9844-E151B32251CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{BC2F1D8B-1CB3-4A48-80BA-346B68F29551}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{BC6466E2-7160-466A-8A92-916EEB78245C}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\uplauncher.exe | "{BC868CF9-1B71-4E00-931E-CDA267D6FC8A}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\frozen synapse\frozensynapse.exe | "{BE5255A3-32C7-4E82-B556-8B5A02431ABE}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | "{C335A978-70DC-46BD-AD30-8E8B9BB245A4}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rage\rage.exe | "{C36917D1-1EBE-4F61-999C-E72A1BA0529B}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arx fatalis\arx.exe | "{C4429100-91DE-4C69-86BE-67F50A47080B}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe | "{C4DAE9D9-ED5B-468D-AF9E-FF64A7F75003}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{C8BAFB68-CC3A-4E2B-BAD9-FD4D17A46BEB}" = protocol=17 | dir=in | app=e:\games\steam\steam.exe | "{C8D0E1B5-FE0C-4C3D-9AA1-84A23AE7B60E}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{C9A4E81A-2799-4442-B134-9EEB05C0CFCC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | "{C9C58FFA-0AA0-42BB-B912-050FB713D37B}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe | "{CA248E10-5C62-47C6-A032-819547282255}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe | "{CC15F263-2F7F-454A-83E3-F0000CE0ED3A}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdopswx.exe | "{CC38D476-F9A0-4E06-B236-42DF58261610}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 9500 series\lxdoamon.exe | "{CCCC1AAC-925A-41BF-8B7D-903AAAD85E34}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\hunted\binaries\win32\hunted.exe | "{CD1EC2BB-4DA3-4FA7-9516-B77E0C964CF0}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\painkiller recurring evil\bin\recurringevileditor.exe | "{CF9F86E2-961D-4084-B160-41A95AB24206}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\batman arkham city goty\runlauncher.bat | "{D02B4350-EAFF-4C08-B62D-36C1829EED85}" = protocol=6 | dir=in | app=c:\users\cougar\documents\arma 2\expansion\beta\arma2oa.exe | "{D1223027-0FE7-4F6D-B1E9-AF16922A4074}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{D1801F6F-4012-4959-AC78-CD5BC7BEB519}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{D583F109-6FA3-4537-8AD7-D420E379A227}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{DE478079-EA32-4259-89F0-ABB444E21B7B}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | "{E23ED267-135D-4837-A8D5-2285CD015DA5}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\painkiller redemption\bin\redemption.exe | "{E24ED257-A251-425A-BBCE-D0B8BA815825}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe | "{E3A4B4E2-97B6-4770-B927-2297D08E841B}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\painkiller overdose\bin\overdose.exe | "{E3DC5156-0D34-40FC-AAE7-7442AF80E4BB}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 9500 series\lxdoamon.exe | "{E46E3BE2-628E-4196-A99A-DD732840AA01}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdotime.exe | "{E560FECF-9BD1-4058-8B6E-BDCA205F27A7}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{E57E20EA-B7E0-4CA5-8C00-1F479E4774FD}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\brink\brink.exe | "{E6210C82-F9AB-4650-8617-761F35CCC9EB}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\crysis warhead\bin32\crysis.exe | "{E640C730-2E12-4E45-A812-619CD77C48CE}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\dead island\deadislandgame.exe | "{EB8D933E-C792-42B8-A365-B1F4A968167F}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 9500 series\lxdomon.exe | "{EBDA640A-E48C-45D1-A73E-BAB165058CDC}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe | "{EC550F1A-2B0C-44DE-89DF-C8A7EFFF07AC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | "{ECF21641-F984-4C32-ABFF-F8878B6CDD47}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe | "{ED1DA0D9-7A07-43C3-A0B2-D76F01036A22}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\hunted\binaries\win32\hunted.exe | "{EE093B9D-AC7F-47C8-9D7C-EFD036CD3208}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\farcry2.exe | "{EEE76FE4-AFD5-40B5-AEE2-29F8E6BB13D3}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe | "{F0A50750-3E0F-4092-865C-5EEE26C9E067}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe | "{F0DCC368-4D30-44C9-87D5-431F9BD30509}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\borderlands\binaries\borderlands.exe | "{F2AEC5DA-DB00-4162-A8D9-BBBBA9792965}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\painkiller redemption\bin\redemptioneditor.exe | "{F2C4D66F-A824-4B01-A65F-2B8BE2CE9047}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe | "{F3A47C0D-B4D8-4341-B7C4-C1D39856EECC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F5F2A099-B26F-4FDB-8ED7-71D8E60F1177}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\lumines\lumines.exe | "{F6C88937-1803-4C9D-8757-B0CCB4E69917}" = protocol=17 | dir=in | app=c:\users\cougar\documents\arma 2\expansion\beta\arma2oa.exe | "{FACC250E-5AC9-4338-99B9-177DADCD8CF5}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm | "{FAD50184-56CE-4B0E-BFCE-62EF0969E68F}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\painkiller resurrection\bin\resurrection.exe | "{FF5F48D0-D4EB-4D1C-B9EE-CF59592006AF}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\farcry2.exe | "{FF64ACF8-BDB7-4A32-9AAF-37C1C7C5ACF2}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\frozen synapse\frozensynapse.exe | "TCP Query User{0DA63859-5EC9-40EC-8F9C-8F160D69B4BA}E:\games\steam\steamapps\common\torchlight ii\torchlight2.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\torchlight ii\torchlight2.exe | "TCP Query User{1AA3B8D2-579B-4B1D-9301-1B37014A7946}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | "TCP Query User{1F3C3B69-F26D-4DAF-A661-08AED1913244}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "TCP Query User{2EA4B464-9D6A-4B02-8BB7-610D216AA678}C:\users\cougar\appdata\local\play withsix\tools\mingw\bin\rsync.exe" = protocol=6 | dir=in | app=c:\users\cougar\appdata\local\play withsix\tools\mingw\bin\rsync.exe | "TCP Query User{2F06FCB4-696B-4DA7-A856-4EAB79591DBD}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | "TCP Query User{384D0EDB-F7AA-4970-9E26-13E1A95F2DE9}E:\games\steam\steamapps\cougar_vr5fx\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\cougar_vr5fx\team fortress 2\hl2.exe | "TCP Query User{3A63E268-2759-4971-9670-AC301171176A}E:\games\steam\steamapps\common\test drive unlimited 2\testdrive2.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\testdrive2.exe | "TCP Query User{44524EB9-2E1B-44BF-8E6D-C2EC8DAE0528}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | "TCP Query User{4BA74F7B-C23D-4E8D-9117-6F5728F91391}E:\games\steam\steam.exe" = protocol=6 | dir=in | app=e:\games\steam\steam.exe | "TCP Query User{5FA76B4B-ACDE-46C6-8FB4-6859F01A4BF3}C:\program files (x86)\lexmark 9500 series\lxdomon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 9500 series\lxdomon.exe | "TCP Query User{63FEEE8C-8F02-4A2B-819B-469D5C008468}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | "TCP Query User{651CD768-A669-4D76-A26C-5F3FEBBA13B8}E:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe | "TCP Query User{73F27C17-5F72-4D81-A9D4-BCA5C512B6E7}E:\games\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe | "TCP Query User{878D8325-707B-48B2-9970-A94FFE494017}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | "TCP Query User{8D2F5F5E-CF5B-447A-9E12-5A57525241E7}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | "TCP Query User{9E37D556-6D22-4060-A2B8-3DE2D2BFBABC}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{BACC586B-22A9-4D75-A87A-DAA9EEECB6A7}C:\users\cougar\documents\arma 2\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=c:\users\cougar\documents\arma 2\expansion\beta\arma2oa.exe | "TCP Query User{DA56CF17-D161-48D5-B5E3-73669E05C575}E:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe | "UDP Query User{02FC519D-F03A-4611-92DD-8D222D7CC34E}E:\games\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe | "UDP Query User{095F7A3A-4D4B-49F3-8A37-926979F2EE3A}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | "UDP Query User{12696A9A-3F36-4E40-9F42-7687D6D410D0}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | "UDP Query User{207CEDD4-C87F-41BA-948E-D1FFDCEB9998}C:\users\cougar\appdata\local\play withsix\tools\mingw\bin\rsync.exe" = protocol=17 | dir=in | app=c:\users\cougar\appdata\local\play withsix\tools\mingw\bin\rsync.exe | "UDP Query User{2781CBBF-B617-4536-8320-25E2A14BD13F}E:\games\steam\steam.exe" = protocol=17 | dir=in | app=e:\games\steam\steam.exe | "UDP Query User{35345DD6-2638-4DB6-A61E-121DC4A00B0F}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | "UDP Query User{42F37FB4-1506-4AC4-87B3-F9AE0250FD4B}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "UDP Query User{53062B03-F370-4F3F-98E7-01FA868F4623}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "UDP Query User{60D9CFB5-3972-405F-9369-A8048F5469E0}C:\users\cougar\documents\arma 2\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=c:\users\cougar\documents\arma 2\expansion\beta\arma2oa.exe | "UDP Query User{6A0EBECD-9C35-4F2F-8398-CA642440329C}C:\program files (x86)\lexmark 9500 series\lxdomon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 9500 series\lxdomon.exe | "UDP Query User{93653CC5-2D9F-458C-83F8-996526D7D0C7}E:\games\steam\steamapps\common\test drive unlimited 2\testdrive2.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\test drive unlimited 2\testdrive2.exe | "UDP Query User{A5A94001-6770-4977-B5FE-CC3878A3C741}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | "UDP Query User{B0C0C689-81EA-442D-B77C-6DE110CDC65F}E:\games\steam\steamapps\common\torchlight ii\torchlight2.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\torchlight ii\torchlight2.exe | "UDP Query User{B81DA068-BF8A-418E-8529-47F52F9064AC}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | "UDP Query User{CB4DD550-0D16-4D87-AC7C-5662E643731C}E:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe | "UDP Query User{D7345C6B-F5F1-4B6D-986F-731482CF50B6}E:\games\steam\steamapps\cougar_vr5fx\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\cougar_vr5fx\team fortress 2\hl2.exe | "UDP Query User{F25B15F3-2C1E-455E-A269-771C9B54C9B2}E:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe | "UDP Query User{F6D440BF-2496-4F99-A690-9F8C500E6C51}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit) "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A39D1D51-E8DE-4B07-016D-73C232E1E1D8}" = ATI Catalyst Install Manager "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 314.07 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 314.07 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 314.07 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 314.07 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.23.