How to prevent your pc from 90% of all malware in 30 seconds - Page 7 - Computer Technical Help

Honestly, that doesn't compute at all. With UAC settings at its highest, not getting a popup when trying to install a program is a major flaw. That should not happen at all.

When I google for windows deep blue all I can find is links to warez sites. May it be that your deep blue theme prevents the popup with custom aero settings?

To install programs as user, run the installer in admin mode by opening it while holding ctrl+shift.

09-11-2012 , 12:22 AM

#152

n00b590

adept

Join Date: Jun 2010 Posts: 978

I might be missing something obvious, but when I switch my account type to standard or back to administrator it never prompts for my password. So couldn't any malware just switch my account back to administrator mode and then do whatever it wants?

09-11-2012 , 04:34 AM

#153

Syndr0m

Carpal \'Tunnel

Join Date: Aug 2008 Posts: 7,177

I don't think I'm infected with malware, but is there a way to be be sure about this without spending money on software such as Malwarebytes?

09-13-2012 , 12:03 PM

#154

wellju

BSOD and racetrack Ninja

Join Date: Feb 2010 Posts: 5,247

Quote:

Originally Posted by n00b590

If you mean you log out and you aren't asked for a password, you have no password set. If you mean you change the account state while logged in as adminstrator, that's how its supposed to be. You'll never be asked for your admin password while logged in as admin.

And malware that can't get admin access because you run a regular user account will not be able to gain that access in any way currently.

Quote:

Originally Posted by Syndr0m

I don't think I'm infected with malware, but is there a way to be be sure about this without spending money on software such as Malwarebytes?

Ya, the malware sticky.

09-13-2012 , 02:54 PM

#155

n00b590

adept

Join Date: Jun 2010 Posts: 978

Quote:

Originally Posted by wellju

No, I'm able to change the account state while logged in as a standard user, without any password prompt, which seems exploitable. Strange, I also just downloaded and installed a program as a standard user without any prompt for the admin password, so something is definitely messed up. The only thing I can think of is I used the same password for the standard account as the admin account - would this somehow give the standard account admin privileges automatically?

ETA:

*sigh* yeah changing the standard user's password to be different from the admin fixes the problems. Seems like a bug but whatever, working great now. Thanks a lot for the tip!

Last edited by n00b590; 09-13-2012 at 03:12 PM.

09-17-2012 , 04:22 AM

#156

portals

journeyman

Join Date: Sep 2012 Posts: 386

Don't open image files called "bankaccountdetails.exe" from people you don't know.

09-19-2012 , 10:00 PM

#157

funkyworms

Pooh-Bah

Join Date: Jun 2004 Posts: 4,250

Quote:

Originally Posted by portals

Don't open image files called "bankaccountdetails.exe" from anyone

FYP

10-11-2012 , 08:54 PM

#158

TexDanny

journeyman

Join Date: Jan 2007 Posts: 245

I'm about to format my computer (was going to wait til windows 8 but given microsoft history, w8 will suck). Everytime I format my computer I always say I will make a disk image to save myself the process of installing all apps again, so this time is no different.

What I have in mind so far:

1. Clean w7 64 install, uac high on + admin account with password, standard user.
2. KIS 2013 (is there any lower resource AV?)
3. Update windows and AV
4. Disable windows services (blackviper site safe column)
5. VMware Workstation to run a virtual machine for everything non-poker related (chat, surf the web, email, etc...)
6. Install Keepass
7. Create disk image (Acronis True Image 2013, any other alternative?

10-11-2012 , 08:58 PM

#159

DucoGranger

adept

Join Date: Jul 2010 Posts: 762

dont run windows in Admin mode

10-11-2012 , 09:14 PM

#160

TexDanny

journeyman

Join Date: Jan 2007 Posts: 245

Yeah sorry shoud've made my post more clear. I'm intending to run w7 as a standard user.

Last edited by TexDanny; 10-11-2012 at 09:26 PM.

11-06-2012 , 01:14 PM

#161

AAsnapfold

journeyman

Join Date: Aug 2009 Posts: 220

Hmm...your description is quite clear on how to set up another user account.But i do this and can't change my account i currently us to be a standard account.
PC is fine with me changing the new account i created between admin and standard...But when i try to change my current account to a user account there is no option to do so.Only change account name and password is there.

You get me...

My account i use currently is called administrator and when i bought my PC was already set up this way...

11-29-2012 , 01:40 PM

#162

Montrealcorp

Carpal \'Tunnel

Join Date: May 2007 Posts: 13,319

probably dum question but:

A)
lets say i put a virtual machine on my computer to run ubuntu.

i run ubuntu to only play poker and the rest i use my normal windows.

if i get infiltrate with bad malware or w.e ?

would they have accces when i use ubuntu to play poker after ?

B)
lets say i split my hHD in 2 to have a OS on each, one ubuntu and one windows.

if i only use ubuntu for poker ( and of course browsing 2+2 and reading the newspaper) and window for evrything else ( videogames,movies,music,email,etc), their shouldnt be a problem right if i get infected trought windows.

tho i would have 2 choose each time wich OS i want to start with at the opening of my computer, wouldnt my system be secured enough ?

unless ubuntu is considered a high risk ?

ps: 1 of the reason i want ubuntu and to slowly migrate to this OS and finally be free of windows with all thos upgrade, by new stuff each 3 years etc....

tho i guess il have some programing to learn to be effective with ubuntu .

ty

pps: unless im better installing only ubuntu and use win to only play poker...wouldnt my system be more secure this way , unless ubuntu too easy to infiltrate or too much work to make it work for me now..

Last edited by Montrealcorp; 11-29-2012 at 01:47 PM.

12-02-2012 , 06:26 AM

#163

Poseidon87

newbie

Join Date: Feb 2010 Posts: 45

Start HEM2 as standard user without having to enter admin password every time: http://www.sevenforums.com/tutorials...dard-user.html

03-06-2013 , 11:27 PM

#164

Bob148

Carpal \'Tunnel

Join Date: May 2012 Posts: 11,972

Browsed and searched a bit, and decided to ask you guys:

windows xp,

Thought that I cleared unnecessary users and denied remote access, but when I look in "groups" there are 2 admins, as well as other listed users. Am I ****ed?

Yes I've already created a limited acct that I'm using right now.

03-07-2013 , 07:55 AM

#165

42Carrotplonker

newbie

Join Date: Aug 2011 Posts: 26

So, my brother has given me a loan of his laptop for a trip away.

He's only had it 2 weeks and he has somehow managed to download some suspected malware. It was some Facebook Picture Viewer nonsense which I removed, but it seems like it left behind some kinda malware?

The homepage in Chrome is redirected to "conduit" search engine.

I've followed the steps in the sticky and I'm assuming this is the place to post the results of the scans?

Spoiler:

Quote:

OTL logfile created on: 07/03/2013 11:40:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Matthew\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16484)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

5.89 Gb Total Physical Memory | 4.05 Gb Available Physical Memory | 68.78% Memory free
6.83 Gb Paging File | 4.73 Gb Available in Paging File | 69.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 673.79 Gb Total Space | 633.80 Gb Free Space | 94.06% Space Free | Partition Type: NTFS

Computer Name: MATTYSLAPTOP | User Name: Matthew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/07 11:39:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Matthew\Downloads\OTL.exe
PRC - [2013/02/28 23:08:21 | 001,274,832 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/14 04:55:58 | 002,791,544 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
PRC - [2012/09/14 02:35:56 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2012/09/05 07:50:26 | 001,593,976 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
PRC - [2012/09/05 07:50:24 | 000,085,112 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdSe rver.exe
PRC - [2012/09/05 07:50:16 | 002,623,096 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe
PRC - [2012/08/15 11:41:26 | 000,097,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012/07/18 00:10:34 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/18 00:10:32 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/18 00:10:26 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/07/18 00:10:18 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/09 04:47:18 | 000,277,504 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012/07/09 04:47:14 | 000,007,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/07/05 16:53:36 | 000,053,656 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\symerr.exe
PRC - [2012/06/14 20:46:42 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe
PRC - [2012/06/08 03:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/04/16 05:45:38 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
PRC - [2012/04/16 02:55:02 | 000,648,512 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
PRC - [2012/04/16 02:54:32 | 000,233,792 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
PRC - [2012/04/03 13:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/01/28 05:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) -- c:\postgreSQL\bin\pg_ctl.exe
PRC - [2011/01/28 05:13:43 | 004,538,368 | ---- | M] (PostgreSQL Global Development Group) -- c:\postgreSQL\bin\postgres.exe

========== Modules (No Company Name) ==========

MOD - [2013/02/28 23:08:19 | 000,459,728 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\ppgo oglenaclpluginchrome.dll
MOD - [2013/02/28 23:08:18 | 012,637,136 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\Pepp erFlash\pepflashplayer.dll
MOD - [2013/02/28 23:08:16 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\pdf. dll
MOD - [2013/02/28 23:07:25 | 000,596,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\libg lesv2.dll
MOD - [2013/02/28 23:07:24 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\libe gl.dll
MOD - [2013/02/28 23:07:21 | 001,552,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\ffmp egsumo.dll
MOD - [2012/09/05 07:50:28 | 000,110,712 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
MOD - [2012/09/05 07:50:22 | 000,211,064 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
MOD - [2012/09/05 07:50:16 | 000,060,536 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
MOD - [2012/09/05 07:50:10 | 000,103,544 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
MOD - [2012/09/05 07:50:10 | 000,026,744 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
MOD - [2012/06/08 03:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012/06/08 02:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/05/30 06:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\wincfi39.dll
MOD - [2012/04/16 05:45:38 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
MOD - [2012/04/16 02:56:26 | 000,500,032 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
MOD - [2012/04/16 02:42:40 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
MOD - [2012/04/16 02:41:50 | 000,484,864 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
MOD - [2012/04/16 02:38:16 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
MOD - [2012/04/16 02:37:46 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ServiceManagerStarter.dll
MOD - [2011/08/17 07:48:24 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
MOD - [2011/08/17 07:48:22 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
MOD - [2011/08/17 07:41:36 | 000,400,384 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
MOD - [2011/08/15 11:17:30 | 009,224,704 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
MOD - [2011/08/15 11:15:44 | 000,382,464 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
MOD - [2011/08/15 11:12:04 | 002,603,520 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
MOD - [2011/08/15 11:12:04 | 001,006,592 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
MOD - [2011/08/15 10:23:00 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
MOD - [2011/07/19 07:05:40 | 014,978,048 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
MOD - [2011/07/19 07:04:56 | 000,317,952 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/01/09 23:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/09 23:22:53 | 000,464,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/01/09 23:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/07/26 04:46:56 | 002,366,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/07/26 03:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConf ig.dll -- (PrintNotify)
SRV:64bit: - [2012/07/26 03:17:59 | 000,015,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2012/07/26 03:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 03:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/26 03:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 03:07:30 | 000,169,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2012/07/26 03:07:27 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2012/07/26 03:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 03:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 03:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 03:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 03:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 03:05:38 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/07/26 03:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 03:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/07/26 03:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 03:05:11 | 000,174,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012/07/26 03:05:08 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012/07/26 03:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/04/20 05:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013/02/15 13:08:20 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/14 03:42:06 | 000,216,192 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/09/14 02:35:56 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2012/09/05 07:50:26 | 001,593,976 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe -- (Easy Launcher)
SRV - [2012/08/06 02:13:46 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/07/26 03:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfi g.dll -- (PrintNotify)
SRV - [2012/07/26 03:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/18 00:10:34 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/18 00:10:32 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/18 00:10:26 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012/07/18 00:10:18 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/10 23:47:04 | 003,939,008 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2012/07/09 04:47:14 | 000,007,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/06/14 20:46:42 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe -- (NIS)
SRV - [2012/04/03 13:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/01/28 05:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- c:\postgreSQL\bin\pg_ctl.exe -- (postgresql-8.4)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/01/10 01:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/01/10 01:39:29 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/09/16 22:21:13 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/09/14 03:21:58 | 000,575,128 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012/09/14 03:21:52 | 000,135,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012/09/14 03:21:50 | 000,076,952 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012/09/14 03:21:48 | 000,178,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012/09/14 03:21:48 | 000,088,728 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012/09/14 03:21:46 | 000,114,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012/09/14 03:21:46 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012/09/14 03:21:44 | 000,344,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012/08/24 11:57:36 | 000,450,872 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/08/05 21:44:30 | 008,982,208 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/07/27 12:00:03 | 000,023,408 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RadioHIDMini.sys -- (RadioHIDMini)
DRV:64bit: - [2012/07/26 05:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 05:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 05:00:58 | 000,445,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2012/07/26 05:00:58 | 000,337,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2012/07/26 05:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 05:00:58 | 000,212,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012/07/26 05:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 05:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 05:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 05:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2012/07/26 05:00:55 | 000,120,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/07/26 05:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2012/07/26 05:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 05:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 05:00:54 | 000,056,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/07/26 05:00:52 | 003,295,984 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/07/26 05:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 05:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 05:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 05:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 05:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 05:00:49 | 000,539,376 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/07/26 05:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 05:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 05:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 05:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 04:59:35 | 000,148,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2012/07/26 04:59:32 | 000,055,024 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/07/26 04:58:00 | 000,068,848 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2012/07/26 04:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 04:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/07/26 04:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 04:44:30 | 000,258,288 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2012/07/26 04:36:15 | 000,034,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2012/07/26 03:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 03:17:38 | 000,027,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/07/26 02:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 02:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 02:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 02:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 02:28:27 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2012/07/26 02:27:58 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/07/26 02:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 02:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 02:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 02:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 02:27:31 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/07/26 02:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 02:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 02:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 02:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 02:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 02:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 02:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 02:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 02:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 02:25:54 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/07/26 02:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 02:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/26 02:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 02:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 02:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/23 23:44:02 | 003,618,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/07/09 04:43:12 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/07/02 22:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/25 01:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/20 21:27:30 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1400000.088\Sy mELAM.sys -- (SymELAM)
DRV:64bit: - [2012/06/18 23:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/15 05:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2012/06/12 13:41:22 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/05/26 00:56:14 | 000,168,608 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NARAx64\0401000.00B\c cSetx64.sys -- (ccSet_NARA)
DRV:64bit: - [2012/05/25 15:56:14 | 000,168,608 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1400000.088\cc Setx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012/05/25 00:23:10 | 000,485,024 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1400000.088\Sy mDS64.sys -- (SymDS)
DRV:64bit: - [2012/05/25 00:01:16 | 000,222,368 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1400000.088\Ir onx64.sys -- (SymIRON)
DRV:64bit: - [2012/05/24 23:54:58 | 000,753,312 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1400000.088\sr tsp64.sys -- (SRTSP)
DRV:64bit: - [2012/05/21 17:25:20 | 001,129,120 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1400000.088\Sy mEFA64.sys -- (SymEFA)
DRV:64bit: - [2012/05/09 18:04:26 | 000,431,224 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1400000.088\sy mnets.sys -- (SymNetS)
DRV:64bit: - [2012/01/11 18:11:54 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1400000.088\sr tspx64.sys -- (SRTSPX)
DRV - [2013/02/27 16:21:50 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\2 0130306.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/02/22 17:26:45 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs \20130306.035\ex64.sys -- (NAVEX15)
DRV - [2013/02/22 17:26:45 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/02/22 17:26:45 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/02/22 17:26:45 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs \20130306.035\eng64.sys -- (NAVENG)
DRV - [2013/02/08 00:53:20 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\ 20130301.001\BHDrvx64.sys -- (BHDrvx64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {FC92DBFF-364D-475D-81D8-BCA44E28C6EE}
IE:64bit: - HKLM\..\SearchScopes\{FC92DBFF-364D-475D-81D8-BCA44E28C6EE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=M ASMJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {FC92DBFF-364D-475D-81D8-BCA44E28C6EE}
IE - HKLM\..\SearchScopes\{FC92DBFF-364D-475D-81D8-BCA44E28C6EE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=M ASMJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\..\SearchScopes,DefaultScope = {FC92DBFF-364D-475D-81D8-BCA44E28C6EE}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn\ [2013/02/22 17:04:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ [2013/03/07 11:33:33 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ }{google:acceptedSuggestion}{google

riginalQueryF orSuggestion}{google:assistedQueryStats}{google:se archFieldtrialParameter}{google:searchClient}{goog le:sourceId}{google:instantExtendedEnabledParamete r}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}client=chrome&q={searchTerms}&{googl e:cursorPosition}sugkey={google:suggestAPIKeyParam eter},
CHR - homepage: http://www.google.co.uk/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\Pepp erFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\ppGo ogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\pdf. dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - Extension: Google Docs = C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.19_0\
CHR - Extension: Tesco Food = C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffibhmnkceoelgabpnpaaojflg lampjb\1.2_0\
CHR - Extension: ******* = C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom\2.5.61_0\
CHR - Extension: Norton Identity Protection = C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmn jhmcmk\2013.0.0.72_0\
CHR - Extension: Gmail = C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0\