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant "{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2 "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "0F7DD176693D493C7502506ABE5F948A4C14EA2E" = Windows Driver Package - SteelSeries (HidUsb) HIDClass (06/09/2010 1.0.2.0) "CPUID CPU-Z_is1" = CPUID CPU-Z 1.63.0 "Lexmark 9500 Series" = Lexmark 9500 Series "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Speccy" = Speccy "WinRAR archiver" = WinRAR 4.11 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack "{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2 "{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE "{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility "{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver "{42DCB650-F003-4535-A5CD-32AD815CD2DD}" = Play withSIX "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1 "{5454085C-129F-416C-9C0B-8B1000058301}" = BioShock 2 "{5ED2987A-56AF-4240-A854-3EF153B27145}" = WmpSkype "{62FE0726-9652-4CD2-9F09-C769D8699C21}" = TP-LINK TL-WN821N_WN822N Driver "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72CD4C5F-AB0B-4814-8780-9A4F26A2086B}" = Presto! PageManager 7.12.20 "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted "{AA909E80-DC40-4AF0-A693-376F9F1C8582}" = World of Warcraft® MMO Gaming Mouse: Legendary Edition "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{B79920F8-AB6E-45B2-B257-900BBA969FF7}" = Presto! Forms 3.60.10 "{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver "{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Any Video Converter_is1" = Any Video Converter 3.5.7 "avast" = avast! Free Antivirus "BattlEye for A2" = BattlEye Uninstall "BattlEye for OA" = BattlEye for OA Uninstall "DAEMON Tools Lite" = DAEMON Tools Lite "Fraps" = Fraps "Guild Wars" = Guild Wars "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100 "MapleStory" = MapleStory "Mozilla Firefox 19.0 (x86 en-US)" = Mozilla Firefox 19.0 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "PunkBusterSvc" = PunkBuster Services "Steam App 108800" = Crysis 2 Maximum Edition "Steam App 11900" = Lumines "Steam App 12500" = Puzzle Quest "Steam App 12840" = DiRT 2 "Steam App 12900" = Audiosurf "Steam App 1700" = Arx Fatalis "Steam App 17300" = Crysis "Steam App 17330" = Crysis Warhead "Steam App 17340" = Crysis Wars "Steam App 19900" = Far Cry 2 "Steam App 200260" = Batman: Arkham City GOTY "Steam App 200710" = Torchlight II "Steam App 205100" = Dishonored "Steam App 206760" = Painkiller: Recurring Evil "Steam App 219540" = ARMA 2: Operation Arrowhead Beta "Steam App 21970" = R.U.S.E "Steam App 220" = Half-Life 2 "Steam App 220240" = Far Cry® 3 "Steam App 22350" = BRINK "Steam App 22380" = Fallout: New Vegas "Steam App 22450" = Hunted: The Demon's Forge "Steam App 23310" = The Last Remnant "Steam App 24780" = SimCity 4 Deluxe "Steam App 26500" = Cogs "Steam App 2990" = FlatOut 2 "Steam App 31280" = Poker Night at the Inventory "Steam App 3270" = Painkiller Overdose "Steam App 33910" = ARMA 2 "Steam App 33930" = ARMA 2: Operation Arrowhead "Steam App 35140" = Batman: Arkham Asylum GOTY Edition "Steam App 39530" = Painkiller: Black Edition "Steam App 39560" = Painkiller: Resurrection "Steam App 3970" = Prey "Steam App 400" = Portal "Steam App 4000" = Garry's Mod "Steam App 440" = Team Fortress 2 "Steam App 49520" = Borderlands 2 "Steam App 550" = Left 4 Dead 2 "Steam App 65560" = Painkiller: Redemption "Steam App 6600" = Bullet Candy "Steam App 72850" = The Elder Scrolls V: Skyrim "Steam App 7670" = BioShock "Steam App 8850" = BioShock 2 "Steam App 8980" = Borderlands "Steam App 91310" = Dead Island "Steam App 9200" = RAGE "Steam App 98200" = Frozen Synapse "Steam App 9930" = Test Drive Unlimited 2 "Total Annihilation" = Total Annihilation "Uplay" = Uplay "VLC media player" = VLC media player 1.1.11 "WinLiveSuite" = Windows Live Essentials ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 28/02/2013 18:42:54 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = Error - 01/03/2013 05:45:44 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = Error - 02/03/2013 05:29:43 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = Error - 02/03/2013 17:04:55 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = Error - 03/03/2013 06:34:05 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = Error - 03/03/2013 08:52:50 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = Error - 03/03/2013 09:16:13 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = Error - 04/03/2013 05:05:14 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = Error - 04/03/2013 05:26:57 | Computer Name = Cougar-PC | Source = Application Error | ID = 1000 Description = Faulting application name: MsiExec.exe, version: 5.0.7601.17514, time stamp: 0x4ce792c4 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x01f1b5ed Faulting process id: 0x12d8 Faulting application start time: 0x01ce18ba686e1f94 Faulting application path: C:\Windows\syswow64\MsiExec.exe Faulting module path: unknown Report Id: a87aa34b-84ad-11e2-9b2d-c86000dd7b2e Error - 04/03/2013 05:35:01 | Computer Name = Cougar-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 12/01/2013 06:14:00 | Computer Name = Cougar-PC | Source = Disk | ID = 262151 Description = The device, \Device\Harddisk3\DR3, has a bad block. Error - 12/01/2013 06:14:00 | Computer Name = Cougar-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620 Description = Encrypted volume check: Volume information on I: cannot be read. Error - 12/01/2013 06:15:19 | Computer Name = Cougar-PC | Source = Disk | ID = 262151 Description = The device, \Device\Harddisk3\DR4, has a bad block. Error - 12/01/2013 06:15:19 | Computer Name = Cougar-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620 Description = Encrypted volume check: Volume information on I: cannot be read. Error - 12/01/2013 14:01:14 | Computer Name = Cougar-PC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the lxdoCATSCustConnectService service to connect. Error - 12/01/2013 14:01:14 | Computer Name = Cougar-PC | Source = Service Control Manager | ID = 7000 Description = The lxdoCATSCustConnectService service failed to start due to the following error: %%1053 Error - 12/01/2013 20:57:05 | Computer Name = Cougar-PC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the lxdoCATSCustConnectService service to connect. Error - 12/01/2013 20:57:05 | Computer Name = Cougar-PC | Source = Service Control Manager | ID = 7000 Description = The lxdoCATSCustConnectService service failed to start due to the following error: %%1053 Error - 13/01/2013 05:23:43 | Computer Name = Cougar-PC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the lxdoCATSCustConnectService service to connect. Error - 13/01/2013 05:23:43 | Computer Name = Cougar-PC | Source = Service Control Manager | ID = 7000 Description = The lxdoCATSCustConnectService service failed to start due to the following error: %%1053 < End of report > Quote AMD FX 6100 @ 3.9Ghz / Asus M5A99X EVO 990X / G-Skill 8GB DDR3 1600Mhz RipjawsX / Zotac GeForce GTX 660 Ti / Corsair TX 750W V2 PSU / Antec Kuhler 620 / Win7 64 / NZXT Tempest 410 Elite / NZXT 6 channel fan controller / Kingston 240GB HyperX 3K SSD / 1TB HDD Intel Pentium G2020 2.90GHz / Gigabyte GA-Z77N-WIFI / Kingston 4GB DDR3 1600MHz HyperX Genesis / Corsair 430W CXM / Fractal Design Node 304 Mini ITX Case / 2TB WD Greenhttp://steamsignature.com/status/default/76561197986113115.png
etavares Posted March 5, 2013 Posted March 5, 2013 Hello, Vr5fx. Did this start when you installed Guild Wars? That appeared to be a few hours before your downloaded SAS and MBAM. Perhaps it's that game? We could try a system restore to an earlier point. It looks in decent shape. A few things...what's your drive I:? There's some errors about a bad block. It may be an external hard drive. Just an FYI. I do see incredibar installed. I suggest we remove that. Step 1 We need run an OTL ScriptPlease download OTL from one of the following mirrors if you do not still have it. This is first Mirror This is the second mirror [*]Save it to your desktop. [*]Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/OTL/otlDesktopIcon.png icon on your desktop. [*]Paste the following code under the Custom Scans/Fixes box at the bottom. :OTL IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb201?a=6R8S6LLoAz&i=26 IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb201/?search={searchTerms}&loc=IB_DS&a=6R8S6LLoAz&i=26 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Steam - hkey= - key= - File not found [*]Click the Run Fix button at the top. [*]let the program run unhindered and reboot when it is done. [*]You will get a log when it is done, please post that in your reply. [*]Please then create a new OTL report.... [*]Click the "Scan All Users" checkbox. [*]Push the http://billy-oneal.com/Canned%20Speeches/speechimages/OTL/runscanbutton.png button. [*]A report will open, copy and paste it in a reply here. Step 2 Next, we need to update Java. Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update: Download the latest version of Java Runtime Environment (JRE) 7 Update 17 32-bit version. Note that if you have 64-bit windows, the default is to use a 32-bit browser. If you modified your IE to use the 64-bit version, make sure to also download the 64-bit version. Save it to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java. Check (highlight) any item with Java Runtime Environment (JRE or J2SE) or Java in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java version(s) shown below: Java 7 Update 9 Reboot your computer once all Java components are removed. Then from your desktop double-click on the java file you downloaded to install the newest version. If you downloaded the 64-bit version, make sure to install that as well. etavares Quote etavares is a member of:Alliance of Security Analysis ProfessionalsUnified Network of Instructors and Trained Eliminators
Vr5fx Posted March 5, 2013 Author Posted March 5, 2013 Thanks for the reply. :) Guild Wars isn't the culprit, it was happening randomly before the install,but it did happen to occur when Guild Wars was open, which gave me the hump! I get a feeling that Drive I: is one of my flash drives, marked as 16GB, but I think it is far less than marked, I haven't used it for quite some time. As for Incredibar, I remember when that had a piggy-back ride with something I was downloading, I thought I had gotten rid of it until you just mentioned it now. I hate tool-bars as it is lol! I will also update Java as recommended, if I remember correctly Minecraft had "issues" some some versions of Java, meaning it would crash out, or brain fart. As I haven't played in ages I will give an update. :) Will follow with the log. Quote AMD FX 6100 @ 3.9Ghz / Asus M5A99X EVO 990X / G-Skill 8GB DDR3 1600Mhz RipjawsX / Zotac GeForce GTX 660 Ti / Corsair TX 750W V2 PSU / Antec Kuhler 620 / Win7 64 / NZXT Tempest 410 Elite / NZXT 6 channel fan controller / Kingston 240GB HyperX 3K SSD / 1TB HDD Intel Pentium G2020 2.90GHz / Gigabyte GA-Z77N-WIFI / Kingston 4GB DDR3 1600MHz HyperX Genesis / Corsair 430W CXM / Fractal Design Node 304 Mini ITX Case / 2TB WD Greenhttp://steamsignature.com/status/default/76561197986113115.png
Vr5fx Posted March 5, 2013 Author Posted March 5, 2013 ========== OTL ========== HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\ not found. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ deleted successfully. File {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found. File {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\msnmsgr\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Steam\ not found. OTL by OldTimer - Version 3.2.69.0 log created on 03052013_093058 Quote AMD FX 6100 @ 3.9Ghz / Asus M5A99X EVO 990X / G-Skill 8GB DDR3 1600Mhz RipjawsX / Zotac GeForce GTX 660 Ti / Corsair TX 750W V2 PSU / Antec Kuhler 620 / Win7 64 / NZXT Tempest 410 Elite / NZXT 6 channel fan controller / Kingston 240GB HyperX 3K SSD / 1TB HDD Intel Pentium G2020 2.90GHz / Gigabyte GA-Z77N-WIFI / Kingston 4GB DDR3 1600MHz HyperX Genesis / Corsair 430W CXM / Fractal Design Node 304 Mini ITX Case / 2TB WD Greenhttp://steamsignature.com/status/default/76561197986113115.png
Vr5fx Posted March 5, 2013 Author Posted March 5, 2013 OTL logfile created on: 05/03/2013 09:37:48 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cougar\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 7.95 Gb Total Physical Memory | 6.30 Gb Available Physical Memory | 79.27% Memory free 15.89 Gb Paging File | 13.91 Gb Available in Paging File | 87.54% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 223.47 Gb Total Space | 154.18 Gb Free Space | 68.99% Space Free | Partition Type: NTFS Drive D: | 100.00 Mb Total Space | 70.34 Mb Free Space | 70.35% Space Free | Partition Type: NTFS Drive E: | 931.41 Gb Total Space | 584.04 Gb Free Space | 62.70% Space Free | Partition Type: NTFS Computer Name: COUGAR-PC | User Name: Cougar | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Cougar\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Fraps\fraps.exe (Beepa P/L) PRC - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () PRC - C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMHID4.exe () PRC - C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMTray4.exe () PRC - C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe () PRC - C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe () PRC - C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe () PRC - C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe (ASUSTeK Computer Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll () MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.dll () MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll () MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll () MOD - C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMHID4.exe () MOD - C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMTray4.exe () MOD - C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll () MOD - C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll () MOD - C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll () ========== Services (SafeList) ========== SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (lxdo_device) -- C:\Windows\SysNative\lxdocoms.exe ( ) SRV:64bit: - (lxdoCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdoserv.exe () SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (asComSvc) -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe () SRV - (asHmComSvc) -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe () SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (lxdo_device) -- C:\Windows\SysWOW64\lxdocoms.exe ( ) SRV - (lxdoCATSCustConnectService) -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdoserv.exe () ========== Driver Services (SafeList) ========== DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys () DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software) DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys () DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (athur) -- C:\Windows\SysNative\drivers\athurx.sys (Atheros Communications, Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc) DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc) DRV:64bit: - (SSMO4Filter) -- C:\Windows\SysNative\drivers\MO4Driver.sys (Sagatek Co. Ltd.) DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices) DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (AiChargerPlus) -- C:\Windows\SysNative\drivers\AiChargerPlus.sys (ASUSTek Computer Inc.) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-425270630-3411693709-1190734197-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-425270630-3411693709-1190734197-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-425270630-3411693709-1190734197-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/03 18:03:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/02/20 10:26:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/10/01 16:01:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cougar\AppData\Roaming\Mozilla\Extensions [2013/02/14 23:20:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cougar\AppData\Roaming\Mozilla\Firefox\Profiles\103hclsb.default-1358867749764\extensions [2013/02/14 23:20:25 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Cougar\AppData\Roaming\Mozilla\Firefox\Profiles\103hclsb.default-1358867749764\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013/02/20 10:26:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013/02/20 10:26:47 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/10/03 15:49:05 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013/02/20 10:26:47 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [steelSeries World of Warcraft® MMO Gaming Mouse Legendary Edition] C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMHID4.exe () O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-425270630-3411693709-1190734197-1000..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - HKU\S-1-5-21-425270630-3411693709-1190734197-1004..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-425270630-3411693709-1190734197-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0482F6B8-8AAB-4356-98D7-7DA8BFCEA021}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0EC16170-0141-4B7B-9A46-C8614AE6E74F}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD19197F-2A20-4012-A502-E5633D11E474}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{78d57699-649b-11e2-8832-c86000dd7b2e}\Shell - "" = AutoRun O33 - MountPoints2\{78d57699-649b-11e2-8832-c86000dd7b2e}\Shell\AutoRun\command - "" = G:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/03/05 09:30:58 | 000,000,000 | ---D | C] -- C:\_OTL [2013/03/05 09:04:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Cougar\Desktop\OTL.exe [2013/03/04 17:55:47 | 000,000,000 | ---D | C] -- C:\Users\Cougar\AppData\Local\Apps [2013/03/03 17:42:51 | 000,000,000 | ---D | C] -- C:\Users\Cougar\AppData\Roaming\SUPERAntiSpyware.com [2013/03/03 17:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2013/03/03 17:42:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2013/03/03 17:42:21 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2013/03/03 12:56:10 | 000,000,000 | ---D | C] -- C:\Users\Cougar\Documents\Guild Wars [2013/03/03 12:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs [2013/03/03 12:53:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guild Wars [2013/02/27 18:08:39 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013/02/27 18:08:39 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013/02/27 18:08:39 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013/02/27 18:08:39 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013/02/27 18:08:37 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013/02/27 18:08:37 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013/02/27 18:08:35 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013/02/27 18:08:35 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013/02/27 18:08:35 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013/02/27 18:08:35 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013/02/27 18:08:35 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/02/27 18:08:35 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/02/27 18:08:35 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/02/27 18:08:35 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/02/27 18:08:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/02/27 18:08:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/02/27 18:08:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013/02/27 18:08:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013/02/27 18:08:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/02/27 18:08:35 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/02/27 18:08:35 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/02/27 18:08:34 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013/02/27 18:08:34 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013/02/27 18:08:34 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013/02/27 18:08:34 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013/02/27 18:08:34 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013/02/27 18:08:34 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013/02/27 18:08:34 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013/02/27 18:08:34 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013/02/27 18:08:34 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013/02/27 18:08:34 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/02/27 18:08:34 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/02/27 18:08:34 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/02/27 18:08:34 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/02/27 18:08:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013/02/27 18:08:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013/02/27 18:08:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/02/27 18:08:33 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013/02/27 18:08:33 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013/02/27 18:08:33 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013/02/27 18:08:33 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013/02/20 17:47:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [2013/02/20 17:47:05 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID [2013/02/20 10:26:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013/02/19 15:43:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies [2013/02/19 15:42:24 | 026,947,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013/02/19 15:42:24 | 007,569,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013/02/19 15:42:24 | 006,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013/02/19 15:42:24 | 000,963,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2013/02/19 15:42:24 | 000,194,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys [2013/02/19 15:42:24 | 000,031,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2013/02/19 15:42:23 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013/02/19 15:42:23 | 020,534,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013/02/19 15:42:23 | 017,987,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2013/02/19 15:42:23 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013/02/19 15:42:23 | 009,422,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013/02/19 15:42:23 | 007,964,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013/02/19 15:42:23 | 002,911,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013/02/19 15:42:23 | 002,726,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013/02/19 15:42:23 | 002,350,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013/02/19 15:42:23 | 001,990,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013/02/19 15:42:23 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll [2013/02/19 15:42:23 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll [2013/02/19 15:42:23 | 000,420,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll [2013/02/19 15:42:23 | 000,364,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll [2013/02/19 15:42:23 | 000,250,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2013/02/19 15:42:23 | 000,205,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2013/02/19 15:36:33 | 000,000,000 | ---D | C] -- C:\NVIDIA [2013/02/19 10:25:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WmpSkype [2013/02/13 06:51:20 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/02/13 06:51:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013/02/13 06:51:20 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/02/13 06:51:20 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/02/13 06:51:19 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/02/13 06:51:19 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/02/13 06:51:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/02/13 06:51:19 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/02/13 06:51:19 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/02/13 06:51:18 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013/02/13 06:51:18 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/02/13 06:51:18 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013/02/13 06:51:17 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013/02/13 06:51:17 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013/02/13 06:51:17 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/02/13 06:28:02 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013/02/13 06:28:02 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013/02/13 06:28:01 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013/02/13 06:27:58 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013/02/13 06:27:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013/02/13 06:27:57 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013/02/13 06:27:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013/02/13 06:27:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013/02/13 06:27:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013/02/13 06:27:56 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013/02/12 17:13:28 | 000,000,000 | ---D | C] -- C:\Users\Cougar\AppData\Roaming\Malwarebytes [2013/02/12 17:13:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/02/12 17:13:22 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013/02/12 17:13:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013/02/12 17:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/02/12 17:12:57 | 000,000,000 | ---D | C] -- C:\Users\Cougar\AppData\Local\Programs [2013/02/10 13:52:29 | 000,000,000 | ---D | C] -- C:\Users\Cougar\Documents\Eden Games [2013/02/10 13:51:14 | 000,000,000 | ---D | C] -- C:\Users\Cougar\AppData\Local\CrashRpt [2013/02/10 12:25:50 | 000,000,000 | ---D | C] -- C:\Users\Cougar\Documents\Bioshock2 [2013/02/10 12:25:50 | 000,000,000 | ---D | C] -- C:\Users\Cougar\AppData\Roaming\Bioshock2 [2013/02/10 12:09:15 | 000,000,000 | ---D | C] -- C:\Users\Cougar\Documents\NFS Most Wanted [2013/02/10 12:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES [2013/02/10 12:04:42 | 000,000,000 | ---D | C] -- C:\Users\Cougar\New folder [2013/02/09 18:43:52 | 000,555,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/03/05 09:33:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/03/05 09:33:49 | 2104,508,415 | -HS- | M] () -- C:\hiberfil.sys [2013/03/05 09:21:26 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/03/05 09:21:26 | 000,628,024 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/03/05 09:21:26 | 000,110,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/03/05 09:04:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cougar\Desktop\OTL.exe [2013/03/05 08:57:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/03/05 08:36:19 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/03/05 08:36:19 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/03/03 18:03:47 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013/03/03 17:42:23 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2013/03/03 13:16:16 | 000,001,410 | ---- | M] () -- C:\Users\Cougar\Desktop\Gw.exe - Shortcut (2).lnk [2013/03/03 13:15:31 | 000,001,396 | ---- | M] () -- C:\Users\Cougar\Desktop\Gw.exe - Shortcut.lnk [2013/02/28 08:36:34 | 000,177,672 