O1 HOSTS File: ([2012/07/26 05:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\IPS\IPSBHO.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BtTray] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros)
O4:64bit: - HKLM..\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros Commnucations)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [DataMgr] C:\Users\Matthew\AppData\Roaming\DataMgr\DataMgr.e xe (HTTO Group, Ltd.)
O4 - HKCU..\Run: [Intermediate] C:\Users\Matthew\AppData\Roaming\Intermediate\Inte rmediate.exe ()
O4 - HKCU..\Run: [SCheck] C:\Users\Matthew\AppData\Roaming\SCheck\SCheck.exe ()
O4 - HKCU..\Run: [SSync] C:\Users\Matthew\AppData\Roaming\SSync\SSync.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DisableCAD = 1
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{163332DE-8460-4174-8EE6-A953BE5FFD2A}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: BasicDisplay.sys - C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin:64bit: BasicRender.sys - C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootMin:64bit: EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootMin:64bit: LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootMin:64bit: Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: TBS - Service
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin:64bit: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: BasicDisplay.sys - C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet:64bit: BasicRender.sys - C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootNet:64bit: EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootNet:64bit: LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootNet:64bit: netprofm - C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdpencdd.sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: SmartcardSimulator - Driver
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TBS - Service
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: VaultSvc - C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: VirtualSmartcardReader - Driver
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: Wcmsvc - C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet:64bit: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {74166507-F39E-305E-A972-2C3478E47350} - .NET Framework
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {3A8403F3-90B5-35DC-8926-EB9B907209F9} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\Inst aller\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/03/07 11:25:38 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Malwarebytes
[2013/03/07 11:25:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/03/07 11:25:29 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013/03/07 11:25:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/03/07 11:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/03/07 11:25:17 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Programs
[2013/03/07 10:33:39 | 000,692,576 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/03/07 10:33:39 | 000,078,176 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/07 10:30:56 | 000,000,000 | R--D | C] -- C:\windows\BrowserChoice
[2013/03/07 10:19:21 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\NPE
[2013/03/07 00:08:59 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\com.orbis.air.Sky Poker.7C82499D7E4526CADD9D1D1B010AFE250A7BEC27.1
[2013/03/07 00:08:54 | 000,000,000 | ---D | C] -- C:\Users\Matthew\SkyPokerLogs
[2013/03/07 00:08:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013/03/07 00:07:52 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Adobe
[2013/03/07 00:06:49 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Boss Media
[2013/03/07 00:06:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Boss Media
[2013/03/07 00:06:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterPoker (GBP)
[2013/03/07 00:06:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InterPoker (GBP)
[2013/03/06 23:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betsafe Poker
[2013/03/06 23:48:11 | 000,000,000 | ---D | C] -- C:\Betsafe
[2013/03/06 22:51:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/03/06 22:50:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/03/06 22:50:16 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Google
[2013/03/06 22:49:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Deployment
[2013/03/06 22:49:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Apps
[2013/02/28 19:52:10 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Hold'em_Manager
[2013/02/28 14:26:01 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Roaming
[2013/02/28 14:14:56 | 000,000,000 | ---D | C] -- C:\HM2Archive
[2013/02/28 14:14:51 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\HEM Data
[2013/02/28 14:10:44 | 000,000,000 | ---D | C] -- C:\ProgramData\XHEO INC
[2013/02/28 14:10:44 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\IsolatedStorage
[2013/02/28 14:10:24 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\HoldemManager
[2013/02/28 14:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Holdem Manager 2
[2013/02/28 14:10:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Holdem Manager 2
[2013/02/28 14:07:54 | 001,010,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\reseteng.dll
[2013/02/28 14:07:54 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ReAgent.dll
[2013/02/28 14:07:54 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgent.dll
[2013/02/28 14:01:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.4
[2013/02/28 14:00:13 | 000,000,000 | ---D | C] -- C:\postgreSQL
[2013/02/28 13:59:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PSQLINSTALL
[2013/02/28 13:29:32 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\PokerStars
[2013/02/28 13:29:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars
[2013/02/28 13:29:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars
[2013/02/28 13:28:08 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\PerformerSoft
[2013/02/28 13:28:06 | 000,019,632 | ---- | C] (PerformerSoft LLC) -- C:\windows\SysNative\roboot64.exe
[2013/02/28 13:28:05 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\File Scout
[2013/02/28 13:27:54 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Intermediate
[2013/02/28 13:27:54 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\DataMgr
[2013/02/28 13:27:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\SSync
[2013/02/28 13:27:48 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\SCheck
[2013/02/28 13:27:47 | 000,000,000 | ---D | C] --

cont in next post

03-07-2013 , 07:56 AM

#166

42Carrotplonker

newbie

Join Date: Aug 2011 Posts: 26

part 2

Spoiler:

Quote:

C:\Users\Matthew\AppData\Roaming\FBDownloader
[2013/02/28 13:27:47 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Common
[2013/02/28 13:27:20 | 001,146,696 | ---- | C] (Microsoft Corporation) -- C:\Users\Matthew\Desktop\wlsetup-custom.exe
[2013/02/28 13:21:19 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\FullTiltPoker
[2013/02/28 13:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Tilt Poker
[2013/02/28 13:20:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Full Tilt Poker
[2013/02/28 13:18:31 | 000,000,000 | ---D | C] -- C:\Users\Matthew\P5JavaClientSettings
[2013/02/28 13:18:27 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\P5
[2013/02/28 13:18:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betfair Poker
[2013/02/28 13:18:01 | 000,000,000 | ---D | C] -- C:\Betfair
[2013/02/28 12:15:51 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\cef-cache
[2013/02/28 12:15:40 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Party
[2013/02/28 12:15:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2013/02/28 12:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PartyPoker
[2013/02/28 12:14:15 | 000,000,000 | ---D | C] -- C:\Programs
[2013/02/28 12:13:27 | 000,000,000 | ---D | C] -- C:\Poker
[2013/02/22 18:23:07 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcr100_clr0400.dll
[2013/02/22 18:23:05 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr100_clr0400.dll
[2013/02/22 18:21:14 | 002,094,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmc.exe
[2013/02/22 18:21:14 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlidsvc.dll
[2013/02/22 18:21:14 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msctf.dll
[2013/02/22 18:21:13 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmc.exe
[2013/02/22 18:21:13 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Networking.dll
[2013/02/22 18:21:12 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupapi.dll
[2013/02/22 18:21:12 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netprofmsvc.dll
[2013/02/22 18:21:12 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Networking.dll
[2013/02/22 18:21:12 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Media.dll
[2013/02/22 18:21:12 | 000,194,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdbus.sys
[2013/02/22 18:21:11 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samsrv.dll
[2013/02/22 18:21:11 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MP4SDECD.DLL
[2013/02/22 18:21:11 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsm.dll
[2013/02/22 18:21:11 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2013/02/22 18:21:11 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSDMon.dll
[2013/02/22 18:21:11 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetpp.dll
[2013/02/22 18:21:11 | 000,124,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dumpsd.sys
[2013/02/22 18:21:11 | 000,028,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\msgpiowin32.sys
[2013/02/22 18:21:10 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MP4SDECD.DLL
[2013/02/22 18:21:10 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Media.dll
[2013/02/22 18:21:10 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fsquirt.exe
[2013/02/22 18:21:10 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncbservice.dll
[2013/02/22 18:21:10 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\httpprxm.dll
[2013/02/22 18:21:10 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiaacmgr.exe
[2013/02/22 18:21:10 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiaacmgr.exe
[2013/02/22 18:21:10 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adhsvc.dll
[2013/02/22 18:21:09 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adhapi.dll
[2013/02/22 18:21:09 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\httpprxp.dll
[2013/02/22 18:21:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\keepaliveprovider.dll
[2013/02/22 18:21:05 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\GdiPlus.dll
[2013/02/22 18:21:05 | 001,437,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\GdiPlus.dll
[2013/02/22 18:20:07 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tssdisai.dll
[2013/02/22 18:20:07 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appserverai.dll
[2013/02/22 18:20:07 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RDWebAI.dll
[2013/02/22 18:20:07 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VmHostAI.dll
[2013/02/22 18:20:05 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2013/02/22 18:20:05 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2013/02/22 18:19:53 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\synceng.dll
[2013/02/22 18:19:53 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\synceng.dll
[2013/02/22 18:19:52 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcadm.dll
[2013/02/22 18:19:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcalua.exe
[2013/02/22 18:19:52 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcaevts.dll
[2013/02/22 18:19:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6r.dll
[2013/02/22 18:19:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml6r.dll
[2013/02/22 18:19:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2013/02/22 18:19:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2013/02/22 18:19:49 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnet.dll
[2013/02/22 18:19:49 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnet.dll
[2013/02/22 18:19:49 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnathlp.dll
[2013/02/22 18:19:49 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnathlp.dll
[2013/02/22 18:19:49 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnsvr.exe
[2013/02/22 18:19:49 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnsvr.exe
[2013/02/22 18:19:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnhupnp.dll
[2013/02/22 18:19:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnhpast.dll
[2013/02/22 18:19:49 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnhupnp.dll
[2013/02/22 18:19:49 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnhpast.dll
[2013/02/22 18:19:49 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnlobby.dll
[2013/02/22 18:19:49 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnaddr.dll
[2013/02/22 18:19:49 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnlobby.dll
[2013/02/22 18:19:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnaddr.dll
[2013/02/22 18:19:38 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncryptsslp.dll
[2013/02/22 18:19:38 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncryptsslp.dll
[2013/02/22 18:19:00 | 003,966,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/02/22 18:18:55 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll
[2013/02/22 18:18:55 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/02/22 18:18:54 | 000,854,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/02/22 18:18:54 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/02/22 18:18:54 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/02/22 18:18:54 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/02/22 18:18:54 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UXInit.dll
[2013/02/22 18:18:54 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/02/22 18:18:54 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UXInit.dll
[2013/02/22 18:18:54 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/02/22 18:18:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/02/22 18:18:53 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/02/22 18:18:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/02/22 18:17:20 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2013/02/22 18:17:20 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2013/02/22 18:17:20 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2013/02/22 18:17:20 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2013/02/22 18:17:20 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2013/02/22 18:17:20 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2013/02/22 18:17:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll
[2013/02/22 18:17:20 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll
[2013/02/22 18:17:18 | 006,967,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013/02/22 18:17:14 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\resetengmig.dll
[2013/02/22 18:17:14 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysreset.exe
[2013/02/22 18:17:12 | 002,893,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2vdec.dll
[2013/02/22 18:17:11 | 002,400,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll
[2013/02/22 18:17:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ReAgentc.exe
[2013/02/22 18:17:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgentc.exe
[2013/02/22 18:17:03 | 010,093,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twinui.dll
[2013/02/22 18:17:02 | 008,854,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twinui.dll
[2013/02/22 18:16:57 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2013/02/22 18:00:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2013/02/22 18:00:07 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\Sports Interactive
[2013/02/22 18:00:07 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Sports Interactive
[2013/02/22 18:00:07 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Sports Interactive
[2013/02/22 17:59:48 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_41.dll
[2013/02/22 17:59:48 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_41.dll
[2013/02/22 17:59:46 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_41.dll
[2013/02/22 17:59:46 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_41.dll
[2013/02/22 17:59:45 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_4.dll
[2013/02/22 17:59:45 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_4.dll
[2013/02/22 17:59:45 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_4.dll
[2013/02/22 17:59:45 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_3.dll
[2013/02/22 17:59:45 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_3.dll
[2013/02/22 17:59:44 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_40.dll
[2013/02/22 17:59:44 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_4.dll
[2013/02/22 17:59:44 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_6.dll
[2013/02/22 17:59:44 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_6.dll
[2013/02/22 17:59:43 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_40.dll
[2013/02/22 17:59:43 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_40.dll
[2013/02/22 17:59:43 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_40.dll
[2013/02/22 17:59:42 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_40.dll
[2013/02/22 17:59:42 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_40.dll
[2013/02/22 17:59:42 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_3.dll
[2013/02/22 17:59:42 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_3.dll
[2013/02/22 17:59:42 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_2.dll
[2013/02/22 17:59:42 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_2.dll
[2013/02/22 17:59:41 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_3.dll
[2013/02/22 17:59:41 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_3.dll
[2013/02/22 17:59:41 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_5.dll
[2013/02/22 17:59:40 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_5.dll
[2013/02/22 17:59:39 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_39.dll
[2013/02/22 17:59:39 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_39.dll
[2013/02/22 17:59:39 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_39.dll
[2013/02/22 17:59:39 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_2.dll
[2013/02/22 17:59:39 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_2.dll
[2013/02/22 17:59:39 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_39.dll
[2013/02/22 17:59:39 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_2.dll
[2013/02/22 17:59:39 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_2.dll
[2013/02/22 17:59:39 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_1.dll
[2013/02/22 17:59:39 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_1.dll
[2013/02/22 17:59:38 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_39.dll
[2013/02/22 17:59:38 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_39.dll
[2013/02/22 17:59:37 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_1.dll
[2013/02/22 17:59:37 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_1.dll
[2013/02/22 17:59:37 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_0.dll
[2013/02/22 17:59:37 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_0.dll
[2013/02/22 17:59:36 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_1.dll
[2013/02/22 17:59:36 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_1.dll
[2013/02/22 17:59:35 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_38.dll
[2013/02/22 17:59:35 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_38.dll
[2013/02/22 17:59:35 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_38.dll
[2013/02/22 17:59:35 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_4.dll
[2013/02/22 17:59:35 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_4.dll
[2013/02/22 17:59:34 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_38.dll
[2013/02/22 17:59:34 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_38.dll
[2013/02/22 17:59:34 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_38.dll
[2013/02/22 17:59:33 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_0.dll
[2013/02/22 17:59:33 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_0.dll
[2013/02/22 17:59:33 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_0.dll
[2013/02/22 17:59:33 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_0.dll
[2013/02/22 17:59:32 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_3.dll
[2013/02/22 17:59:32 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_3.dll
[2013/02/22 17:59:31 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_37.dll
[2013/02/22 17:59:31 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_37.dll
[2013/02/22 17:59:31 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_37.dll
[2013/02/22 17:59:31 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_37.dll
[2013/02/22 17:59:31 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_37.dll
[2013/02/22 17:59:30 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_37.dll
[2013/02/22 17:59:30 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_10.dll
[2013/02/22 17:59:30 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_10.dll
[2013/02/22 17:59:30 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_2.dll
[2013/02/22 17:59:29 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_36.dll
[2013/02/22 17:59:29 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_36.dll
[2013/02/22 17:59:29 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_36.dll
[2013/02/22 17:59:28 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_36.dll
[2013/02/22 17:59:28 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_36.dll
[2013/02/22 17:59:28 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_36.dll
[2013/02/22 17:59:27 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_9.dll
[2013/02/22 17:59:27 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_9.dll
[2013/02/22 17:59:27 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_2.dll
[2013/02/22 17:59:26 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_35.dll
[2013/02/22 17:59:26 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_35.dll
[2013/02/22 17:59:26 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_35.dll
[2013/02/22 17:59:26 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_35.dll
[2013/02/22 17:59:26 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_35.dll
[2013/02/22 17:59:25 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_35.dll
[2013/02/22 17:59:25 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_8.dll
[2013/02/22 17:59:25 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_8.dll
[2013/02/22 17:59:24 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_34.dll
[2013/02/22 17:59:24 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_34.dll
[2013/02/22 17:59:24 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_34.dll
[2013/02/22 17:59:24 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_34.dll
[2013/02/22 17:59:24 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_34.dll
[2013/02/22 17:59:24 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_34.dll
[2013/02/22 17:59:24 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_3.dll
[2013/02/22 17:59:24 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_3.dll
[2013/02/22 17:59:23 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_7.dll
[2013/02/22 17:59:23 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_7.dll
[2013/02/22 17:59:23 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_1.dll
[2013/02/22 17:59:22 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_33.dll
[2013/02/22 17:59:22 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_33.dll
[2013/02/22 17:59:22 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_33.dll
[2013/02/22 17:59:22 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_33.dll
[2013/02/22 17:59:22 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_33.dll
[2013/02/22 17:59:21 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll
[2013/02/22 17:59:21 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_6.dll
[2013/02/22 17:59:21 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll
[2013/02/22 17:59:21 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_6.dll
[2013/02/22 17:59:21 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll
[2013/02/22 17:59:21 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_1.dll
[2013/02/22 17:59:20 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll
[2013/02/22 17:59:20 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll
[2013/02/22 17:59:19 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_32.dll
[2013/02/22 17:59:18 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_32.dll
[2013/02/22 17:59:18 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll
[2013/02/22 17:59:18 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll
[2013/02/22 17:59:17 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_31.dll
[2013/02/22 17:59:17 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_31.dll
[2013/02/22 17:59:17 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_3.dll
[2013/02/22 17:59:16 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_2.dll
[2013/02/22 17:59:16 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_3.dll
[2013/02/22 17:59:16 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_2.dll
[2013/02/22 17:59:16 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_2.dll
[2013/02/22 17:59:15 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_1.dll
[2013/02/22 17:59:15 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_2.dll
[2013/02/22 17:59:15 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_1.dll
[2013/02/22 17:59:15 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_1.dll
[2013/02/22 17:59:15 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_1.dll
[2013/02/22 17:59:03 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_30.dll
[2013/02/22 17:59:02 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_30.dll
[2013/02/22 17:59:01 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_0.dll
[2013/02/22 17:59:01 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_0.dll
[2013/02/22 17:59:01 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_0.dll
[2013/02/22 17:59:01 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_0.dll
[2013/02/22 17:59:00 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_29.dll
[2013/02/22 17:59:00 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll
[2013/02/22 17:58:59 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_28.dll
[2013/02/22 17:58:59 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll
[2013/02/22 17:58:59 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_28.dll
[2013/02/22 17:58:59 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll
[2013/02/22 17:58:58 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll
[2013/02/22 17:58:57 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll
[2013/02/22 17:58:57 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll
[2013/02/22 17:58:57 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll
[2013/02/22 17:58:55 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll
[2013/02/22 17:58:55 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll
[2013/02/22 17:45:12 | 000,000,000 | ---D | C] -- C:\sources
[2013/02/22 17:36:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2013/02/22 17:15:12 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Steam
[2013/02/22 17:10:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013/02/22 17:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013/02/22 17:10:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2013/02/22 17:09:16 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Macromedia
[2013/02/22 17:08:42 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Intel Corporation
[2013/02/22 17:08:05 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\BMExplorer
[2013/02/22 17:08:05 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\Bluetooth Folder
[2013/02/22 17:07:41 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Power2Go8
[2013/02/22 17:07:37 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Atheros
[2013/02/22 17:06:58 | 000,000,000 | R--D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Startup
[2013/02/22 17:06:58 | 000,000,000 | R--D | C] -- C:\Users\Matthew\Searches
[2013/02/22 17:06:58 | 000,000,000 | R--D | C] -- C:\Users\Matthew\Contacts
[2013/02/22 17:06:58 | 000,000,000 | R--D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Administrative Tools
[2013/02/22 17:06:54 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Adobe
[2013/02/22 17:06:32 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Samsung
[2013/02/22 17:05:28 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Synaptics
[2013/02/22 17:05:25 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\CrashDumps
[2013/02/22 17:04:41 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\VirtualStore
[2013/02/22 17:04:10 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Packages
[2013/02/22 17:03:37 | 000,000,000 | --SD | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft
[2013/02/22 17:03:37 | 000,000,000 | R--D | C] -- C:\Users\Matthew\Videos
[2013/02/22 17:03:37 | 000,000,000 | R--D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\System Tools
[2013/02/22 17:03:37 | 000,000,000 | R--D | C] -- C:\Users\Matthew\Saved Games
[2013/02/22 17:03:37 | 000,000,000 | R--D | C] -- C:\Users\Matthew\Pictures
[2013/02/22 17:03:37 | 000,000,000 | R--D | C] -- C:\Users\Matthew\Music
[2013/02/22 17:03:37 | 000,000,000 | R--D | C] -- C:\Users\Matthew\Links
[2013/02/22 17:03:37 | 000,000,000 | R--D | C] -- C:\Users\Matthew\Favorites
[2013/02/22 17:03:37 | 000,000,000 | R--D | C] -- C:\Users\Matthew\Downloads
[2013/02/22 17:03:37 | 000,000,000 | R--D | C] -- C:\Users\Matthew\Documents
[2013/02/22 17:03:37 | 000,000,000 | R--D | C] -- C:\Users\Matthew\Desktop
[2013/02/22 17:03:37 | 000,000,000 | R--D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Accessories
[2013/02/22 17:03:37 | 000,000,000 | R--D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Accessibility
[2013/02/22 17:03:37 | 000,000,000 | -H-D | C] -- C:\Users\Matthew\AppData
[2013/02/22 17:03:37 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Temp
[2013/02/22 17:03:37 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Microsoft
[2013/02/22 17:03:37 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Maintenance
[2012/09/16 22:31:18 | 002,258,432 | ---- | C] (Samsung Electronics) -- C:\ProgramData\MakeMarkerFile.exe

========== Files - Modified Within 30 Days ==========

[2013/03/07 11:32:44 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/03/07 11:31:50 | 000,000,922 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/07 11:31:49 | 000,000,868 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013/03/07 11:30:39 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/03/07 11:30:36 | 768,004,095 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/07 11:25:31 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/07 11:16:00 | 000,000,360 | ---- | M] () -- C:\windows\tasks\Xerox PhotoCafe Communicator.job
[2013/03/07 10:55:00 | 000,000,926 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/07 10:47:13 | 000,850,046 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/03/07 10:47:13 | 000,724,738 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/03/07 10:47:13 | 000,137,374 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/03/07 10:41:25 | 000,281,088 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/03/07 00:06:31 | 000,001,279 | ---- | M] () -- C:\Users\Public\Desktop\InterPoker (GBP).lnk
[2013/03/06 23:48:12 | 000,001,433 | ---- | M] () -- C:\Users\Public\Desktop\Betsafe Poker.lnk
[2013/03/06 22:51:42 | 000,002,267 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/06 22:26:59 | 000,002,538 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2013/02/28 14:54:02 | 000,000,870 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013/02/28 14:20:10 | 000,034,359 | ---- | M] () -- C:\Users\Matthew\Documents\stars hh.rtf
[2013/02/28 14:10:15 | 000,001,110 | ---- | M] () -- C:\Users\Public\Desktop\HoldemManager2.lnk
[2013/02/28 13:29:31 | 000,001,081 | ---- | M] () -- C:\Users\Public\Desktop\PokerStars.lnk
[2013/02/28 13:27:21 | 001,146,696 | ---- | M] (Microsoft Corporation) -- C:\Users\Matthew\Desktop\wlsetup-custom.exe
[2013/02/28 13:20:54 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Full Tilt Poker.lnk
[2013/02/28 13:18:02 | 000,001,445 | ---- | M] () -- C:\Users\Public\Desktop\Betfair Poker.lnk
[2013/02/28 12:19:33 | 000,000,773 | ---- | M] () -- C:\Users\Matthew\Desktop\Betfair.com Poker.lnk
[2013/02/28 12:15:18 | 000,001,699 | ---- | M] () -- C:\Users\Matthew\Desktop\PartyPoker.lnk
[2013/02/28 12:13:31 | 000,000,782 | ---- | M] () -- C:\Users\Matthew\Desktop\William Hill Poker.lnk
[2013/02/22 18:03:20 | 069,854,628 | ---- | M] () -- C:\Users\Matthew\Documents\d united llll.fm
[2013/02/22 17:15:12 | 000,000,222 | ---- | M] () -- C:\Users\Matthew\Desktop\Football Manager 2013.url
[2013/02/22 17:10:54 | 000,000,927 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2013/02/06 23:06:14 | 000,692,576 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/02/06 23:06:14 | 000,078,176 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2013/03/07 11:25:31 | 000,001,137 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/07 10:41:18 | 000,281,088 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/03/07 00:06:31 | 000,001,279 | ---- | C] () -- C:\Users\Public\Desktop\InterPoker (GBP).lnk
[2013/03/06 23:48:12 | 000,001,433 | ---- | C] () -- C:\Users\Public\Desktop\Betsafe Poker.lnk
[2013/03/06 22:51:41 | 000,002,267 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/06 22:50:25 | 000,000,926 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/06 22:50:23 | 000,000,922 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/06 22:26:59 | 000,002,538 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2013/02/28 14:20:10 | 000,034,359 | ---- | C] () -- C:\Users\Matthew\Documents\stars hh.rtf
[2013/02/28 14:10:14 | 000,001,110 | ---- | C] () -- C:\Users\Public\Desktop\HoldemManager2.lnk
[2013/02/28 13:29:30 | 000,001,081 | ---- | C] () -- C:\Users\Public\Desktop\PokerStars.lnk
[2013/02/28 13:20:53 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Full Tilt Poker.lnk
[2013/02/28 13:18:02 | 000,001,445 | ---- | C] () -- C:\Users\Public\Desktop\Betfair Poker.lnk
[2013/02/28 12:19:33 | 000,000,803 | ---- | C] () -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Betfair.com Poker.lnk
[2013/02/28 12:19:33 | 000,000,773 | ---- | C] () -- C:\Users\Matthew\Desktop\Betfair.com Poker.lnk
[2013/02/28 12:15:17 | 000,001,699 | ---- | C] () -- C:\Users\Matthew\Desktop\PartyPoker.lnk
[2013/02/28 12:13:31 | 000,000,812 | ---- | C] () -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\William Hill Poker.lnk
[2013/02/28 12:13:31 | 000,000,782 | ---- | C] () -- C:\Users\Matthew\Desktop\William Hill Poker.lnk
[2013/02/22 18:52:16 | 069,854,628 | ---- | C] () -- C:\Users\Matthew\Documents\d united llll.fm
[2013/02/22 18:21:12 | 000,386,577 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2013/02/22 17:15:12 | 000,000,222 | ---- | C] () -- C:\Users\Matthew\Desktop\Football Manager 2013.url
[2013/02/22 17:10:54 | 000,000,927 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013/02/22 17:06:54 | 000,001,442 | ---- | C] () -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Internet Explorer.lnk
[2012/09/16 22:37:16 | 003,659,268 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/09/16 22:31:18 | 000,003,196 | ---- | C] () -- C:\ProgramData\MakeMarkerFile.xml
[2012/08/05 21:44:48 | 000,597,244 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin
[2012/08/05 21:44:48 | 000,272,928 | ---- | C] () -- C:\windows\SysWow64\igvpkrng600.bin
[2012/08/05 21:44:24 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012/08/05 21:44:22 | 000,963,388 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng600.bin
[2012/08/05 21:44:22 | 000,755,048 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin
[2012/07/26 08:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012/07/26 08:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012/07/26 07:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012/07/26 01:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012/07/26 00:48:53 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2012/07/25 20:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012/07/25 20:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012/06/02 14:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2012/04/20 04:59:44 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2013/02/22 17:58:38 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\cls id\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\cls id\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc8 7-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/01/09 23:23:07 | 019,791,360 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/01/09 23:26:23 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA 9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 03:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 03:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CD B-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 03:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >
[2013/02/28 13:27:21 | 001,146,696 | ---- | M] (Microsoft Corporation) -- C:\Users\Matthew\Desktop\wlsetup-custom.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2012/07/26 03:18:26 | 000,380,957 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\expsrv.dll
[2013/03/07 11:33:25 | 000,000,018 | ---- | M] () Unable to obtain MD5 -- C:\windows\system32\log.txt
[2012/07/26 03:18:57 | 001,119,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\mfc42.dll
[2012/07/26 03:21:04 | 000,087,040 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\msscript.ocx
[2012/07/26 03:19:17 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\msvbvm60.dll
[2012/07/26 03:19:17 | 000,411,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\msvcp60.dll
[2012/07/26 02:44:43 | 000,016,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\stdole2****b

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2013/03/07 00:08:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2012/09/16 22:15:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bluetooth Suite
[2013/03/07 00:08:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2012/09/16 22:26:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2013/03/07 00:06:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Full Tilt Poker
[2013/03/06 22:51:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2013/03/07 07:57:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Holdem Manager 2
[2012/09/16 22:26:02 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/09/16 22:31:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2013/03/07 10:30:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2013/03/07 00:06:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\InterPoker (GBP)
[2013/03/07 11:25:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/09/16 22:33:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2012/09/16 22:30:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/07/26 08:12:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2012/08/07 12:22:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2012/09/16 22:20:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Norton Internet Security
[2012/09/16 22:21:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Norton Online Backup ARA
[2012/09/16 22:21:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NortonInstaller
[2013/02/28 13:29:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PokerStars
[2013/02/28 14:10:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PSQLINSTALL
[2012/09/16 21:47:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Qualcomm Atheros
[2012/09/16 22:13:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2012/08/07 12:22:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2012/09/16 22:31:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Samsung
[2013/03/07 11:32:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2012/09/16 22:21:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Symantec
[2012/09/16 22:12:42 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2013/02/22 17:58:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2012/09/16 22:30:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2013/02/22 17:58:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2013/02/22 17:58:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2012/07/26 08:13:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Multimedia Platform
[2012/07/26 08:12:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2013/02/22 17:58:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2012/07/26 08:13:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2012/07/26 08:12:59 | 000,000,000 | -HSD | M] -- C:\Program Files (x86)\Windows Sidebar
[2012/09/16 22:31:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Xerox PhotoCafe