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013/02/28 08:36:34 | 000,068,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013/02/28 08:36:33 | 001,025,880 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013/02/28 08:36:33 | 000,377,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013/02/28 08:36:33 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013/02/28 08:36:33 | 000,065,408 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013/02/28 08:36:32 | 000,080,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013/02/28 08:36:31 | 000,033,472 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013/02/28 08:36:07 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2013/02/28 08:35:43 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013/02/26 22:06:57 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/02/26 22:06:57 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/02/20 17:47:05 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk [2013/02/13 15:27:13 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/02/12 17:13:23 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/02/10 03:25:27 | 026,947,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013/02/10 03:25:27 | 025,256,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013/02/10 03:25:27 | 020,534,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013/02/10 03:25:27 | 017,987,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2013/02/10 03:25:27 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013/02/10 03:25:27 | 015,275,744 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2013/02/10 03:25:27 | 015,038,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2013/02/10 03:25:27 | 012,862,400 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2013/02/10 03:25:27 | 009,422,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013/02/10 03:25:27 | 007,964,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013/02/10 03:25:27 | 007,569,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013/02/10 03:25:27 | 006,267,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013/02/10 03:25:27 | 002,911,008 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013/02/10 03:25:27 | 002,854,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2013/02/10 03:25:27 | 002,726,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013/02/10 03:25:27 | 002,528,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2013/02/10 03:25:27 | 002,350,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013/02/10 03:25:27 | 001,990,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013/02/10 03:25:27 | 001,807,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll [2013/02/10 03:25:27 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll [2013/02/10 03:25:27 | 001,114,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll [2013/02/10 03:25:27 | 000,963,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2013/02/10 03:25:27 | 000,420,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll [2013/02/10 03:25:27 | 000,364,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll [2013/02/10 03:25:27 | 000,250,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2013/02/10 03:25:27 | 000,205,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2013/02/10 03:25:27 | 000,017,738 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2013/02/10 01:04:31 | 006,393,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2013/02/10 01:04:31 | 003,472,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2013/02/10 01:04:29 | 000,237,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2013/02/10 01:04:29 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2013/02/09 18:43:52 | 000,555,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe [2013/02/09 13:25:36 | 003,035,306 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/03/03 18:03:47 | 000,177,672 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013/03/03 18:03:47 | 000,065,408 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013/03/03 17:42:23 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2013/03/03 13:15:39 | 000,001,410 | ---- | C] () -- C:\Users\Cougar\Desktop\Gw.exe - Shortcut (2).lnk [2013/03/03 13:15:31 | 000,001,396 | ---- | C] () -- C:\Users\Cougar\Desktop\Gw.exe - Shortcut.lnk [2013/02/20 17:47:05 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk [2013/02/12 17:13:23 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/12/25 22:08:11 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012/12/25 22:08:01 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012/10/10 08:17:36 | 000,028,672 | ---- | C] () -- C:\Windows\hookdllX.dll [2012/10/10 08:17:36 | 000,011,776 | ---- | C] () -- C:\Windows\SysWow64\pmsbfn32.dll [2012/10/10 08:16:58 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxdocomx.dll [2012/10/10 08:16:58 | 000,360,448 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdoinpa.dll [2012/10/10 08:16:58 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\lxdoinst.dll [2012/10/10 08:16:58 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdoiesc.dll [2012/10/10 08:16:57 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdopmui.dll [2012/10/10 08:16:56 | 001,069,056 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdoserv.dll [2012/10/10 08:16:56 | 000,954,368 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdousb1.dll [2012/10/10 08:16:56 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdolmpm.dll [2012/10/10 08:16:56 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdoprox.dll [2012/10/10 08:16:55 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdocomc.dll [2012/10/10 08:16:55 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdohbn3.dll [2012/10/10 08:16:55 | 000,589,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdocoms.exe [2012/10/10 08:16:55 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdocomm.dll [2012/10/10 08:16:55 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdoih.exe [2012/10/10 08:16:54 | 000,360,448 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdocfg.exe [2012/10/04 18:41:37 | 000,007,597 | ---- | C] () -- C:\Users\Cougar\AppData\Local\Resmon.ResmonCfg [2012/10/01 15:43:14 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe [2012/10/01 15:36:53 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2012/10/01 15:36:47 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2012/10/01 15:31:02 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012/10/01 15:30:57 | 000,028,896 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011/04/19 21:10:32 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll ========== ZeroAccess Check ========== [2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 05:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 04:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 03:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > Quote AMD FX 6100 @ 3.9Ghz / Asus M5A99X EVO 990X / G-Skill 8GB DDR3 1600Mhz RipjawsX / Zotac GeForce GTX 660 Ti / Corsair TX 750W V2 PSU / Antec Kuhler 620 / Win7 64 / NZXT Tempest 410 Elite / NZXT 6 channel fan controller / Kingston 240GB HyperX 3K SSD / 1TB HDD Intel Pentium G2020 2.90GHz / Gigabyte GA-Z77N-WIFI / Kingston 4GB DDR3 1600MHz HyperX Genesis / Corsair 430W CXM / Fractal Design Node 304 Mini ITX Case / 2TB WD Greenhttp://steamsignature.com/status/default/76561197986113115.png
etavares Posted March 5, 2013 Posted March 5, 2013 Hello, Vr5fx. OK, thanks for the information. :) We'll run two final antivirus scans. If these come up clean (likely), we'll use some other tools to try and catch what may be running. This will just help us rule out a virus. -etavares Step 1 Download TDSSKiller.exe and save it to your desktop. Double-click TDSSKiller.exe to run it. Under "Objects to scan" ensure both "Services and Drivers" and "Boot Sectors" are checked. Click Start scan and allow it to scan for Malicious objects. If malicious objects are found, the default action will be Cure, ensure Cure is selected then click Continue. If suspicious objects are detected, the default action will be Skip, ensure Skip is selected then click Continue. It may ask you to reboot the computer to complete the process. Click on Reboot Now and allow the computer to reboot. A log will be created on your root (usually C:) drive. The log is like UtilityName.Version_Date_Time_log.txt. for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt If no reboot is required, click on Report. A log file should appear. Please post the contents of the logfile in your next reply Step 2 I'd like us to scan your machine with ESET OnlineScan Hold down Control and click on the following link to open ESET OnlineScan in a new window. ESET OnlineScan Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetOnline.png button. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps) Click on http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop. Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstallDesktopIcon.png icon on your desktop. [*]Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetAcceptTerms.png [*]Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetStart.png button. [*]Accept any security warnings from your browser. [*]Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetScanArchives.png [*]Push the Start button. [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. [*]When the scan completes, push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png [*]Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply. [*]Push the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetBack.png button. [*]Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetFinish.png etavares Quote etavares is a member of:Alliance of Security Analysis ProfessionalsUnified Network of Instructors and Trained Eliminators
Vr5fx Posted March 5, 2013 Author Posted March 5, 2013 15:30:10.0546 5620 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 15:30:10.0764 5620 ============================================================ 15:30:10.0764 5620 Current date / time: 2013/03/05 15:30:10.0764 15:30:10.0764 5620 SystemInfo: 15:30:10.0764 5620 15:30:10.0764 5620 OS Version: 6.1.7601 ServicePack: 1.0 15:30:10.0764 5620 Product type: Workstation 15:30:10.0764 5620 ComputerName: COUGAR-PC 15:30:10.0764 5620 UserName: Cougar 15:30:10.0764 5620 Windows directory: C:\Windows 15:30:10.0764 5620 System windows directory: C:\Windows 15:30:10.0764 5620 Running under WOW64 15:30:10.0764 5620 Processor architecture: Intel x64 15:30:10.0764 5620 Number of processors: 6 15:30:10.0764 5620 Page size: 0x1000 15:30:10.0764 5620 Boot type: Normal boot 15:30:10.0764 5620 ============================================================ 15:30:11.0435 5620 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048 15:30:11.0435 5620 Drive \Device\Harddisk1\DR1 - Size: 0x37E4896000 (223.57 Gb), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048 15:30:11.0451 5620 ============================================================ 15:30:11.0451 5620 \Device\Harddisk0\DR0: 15:30:11.0451 5620 MBR partitions: 15:30:11.0451 5620 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 15:30:11.0451 5620 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800 15:30:11.0451 5620 \Device\Harddisk1\DR1: 15:30:11.0451 5620 MBR partitions: 15:30:11.0451 5620 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 15:30:11.0451 5620 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1BEF1000 15:30:11.0451 5620 ============================================================ 15:30:11.0451 5620 C: <-> \Device\Harddisk1\DR1\Partition2 15:30:11.0466 5620 D: <-> \Device\Harddisk0\DR0\Partition1 15:30:11.0482 5620 E: <-> \Device\Harddisk0\DR0\Partition2 15:30:11.0482 5620 ============================================================ 15:30:11.0482 5620 Initialize success 15:30:11.0482 5620 ============================================================ 15:30:34.0336 1904 ============================================================ 15:30:34.0336 1904 Scan started 15:30:34.0336 1904 Mode: Manual; 15:30:34.0336 1904 ============================================================ 15:30:34.0461 1904 ================ Scan system memory ======================== 15:30:34.0461 1904 System memory - ok 15:30:34.0476 1904 ================ Scan services ============================= 15:30:34.0476 1904 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE 15:30:34.0476 1904 !SASCORE - ok 15:30:34.0508 1904 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 15:30:34.0523 1904 1394ohci - ok 15:30:34.0523 1904 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 15:30:34.0523 1904 ACPI - ok 15:30:34.0523 1904 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 15:30:34.0523 1904 AcpiPmi - ok 15:30:34.0554 1904 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 15:30:34.0570 1904 