< MD5 for: EXPLORER.EXE >
[2012/07/26 03:50:01 | 002,114,936 | ---- | M] (Microsoft Corporation) MD5=5B6ED1B57DBFF18D405A0260559B571E -- C:\Windows\SysWOW64\explorer.exe
[2012/07/26 03:50:01 | 002,114,936 | ---- | M] (Microsoft Corporation) MD5=5B6ED1B57DBFF18D405A0260559B571E -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2 f8c937e166b1\explorer.exe
[2012/07/26 04:49:13 | 002,380,440 | ---- | M] (Microsoft Corporation) MD5=928791755FDDEA721B053535EF84FA17 -- C:\Windows\explorer.exe
[2012/07/26 04:49:13 | 002,380,440 | ---- | M] (Microsoft Corporation) MD5=928791755FDDEA721B053535EF84FA17 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e 4e770380a4b6\explorer.exe

< MD5 for: NETLOGON.DLL >
[2012/07/26 03:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\SysWOW64\netlogon.dll
[2012/07/26 03:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_60d6 08f9f61ee049\netlogon.dll
[2012/07/26 03:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) MD5=FDC70965F0FC9DFEBC919627DED5DDFF -- C:\windows\SysNative\netlogon.dll
[2012/07/26 03:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) MD5=FDC70965F0FC9DFEBC919627DED5DDFF -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_5681 5ea7c1be1e4e\netlogon.dll

< MD5 for: SERVICES.EXE >
[2012/07/26 05:26:45 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=754A2CC1F32107EA87CBD305ABE3E618 -- C:\windows\SysNative\services.exe
[2012/07/26 05:26:45 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=754A2CC1F32107EA87CBD305ABE3E618 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16384_none_97e26c d38667756c\services.exe

< MD5 for: SVCHOST.EXE >
[2012/07/26 03:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=0A175AF8B65797BD22C11903A8BFEB2D -- C:\Windows\SysWOW64\svchost.exe
[2012/07/26 03:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=0A175AF8B65797BD22C11903A8BFEB2D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666 581d6b482a6\svchost.exe
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2012/07/26 03:08:47 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=57350BEDE3834915B6145B67C71C7BDA -- C:\windows\SysNative\svchost.exe
[2012/07/26 03:08:47 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=57350BEDE3834915B6145B67C71C7BDA -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_0e850 1058f11f3dc\svchost.exe

< MD5 for: USERINIT.EXE >
[2012/07/26 03:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\windows\SysNative\userinit.exe
[2012/07/26 03:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2 617a5b742e02\userinit.exe
[2012/07/26 03:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\SysWOW64\userinit.exe
[2012/07/26 03:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3 c5f6a316bccc\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2012/07/26 03:08:50 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=93AB226C07A9789B2EC7B41F73602F76 -- C:\windows\SysNative\winlogon.exe
[2012/07/26 03:08:50 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=93AB226C07A9789B2EC7B41F73602F76 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88c a87b5eb5b1ec\winlogon.exe

< hklm\SOFTWARE\Microsoft\Windows\CurrentVersion\Win dowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/02/28 23:08:21 | 001,274,832 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2013/02/28 23:08:21 | 001,274,832 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2013/02/28 23:08:21 | 001,274,832 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2013/02/28 23:08:21 | 001,274,832 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/12/20 02:27:37 | 000,775,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2012/12/20 02:27:37 | 000,775,128 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2013/02/28 23:08:21 | 001,274,832 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2013/02/28 23:08:21 | 001,274,832 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2013/02/28 23:08:21 | 001,274,832 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2013/02/28 23:08:21 | 001,274,832 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012/12/20 00:29:29 | 000,050,688 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012/12/20 00:29:29 | 000,050,688 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012/12/20 00:29:29 | 000,050,688 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/12/20 02:27:37 | 000,775,128 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2012/12/20 02:27:37 | 000,775,128 | ---- | M] (Microsoft Corporation)

< hkcu\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s >

< hklm\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s >

< End of report >

03-07-2013 , 07:59 AM

#167

42Carrotplonker

newbie

Join Date: Aug 2011 Posts: 26

And the Kaspersky report:

Spoiler:

Quote:

11:43:37.0839 5732 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:43:37.0839 5732 UEFI system
11:43:38.0143 5732 ================================================== ==========
11:43:38.0143 5732 Current date / time: 2013/03/07 11:43:38.0143
11:43:38.0143 5732 SystemInfo:
11:43:38.0143 5732
11:43:38.0143 5732 OS Version: 6.2.9200 ServicePack: 0.0
11:43:38.0144 5732 Product type: Workstation
11:43:38.0144 5732 ComputerName: MATTYSLAPTOP
11:43:38.0144 5732 UserName: Matthew
11:43:38.0144 5732 Windows directory: C:\windows
11:43:38.0144 5732 System windows directory: C:\windows
11:43:38.0144 5732 Running under WOW64
11:43:38.0144 5732 Processor architecture: Intel x64
11:43:38.0144 5732 Number of processors: 4
11:43:38.0144 5732 Page size: 0x1000
11:43:38.0144 5732 Boot type: Normal boot
11:43:38.0144 5732 ================================================== ==========
11:43:39.0527 5732 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:43:39.0531 5732 ================================================== ==========
11:43:39.0531 5732 \Device\Harddisk0\DR0:
11:43:39.0533 5732 GPT partitions:
11:43:39.0533 5732 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {CAD095E5-A3B3-4A02-B840-7F509D044A54}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFA000
11:43:39.0533 5732 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {1C0934FE-773F-4324-8406-155CAB875991}, Name: EFI system partition, StartLBA 0xFA800, BlocksNum 0x96000
11:43:39.0533 5732 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {AB30F141-9767-4B5D-9EA7-C173C8DAF254}, Name: Microsoft reserved partition, StartLBA 0x190800, BlocksNum 0x40000
11:43:39.0533 5732 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6593DBF7-BB07-4E09-BD4B-D13E5D5B84A3}, Name: Basic data partition, StartLBA 0x1D0800, BlocksNum 0x54397000
11:43:39.0533 5732 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {34B23482-7C96-452B-B671-FE93B8EC4DE1}, Name: Basic data partition, StartLBA 0x54567800, BlocksNum 0x2DDE800
11:43:39.0533 5732 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D904F839-A7EB-46CB-4173-636C65706975}, Name: Basic data partition, StartLBA 0x57346000, BlocksNum 0x200000
11:43:39.0533 5732 MBR partitions:
11:43:39.0533 5732 ================================================== ==========
11:43:39.0641 5732 C: <-> \Device\Harddisk0\DR0\Partition4
11:43:39.0641 5732 ================================================== ==========
11:43:39.0641 5732 Initialize success
11:43:39.0641 5732 ================================================== ==========
11:43:58.0625 4384 ================================================== ==========
11:43:58.0625 4384 Scan started
11:43:58.0625 4384 Mode: Manual; SigCheck; TDLFS;
11:43:58.0625 4384 ================================================== ==========
11:43:59.0575 4384 ================ Scan system memory ========================
11:43:59.0575 4384 System memory - ok
11:43:59.0576 4384 ================ Scan services =============================
11:43:59.0934 4384 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\windows\System32\drivers\1394ohci.sys
11:44:00.0078 4384 1394ohci - ok
11:44:00.0083 4384 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\windows\system32\drivers\3ware.sys
11:44:00.0095 4384 3ware - ok
11:44:00.0115 4384 [ A3BDA4D1186C8F47FA1BC8E91F197537 ] ACPI C:\windows\system32\drivers\ACPI.sys
11:44:00.0134 4384 ACPI - ok
11:44:00.0151 4384 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\windows\system32\Drivers\acpiex.sys
11:44:00.0167 4384 acpiex - ok
11:44:00.0178 4384 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\windows\System32\drivers\acpipagr.sys
11:44:00.0239 4384 acpipagr - ok
11:44:00.0255 4384 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\windows\System32\drivers\acpipmi.sys
11:44:00.0332 4384 AcpiPmi - ok
11:44:00.0335 4384 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\windows\System32\drivers\acpitime.sys
11:44:00.0393 4384 acpitime - ok
11:44:00.0552 4384 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:44:00.0559 4384 AdobeARMservice - ok
11:44:00.0589 4384 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\windows\system32\drivers\adp94xx.sys
11:44:00.0606 4384 adp94xx - ok
11:44:00.0648 4384 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\windows\system32\drivers\adpahci.sys
11:44:00.0666 4384 adpahci - ok
11:44:00.0695 4384 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\windows\system32\drivers\adpu320.sys
11:44:00.0708 4384 adpu320 - ok
11:44:00.0741 4384 [ AB34A3211A1D2AB977DE00CD7BC5A464 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
11:44:00.0953 4384 AeLookupSvc - ok
11:44:00.0999 4384 [ 9E975BDC89C83900B2C534C4E1B018F8 ] AFD C:\windows\system32\drivers\afd.sys
11:44:01.0067 4384 AFD - ok
11:44:01.0095 4384 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\windows\system32\drivers\agp440.sys
11:44:01.0104 4384 agp440 - ok
11:44:01.0126 4384 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\windows\System32\alg.exe
11:44:01.0209 4384 ALG - ok
11:44:01.0230 4384 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
11:44:01.0266 4384 AllUserInstallAgent - ok
11:44:01.0271 4384 [ FB88D16B55F788EEB7590584FE2D8F1A ] AmdK8 C:\windows\System32\drivers\amdk8.sys
11:44:01.0301 4384 AmdK8 - ok
11:44:01.0305 4384 [ 81402FF3373CE4DF77D5C874E369A985 ] AmdPPM C:\windows\System32\drivers\amdppm.sys
11:44:01.0328 4384 AmdPPM - ok
11:44:01.0345 4384 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\windows\system32\drivers\amdsata.sys
11:44:01.0354 4384 amdsata - ok
11:44:01.0377 4384 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
11:44:01.0394 4384 amdsbs - ok
11:44:01.0402 4384 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\windows\system32\drivers\amdxata.sys
11:44:01.0412 4384 amdxata - ok
11:44:01.0417 4384 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\windows\system32\drivers\appid.sys
11:44:01.0470 4384 AppID - ok
11:44:01.0489 4384 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\windows\System32\appidsvc.dll
11:44:01.0521 4384 AppIDSvc - ok
11:44:01.0535 4384 [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo C:\windows\System32\appinfo.dll
11:44:01.0564 4384 Appinfo - ok
11:44:01.0596 4384 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\windows\system32\drivers\arc.sys
11:44:01.0606 4384 arc - ok
11:44:01.0616 4384 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\windows\system32\drivers\arcsas.sys
11:44:01.0627 4384 arcsas - ok
11:44:01.0633 4384 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
11:44:01.0667 4384 AsyncMac - ok
11:44:01.0671 4384 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\windows\system32\drivers\atapi.sys
11:44:01.0680 4384 atapi - ok
11:44:01.0717 4384 [ 4885C14A6AB6969B5773A42DA0BA3DA4 ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys
11:44:01.0734 4384 AthBTPort - ok
11:44:01.0765 4384 [ 025D1977A84BE0FA95505069DDCF7120 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
11:44:01.0795 4384 AtherosSvc - ok
11:44:01.0928 4384 [ F17ABC4AA1FE4989E812858261414FE5 ] athr C:\windows\system32\DRIVERS\athw8x.sys
11:44:02.0070 4384 athr - ok
11:44:02.0092 4384 [ 81C712A88D62B7B30AE961BBE2B88547 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
11:44:02.0140 4384 AudioEndpointBuilder - ok
11:44:02.0166 4384 [ 19F399667D97F9C144AC1FA74D2D881B ] Audiosrv C:\windows\System32\Audiosrv.dll
11:44:02.0199 4384 Audiosrv - ok
11:44:02.0226 4384 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\windows\System32\AxInstSV.dll
11:44:02.0315 4384 AxInstSV - ok
11:44:02.0344 4384 [ 45C6EC94DE3D466B4B452EA0E3870321 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
11:44:02.0361 4384 b06bdrv - ok
11:44:02.0380 4384 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\windows\System32\drivers\BasicDisplay.sys
11:44:02.0423 4384 BasicDisplay - ok
11:44:02.0427 4384 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\windows\System32\drivers\BasicRender.sys
11:44:02.0464 4384 BasicRender - ok
11:44:02.0493 4384 [ 5BEC02F0A82187227E7457F4600DDFDA ] BDESVC C:\windows\System32\bdesvc.dll
11:44:02.0541 4384 BDESVC - ok
11:44:02.0560 4384 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\windows\system32\drivers\Beep.sys
11:44:02.0589 4384 Beep - ok
11:44:02.0624 4384 [ 407F85D5387EDBB665A7969DF4D4712B ] BFE C:\windows\System32\bfe.dll
11:44:02.0658 4384 BFE - ok
11:44:02.0862 4384 [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\ 20130301.001\BHDrvx64.sys
11:44:02.0886 4384 BHDrvx64 - ok
11:44:02.0934 4384 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\windows\System32\qmgr.dll
11:44:03.0022 4384 BITS - ok
11:44:03.0047 4384 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\windows\system32\DRIVERS\bowser.sys
11:44:03.0081 4384 bowser - ok
11:44:03.0106 4384 [ 88F6F0E54F37F99FE7D5513B7623E444 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
11:44:03.0147 4384 BrokerInfrastructure - ok
11:44:03.0164 4384 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\windows\System32\browser.dll
11:44:03.0195 4384 Browser - ok
11:44:03.0244 4384 [ 942F3F6286056D6BBB5B02ED2B7088BD ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys
11:44:03.0259 4384 BTATH_A2DP - ok
11:44:03.0274 4384 [ 43C965027229D9FF6E52E4C71C03B09E ] btath_avdt C:\windows\system32\drivers\btath_avdt.sys
11:44:03.0282 4384 btath_avdt - ok
11:44:03.0296 4384 [ 23CEDCD7527A26B222732A158F76EB24 ] BTATH_BUS C:\windows\System32\drivers\btath_bus.sys
11:44:03.0302 4384 BTATH_BUS - ok
11:44:03.0332 4384 [ 3DD64966A764BCAFF07C9DC064BD410E ] BTATH_HCRP C:\windows\System32\drivers\btath_hcrp.sys
11:44:03.0341 4384 BTATH_HCRP - ok
11:44:03.0360 4384 [ B68EE0721EAC305AB1C9C989CDF1AEFF ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys
11:44:03.0367 4384 BTATH_LWFLT - ok
11:44:03.0373 4384 [ 057DA8351AD21AE485A11A8237DC9263 ] BTATH_RCP C:\windows\System32\drivers\btath_rcp.sys
11:44:03.0381 4384 BTATH_RCP - ok
11:44:03.0413 4384 [ EEBD8A7AF72A142717286A4E95F834EE ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
11:44:03.0429 4384 BtFilter - ok
11:44:03.0460 4384 [ 351075A2ADDF86F5C4BA10CA27E8973D ] BthAvrcpTg C:\windows\System32\drivers\BthAvrcpTg.sys
11:44:03.0530 4384 BthAvrcpTg - ok
11:44:03.0574 4384 [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum C:\windows\System32\drivers\BthEnum.sys
11:44:03.0617 4384 BthEnum - ok
11:44:03.0621 4384 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\windows\System32\drivers\bthhfenum.sys
11:44:03.0661 4384 BthHFEnum - ok
11:44:03.0666 4384 [ 531D83EA26C5FFAA79F0A1DC3B0698CF ] bthhfhid C:\windows\System32\drivers\BthHFHid.sys
11:44:03.0697 4384 bthhfhid - ok
11:44:03.0726 4384 [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum C:\windows\system32\DRIVERS\BthLEEnum.sys
11:44:03.0771 4384 BthLEEnum - ok
11:44:03.0796 4384 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\windows\System32\drivers\bthmodem.sys
11:44:03.0827 4384 BTHMODEM - ok
11:44:03.0845 4384 [ 091BB978E9504D0AD14586929431A957 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
11:44:03.0880 4384 BthPan - ok
11:44:03.0915 4384 [ B2FD839F9AF51B8580C02B89AC6C6C89 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
11:44:03.0951 4384 BTHPORT - ok
11:44:04.0067 4384 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\windows\system32\bthserv.dll
11:44:04.0084 4384 bthserv - ok
11:44:04.0098 4384 [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
11:44:04.0127 4384 BTHUSB - ok
11:44:04.0154 4384 [ E41F70406C34F1CB667B4B27D81AD162 ] ccSet_NARA C:\windows\system32\drivers\NARAx64\0401000.00B\cc Setx64.sys
11:44:04.0163 4384 ccSet_NARA - ok
11:44:04.0223 4384 [ E41F70406C34F1CB667B4B27D81AD162 ] ccSet_NIS C:\windows\system32\drivers\NISx64\1400000.088\ccS etx64.sys
11:44:04.0231 4384 ccSet_NIS - ok
11:44:04.0262 4384 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
11:44:04.0304 4384 cdfs - ok
11:44:04.0342 4384 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\windows\System32\drivers\cdrom.sys
11:44:04.0371 4384 cdrom - ok
11:44:04.0389 4384 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\windows\System32\certprop.dll
11:44:04.0422 4384 CertPropSvc - ok
11:44:04.0426 4384 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\windows\System32\drivers\circlass.sys
11:44:04.0452 4384 circlass - ok
11:44:04.0470 4384 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\windows\system32\drivers\CLFS.sys
11:44:04.0486 4384 CLFS - ok
11:44:04.0512 4384 [ 075CCE75090786F124573A788C8656E6 ] CLVirtualDrive C:\windows\system32\DRIVERS\CLVirtualDrive.sys
11:44:04.0520 4384 CLVirtualDrive - ok
11:44:04.0541 4384 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\windows\System32\drivers\CmBatt.sys
11:44:04.0579 4384 CmBatt - ok
11:44:04.0588 4384 [ 1894FD2D5966A81D3B07A7C4D8724D59 ] CNG C:\windows\system32\Drivers\cng.sys
11:44:04.0615 4384 CNG - ok
11:44:04.0629 4384 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\windows\System32\drivers\CompositeBus.sys
11:44:04.0654 4384 CompositeBus - ok
11:44:04.0658 4384 COMSysApp - ok
11:44:04.0679 4384 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\windows\system32\drivers\condrv.sys
11:44:04.0705 4384 condrv - ok
11:44:05.0099 4384 [ 2B370B742E7F34F24E775B65853BC3EE ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
11:44:05.0134 4384 cphs - ok
11:44:05.0170 4384 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\windows\system32\cryptsvc.dll
11:44:05.0192 4384 CryptSvc - ok
11:44:05.0208 4384 [ E8A676D196E9A4DED7A6C74DEA90FA4E ] dam C:\windows\system32\drivers\dam.sys
11:44:05.0218 4384 dam - ok
11:44:05.0269 4384 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\windows\system32\rpcss.dll
11:44:05.0327 4384 DcomLaunch - ok
11:44:05.0362 4384 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\windows\System32\defragsvc.dll
11:44:05.0405 4384 defragsvc - ok
11:44:05.0426 4384 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\windows\system32\das.dll
11:44:05.0467 4384 DeviceAssociationService - ok
11:44:05.0496 4384 [ D7A3877D9E126E21925DA873677C1D65 ] DeviceInstall C:\windows\system32\umpnpmgr.dll
11:44:05.0533 4384 DeviceInstall - ok
11:44:05.0583 4384 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\windows\system32\Drivers\dfsc.sys
11:44:05.0623 4384 Dfsc - ok
11:44:05.0644 4384 [ 6DBE7FE196F8E9D212DCC34EDDF7C3C1 ] Dhcp C:\windows\system32\dhcpcore.dll
11:44:05.0672 4384 Dhcp - ok
11:44:05.0688 4384 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\windows\system32\drivers\discache.sys
11:44:05.0703 4384 discache - ok
11:44:05.0708 4384 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\windows\system32\drivers\disk.sys
11:44:05.0719 4384 disk - ok
11:44:05.0728 4384 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\windows\System32\drivers\dmvsc.sys
11:44:05.0758 4384 dmvsc - ok
11:44:05.0787 4384 [ 9ACE7E657107EB51E5E89FD883F2FD2D ] Dnscache C:\windows\System32\dnsrslvr.dll
11:44:05.0810 4384 Dnscache - ok
11:44:05.0824 4384 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\windows\System32\dot3svc.dll
11:44:05.0850 4384 dot3svc - ok
11:44:05.0872 4384 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\windows\system32\dps.dll
11:44:05.0891 4384 DPS - ok
11:44:05.0904 4384 [ 013C53A30F896F00C563FD53E695AEF4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
11:44:05.0922 4384 drmkaud - ok
11:44:05.0950 4384 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\windows\System32\DeviceSetupManager.dll
11:44:05.0964 4384 DsmSvc - ok
11:44:06.0034 4384 [ ED120AA770A78B5079F8C7BB5AF8A035 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
11:44:06.0066 4384 DXGKrnl - ok
11:44:06.0122 4384 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\windows\System32\eapsvc.dll
11:44:06.0162 4384 Eaphost - ok
11:44:06.0340 4384 [ 843E8B2127D7283845E29E6176C15887 ] Easy Launcher C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
11:44:06.0402 4384 Easy Launcher - ok
11:44:06.0522 4384 [ C815C4FAE6A816DFB58975F3D0396692 ] ebdrv C:\windows\system32\drivers\evbda.sys
11:44:06.0630 4384 ebdrv - ok
11:44:06.0669 4384 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:44:06.0704 4384 eeCtrl - ok
11:44:06.0734 4384 [ 6E0E63801FBEF27995107B8269BCFAAD ] EFS C:\windows\System32\lsass.exe
11:44:06.0768 4384 EFS - ok
11:44:06.0810 4384 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\windows\system32\drivers\EhStorClass.sys
11:44:06.0820 4384 EhStorClass - ok
11:44:06.0841 4384 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\windows\system32\drivers\EhStorTcgDrv.sys
11:44:06.0851 4384 EhStorTcgDrv - ok
11:44:06.0911 4384 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:44:06.0919 4384 EraserUtilRebootDrv - ok
11:44:06.0922 4384 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\windows\System32\drivers\errdev.sys
11:44:06.0932 4384 ErrDev - ok
11:44:06.0976 4384 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\windows\system32\es.dll
11:44:07.0013 4384 EventSystem - ok
11:44:07.0032 4384 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\windows\system32\drivers\exfat.sys
11:44:07.0064 4384 exfat - ok
11:44:07.0084 4384 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\windows\system32\drivers\fastfat.sys
11:44:07.0098 4384 fastfat - ok
11:44:07.0130 4384 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\windows\system32\fxssvc.exe
11:44:07.0160 4384 Fax - ok
11:44:07.0200 4384 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\windows\System32\drivers\fdc.sys
11:44:07.0221 4384 fdc - ok
11:44:07.0268 4384 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\windows\system32\fdPHost.dll
11:44:07.0293 4384 fdPHost - ok
11:44:07.0329 4384 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\windows\system32\fdrespub.dll
11:44:07.0346 4384 FDResPub - ok
11:44:07.0371 4384 [ DFC2156EEC9E0CBC4F8311983567E3AA ] fhsvc C:\windows\system32\fhsvc.dll
11:44:07.0405 4384 fhsvc - ok
11:44:07.0424 4384 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
11:44:07.0435 4384 FileInfo - ok
11:44:07.0447 4384 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\windows\system32\drivers\filetrace.sys
11:44:07.0477 4384 Filetrace - ok
11:44:07.0481 4384 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\windows\System32\drivers\flpydisk.sys
11:44:07.0494 4384 flpydisk - ok
11:44:07.0511 4384 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\windows\system32\drivers\fltmgr.sys
11:44:07.0527 4384 FltMgr - ok
11:44:07.0566 4384 [ 305CB1E16576F436BC8797E629A3D46D ] FontCache C:\windows\system32\FntCache.dll
11:44:07.0642 4384 FontCache - ok
11:44:07.0740 4384 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\Pres entationFontCache.exe
11:44:07.0756 4384 FontCache3.0.0.0 - ok
11:44:07.0787 4384 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\windows\system32\drivers\FsDepends.sys
11:44:07.0796 4384 FsDepends - ok
11:44:07.0818 4384 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
11:44:07.0833 4384 Fs_Rec - ok
11:44:07.0859 4384 [ 79E687A2829B9EBDF488F78260651094 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
11:44:07.0877 4384 fvevol - ok
11:44:07.0899 4384 [ 3EF3FCCC0E70EEC5C2AD996F32BBA642 ] FxPPM C:\windows\System32\drivers\fxppm.sys
11:44:07.0923 4384 FxPPM - ok
11:44:07.0927 4384 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
11:44:07.0937 4384 gagp30kx - ok
11:44:07.0958 4384 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\windows\System32\drivers\vmgencounter.sys
11:44:07.0981 4384 gencounter - ok
11:44:08.0017 4384 [ A1F17108F3ED752D2614D767792327C5 ] GPIOClx0101 C:\windows\system32\Drivers\msgpioclx.sys
11:44:08.0027 4384 GPIOClx0101 - ok
11:44:08.0154 4384 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\windows\System32\gpsvc.dll
11:44:08.0236 4384 gpsvc - ok
11:44:08.0276 4384 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:44:08.0283 4384 gupdate - ok
11:44:08.0287 4384 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:44:08.0294 4384 gupdatem - ok
11:44:08.0320 4384 [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:44:08.0360 4384 HdAudAddService - ok
11:44:08.0392 4384 [ 8D6810577E9C4F56DCB8E9BACAC7287B ] HDAudBus C:\windows\System32\drivers\HDAudBus.sys
11:44:08.0445 4384 HDAudBus - ok
11:44:08.0467 4384 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\windows\System32\drivers\HidBatt.sys
11:44:08.0489 4384 HidBatt - ok
11:44:08.0493 4384 [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth C:\windows\System32\drivers\hidbth.sys
11:44:08.0525 4384 HidBth - ok
11:44:08.0539 4384 [ AC0526C4E3A7954F750B8F8D95EFB340 ] hidi2c C:\windows\System32\drivers\hidi2c.sys
11:44:08.0573 4384 hidi2c - ok
11:44:08.0577 4384 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\windows\System32\drivers\hidir.sys
11:44:08.0597 4384 HidIr - ok
11:44:08.0629 4384 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\windows\system32\hidserv.dll
11:44:08.0649 4384 hidserv - ok
11:44:08.0689 4384 [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb C:\windows\System32\drivers\hidusb.sys
11:44:08.0754 4384 HidUsb - ok
11:44:08.0785 4384 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\windows\system32\kmsvc.dll
11:44:08.0853 4384 hkmsvc - ok
11:44:08.0889 4384 [ 6CC1AD7B0E071C317B7FB8FC6AEF0EDA ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:44:08.0922 4384 HomeGroupListener - ok
11:44:09.0017 4384 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:44:09.0089 4384 HomeGroupProvider - ok
11:44:09.0107 4384 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
11:44:09.0117 4384 HpSAMD - ok
11:44:09.0157 4384 [ 47DBBF38E00C3F7404B71F6509241EF1 ] HTTP C:\windows\system32\drivers\HTTP.sys
11:44:09.0203 4384 HTTP - ok
11:44:09.0226 4384 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
11:44:09.0235 4384 hwpolicy - ok
11:44:09.0239 4384 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\windows\System32\drivers\hyperkbd.sys
11:44:09.0285 4384 hyperkbd - ok
11:44:09.0289 4384 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\windows\system32\DRIVERS\HyperVideo.sys
11:44:09.0323 4384 HyperVideo - ok
11:44:09.0328 4384 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\windows\System32\drivers\i8042prt.sys
11:44:09.0349 4384 i8042prt - ok