AdobeFlashPlayerUpdateSvc - ok 15:30:34.0570 1904 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 15:30:34.0586 1904 adp94xx - ok 15:30:34.0586 1904 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 15:30:34.0586 1904 adpahci - ok 15:30:34.0601 1904 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 15:30:34.0601 1904 adpu320 - ok 15:30:34.0601 1904 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 15:30:34.0601 1904 AeLookupSvc - ok 15:30:34.0617 1904 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 15:30:34.0617 1904 AFD - ok 15:30:34.0617 1904 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 15:30:34.0632 1904 agp440 - ok 15:30:34.0632 1904 [ 8B6625D53C18774F0102F690E285B5E8 ] AiChargerPlus C:\Windows\system32\DRIVERS\AiChargerPlus.sys 15:30:34.0632 1904 AiChargerPlus - ok 15:30:34.0632 1904 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 15:30:34.0632 1904 ALG - ok 15:30:34.0632 1904 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 15:30:34.0632 1904 aliide - ok 15:30:34.0648 1904 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 15:30:34.0648 1904 amdide - ok 15:30:34.0648 1904 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 15:30:34.0648 1904 AmdK8 - ok 15:30:34.0648 1904 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 15:30:34.0648 1904 AmdPPM - ok 15:30:34.0664 1904 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 15:30:34.0664 1904 amdsata - ok 15:30:34.0664 1904 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 15:30:34.0664 1904 amdsbs - ok 15:30:34.0679 1904 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 15:30:34.0679 1904 amdxata - ok 15:30:34.0679 1904 [ 2FBB00A7616106B95104574C6CD640C2 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys 15:30:34.0679 1904 amd_sata - ok 15:30:34.0679 1904 [ 87D0D7645CB0D53220649BD5FE15D93E ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys 15:30:34.0679 1904 amd_xata - ok 15:30:34.0679 1904 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 15:30:34.0679 1904 AppID - ok 15:30:34.0695 1904 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 15:30:34.0695 1904 AppIDSvc - ok 15:30:34.0695 1904 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 15:30:34.0695 1904 Appinfo - ok 15:30:34.0695 1904 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 15:30:34.0695 1904 arc - ok 15:30:34.0710 1904 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 15:30:34.0710 1904 arcsas - ok 15:30:34.0726 1904 [ 6E3F4538B33BC19259E99BE1826286A3 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe 15:30:34.0726 1904 asComSvc - ok 15:30:34.0742 1904 [ A63173897EA1A73A75D0E65036DE5B15 ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe 15:30:34.0757 1904 asHmComSvc - ok 15:30:34.0757 1904 [ FEF9DD9EA587F8886ADE43C1BEFBDAFE ] AsIO C:\Windows\syswow64\drivers\AsIO.sys 15:30:34.0757 1904 AsIO - ok 15:30:34.0757 1904 [ 6D9C024AA8F24065A6DBEAB1F431D854 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys 15:30:34.0757 1904 asmthub3 - ok 15:30:34.0773 1904 [ ECAD22F15D8F17CC04F24E9A6FB00F2F ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys 15:30:34.0773 1904 asmtxhci - ok 15:30:34.0773 1904 [ 5C31DFB196CB3A488A041881634D86D2 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe 15:30:34.0788 1904 AsSysCtrlService - ok 15:30:34.0788 1904 [ 1392B92179B07B672720763D9B1028A5 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys 15:30:34.0788 1904 AsUpIO - ok 15:30:34.0788 1904 [ A5E4CDB420540095D1293C874B5F89AA ] ASUSFILTER C:\Windows\syswow64\drivers\ASUSFILTER.sys 15:30:34.0788 1904 ASUSFILTER - ok 15:30:34.0804 1904 [ 4CA8E3A70263C3029935551204586701 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys 15:30:34.0804 1904 aswFsBlk - ok 15:30:34.0804 1904 [ CF6A24076F978BF9C1FE61EE8595DB66 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 15:30:34.0804 1904 aswMonFlt - ok 15:30:34.0804 1904 [ 24EB5B96B8D215BAC4FC280D39B73049 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys 15:30:34.0804 1904 aswRdr - ok 15:30:34.0820 1904 [ 76A2BD420185B468B6DE89AED1EEAE40 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys 15:30:34.0820 1904 aswRvrt - ok 15:30:34.0835 1904 [ 5EB2FC36BD4639097A2F9BB68C825604 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 15:30:34.0835 1904 aswSnx - ok 15:30:34.0835 1904 [ AB1403AF5CC781D5148096216DA3A2A3 ] aswSP C:\Windows\system32\drivers\aswSP.sys 15:30:34.0851 1904 aswSP - ok 15:30:34.0851 1904 [ 6A2D4BB9DDAA7D74839936403BB31F06 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys 15:30:34.0851 1904 aswTdi - ok 15:30:34.0851 1904 [ 0A83FFF1AEF6113EF8DCBB32D5014AB1 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys 15:30:34.0851 1904 aswVmm - ok 15:30:34.0851 1904 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 15:30:34.0866 1904 AsyncMac - ok 15:30:34.0866 1904 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 15:30:34.0866 1904 atapi - ok 15:30:34.0882 1904 [ 417B9BAB376E8E50F6770196656FD348 ] athur C:\Windows\system32\DRIVERS\athurx.sys 15:30:34.0913 1904 athur - ok 15:30:34.0929 1904 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 15:30:34.0929 1904 AudioEndpointBuilder - ok 15:30:34.0944 1904 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 15:30:34.0944 1904 AudioSrv - ok 15:30:34.0944 1904 [ AEF6E1DE647339C4990586D1DE427BBB ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 15:30:34.0944 1904 avast! Antivirus - ok 15:30:34.0960 1904 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 15:30:34.0960 1904 AxInstSV - ok 15:30:34.0960 1904 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 15:30:34.0976 1904 b06bdrv - ok 15:30:34.0976 1904 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 15:30:34.0976 1904 b57nd60a - ok 15:30:34.0991 1904 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 15:30:34.0991 1904 BDESVC - ok 15:30:34.0991 1904 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 15:30:34.0991 1904 Beep - ok 15:30:35.0007 1904 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 15:30:35.0007 1904 BFE - ok 15:30:35.0022 1904 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 15:30:35.0038 1904 BITS - ok 15:30:35.0038 1904 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 15:30:35.0038 1904 blbdrive - ok 15:30:35.0038 1904 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 15:30:35.0054 1904 bowser - ok 15:30:35.0054 1904 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 15:30:35.0054 1904 BrFiltLo - ok 15:30:35.0054 1904 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 15:30:35.0054 1904 BrFiltUp - ok 15:30:35.0054 1904 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 15:30:35.0069 1904 Browser - ok 15:30:35.0069 1904 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 15:30:35.0069 1904 Brserid - ok 15:30:35.0069 1904 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 15:30:35.0069 1904 BrSerWdm - ok 15:30:35.0085 1904 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 15:30:35.0085 1904 BrUsbMdm - ok 15:30:35.0085 1904 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 15:30:35.0085 1904 BrUsbSer - ok 15:30:35.0085 1904 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 15:30:35.0085 1904 BTHMODEM - ok 15:30:35.0100 1904 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 15:30:35.0100 1904 bthserv - ok 15:30:35.0100 1904 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 15:30:35.0100 1904 cdfs - ok 15:30:35.0100 1904 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 15:30:35.0116 1904 cdrom - ok 15:30:35.0116 1904 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 15:30:35.0116 1904 CertPropSvc - ok 15:30:35.0116 1904 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 15:30:35.0116 1904 circlass - ok 15:30:35.0132 1904 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 15:30:35.0132 1904 CLFS - ok 15:30:35.0132 1904 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:30:35.0132 1904 clr_optimization_v2.0.50727_32 - ok 15:30:35.0147 1904 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 15:30:35.0147 1904 clr_optimization_v2.0.50727_64 - ok 15:30:35.0147 1904 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:30:35.0163 1904 clr_optimization_v4.0.30319_32 - ok 15:30:35.0163 1904 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 15:30:35.0163 1904 clr_optimization_v4.0.30319_64 - ok 15:30:35.0163 1904 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 15:30:35.0163 1904 CmBatt - ok 15:30:35.0178 1904 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 15:30:35.0178 1904 cmdide - ok 15:30:35.0178 1904 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 15:30:35.0178 1904 CNG - ok 15:30:35.0194 1904 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 15:30:35.0194 1904 Compbatt - ok 15:30:35.0194 1904 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 15:30:35.0194 1904 CompositeBus - ok 15:30:35.0194 1904 COMSysApp - ok 15:30:35.0194 1904 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 15:30:35.0194 1904 crcdisk - ok 15:30:35.0210 1904 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 15:30:35.0210 1904 CryptSvc - ok 15:30:35.0225 1904 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 15:30:35.0225 1904 DcomLaunch - ok 15:30:35.0241 1904 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 15:30:35.0241 1904 defragsvc - ok 15:30:35.0241 1904 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 15:30:35.0241 1904 DfsC - ok 15:30:35.0256 1904 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 15:30:35.0256 1904 Dhcp - ok 15:30:35.0256 1904 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 15:30:35.0256 1904 discache - ok 15:30:35.0272 1904 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 15:30:35.0272 1904 Disk - ok 15:30:35.0272 1904 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 15:30:35.0272 1904 Dnscache - ok 15:30:35.0288 1904 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 15:30:35.0288 1904 dot3svc - ok 15:30:35.0288 1904 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 15:30:35.0288 1904 DPS - ok 15:30:35.0288 1904 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 15:30:35.0303 1904 drmkaud - ok 15:30:35.0303 1904 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys 15:30:35.0303 1904 dtsoftbus01 - ok 15:30:35.0319 1904 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 15:30:35.0319 1904 DXGKrnl - ok 15:30:35.0334 1904 EagleX64 - ok 15:30:35.0334 1904 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 15:30:35.0334 1904 EapHost - ok 15:30:35.0381 1904 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 15:30:35.0412 1904 ebdrv - ok 15:30:35.0412 1904 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 15:30:35.0412 1904 EFS - ok 15:30:35.0428 1904 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 15:30:35.0444 1904 ehRecvr - ok 15:30:35.0444 1904 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 15:30:35.0444 1904 ehSched - ok 15:30:35.0459 1904 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 15:30:35.0459 1904 elxstor - ok 15:30:35.0459 1904 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 15:30:35.0459 1904 ErrDev - ok 15:30:35.0475 1904 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 15:30:35.0475 1904 EventSystem - ok 15:30:35.0490 1904 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 15:30:35.0490 1904 exfat - ok 15:30:35.0490 1904 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 15:30:35.0490 1904 fastfat - ok 15:30:35.0506 1904 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 15:30:35.0522 1904 Fax - ok 15:30:35.0522 1904 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 15:30:35.0522 1904 fdc - ok 15:30:35.0522 1904 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 15:30:35.0522 1904 fdPHost - ok 15:30:35.0537 1904 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 15:30:35.0537 1904 FDResPub - ok 15:30:35.0537 1904 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 15:30:35.0537 1904 FileInfo - ok 15:30:35.0537 1904 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 15:30:35.0537 1904 Filetrace - ok 15:30:35.0537 1904 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 15:30:35.0537 1904 flpydisk - ok 15:30:35.0553 1904 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 15:30:35.0553 1904 FltMgr - ok 15:30:35.0568 1904 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 15:30:35.0584 1904 FontCache - ok 15:30:35.0584 1904 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 15:30:35.0584 1904 FontCache3.0.0.0 - ok 15:30:35.0600 1904 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 15:30:35.0600 1904 FsDepends - ok 15:30:35.0600 1904 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 15:30:35.0600 1904 Fs_Rec - ok 15:30:35.0600 1904 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 15:30:35.0615 1904 fvevol - ok 15:30:35.0615 1904 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 15:30:35.0615 1904 gagp30kx - ok 15:30:35.0631 1904 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 15:30:35.0631 1904 gpsvc - ok 15:30:35.0646 1904 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 15:30:35.0646 1904 hcw85cir - ok 15:30:35.0646 1904 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 15:30:35.0646 1904 HdAudAddService - ok 15:30:35.0662 1904 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 15:30:35.0662 1904 HDAudBus - ok 15:30:35.0662 1904 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 15:30:35.0662 1904 HidBatt - ok 15:30:35.0662 1904 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 15:30:35.0662 1904 HidBth - ok 15:30:35.0678 1904 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 15:30:35.0678 1904 HidIr - ok 15:30:35.0678 1904 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 15:30:35.0678 1904 hidserv - ok 15:30:35.0678 1904 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 15:30:35.0678 1904 HidUsb - ok 15:30:35.0693 1904 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 15:30:35.0693 1904 hkmsvc - ok 15:30:35.0693 1904 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 15:30:35.0693 1904 HomeGroupListener - ok 15:30:35.0709 1904 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 15:30:35.0709 1904 HomeGroupProvider - ok 15:30:35.0709 1904 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 15:30:35.0709 1904 HpSAMD - ok 15:30:35.0724 1904 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 15:30:35.0740 1904 HTTP - ok 15:30:35.0740 1904 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 15:30:35.0740 1904 hwpolicy - ok 15:30:35.0740 1904 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 15:30:35.0740 1904 i8042prt - ok 15:30:35.0756 1904 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 15:30:35.0756 1904 iaStorV - ok 15:30:35.0771 1904 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 15:30:35.0787 1904 idsvc - ok 15:30:35.0787 1904 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 15:30:35.0787 1904 iirsp - ok 15:30:35.0802 1904 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 15:30:35.0818 1904 IKEEXT - ok 15:30:35.0849 1904 [ 589B94A9B73A0E819FF873743A480834 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 15:30:35.0865 1904 IntcAzAudAddService - ok 15:30:35.0865 1904 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 15:30:35.0865 1904 intelide - ok 15:30:35.0865 1904 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys 15:30:35.0865 1904 intelppm - ok 15:30:35.0880 1904 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 15:30:35.0880 1904 IPBusEnum - ok 15:30:35.0880 1904 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:30:35.0880 1904 IpFilterDriver - ok 15:30:35.0896 1904 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 15:30:35.0896 1904 iphlpsvc - ok 15:30:35.0912 1904 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 15:30:35.0912 1904 IPMIDRV - ok 15:30:35.0912 1904 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 15:30:35.0912 1904 IPNAT - ok 15:30:35.0912 1904 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 15:30:35.0912 1904 IRENUM - ok 15:30:35.0927 1904 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 15:30:35.0927 1904 isapnp - ok 15:30:35.0927 1904 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 15:30:35.0927 1904 iScsiPrt - ok 15:30:35.0943 1904 [ 79A55E8907F34AB569029505418C35EF ] JRAID C:\Windows\system32\DRIVERS\jraid.sys 15:30:35.0943 1904 JRAID - ok 15:30:35.0943 1904 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 15:30:35.0943 1904 kbdclass - ok 15:30:35.0943 1904 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 15:30:35.0943 1904 kbdhid - ok 15:30:35.0943 1904 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 15:30:35.0943 1904 KeyIso - ok 15:30:35.0958 1904 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 15:30:35.0958 1904 KSecDD - ok 15:30:35.0958 1904 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 15:30:35.0958 1904 KSecPkg - ok 15:30:35.0958 1904 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 15:30:35.0958 1904 ksthunk - ok 15:30:35.0974 1904 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 15:30:35.0974 1904 KtmRm - ok 15:30:35.0990 1904 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 15:30:35.0990 1904 LanmanServer - ok 15:30:35.0990 1904 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 15:30:36.0005 1904 LanmanWorkstation - ok 15:30:36.0005 1904 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 15:30:36.0005 1904 lltdio - ok 15:30:36.0005 1904 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 15:30:36.0021 1904 lltdsvc - ok 15:30:36.0021 1904 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 15:30:36.0021 1904 lmhosts - ok 15:30:36.0021 1904 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 15:30:36.0021 1904 LSI_FC - ok 15:30:36.0036 1904 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 15:30:36.0036 1904 LSI_SAS - ok 15:30:36.0036 1904 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 15:30:36.0036 1904 LSI_SAS2 - ok 15:30:36.0036 1904 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 15:30:36.0052 1904 LSI_SCSI - ok 15:30:36.0052 1904 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 15:30:36.0052 1904 luafv - ok 15:30:36.0052 1904 [ 741083526BA1C6217D7E664BB86CFA62 ] lxdoCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxdoserv.exe 15:30:36.0052 1904 lxdoCATSCustConnectService - ok 15:30:36.0068 1904 lxdo_device - ok 15:30:36.0068 1904 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 15:30:36.0068 1904 Mcx2Svc - ok 15:30:36.0068 1904 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 15:30:36.0068 1904 megasas - ok 15:30:36.0083 1904 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 15:30:36.0083 1904 MegaSR - ok 15:30:36.0083 1904 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 15:30:36.0083 1904 MMCSS - ok 15:30:36.0099 1904 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 15:30:36.0099 1904 Modem - ok 15:30:36.0099 1904 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 15:30:36.0099 1904 monitor - ok 15:30:36.0099 1904 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 15:30:36.0099 1904 mouclass - ok 15:30:36.0099 1904 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 15:30:36.0114 1904 mouhid - ok 15:30:36.0114 1904 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 15:30:36.0114 1904 mountmgr - ok 15:30:36.0114 1904 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 15:30:36.0114 1904 MozillaMaintenance - ok 15:30:36.0130 1904 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 15:30:36.0130 1904 mpio - ok 15:30:36.0130 1904 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 15:30:36.0130 1904 mpsdrv - ok 15:30:36.0146 1904 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 15:30:36.0146 1904 MpsSvc - ok 15:30:36.0161 1904 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 15:30:36.0161 1904 MRxDAV - ok 15:30:36.0161 1904 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 15:30:36.0161 1904 mrxsmb - ok 15:30:36.0177 1904 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:30:36.0177 1904 mrxsmb10 - ok 15:30:36.0177 1904 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:30:36.0177 1904 mrxsmb20 - ok 15:30:36.0192 1904 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 15:30:36.0192 1904 msahci - ok 15:30:36.0192 1904 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 15:30:36.0192 1904 msdsm - ok 15:30:36.0192 1904 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 15:30:36.0208 1904 MSDTC - ok 15:30:36.0208 1904 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 15:30:36.0208 1904 Msfs - ok 15:30:36.0208 1904 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 15:30:36.0224 1904 mshidkmdf - ok 15:30:36.0224 1904 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 15:30:36.0224 1904 msisadrv - ok 15:30:36.0224 1904 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 15:30:36.0224 1904 MSiSCSI - ok 15:30:36.0224 1904 msiserver - ok 15:30:36.0239 1904 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 15:30:36.0239 1904 MSKSSRV - ok 15:30:36.0239 1904 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 15:30:36.0239 1904 MSPCLOCK - ok 15:30:36.0239 1904 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 15:30:36.0239 1904 MSPQM - ok 15:30:36.0255 1904 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 15:30:36.0255 1904 MsRPC - ok 15:30:36.0255 1904 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 15:30:36.0255 1904 mssmbios - ok 15:30:36.0255 1904 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 15:30:36.0255 1904 MSTEE - ok 15:30:36.0270 1904 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 15:30:36.0270 1904 MTConfig - ok 15:30:36.0270 1904 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 15:30:36.0270 1904 Mup - ok 15:30:36.0286 1904 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 15:30:36.0286 1904 napagent - ok 15:30:36.0286 1904 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 15:30:36.0302 1904 NativeWifiP - ok 15:30:36.0317 1904 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 15:30:36.0317 1904 NDIS - ok 15:30:36.0317 1904 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 15:30:36.0333 1904 NdisCap - ok 15:30:36.0333 1904 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 15:30:36.0333 1904 NdisTapi - ok 15:30:36.0333 1904 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 15:30:36.0333 1904 Ndisuio - ok 15:30:36.0333 1904 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 15:30:36.0348 1904 NdisWan - ok 15:30:36.0348 1904 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 15:30:36.0348 1904 NDProxy - ok 15:30:36.0348 1904 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 15:30:36.0348 1904 NetBIOS - ok 15:30:36.0364 1904 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 15:30:36.0364 1904 NetBT - ok 15:30:36.0364 1904 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 15:30:36.0364 1904 Netlogon - ok 15:30:36.0364 1904 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 15:30:36.0380 1904 Netman - ok 15:30:36.0380 1904 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 15:30:36.0395 1904 netprofm - ok 15:30:36.0395 1904 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 15:30:36.0395 1904 NetTcpPortSharing - ok 15:30:36.0395 1904 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 15:30:36.0411 1904 nfrd960 - ok 15:30:36.0411 1904 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 15:30:36.0411 1904 NlaSvc - ok 15:30:36.0411 1904 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 15:30:36.0426 1904 Npfs - ok 15:30:36.0426 1904 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 15:30:36.0426 1904 nsi - ok 15:30:36.0426 1904 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 15:30:36.0426 1904 nsiproxy - ok 15:30:36.0458 1904 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 15:30:36.0473 1904 Ntfs - ok 15:30:36.0473 1904 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 15:30:36.0473 1904 Null - ok 15:30:36.0489 1904 [ B4F53BCA4C688FF47F04FA90098F896E ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 15:30:36.0489 1904 NVHDA - ok 15:30:36.0645 1904 [ 0A2F27B5BCC45B64E152DD6AE0815198 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 15:30:36.0707 1904 nvlddmkm - ok 15:30:36.0707 1904 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 15:30:36.0707 1904 nvraid - ok 15:30:36.0723 1904 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 15:30:36.0723 1904 nvstor - ok 15:30:36.0738 1904 [ 574087EA9105F23FB522A4FDDD5292D9 ] nvsvc C:\Windows\system32\nvvsvc.exe 15:30:36.0738 1904 nvsvc - ok 15:30:36.0770 1904 [ ABA5A88740635D37A2B6CEB27DBC738A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 15:30:36.0770 1904 nvUpdatusService - ok 15:30:36.0770 1904 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 15:30:36.0770 1904 nv_agp - ok 15:30:36.0785 1904 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 15:30:36.0785 1904 ohci1394 - ok 15:30:36.0785 1904 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 15:30:36.0801 1904 p2pimsvc - ok 15:30:36.0801 1904 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 15:30:36.0816 1904 p2psvc - ok 15:30:36.0816 1904 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 15:30:36.0816 1904 Parport - ok 15:30:36.0816 1904 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 15:30:36.0816 1904 partmgr - ok 15:30:36.0832 1904 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 15:30:36.0832 1904 PcaSvc - ok 15:30:36.0832 1904 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 15:30:36.0832 1904 pci - ok 15:30:36.0848 1904 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 15:30:36.0848 1904 pciide - ok 15:30:36.0848 1904 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 15:30:36.0848 1904 pcmcia - ok 15:30:36.0863 