11:44:09.0387 4384 [ 0FE66A51D81A25AACEAAE4C26308121D ] iaStorA C:\windows\system32\drivers\iaStorA.sys
11:44:09.0402 4384 iaStorA - ok
11:44:09.0458 4384 [ 584068E03829BC5C63F54B05E6244E97 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:44:09.0468 4384 IAStorDataMgrSvc ( UnsignedFile****lti.Generic ) - warning
11:44:09.0468 4384 IAStorDataMgrSvc - detected UnsignedFile****lti.Generic (1)
11:44:09.0491 4384 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
11:44:09.0506 4384 iaStorV - ok
11:44:09.0669 4384 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\2 0130306.001\IDSvia64.sys
11:44:09.0681 4384 IDSVia64 - ok
11:44:09.0828 4384 [ 28388795BDF79464E8FDADB127671734 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
11:44:10.0042 4384 igfx - ok
11:44:10.0068 4384 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\windows\system32\drivers\iirsp.sys
11:44:10.0081 4384 iirsp - ok
11:44:10.0114 4384 [ 45EACE8D94B9CEC746A85154892C4FDC ] IKEEXT C:\windows\System32\ikeext.dll
11:44:10.0149 4384 IKEEXT - ok
11:44:10.0244 4384 [ 5C20DBF6A00AF50C7CB74DB233E03AF0 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
11:44:10.0349 4384 IntcAzAudAddService - ok
11:44:10.0411 4384 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
11:44:10.0458 4384 IntcDAud - ok
11:44:10.0531 4384 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:44:10.0547 4384 Intel(R) Capability Licensing Service Interface - ok
11:44:10.0600 4384 [ 30E9FAC23E2537D82F2836CB81AEE186 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
11:44:10.0607 4384 Intel(R) ME Service - ok
11:44:10.0645 4384 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\windows\system32\drivers\intelide.sys
11:44:10.0658 4384 intelide - ok
11:44:10.0678 4384 [ F9E126AA767E2E6E3128434A43C9F713 ] intelppm C:\windows\System32\drivers\intelppm.sys
11:44:10.0699 4384 intelppm - ok
11:44:10.0703 4384 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
11:44:10.0727 4384 IpFilterDriver - ok
11:44:10.0771 4384 [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc C:\windows\System32\iphlpsvc.dll
11:44:10.0813 4384 iphlpsvc - ok
11:44:10.0827 4384 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\windows\System32\drivers\IPMIDrv.sys
11:44:10.0856 4384 IPMIDRV - ok
11:44:10.0871 4384 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\windows\system32\drivers\ipnat.sys
11:44:10.0903 4384 IPNAT - ok
11:44:10.0907 4384 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\windows\system32\drivers\irenum.sys
11:44:10.0923 4384 IRENUM - ok
11:44:10.0928 4384 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\windows\system32\drivers\isapnp.sys
11:44:10.0939 4384 isapnp - ok
11:44:10.0962 4384 [ F5F0DE1B7F256997501EECECE9648108 ] iScsiPrt C:\windows\System32\drivers\msiscsi.sys
11:44:10.0975 4384 iScsiPrt - ok
11:44:11.0002 4384 [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:44:11.0011 4384 jhi_service - ok
11:44:11.0030 4384 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\windows\System32\drivers\kbdclass.sys
11:44:11.0040 4384 kbdclass - ok
11:44:11.0044 4384 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\windows\System32\drivers\kbdhid.sys
11:44:11.0074 4384 kbdhid - ok
11:44:11.0078 4384 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\windows\system32\DRIVERS\kdnic.sys
11:44:11.0096 4384 kdnic - ok
11:44:11.0116 4384 [ 6E0E63801FBEF27995107B8269BCFAAD ] KeyIso C:\windows\system32\lsass.exe
11:44:11.0127 4384 KeyIso - ok
11:44:11.0145 4384 [ A4751040DB14E30E61A4E47481C77274 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
11:44:11.0155 4384 KSecDD - ok
11:44:11.0161 4384 [ E427D299CFE267A2465D3AAF81440ED9 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
11:44:11.0173 4384 KSecPkg - ok
11:44:11.0186 4384 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
11:44:11.0208 4384 ksthunk - ok
11:44:11.0232 4384 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\windows\system32\msdtckrm.dll
11:44:11.0260 4384 KtmRm - ok
11:44:11.0290 4384 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\windows\system32\srvsvc.dll
11:44:11.0305 4384 LanmanServer - ok
11:44:11.0335 4384 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
11:44:11.0365 4384 LanmanWorkstation - ok
11:44:11.0371 4384 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
11:44:11.0387 4384 lltdio - ok
11:44:11.0413 4384 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\windows\System32\lltdsvc.dll
11:44:11.0435 4384 lltdsvc - ok
11:44:11.0439 4384 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\windows\System32\lmhsvc.dll
11:44:11.0469 4384 lmhosts - ok
11:44:11.0503 4384 [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:44:11.0513 4384 LMS - ok
11:44:11.0533 4384 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
11:44:11.0543 4384 LSI_SAS - ok
11:44:11.0547 4384 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
11:44:11.0557 4384 LSI_SAS2 - ok
11:44:11.0562 4384 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
11:44:11.0572 4384 LSI_SCSI - ok
11:44:11.0581 4384 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\windows\system32\drivers\lsi_sss.sys
11:44:11.0592 4384 LSI_SSS - ok
11:44:11.0615 4384 [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM C:\windows\System32\lsm.dll
11:44:11.0650 4384 LSM - ok
11:44:11.0671 4384 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\windows\system32\drivers\luafv.sys
11:44:11.0699 4384 luafv - ok
11:44:11.0725 4384 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\windows\system32\drivers\mbam.sys
11:44:11.0731 4384 MBAMProtector - ok
11:44:11.0797 4384 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:44:11.0807 4384 MBAMScheduler - ok
11:44:11.0834 4384 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:44:11.0849 4384 MBAMService - ok
11:44:11.0863 4384 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\windows\system32\drivers\megasas.sys
11:44:11.0872 4384 megasas - ok
11:44:11.0892 4384 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
11:44:11.0906 4384 MegaSR - ok
11:44:11.0925 4384 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\windows\System32\drivers\HECIx64.sys
11:44:11.0932 4384 MEIx64 - ok
11:44:11.0958 4384 [ DBD28A7997CF7303E610989C565C9B29 ] MMCSS C:\windows\system32\mmcss.dll
11:44:11.0994 4384 MMCSS - ok
11:44:11.0998 4384 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\windows\system32\drivers\modem.sys
11:44:12.0029 4384 Modem - ok
11:44:12.0054 4384 [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] monitor C:\windows\system32\DRIVERS\monitor.sys
11:44:12.0089 4384 monitor - ok
11:44:12.0094 4384 [ 618446B98C79776654340CE27C73485E ] mouclass C:\windows\System32\drivers\mouclass.sys
11:44:12.0103 4384 mouclass - ok
11:44:12.0107 4384 [ CB2527B8B87D83E56FBF3944BBB6F606 ] mouhid C:\windows\System32\drivers\mouhid.sys
11:44:12.0124 4384 mouhid - ok
11:44:12.0137 4384 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\windows\system32\drivers\mountmgr.sys
11:44:12.0149 4384 mountmgr - ok
11:44:12.0163 4384 [ 36BF4D86F166ACBC14F0B8B8F90CBCEA ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
11:44:12.0187 4384 mpsdrv - ok
11:44:12.0232 4384 [ 411EA973A1961C287927DF13891EB41E ] MpsSvc C:\windows\system32\mpssvc.dll
11:44:12.0263 4384 MpsSvc - ok
11:44:12.0269 4384 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
11:44:12.0292 4384 MRxDAV - ok
11:44:12.0307 4384 [ 1EEAA5A62E8C49DDF58798F06F78BFFA ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
11:44:12.0338 4384 mrxsmb - ok
11:44:12.0344 4384 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
11:44:12.0362 4384 mrxsmb10 - ok
11:44:12.0367 4384 [ BFBE1EA55ECC15733933D429E384BCA4 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
11:44:12.0390 4384 mrxsmb20 - ok
11:44:12.0435 4384 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\windows\system32\DRIVERS\bridge.sys
11:44:12.0453 4384 MsBridge - ok
11:44:12.0470 4384 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\windows\System32\msdtc.exe
11:44:12.0492 4384 MSDTC - ok
11:44:12.0506 4384 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\windows\system32\drivers\Msfs.sys
11:44:12.0530 4384 Msfs - ok
11:44:12.0557 4384 [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32 C:\windows\System32\drivers\msgpiowin32.sys
11:44:12.0565 4384 msgpiowin32 - ok
11:44:12.0587 4384 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
11:44:12.0612 4384 mshidkmdf - ok
11:44:12.0616 4384 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\windows\System32\drivers\mshidumdf.sys
11:44:12.0625 4384 mshidumdf - ok
11:44:12.0637 4384 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\windows\system32\drivers\msisadrv.sys
11:44:12.0646 4384 msisadrv - ok
11:44:12.0673 4384 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\windows\system32\iscsiexe.dll
11:44:12.0684 4384 MSiSCSI - ok
11:44:12.0688 4384 msiserver - ok
11:44:12.0703 4384 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
11:44:12.0720 4384 MSKSSRV - ok
11:44:12.0724 4384 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\windows\system32\DRIVERS\mslldp.sys
11:44:12.0734 4384 MsLldp - ok
11:44:12.0738 4384 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
11:44:12.0754 4384 MSPCLOCK - ok
11:44:12.0758 4384 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
11:44:12.0777 4384 MSPQM - ok
11:44:12.0803 4384 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
11:44:12.0823 4384 MsRPC - ok
11:44:12.0839 4384 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\windows\System32\drivers\mssmbios.sys
11:44:12.0848 4384 mssmbios - ok
11:44:12.0857 4384 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
11:44:12.0872 4384 MSTEE - ok
11:44:12.0876 4384 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\windows\System32\drivers\MTConfig.sys
11:44:12.0898 4384 MTConfig - ok
11:44:12.0902 4384 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\windows\system32\Drivers\mup.sys
11:44:12.0912 4384 Mup - ok
11:44:12.0916 4384 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\windows\system32\drivers\mvumis.sys
11:44:12.0926 4384 mvumis - ok
11:44:12.0954 4384 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\windows\system32\qagentRT.dll
11:44:12.0990 4384 napagent - ok
11:44:13.0029 4384 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
11:44:13.0058 4384 NativeWifiP - ok
11:44:13.0111 4384 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs \20130306.035\ENG64.SYS
11:44:13.0121 4384 NAVENG - ok
11:44:13.0165 4384 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs \20130306.035\EX64.SYS
11:44:13.0206 4384 NAVEX15 - ok
11:44:13.0239 4384 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\windows\System32\ncasvc.dll
11:44:13.0261 4384 NcaSvc - ok
11:44:13.0265 4384 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\windows\System32\NcdAutoSetup.dll
11:44:13.0299 4384 NcdAutoSetup - ok
11:44:13.0336 4384 [ EAB473DFB958489D3145FE4DD5F5E77B ] NDIS C:\windows\system32\drivers\ndis.sys
11:44:13.0365 4384 NDIS - ok
11:44:13.0375 4384 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
11:44:13.0405 4384 NdisCap - ok
11:44:13.0410 4384 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\windows\system32\DRIVERS\NdisImPlatform.sys
11:44:13.0430 4384 NdisImPlatform - ok
11:44:13.0434 4384 [ 8757D4A9701F9F4B59978839F46C32A7 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
11:44:13.0450 4384 NdisTapi - ok
11:44:13.0468 4384 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
11:44:13.0479 4384 Ndisuio - ok
11:44:13.0484 4384 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
11:44:13.0511 4384 NdisWan - ok
11:44:13.0515 4384 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\windows\system32\DRIVERS\ndiswan.sys
11:44:13.0533 4384 NDISWANLEGACY - ok
11:44:13.0550 4384 [ FC891984160AAD8D3F047888C6BF1467 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
11:44:13.0563 4384 NDProxy - ok
11:44:13.0568 4384 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\windows\system32\drivers\Ndu.sys
11:44:13.0591 4384 Ndu - ok
11:44:13.0618 4384 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
11:44:13.0647 4384 NetBIOS - ok
11:44:13.0669 4384 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
11:44:13.0697 4384 NetBT - ok
11:44:13.0712 4384 [ 6E0E63801FBEF27995107B8269BCFAAD ] Netlogon C:\windows\system32\lsass.exe
11:44:13.0722 4384 Netlogon - ok
11:44:13.0746 4384 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\windows\System32\netman.dll
11:44:13.0766 4384 Netman - ok
11:44:13.0800 4384 [ C166E3CD90AB0781ECDF10EC765B083A ] netprofm C:\windows\System32\netprofmsvc.dll
11:44:13.0834 4384 netprofm - ok
11:44:13.0886 4384 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
11:44:13.0897 4384 NetTcpPortSharing - ok
11:44:13.0921 4384 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
11:44:13.0930 4384 nfrd960 - ok
11:44:13.0976 4384 [ C5046BBDBC044EEBC339D800F75A62DB ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe
11:44:13.0983 4384 NIS - ok
11:44:14.0007 4384 [ 05B42A91867DA3FF71C59747DC785996 ] NlaSvc C:\windows\System32\nlasvc.dll
11:44:14.0036 4384 NlaSvc - ok
11:44:14.0107 4384 [ EC6B98656770A0441C14BB86FEFC90AE ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
11:44:14.0167 4384 NOBU - ok
11:44:14.0202 4384 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\windows\system32\drivers\Npfs.sys
11:44:14.0225 4384 Npfs - ok
11:44:14.0244 4384 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\windows\System32\drivers\npsvctrig.sys
11:44:14.0270 4384 npsvctrig - ok
11:44:14.0296 4384 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\windows\system32\nsisvc.dll
11:44:14.0315 4384 nsi - ok
11:44:14.0320 4384 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
11:44:14.0343 4384 nsiproxy - ok
11:44:14.0404 4384 [ 11D7A4A4A1DA60F394F53B413DCDF0DE ] Ntfs C:\windows\system32\drivers\Ntfs.sys
11:44:14.0453 4384 Ntfs - ok
11:44:14.0467 4384 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\windows\system32\drivers\Null.sys
11:44:14.0493 4384 Null - ok
11:44:14.0736 4384 [ F648FE6BCE0AAD9E5EA63C8BE9AD90E3 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
11:44:15.0038 4384 nvlddmkm - ok
11:44:15.0054 4384 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\windows\system32\drivers\nvraid.sys
11:44:15.0064 4384 nvraid - ok
11:44:15.0085 4384 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\windows\system32\drivers\nvstor.sys
11:44:15.0096 4384 nvstor - ok
11:44:15.0100 4384 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
11:44:15.0111 4384 nv_agp - ok
11:44:15.0146 4384 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\windows\system32\pnrpsvc.dll
11:44:15.0175 4384 p2pimsvc - ok
11:44:15.0197 4384 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\windows\system32\p2psvc.dll
11:44:15.0220 4384 p2psvc - ok
11:44:15.0239 4384 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\windows\System32\drivers\parport.sys
11:44:15.0249 4384 Parport - ok
11:44:15.0271 4384 [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr C:\windows\system32\drivers\partmgr.sys
11:44:15.0281 4384 partmgr - ok
11:44:15.0304 4384 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\windows\System32\pcasvc.dll
11:44:15.0325 4384 PcaSvc - ok
11:44:15.0354 4384 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\windows\system32\drivers\pci.sys
11:44:15.0367 4384 pci - ok
11:44:15.0379 4384 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\windows\system32\drivers\pciide.sys
11:44:15.0389 4384 pciide - ok
11:44:15.0406 4384 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
11:44:15.0420 4384 pcmcia - ok
11:44:15.0438 4384 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\windows\system32\drivers\pcw.sys
11:44:15.0452 4384 pcw - ok
11:44:15.0456 4384 [ 674B0AAFB88A04D313B032C623F6AC9A ] pdc C:\windows\system32\drivers\pdc.sys
11:44:15.0470 4384 pdc - ok
11:44:15.0497 4384 [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH C:\windows\system32\drivers\peauth.sys
11:44:15.0521 4384 PEAUTH - ok
11:44:15.0590 4384 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\windows\SysWow64\perfhost.exe
11:44:15.0610 4384 PerfHost - ok
11:44:15.0669 4384 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\windows\system32\pla.dll
11:44:15.0713 4384 pla - ok
11:44:15.0746 4384 [ D7A3877D9E126E21925DA873677C1D65 ] PlugPlay C:\windows\system32\umpnpmgr.dll
11:44:15.0771 4384 PlugPlay - ok
11:44:15.0776 4384 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
11:44:15.0802 4384 PNRPAutoReg - ok
11:44:15.0823 4384 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\windows\system32\pnrpsvc.dll
11:44:15.0841 4384 PNRPsvc - ok
11:44:15.0873 4384 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
11:44:15.0902 4384 PolicyAgent - ok
11:44:15.0959 4384 postgresql-8.4 - ok
11:44:15.0978 4384 [ AAD0C7235F804728373026EEFFDBCA6C ] Power C:\windows\system32\umpo.dll
11:44:16.0012 4384 Power - ok
11:44:16.0039 4384 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
11:44:16.0064 4384 PptpMiniport - ok
11:44:16.0176 4384 [ 9D59831262CAD44E709D695FC9D5E7AB ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfi g.dll
11:44:16.0230 4384 PrintNotify - ok
11:44:16.0264 4384 [ 8DA167F8967AB35A2487095CB1B879A0 ] Processor C:\windows\System32\drivers\processr.sys
11:44:16.0291 4384 Processor - ok
11:44:16.0318 4384 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\windows\system32\profsvc.dll
11:44:16.0343 4384 ProfSvc - ok
11:44:16.0361 4384 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\windows\system32\DRIVERS\pacer.sys
11:44:16.0375 4384 Psched - ok
11:44:16.0395 4384 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\windows\system32\qwave.dll
11:44:16.0425 4384 QWAVE - ok
11:44:16.0429 4384 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
11:44:16.0440 4384 QWAVEdrv - ok
11:44:16.0463 4384 [ 194ED3C117525613E701FF257882303E ] RadioHIDMini C:\windows\System32\drivers\RadioHIDMini.sys
11:44:16.0469 4384 RadioHIDMini - ok
11:44:16.0473 4384 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
11:44:16.0487 4384 RasAcd - ok
11:44:16.0514 4384 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
11:44:16.0528 4384 RasAgileVpn - ok
11:44:16.0552 4384 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\windows\System32\rasauto.dll
11:44:16.0565 4384 RasAuto - ok
11:44:16.0602 4384 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
11:44:16.0627 4384 Rasl2tp - ok
11:44:16.0647 4384 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\windows\System32\rasmans.dll
11:44:16.0674 4384 RasMan - ok
11:44:16.0678 4384 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
11:44:16.0695 4384 RasPppoe - ok
11:44:16.0706 4384 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
11:44:16.0737 4384 RasSstp - ok
11:44:16.0757 4384 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
11:44:16.0788 4384 rdbss - ok
11:44:16.0803 4384 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\windows\System32\drivers\rdpbus.sys
11:44:16.0838 4384 rdpbus - ok
11:44:16.0843 4384 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
11:44:16.0879 4384 RDPDR - ok
11:44:16.0895 4384 [ 3B4F32CA8B37584ECF98BCE136E38B96 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
11:44:16.0905 4384 RdpVideoMiniport - ok
11:44:16.0911 4384 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
11:44:16.0939 4384 RDPWD - ok
11:44:16.0945 4384 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
11:44:16.0959 4384 rdyboost - ok
11:44:16.0987 4384 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\windows\System32\mprdim.dll
11:44:17.0008 4384 RemoteAccess - ok
11:44:17.0041 4384 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\windows\system32\regsvc.dll
11:44:17.0058 4384 RemoteRegistry - ok
11:44:17.0084 4384 [ 17EF582CBC4809F96B9E6D0543480763 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
11:44:17.0104 4384 RFCOMM - ok
11:44:17.0122 4384 [ 381E606B90F32E501D1E2C852D211AB9 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
11:44:17.0150 4384 RpcEptMapper - ok
11:44:17.0175 4384 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\windows\system32\locator.exe
11:44:17.0185 4384 RpcLocator - ok
11:44:17.0227 4384 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\windows\system32\rpcss.dll
11:44:17.0246 4384 RpcSs - ok
11:44:17.0275 4384 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
11:44:17.0301 4384 rspndr - ok
11:44:17.0350 4384 [ 8EB6DCEB7473C232D8BC9A886E3183AC ] RSUSBVSTOR C:\windows\System32\Drivers\RtsUVStor.sys
11:44:17.0361 4384 RSUSBVSTOR - ok
11:44:17.0395 4384 [ 7D9DA8EC6784A9EE213C676709D46BE6 ] RTL8168 C:\windows\system32\DRIVERS\Rt630x64.sys
11:44:17.0416 4384 RTL8168 - ok
11:44:17.0432 4384 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\windows\System32\drivers\vms3cap.sys
11:44:17.0453 4384 s3cap - ok
11:44:17.0483 4384 [ 6E0E63801FBEF27995107B8269BCFAAD ] SamSs C:\windows\system32\lsass.exe
11:44:17.0493 4384 SamSs - ok
11:44:17.0509 4384 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
11:44:17.0520 4384 sbp2port - ok
11:44:17.0542 4384 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\windows\System32\SCardSvr.dll
11:44:17.0566 4384 SCardSvr - ok
11:44:17.0571 4384 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
11:44:17.0587 4384 scfilter - ok
11:44:17.0617 4384 [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule C:\windows\system32\schedsvc.dll
11:44:17.0662 4384 Schedule - ok
11:44:17.0689 4384 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\windows\System32\certprop.dll
11:44:17.0703 4384 SCPolicySvc - ok
11:44:17.0733 4384 [ 12F06525912BBEF67837DE47D87C60A9 ] sdbus C:\windows\System32\drivers\sdbus.sys
11:44:17.0745 4384 sdbus - ok
11:44:17.0765 4384 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\windows\System32\SDRSVC.dll
11:44:17.0805 4384 SDRSVC - ok
11:44:17.0838 4384 [ 6BF842A03DAA25CBBA9A585E25731E06 ] sdstor C:\windows\System32\drivers\sdstor.sys
11:44:17.0849 4384 sdstor - ok
11:44:17.0853 4384 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
11:44:17.0863 4384 secdrv - ok
11:44:17.0882 4384 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\windows\system32\seclogon.dll
11:44:17.0909 4384 seclogon - ok