1904 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 15:30:36.0863 1904 pcw - ok 15:30:36.0863 1904 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 15:30:36.0879 1904 PEAUTH - ok 15:30:36.0894 1904 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 15:30:36.0894 1904 PerfHost - ok 15:30:36.0926 1904 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 15:30:36.0941 1904 pla - ok 15:30:36.0957 1904 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 15:30:36.0957 1904 PlugPlay - ok 15:30:36.0957 1904 PnkBstrA - ok 15:30:36.0972 1904 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 15:30:36.0972 1904 PNRPAutoReg - ok 15:30:36.0972 1904 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 15:30:36.0972 1904 PNRPsvc - ok 15:30:36.0988 1904 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 15:30:37.0004 1904 PolicyAgent - ok 15:30:37.0004 1904 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 15:30:37.0004 1904 Power - ok 15:30:37.0019 1904 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 15:30:37.0019 1904 PptpMiniport - ok 15:30:37.0019 1904 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 15:30:37.0019 1904 Processor - ok 15:30:37.0019 1904 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 15:30:37.0035 1904 ProfSvc - ok 15:30:37.0035 1904 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 15:30:37.0035 1904 ProtectedStorage - ok 15:30:37.0035 1904 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 15:30:37.0035 1904 Psched - ok 15:30:37.0066 1904 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 15:30:37.0082 1904 ql2300 - ok 15:30:37.0082 1904 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 15:30:37.0082 1904 ql40xx - ok 15:30:37.0097 1904 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 15:30:37.0097 1904 QWAVE - ok 15:30:37.0097 1904 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 15:30:37.0097 1904 QWAVEdrv - ok 15:30:37.0097 1904 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 15:30:37.0113 1904 RasAcd - ok 15:30:37.0113 1904 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 15:30:37.0113 1904 RasAgileVpn - ok 15:30:37.0113 1904 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 15:30:37.0113 1904 RasAuto - ok 15:30:37.0128 1904 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 15:30:37.0128 1904 Rasl2tp - ok 15:30:37.0128 1904 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 15:30:37.0144 1904 RasMan - ok 15:30:37.0144 1904 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 15:30:37.0144 1904 RasPppoe - ok 15:30:37.0144 1904 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 15:30:37.0144 1904 RasSstp - ok 15:30:37.0160 1904 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 15:30:37.0160 1904 rdbss - ok 15:30:37.0160 1904 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 15:30:37.0160 1904 rdpbus - ok 15:30:37.0160 1904 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 15:30:37.0160 1904 RDPCDD - ok 15:30:37.0175 1904 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 15:30:37.0175 1904 RDPENCDD - ok 15:30:37.0175 1904 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 15:30:37.0175 1904 RDPREFMP - ok 15:30:37.0175 1904 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 15:30:37.0191 1904 RDPWD - ok 15:30:37.0191 1904 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 15:30:37.0191 1904 rdyboost - ok 15:30:37.0191 1904 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 15:30:37.0206 1904 RemoteAccess - ok 15:30:37.0206 1904 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 15:30:37.0206 1904 RemoteRegistry - ok 15:30:37.0206 1904 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 15:30:37.0222 1904 RpcEptMapper - ok 15:30:37.0222 1904 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 15:30:37.0222 1904 RpcLocator - ok 15:30:37.0238 1904 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 15:30:37.0238 1904 RpcSs - ok 15:30:37.0238 1904 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 15:30:37.0238 1904 rspndr - ok 15:30:37.0253 1904 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 15:30:37.0253 1904 RTL8167 - ok 15:30:37.0253 1904 RTL8192cu - ok 15:30:37.0269 1904 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 15:30:37.0269 1904 SamSs - ok 15:30:37.0269 1904 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 15:30:37.0269 1904 SASDIFSV - ok 15:30:37.0269 1904 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 15:30:37.0269 1904 SASKUTIL - ok 15:30:37.0269 1904 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 15:30:37.0269 1904 sbp2port - ok 15:30:37.0284 1904 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 15:30:37.0284 1904 SCardSvr - ok 15:30:37.0284 1904 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 15:30:37.0284 1904 scfilter - ok 15:30:37.0300 1904 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 15:30:37.0316 1904 Schedule - ok 15:30:37.0331 1904 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 15:30:37.0331 1904 SCPolicySvc - ok 15:30:37.0331 1904 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 15:30:37.0331 1904 SDRSVC - ok 15:30:37.0347 1904 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 15:30:37.0347 1904 secdrv - ok 15:30:37.0347 1904 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 15:30:37.0347 1904 seclogon - ok 15:30:37.0347 1904 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 15:30:37.0362 1904 SENS - ok 15:30:37.0362 1904 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 15:30:37.0362 1904 SensrSvc - ok 15:30:37.0362 1904 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 15:30:37.0362 1904 Serenum - ok 15:30:37.0362 1904 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 15:30:37.0378 1904 Serial - ok 15:30:37.0378 1904 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 15:30:37.0378 1904 sermouse - ok 15:30:37.0378 1904 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 15:30:37.0394 1904 SessionEnv - ok 15:30:37.0394 1904 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 15:30:37.0394 1904 sffdisk - ok 15:30:37.0394 1904 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 15:30:37.0394 1904 sffp_mmc - ok 15:30:37.0394 1904 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 15:30:37.0394 1904 sffp_sd - ok 15:30:37.0409 1904 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 15:30:37.0409 1904 sfloppy - ok 15:30:37.0409 1904 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 15:30:37.0409 1904 SharedAccess - ok 15:30:37.0425 1904 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 15:30:37.0425 1904 ShellHWDetection - ok 15:30:37.0440 1904 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 15:30:37.0440 1904 SiSRaid2 - ok 15:30:37.0440 1904 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 15:30:37.0440 1904 SiSRaid4 - ok 15:30:37.0440 1904 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 15:30:37.0456 1904 SkypeUpdate - ok 15:30:37.0456 1904 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 15:30:37.0456 1904 Smb - ok 15:30:37.0456 1904 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 15:30:37.0472 1904 SNMPTRAP - ok 15:30:37.0472 1904 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 15:30:37.0472 1904 spldr - ok 15:30:37.0472 1904 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 15:30:37.0487 1904 Spooler - ok 15:30:37.0534 1904 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 15:30:37.0581 1904 sppsvc - ok 15:30:37.0581 1904 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 15:30:37.0581 1904 sppuinotify - ok 15:30:37.0596 1904 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 15:30:37.0596 1904 srv - ok 15:30:37.0612 1904 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 15:30:37.0612 1904 srv2 - ok 15:30:37.0612 1904 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 15:30:37.0628 1904 srvnet - ok 15:30:37.0628 1904 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 15:30:37.0628 1904 SSDPSRV - ok 15:30:37.0643 1904 [ 3497516110F2D8A1842E1389C3F0472E ] SSMO4Filter C:\Windows\system32\drivers\MO4Driver.sys 15:30:37.0643 1904 SSMO4Filter - ok 15:30:37.0643 1904 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 15:30:37.0643 1904 SstpSvc - ok 15:30:37.0643 1904 Steam Client Service - ok 15:30:37.0659 1904 [ 78216A10BF8B200890A88D8820F33F14 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 15:30:37.0659 1904 Stereo Service - ok 15:30:37.0659 1904 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 15:30:37.0659 1904 stexstor - ok 15:30:37.0674 1904 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 15:30:37.0690 1904 stisvc - ok 15:30:37.0690 1904 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 15:30:37.0690 1904 swenum - ok 15:30:37.0690 1904 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 15:30:37.0706 1904 swprv - ok 15:30:37.0737 1904 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 15:30:37.0752 1904 SysMain - ok 15:30:37.0752 1904 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 15:30:37.0768 1904 TabletInputService - ok 15:30:37.0768 1904 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 15:30:37.0784 1904 TapiSrv - ok 15:30:37.0784 1904 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 15:30:37.0784 1904 TBS - ok 15:30:37.0815 1904 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 15:30:37.0830 1904 Tcpip - ok 15:30:37.0862 1904 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 15:30:37.0862 1904 TCPIP6 - ok 15:30:37.0877 1904 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 15:30:37.0877 1904 tcpipreg - ok 15:30:37.0877 1904 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 15:30:37.0877 1904 TDPIPE - ok 15:30:37.0877 1904 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 15:30:37.0877 1904 TDTCP - ok 15:30:37.0893 1904 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 15:30:37.0893 1904 tdx - ok 15:30:37.0893 1904 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 15:30:37.0893 1904 TermDD - ok 15:30:37.0908 1904 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 15:30:37.0924 1904 TermService - ok 15:30:37.0924 1904 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 15:30:37.0924 1904 Themes - ok 15:30:37.0924 1904 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 15:30:37.0940 1904 THREADORDER - ok 15:30:37.0940 1904 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 15:30:37.0940 1904 TrkWks - ok 15:30:37.0940 1904 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 15:30:37.0955 1904 TrustedInstaller - ok 15:30:37.0955 1904 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 15:30:37.0955 1904 tssecsrv - ok 15:30:37.0955 1904 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 15:30:37.0955 1904 TsUsbFlt - ok 15:30:37.0971 1904 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 15:30:37.0971 1904 TsUsbGD - ok 15:30:37.0971 1904 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 15:30:37.0971 1904 tunnel - ok 15:30:37.0971 1904 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 15:30:37.0971 1904 uagp35 - ok 15:30:37.0986 1904 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 15:30:37.0986 1904 udfs - ok 15:30:38.0002 1904 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 15:30:38.0002 1904 UI0Detect - ok 15:30:38.0002 1904 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 15:30:38.0002 1904 uliagpkx - ok 15:30:38.0002 1904 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 15:30:38.0018 1904 umbus - ok 15:30:38.0018 1904 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 15:30:38.0018 1904 UmPass - ok 15:30:38.0018 1904 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 15:30:38.0033 1904 upnphost - ok 15:30:38.0033 1904 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 15:30:38.0033 1904 usbaudio - ok 15:30:38.0033 1904 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 15:30:38.0049 1904 usbccgp - ok 15:30:38.0049 1904 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 15:30:38.0049 1904 usbcir - ok 15:30:38.0049 1904 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 15:30:38.0049 1904 usbehci - ok 15:30:38.0064 1904 [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys 15:30:38.0064 1904 usbfilter - ok 15:30:38.0064 1904 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 15:30:38.0064 1904 usbhub - ok 15:30:38.0080 1904 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 15:30:38.0080 1904 usbohci - ok 15:30:38.0080 1904 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys 15:30:38.0080 1904 usbprint - ok 15:30:38.0080 1904 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 15:30:38.0080 1904 usbscan - ok 15:30:38.0096 1904 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:30:38.0096 1904 USBSTOR - ok 15:30:38.0096 1904 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 15:30:38.0096 1904 usbuhci - ok 15:30:38.0096 1904 