11:44:17.0919 4384 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\windows\System32\sens.dll
11:44:17.0936 4384 SENS - ok
11:44:17.0949 4384 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\windows\system32\sensrsvc.dll
11:44:17.0970 4384 SensrSvc - ok
11:44:17.0974 4384 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\windows\system32\drivers\SerCx.sys
11:44:17.0984 4384 SerCx - ok
11:44:17.0988 4384 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\windows\System32\drivers\serenum.sys
11:44:18.0010 4384 Serenum - ok
11:44:18.0015 4384 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\windows\System32\drivers\serial.sys
11:44:18.0024 4384 Serial - ok
11:44:18.0028 4384 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\windows\System32\drivers\sermouse.sys
11:44:18.0049 4384 sermouse - ok
11:44:18.0069 4384 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\windows\system32\sessenv.dll
11:44:18.0083 4384 SessionEnv - ok
11:44:18.0087 4384 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\windows\System32\drivers\sfloppy.sys
11:44:18.0108 4384 sfloppy - ok
11:44:18.0137 4384 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\windows\System32\ipnathlp.dll
11:44:18.0163 4384 SharedAccess - ok
11:44:18.0212 4384 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:44:18.0269 4384 ShellHWDetection - ok
11:44:18.0286 4384 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
11:44:18.0296 4384 SiSRaid2 - ok
11:44:18.0315 4384 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
11:44:18.0325 4384 SiSRaid4 - ok
11:44:18.0343 4384 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\windows\System32\snmptrap.exe
11:44:18.0369 4384 SNMPTRAP - ok
11:44:18.0460 4384 [ 465F3C355CE5ED2779B8F460F14C5A78 ] spaceport C:\windows\system32\drivers\spaceport.sys
11:44:18.0474 4384 spaceport - ok
11:44:18.0492 4384 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\windows\system32\drivers\SpbCx.sys
11:44:18.0511 4384 SpbCx - ok
11:44:18.0546 4384 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\windows\System32\spoolsv.exe
11:44:18.0583 4384 Spooler - ok
11:44:18.0672 4384 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\windows\system32\sppsvc.exe
11:44:18.0782 4384 sppsvc - ok
11:44:18.0849 4384 [ 28F329E53489350C010C4A03A27F3861 ] SRTSP C:\windows\system32\drivers\NISx64\1400000.088\SRT SP64.SYS
11:44:18.0867 4384 SRTSP - ok
11:44:18.0871 4384 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\windows\system32\drivers\NISx64\1400000.088\SRT SPX64.SYS
11:44:18.0877 4384 SRTSPX - ok
11:44:18.0896 4384 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\windows\system32\DRIVERS\srv.sys
11:44:18.0919 4384 srv - ok
11:44:18.0929 4384 [ 0DE224F7B8041B17AA53D00327A86396 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
11:44:18.0956 4384 srv2 - ok
11:44:18.0981 4384 [ 9400C71F5A1A380B494B6922F007D485 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
11:44:19.0009 4384 srvnet - ok
11:44:19.0048 4384 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
11:44:19.0082 4384 SSDPSRV - ok
11:44:19.0094 4384 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\windows\system32\sstpsvc.dll
11:44:19.0125 4384 SstpSvc - ok
11:44:19.0178 4384 Steam Client Service - ok
11:44:19.0203 4384 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\windows\system32\drivers\stexstor.sys
11:44:19.0212 4384 stexstor - ok
11:44:19.0242 4384 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\windows\System32\wiaservc.dll
11:44:19.0281 4384 stisvc - ok
11:44:19.0285 4384 [ C588BBD37B432CE3204E5765B459E6B2 ] storahci C:\windows\system32\drivers\storahci.sys
11:44:19.0295 4384 storahci - ok
11:44:19.0308 4384 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\windows\system32\DRIVERS\vmstorfl.sys
11:44:19.0317 4384 storflt - ok
11:44:19.0351 4384 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\windows\system32\storsvc.dll
11:44:19.0386 4384 StorSvc - ok
11:44:19.0397 4384 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\windows\system32\drivers\storvsc.sys
11:44:19.0406 4384 storvsc - ok
11:44:19.0420 4384 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\windows\system32\svsvc.dll
11:44:19.0451 4384 svsvc - ok
11:44:19.0455 4384 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\windows\System32\drivers\swenum.sys
11:44:19.0469 4384 swenum - ok
11:44:19.0486 4384 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\windows\System32\swprv.dll
11:44:19.0520 4384 swprv - ok
11:44:19.0540 4384 [ 9B86204188C369DCD2C9048081107F28 ] SymDS C:\windows\system32\drivers\NISx64\1400000.088\SYM DS64.SYS
11:44:19.0552 4384 SymDS - ok
11:44:19.0600 4384 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\windows\system32\drivers\NISx64\1400000.088\SYM EFA64.SYS
11:44:19.0622 4384 SymEFA - ok
11:44:19.0626 4384 [ 42947647F71E9EF2167B42B372F1DDB7 ] SymELAM C:\windows\system32\drivers\NISx64\1400000.088\Sym ELAM.sys
11:44:19.0635 4384 SymELAM - ok
11:44:19.0648 4384 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
11:44:19.0679 4384 SymEvent - ok
11:44:19.0691 4384 [ F506138F645F0EA381A58DD7DB7780AC ] SymIRON C:\windows\system32\drivers\NISx64\1400000.088\Iro nx64.SYS
11:44:19.0701 4384 SymIRON - ok
11:44:19.0709 4384 [ 424915DF2B385A3A822C0CD3C2642651 ] SymNetS C:\windows\system32\drivers\NISx64\1400000.088\SYM NETS.SYS
11:44:19.0721 4384 SymNetS - ok
11:44:19.0748 4384 [ B9337BA722226E765AE00E9EE6D72DEB ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
11:44:19.0762 4384 SynTP - ok
11:44:19.0802 4384 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\windows\system32\sysmain.dll
11:44:19.0849 4384 SysMain - ok
11:44:19.0867 4384 [ F1DA8D3C4395E4B1D58D308A4B062B24 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
11:44:19.0884 4384 SystemEventsBroker - ok
11:44:19.0896 4384 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\windows\System32\TabSvc.dll
11:44:19.0923 4384 TabletInputService - ok
11:44:19.0943 4384 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\windows\System32\tapisrv.dll
11:44:19.0973 4384 TapiSrv - ok
11:44:20.0036 4384 [ D192288CE5FB395F0BBAFDD1A8B5285D ] Tcpip C:\windows\system32\drivers\tcpip.sys
11:44:20.0095 4384 Tcpip - ok
11:44:20.0120 4384 [ D192288CE5FB395F0BBAFDD1A8B5285D ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
11:44:20.0176 4384 TCPIP6 - ok
11:44:20.0203 4384 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
11:44:20.0216 4384 tcpipreg - ok
11:44:20.0222 4384 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\windows\system32\DRIVERS\tdx.sys
11:44:20.0242 4384 tdx - ok
11:44:20.0246 4384 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\windows\System32\drivers\terminpt.sys
11:44:20.0255 4384 terminpt - ok
11:44:20.0282 4384 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\windows\System32\termsrv.dll
11:44:20.0298 4384 TermService - ok
11:44:20.0315 4384 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\windows\system32\themeservice.dll
11:44:20.0332 4384 Themes - ok
11:44:20.0355 4384 [ DBD28A7997CF7303E610989C565C9B29 ] THREADORDER C:\windows\system32\mmcss.dll
11:44:20.0366 4384 THREADORDER - ok
11:44:20.0376 4384 [ 2A8B087AE47AC8486859CF479BB704C8 ] TimeBroker C:\windows\System32\TimeBrokerServer.dll
11:44:20.0403 4384 TimeBroker - ok
11:44:20.0423 4384 [ 151BD0387B1B320CC9AACE6DB071803B ] TPM C:\windows\system32\drivers\tpm.sys
11:44:20.0437 4384 TPM - ok
11:44:20.0442 4384 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\windows\System32\trkwks.dll
11:44:20.0455 4384 TrkWks - ok
11:44:20.0498 4384 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:44:20.0508 4384 TrustedInstaller - ok
11:44:20.0514 4384 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
11:44:20.0533 4384 TsUsbFlt - ok
11:44:20.0537 4384 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\windows\System32\drivers\TsUsbGD.sys
11:44:20.0561 4384 TsUsbGD - ok
11:44:20.0565 4384 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
11:44:20.0582 4384 tunnel - ok
11:44:20.0594 4384 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\windows\system32\drivers\uagp35.sys
11:44:20.0603 4384 uagp35 - ok
11:44:20.0607 4384 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\windows\System32\drivers\uaspstor.sys
11:44:20.0622 4384 UASPStor - ok
11:44:20.0632 4384 [ AA48AEC5CEB2AA8ED1B1A5758B017F72 ] UCX01000 C:\windows\System32\drivers\ucx01000.sys
11:44:20.0647 4384 UCX01000 - ok
11:44:20.0653 4384 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\windows\system32\DRIVERS\udfs.sys
11:44:20.0682 4384 udfs - ok
11:44:20.0714 4384 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\windows\system32\UI0Detect.exe
11:44:20.0727 4384 UI0Detect - ok
11:44:20.0731 4384 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
11:44:20.0741 4384 uliagpkx - ok
11:44:20.0759 4384 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\windows\System32\drivers\umbus.sys
11:44:20.0779 4384 umbus - ok
11:44:20.0783 4384 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\windows\System32\drivers\umpass.sys
11:44:20.0795 4384 UmPass - ok
11:44:20.0814 4384 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\windows\System32\umrdp.dll
11:44:20.0843 4384 UmRdpService - ok
11:44:20.0929 4384 [ DBE2E6388379D5CC78099650541E9566 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:44:20.0939 4384 UNS - ok
11:44:20.0959 4384 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\windows\System32\upnphost.dll
11:44:20.0996 4384 upnphost - ok
11:44:21.0017 4384 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\windows\System32\drivers\usbccgp.sys
11:44:21.0040 4384 usbccgp - ok
11:44:21.0045 4384 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\windows\System32\drivers\usbcir.sys
11:44:21.0069 4384 usbcir - ok
11:44:21.0073 4384 [ 742BAFBB51C5B7811098ADE8C7EF5534 ] usbehci C:\windows\System32\drivers\usbehci.sys
11:44:21.0084 4384 usbehci - ok
11:44:21.0110 4384 [ 566A32B2054C8E5360DB7839F64D0F58 ] usbhub C:\windows\System32\drivers\usbhub.sys
11:44:21.0129 4384 usbhub - ok
11:44:21.0161 4384 [ 12EAB6FB15B572D9C6D9FFC33F87EC3F ] USBHUB3 C:\windows\System32\drivers\UsbHub3.sys
11:44:21.0179 4384 USBHUB3 - ok
11:44:21.0183 4384 [ F656F5D696A921DA67E98CF9C2BEDA20 ] usbohci C:\windows\System32\drivers\usbohci.sys
11:44:21.0212 4384 usbohci - ok
11:44:21.0224 4384 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\windows\System32\drivers\usbprint.sys
11:44:21.0245 4384 usbprint - ok
11:44:21.0250 4384 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\windows\System32\drivers\USBSTOR.SYS
11:44:21.0261 4384 USBSTOR - ok
11:44:21.0266 4384 [ 1BBB5F562E80CF9E2F1587150FE3216E ] usbuhci C:\windows\System32\drivers\usbuhci.sys
11:44:21.0278 4384 usbuhci - ok
11:44:21.0312 4384 [ 75357960FD491E12416342CA12975FDA ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
11:44:21.0332 4384 usbvideo - ok
11:44:21.0357 4384 [ 8ABF3C3ED6BF5ED15DC947795FF6ACAC ] USBXHCI C:\windows\System32\drivers\USBXHCI.SYS
11:44:21.0373 4384 USBXHCI - ok
11:44:21.0389 4384 [ 6E0E63801FBEF27995107B8269BCFAAD ] VaultSvc C:\windows\system32\lsass.exe
11:44:21.0401 4384 VaultSvc - ok
11:44:21.0409 4384 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
11:44:21.0421 4384 vdrvroot - ok
11:44:21.0455 4384 [ 728C2DEEE875D6968632638922D6A1D7 ] vds C:\windows\System32\vds.exe
11:44:21.0479 4384 vds - ok
11:44:21.0483 4384 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\windows\system32\drivers\VerifierExt.sys
11:44:21.0493 4384 VerifierExt - ok
11:44:21.0512 4384 [ 8628FA679F0EC4B709CCD1F6B6A3233B ] vhdmp C:\windows\System32\drivers\vhdmp.sys
11:44:21.0530 4384 vhdmp - ok
11:44:21.0534 4384 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\windows\system32\drivers\viaide.sys
11:44:21.0547 4384 viaide - ok
11:44:21.0552 4384 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\windows\system32\drivers\vmbus.sys
11:44:21.0567 4384 vmbus - ok
11:44:21.0571 4384 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\windows\System32\drivers\VMBusHID.sys
11:44:21.0580 4384 VMBusHID - ok
11:44:21.0606 4384 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\windows\System32\ICSvc.dll
11:44:21.0633 4384 vmicheartbeat - ok
11:44:21.0639 4384 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\windows\System32\ICSvc.dll
11:44:21.0652 4384 vmickvpexchange - ok
11:44:21.0659 4384 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\windows\System32\ICSvc.dll
11:44:21.0673 4384 vmicrdv - ok
11:44:21.0681 4384 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\windows\System32\ICSvc.dll
11:44:21.0694 4384 vmicshutdown - ok
11:44:21.0700 4384 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\windows\System32\ICSvc.dll
11:44:21.0713 4384 vmictimesync - ok
11:44:21.0719 4384 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\windows\System32\ICSvc.dll
11:44:21.0731 4384 vmicvss - ok
11:44:21.0753 4384 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\windows\system32\drivers\volmgr.sys
11:44:21.0764 4384 volmgr - ok
11:44:21.0771 4384 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
11:44:21.0788 4384 volmgrx - ok
11:44:21.0806 4384 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\windows\system32\drivers\volsnap.sys
11:44:21.0827 4384 volsnap - ok
11:44:21.0841 4384 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\windows\System32\drivers\vpci.sys
11:44:21.0852 4384 vpci - ok
11:44:21.0857 4384 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
11:44:21.0872 4384 vsmraid - ok
11:44:21.0922 4384 [ EA658570314042C914964FC72AB50E6B ] VSS C:\windows\system32\vssvc.exe
11:44:21.0960 4384 VSS - ok
11:44:22.0018 4384 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\windows\system32\drivers\vstxraid.sys
11:44:22.0036 4384 VSTXRAID - ok
11:44:22.0041 4384 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
11:44:22.0051 4384 vwifibus - ok
11:44:22.0057 4384 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
11:44:22.0073 4384 vwififlt - ok
11:44:22.0090 4384 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
11:44:22.0101 4384 vwifimp - ok
11:44:22.0123 4384 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\windows\system32\w32time.dll
11:44:22.0153 4384 W32Time - ok
11:44:22.0157 4384 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\windows\System32\drivers\wacompen.sys
11:44:22.0176 4384 WacomPen - ok
11:44:22.0183 4384 [ B69492CBD928534160594A7B33602575 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys
11:44:22.0206 4384 Wanarp - ok
11:44:22.0211 4384 [ B69492CBD928534160594A7B33602575 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
11:44:22.0229 4384 Wanarpv6 - ok
11:44:22.0276 4384 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\windows\system32\wbengine.exe
11:44:22.0314 4384 wbengine - ok
11:44:22.0322 4384 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
11:44:22.0350 4384 WbioSrvc - ok
11:44:22.0367 4384 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\windows\System32\wcmsvc.dll
11:44:22.0382 4384 Wcmsvc - ok
11:44:22.0390 4384 [ 68C2831A05A339DA8462C6F45BFCB84C ] wcncsvc C:\windows\System32\wcncsvc.dll
11:44:22.0411 4384 wcncsvc - ok
11:44:22.0425 4384 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:44:22.0464 4384 WcsPlugInService - ok
11:44:22.0486 4384 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\windows\system32\drivers\wd.sys
11:44:22.0497 4384 Wd - ok
11:44:22.0501 4384 [ 260F8DFC4D5748F4CCB9B19CFB0E58EA ] WdBoot C:\windows\system32\drivers\WdBoot.sys
11:44:22.0512 4384 WdBoot - ok
11:44:22.0549 4384 [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
11:44:22.0570 4384 Wdf01000 - ok
11:44:22.0589 4384 [ 880FFFC4D5BBBB4187B6B04AB2E8C32A ] WdFilter C:\windows\system32\drivers\WdFilter.sys
11:44:22.0609 4384 WdFilter - ok
11:44:22.0624 4384 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\windows\system32\wdi.dll
11:44:22.0642 4384 WdiServiceHost - ok
11:44:22.0647 4384 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\windows\system32\wdi.dll
11:44:22.0665 4384 WdiSystemHost - ok
11:44:22.0695 4384 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\windows\System32\webclnt.dll
11:44:22.0712 4384 WebClient - ok
11:44:22.0725 4384 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\windows\system32\wecsvc.dll
11:44:22.0739 4384 Wecsvc - ok
11:44:22.0751 4384 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\windows\System32\wercplsupport.dll
11:44:22.0785 4384 wercplsupport - ok
11:44:22.0798 4384 [ 8E2426162ED6749A127B35D235F21E11 ] WerSvc C:\windows\System32\WerSvc.dll
11:44:22.0827 4384 WerSvc - ok
11:44:22.0855 4384 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\windows\system32\DRIVERS\wfplwfs.sys
11:44:22.0867 4384 WFPLWFS - ok
11:44:22.0879 4384 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\windows\System32\wiarpc.dll
11:44:22.0903 4384 WiaRpc - ok
11:44:22.0923 4384 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\windows\system32\drivers\wimmount.sys
11:44:22.0937 4384 WIMMount - ok
11:44:22.0964 4384 WinDefend - ok
11:44:23.0012 4384 [ 1369928779943B5C7AABA263E6E2BBC1 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
11:44:23.0048 4384 WinHttpAutoProxySvc - ok
11:44:23.0095 4384 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
11:44:23.0120 4384 Winmgmt - ok
11:44:23.0181 4384 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\windows\system32\WsmSvc.dll
11:44:23.0227 4384 WinRM - ok
11:44:23.0286 4384 [ CAC452B32656A0A51356912F4A9943CA ] WlanSvc C:\windows\System32\wlansvc.dll
11:44:23.0330 4384 WlanSvc - ok
11:44:23.0399 4384 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc C:\windows\system32\wlidsvc.dll
11:44:23.0459 4384 wlidsvc - ok
11:44:23.0480 4384 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\windows\System32\drivers\wmiacpi.sys
11:44:23.0490 4384 WmiAcpi - ok
11:44:23.0522 4384 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
11:44:23.0537 4384 wmiApSrv - ok
11:44:23.0565 4384 WMPNetworkSvc - ok
11:44:23.0572 4384 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\windows\system32\DRIVERS\wpcfltr.sys
11:44:23.0596 4384 wpcfltr - ok
11:44:23.0618 4384 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\windows\System32\wpcsvc.dll
11:44:23.0633 4384 WPCSvc - ok
11:44:23.0648 4384 [ 94AA5150E35B3ABB7191FE641E3C2473 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
11:44:23.0690 4384 WPDBusEnum - ok
11:44:23.0694 4384 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\windows\system32\drivers\WpdUpFltr.sys
11:44:23.0707 4384 WpdUpFltr - ok
11:44:23.0712 4384 [ 58D492F986EC519ECDD54D93618758F8 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
11:44:23.0739 4384 ws2ifsl - ok
11:44:23.0754 4384 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc C:\windows\System32\wscsvc.dll
11:44:23.0850 4384 wscsvc - ok
11:44:23.0853 4384 WSearch - ok
11:44:24.0040 4384 [ FEC16FE5EAC2D8CD4628B69667B90DE6 ] WSService C:\windows\System32\WSService.dll
11:44:24.0113 4384 WSService - ok
11:44:24.0172 4384 [ C80DB258C195ACBF86ED42B53554EB28 ] wuauserv C:\windows\system32\wuaueng.dll
11:44:24.0257 4384 wuauserv - ok
11:44:24.0271 4384 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
11:44:24.0287 4384 WudfPf - ok
11:44:24.0293 4384 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\System32\drivers\WUDFRd.sys
11:44:24.0303 4384 WUDFRd - ok
11:44:24.0331 4384 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
11:44:24.0358 4384 wudfsvc - ok
11:44:24.0363 4384 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\windows\system32\DRIVERS\WUDFRd.sys
11:44:24.0374 4384 WUDFWpdFs - ok
11:44:24.0398 4384 [ 9FE55B90B1778C4FE351ECD1AEFD8AAF ] WwanSvc C:\windows\System32\wwansvc.dll
11:44:24.0429 4384 WwanSvc - ok
11:44:24.0476 4384 [ 03CD249A16CF815FFFD347DC61EF9E6D ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
11:44:24.0495 4384 ZAtheros Bt and Wlan Coex Agent ( UnsignedFile****lti.Generic ) - warning
11:44:24.0495 4384 ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile****lti.Generic (1)
11:44:24.0508 4384 ================ Scan global ===============================
11:44:24.0554 4384 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\windows\system32\basesrv.dll
11:44:24.0580 4384 [ B36597EF454D4FEA2F11429A9A1424BD ] C:\windows\system32\winsrv.dll
11:44:24.0599 4384 [ BD7C6949984D19AAA609896B675E7357 ] C:\windows\system32\sxssrv.dll
11:44:24.0632 4384 [ 754A2CC1F32107EA87CBD305ABE3E618 ] C:\windows\system32\services.exe
11:44:24.0636 4384 [Global] - ok
11:44:24.0637 4384 ================ Scan MBR ==================================
11:44:24.0644 4384 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:44:24.0759 4384 \Device\Harddisk0\DR0 - ok
11:44:24.0759 4384 ================ Scan VBR ==================================
11:44:24.0785 4384 [ D216201EA47833AEC9EA8A257F3C6F13 ] \Device\Harddisk0\DR0\Partition1
11:44:24.0786 4384 \Device\Harddisk0\DR0\Partition1 - ok
11:44:24.0800 4384 [ BCED268BA21DE07C2F04F7CAEE643EB5 ] \Device\Harddisk0\DR0\Partition2
11:44:24.0800 4384 \Device\Harddisk0\DR0\Partition2 - ok
11:44:24.0812 4384 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
11:44:24.0812 4384 \Device\Harddisk0\DR0\Partition3 - ok
11:44:24.0824 4384 [ 9265073686BCEA58564D3659C1737801 ] \Device\Harddisk0\DR0\Partition4
11:44:24.0825 4384 \Device\Harddisk0\DR0\Partition4 - ok
11:44:24.0853 4384 [ CE0A8E3DDEF229BE6C7A133F5E6AB513 ] \Device\Harddisk0\DR0\Partition5
11:44:24.0854 4384 \Device\Harddisk0\DR0\Partition5 - ok
11:44:24.0866 4384 [ 3822F37177A8246D942268E2484E6CC7 ] \Device\Harddisk0\DR0\Partition6
11:44:24.0866 4384 \Device\Harddisk0\DR0\Partition6 - ok
11:44:24.0867 4384 ================================================== ==========
11:44:24.0867 4384 Scan finished
11:44:24.0867 4384 ================================================== ==========
11:44:24.0876 5324 Detected object count: 2
11:44:24.0876 5324 Actual detected object count: 2
11:45:18.0465 5324 IAStorDataMgrSvc ( UnsignedFile****lti.Generic ) - skipped by user
11:45:18.0466 5324 IAStorDataMgrSvc ( UnsignedFile****lti.Generic ) - User select action: Skip
11:45:18.0466 5324 ZAtheros Bt and Wlan Coex Agent ( UnsignedFile****lti.Generic ) - skipped by user
11:45:18.0466 5324 ZAtheros Bt and Wlan Coex Agent ( UnsignedFile****lti.Generic ) - User select action: Skip