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys 15:30:38.0096 1904 usb_rndisx - ok 15:30:38.0111 1904 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 15:30:38.0111 1904 UxSms - ok 15:30:38.0111 1904 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 15:30:38.0111 1904 VaultSvc - ok 15:30:38.0111 1904 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 15:30:38.0127 1904 vdrvroot - ok 15:30:38.0127 1904 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 15:30:38.0142 1904 vds - ok 15:30:38.0142 1904 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 15:30:38.0142 1904 vga - ok 15:30:38.0142 1904 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 15:30:38.0142 1904 VgaSave - ok 15:30:38.0158 1904 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 15:30:38.0158 1904 vhdmp - ok 15:30:38.0158 1904 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 15:30:38.0158 1904 viaide - ok 15:30:38.0158 1904 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 15:30:38.0158 1904 volmgr - ok 15:30:38.0174 1904 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 15:30:38.0174 1904 volmgrx - ok 15:30:38.0189 1904 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys 15:30:38.0189 1904 volsnap - ok 15:30:38.0189 1904 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 15:30:38.0189 1904 vsmraid - ok 15:30:38.0220 1904 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 15:30:38.0236 1904 VSS - ok 15:30:38.0252 1904 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 15:30:38.0252 1904 vwifibus - ok 15:30:38.0252 1904 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 15:30:38.0252 1904 vwififlt - ok 15:30:38.0252 1904 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 15:30:38.0267 1904 W32Time - ok 15:30:38.0267 1904 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 15:30:38.0267 1904 WacomPen - ok 15:30:38.0283 1904 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 15:30:38.0283 1904 WANARP - ok 15:30:38.0283 1904 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 15:30:38.0283 1904 Wanarpv6 - ok 15:30:38.0298 1904 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 15:30:38.0314 1904 WatAdminSvc - ok 15:30:38.0330 1904 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 15:30:38.0361 1904 wbengine - ok 15:30:38.0361 1904 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 15:30:38.0376 1904 WbioSrvc - ok 15:30:38.0376 1904 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 15:30:38.0392 1904 wcncsvc - ok 15:30:38.0392 1904 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 15:30:38.0392 1904 WcsPlugInService - ok 15:30:38.0408 1904 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 15:30:38.0408 1904 Wd - ok 15:30:38.0423 1904 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 15:30:38.0423 1904 Wdf01000 - ok 15:30:38.0423 1904 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 15:30:38.0439 1904 WdiServiceHost - ok 15:30:38.0439 1904 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 15:30:38.0439 1904 WdiSystemHost - ok 15:30:38.0439 1904 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 15:30:38.0454 1904 WebClient - ok 15:30:38.0454 1904 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 15:30:38.0470 1904 Wecsvc - ok 15:30:38.0470 1904 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 15:30:38.0470 1904 wercplsupport - ok 15:30:38.0470 1904 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 15:30:38.0486 1904 WerSvc - ok 15:30:38.0486 1904 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 15:30:38.0486 1904 WfpLwf - ok 15:30:38.0486 1904 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 15:30:38.0486 1904 WIMMount - ok 15:30:38.0486 1904 WinDefend - ok 15:30:38.0501 1904 WinHttpAutoProxySvc - ok 15:30:38.0501 1904 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 15:30:38.0517 1904 Winmgmt - ok 15:30:38.0532 1904 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 15:30:38.0564 1904 WinRM - ok 15:30:38.0564 1904 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 15:30:38.0579 1904 WinUsb - ok 15:30:38.0595 1904 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 15:30:38.0610 1904 Wlansvc - ok 15:30:38.0642 1904 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 15:30:38.0657 1904 wlidsvc - ok 15:30:38.0673 1904 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 15:30:38.0673 1904 WmiAcpi - ok 15:30:38.0673 1904 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 15:30:38.0673 1904 wmiApSrv - ok 15:30:38.0688 1904 WMPNetworkSvc - ok 15:30:38.0688 1904 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 15:30:38.0688 1904 WPCSvc - ok 15:30:38.0688 1904 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 15:30:38.0704 1904 WPDBusEnum - ok 15:30:38.0704 1904 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 15:30:38.0704 1904 ws2ifsl - ok 15:30:38.0704 1904 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 15:30:38.0720 1904 wscsvc - ok 15:30:38.0720 1904 WSearch - ok 15:30:38.0751 1904 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 15:30:38.0782 1904 wuauserv - ok 15:30:38.0782 1904 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 15:30:38.0782 1904 WudfPf - ok 15:30:38.0798 1904 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 15:30:38.0798 1904 WUDFRd - ok 15:30:38.0798 1904 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 15:30:38.0798 1904 wudfsvc - ok 15:30:38.0813 1904 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 15:30:38.0813 1904 WwanSvc - ok 15:30:38.0829 1904 [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys 15:30:38.0829 1904 xusb21 - ok 15:30:38.0829 1904 ================ Scan global =============================== 15:30:38.0829 1904 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 15:30:38.0844 1904 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 15:30:38.0844 1904 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 15:30:38.0860 1904 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 15:30:38.0860 1904 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 15:30:38.0876 1904 [Global] - ok 15:30:38.0876 1904 ================ Scan MBR ================================== 15:30:38.0876 1904 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 15:30:39.0016 1904 \Device\Harddisk0\DR0 - ok 15:30:39.0016 1904 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 15:30:39.0110 1904 \Device\Harddisk1\DR1 - ok 15:30:39.0110 1904 ================ Scan VBR ================================== 15:30:39.0110 1904 [ 488419AE07FF2B2F428AE4583819D927 ] \Device\Harddisk0\DR0\Partition1 15:30:39.0110 1904 \Device\Harddisk0\DR0\Partition1 - ok 15:30:39.0110 1904 [ 3594A00F741E0B205D03D906852E2176 ] \Device\Harddisk0\DR0\Partition2 15:30:39.0125 1904 \Device\Harddisk0\DR0\Partition2 - ok 15:30:39.0125 1904 [ 0E4F83986AA8E8A79BEFBA519FBDC0A2 ] \Device\Harddisk1\DR1\Partition1 15:30:39.0125 1904 \Device\Harddisk1\DR1\Partition1 - ok 15:30:39.0125 1904 [ 890DDAF510E5F145B4C84A73AC047593 ] \Device\Harddisk1\DR1\Partition2 15:30:39.0125 1904 \Device\Harddisk1\DR1\Partition2 - ok 15:30:39.0125 1904 ============================================================ 15:30:39.0125 1904 Scan finished 15:30:39.0125 1904 ============================================================ 15:30:39.0141 4724 Detected object count: 0 15:30:39.0141 4724 Actual detected object count: 0 Quote AMD FX 6100 @ 3.9Ghz / Asus M5A99X EVO 990X / G-Skill 8GB DDR3 1600Mhz RipjawsX / Zotac GeForce GTX 660 Ti / Corsair TX 750W V2 PSU / Antec Kuhler 620 / Win7 64 / NZXT Tempest 410 Elite / NZXT 6 channel fan controller / Kingston 240GB HyperX 3K SSD / 1TB HDD Intel Pentium G2020 2.90GHz / Gigabyte GA-Z77N-WIFI / Kingston 4GB DDR3 1600MHz HyperX Genesis / Corsair 430W CXM / Fractal Design Node 304 Mini ITX Case / 2TB WD Greenhttp://steamsignature.com/status/default/76561197986113115.png
Vr5fx Posted March 5, 2013 Author Posted March 5, 2013 [ATTACH=CONFIG]982.vB5-legacyid=1883[/ATTACH] No "list of found threats", assuming because there aren't any? I appreciate your help. :) Quote AMD FX 6100 @ 3.9Ghz / Asus M5A99X EVO 990X / G-Skill 8GB DDR3 1600Mhz RipjawsX / Zotac GeForce GTX 660 Ti / Corsair TX 750W V2 PSU / Antec Kuhler 620 / Win7 64 / NZXT Tempest 410 Elite / NZXT 6 channel fan controller / Kingston 240GB HyperX 3K SSD / 1TB HDD Intel Pentium G2020 2.90GHz / Gigabyte GA-Z77N-WIFI / Kingston 4GB DDR3 1600MHz HyperX Genesis / Corsair 430W CXM / Fractal Design Node 304 Mini ITX Case / 2TB WD Greenhttp://steamsignature.com/status/default/76561197986113115.png
etavares Posted March 6, 2013 Posted March 6, 2013 Hi Vr5fx, As expected. But it helps to have a second opinion. :) So, we have ruled out malware. THis may be a bit tricky...you already did the Alt-Spacebar trick to try and maximize it. That being said...try to do Alt-Spacebar and Minimize it...that seems counterintuitive but sometimes you'll suddenly get an icon on your taskbar when you do that that can help identify it. Have you tried to Alt-Tab when it happens and see what it's trying to move from? If you're a programmer, you can try this code to see what it is. http://blogs.msdn.com/b/vbteam/archive/2007/04/02/it-s-elementary-using-vb-to-get-process-information-matt-gertz.aspx Here's a registry tweak to prevent it, some have used with limited success. http://winhlp.com/node/862 Some research shows that Desktop Windows Manager service could be the culprit...you can change the service to "manual" startup, reboot and see if it resolves the issue (if it's present on your OS, didn't cross check this service across versions) Bluetooth has also been a common culprit for this. If all that fails, we can try a selective startup and iterate us to the culprit. Does it do it in Safe Mode or just Normal Mode? -etavares Quote etavares is a member of:Alliance of Security Analysis ProfessionalsUnified Network of Instructors and Trained Eliminators
Vr5fx Posted March 6, 2013 Author Posted March 6, 2013 Alt-Spacebar only brings move and close, no option to minimize or maximize. Alt-Tab shows nothing to finding what it may be. I'm not in any way a programmer, but that one does look fun! And it would find out what it is. (Probably something really stupid). It hasn't done it for over 2 days, so it will be a waiting game to find out if it does return. As for Safe Mode,, I haven't tried it, as it is a random occurrence, sometimes restarting solves the problem. I have a feeling it may be something trying to update, as it stopped when the router decided to stop internet access. We will see :) Quote AMD FX 6100 @ 3.9Ghz / Asus M5A99X EVO 990X / G-Skill 8GB DDR3 1600Mhz RipjawsX / Zotac GeForce GTX 660 Ti / Corsair TX 750W V2 PSU / Antec Kuhler 620 / Win7 64 / NZXT Tempest 410 Elite / NZXT 6 channel fan controller / Kingston 240GB HyperX 3K SSD / 1TB HDD Intel Pentium G2020 2.90GHz / Gigabyte GA-Z77N-WIFI / Kingston 4GB DDR3 1600MHz HyperX Genesis / Corsair 430W CXM / Fractal Design Node 304 Mini ITX Case / 2TB WD Greenhttp://steamsignature.com/status/default/76561197986113115.png
etavares Posted March 7, 2013 Posted March 7, 2013 Hi Vr5fx, I think you're right...it's a program trying to update or send user info back would be my guess. At least it's fine for now. If it happens again, please try Safe Mode. If it does it in Safe Mode it's likely something to do with the OS. If it doesn't do, we can try selective startup and narrow down the culprit. The VB code looks straightforward, but I don't have VB to compile it. :) -etavares Quote etavares is a member of:Alliance of Security Analysis ProfessionalsUnified Network of Instructors and Trained Eliminators
Vr5fx Posted April 20, 2013 Author Posted April 20, 2013 I think I found the problem and put a stop to it. As I'm useless at VB, I tried something else. When the focus was taken and ALT-F4 was pressed a process stopped. When the problem came back, I took a list running tasks before and after closing it, leaving out the culprit, which was the configuration utility for my wireless adapter. Uninstalled and haven't had a problem since. Thanks for the eliminating of problems. I greatly appreciate it! -Vr Quote AMD FX 6100 @ 3.9Ghz / Asus M5A99X EVO 990X / G-Skill 8GB DDR3 1600Mhz RipjawsX / Zotac GeForce GTX 660 Ti / Corsair TX 750W V2 PSU / Antec Kuhler 620 / Win7 64 / NZXT Tempest 410 Elite / NZXT 6 channel fan controller / Kingston 240GB HyperX 3K SSD / 1TB HDD Intel Pentium G2020 2.90GHz / Gigabyte GA-Z77N-WIFI / Kingston 4GB DDR3 1600MHz HyperX Genesis / Corsair 430W CXM / Fractal Design Node 304 Mini ITX Case / 2TB WD Greenhttp://steamsignature.com/status/default/76561197986113115.png
etavares Posted April 21, 2013 Posted April 21, 2013 Thanks for the update and nice work! -etavares Quote etavares is a member of:Alliance of Security Analysis ProfessionalsUnified Network of Instructors and Trained Eliminators
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.