I actually think I have have prevented the homepage hijacking but I'm not sure if there are going to be traces left on the laptop that will cause it to come back again.

Any help much appreciated.

Last edited by 42Carrotplonker; 03-07-2013 at 08:01 AM. Reason: No it's not fixed :(

03-07-2013 , 12:27 PM

#168

n00b590

adept

Join Date: Jun 2010 Posts: 978

Reinstall Windows.

03-07-2013 , 01:29 PM

#169

42Carrotplonker

newbie

Join Date: Aug 2011 Posts: 26

LOL, yes I just decided to do that. Simples.

05-23-2013 , 06:54 AM

#170

Gasoline

journeyman

Join Date: Feb 2005 Posts: 320

The problem with doing this is that when I create a Standard user account I lose all the programs that were installed in the admin account, they can still be accessed but I have to reconfigure them all over again. I also lose the desktop layout, my shortcuts, etc, etc

Is there a way to make a copy of the admin account to a user account without passing admin rights? Spending hours reconfiguring everything might sound like fun to a security nerd but it kills the productivity of anyone serious about using the computer to work

05-23-2013 , 11:13 AM

#171

n00b590

adept

Join Date: Jun 2010 Posts: 978

Quote:

Originally Posted by Gasoline

You can create a new admin account, then just nerf the old admin account to standard and keep using it without needing to change anything else.

Edit: Which is exactly what wellju describes doing in the OP - learn how to read.

05-24-2013 , 05:36 PM

#172

UbinTook

veteran

Join Date: Jan 2007 Posts: 2,745

current situation, Windows vista machine has one account that was created as administrator. I want keep that account, but downgrade it to standard user for protection as recommended.
So, my plan was this:
User current account to create an Administrator account.
Use the new administrator account to downgrade old account to standard user.
Will that work?
Will the new admin account then have access/be able to modify everything/programs already installed on the current, soon to be standard user account?

06-01-2013 , 09:45 AM

#173

muttiah

Carpal \'Tunnel

Join Date: Aug 2004 Posts: 25,021

The actual 30 second setup is

1) Install Sandboxie

2) Install Firefox/Chrome in Sandboxie

09-05-2013 , 08:34 PM

#174

AAsnapfold

journeyman

Join Date: Aug 2009 Posts: 220

think i might have asked question ages ago in this thread.
Can't find it now.

09-27-2013 , 08:56 AM

#175

TexDanny

journeyman

Join Date: Jan 2007 Posts: 245

is anyone succesfully playing poker running windows 8 as an user account without admin rights? I've failed many times trying to run windows with an user account, I'm always running into the same problems:

- Some applications don't work properly, even when I take the time to pretty much give admin rights to all files in the program's folder - This is what eventually forced me to go back to an administrator account to play poker

- Typing the administrator password 5k times/day - The myth of 'setting one program to run as admin under properties menu and never be asked again your administrator password when launching the application' has been eluding me forever...

Page 7 of 10

First

2 3 4 5 6 7 8 9 10

Last

Closed Thread Subscribe

...

Page 7 of 10

First

2 3 4 5 6 7 8 9 10

Last