Multiple instances of iexplorer appearing in task manager taking up large amounts of CPU/Windows 7

Solved
By BurtonGuster
May 20, 2014
  1. I came home after being away at work to find my computer being bogged down by multiple instances of iexplorer.exe in my task manager (despite internet explorer not being open. I asked my mom, who used my computer while I was away, what was up and she said that avg had found a trojan which she had removed.
    I also notices that before iexplorer appears in my task manager, 4 instances of "ctfmon.exe" appear followed by "dllhost.exe" the description reads "COM Surrogate". Things seem not good for my computers situation. I noticed this board happens to have a few related issues that I hope have been resolved.

    This is the only log MBAM gave me:

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 5/20/2014
    Scan Time: 5:21:00 PM
    Logfile: .txt
    Administrator: Yes

    Version: 2.00.1.1004
    Malware Database: v2014.05.20.11
    Rootkit Database: v2014.03.27.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Chameleon: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Will

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 378024
    Time Elapsed: 16 min, 44 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Shuriken: Enabled
    PUP: Warn
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)
  2. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    Welcome aboard [​IMG]

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
  3. BurtonGuster

    BurtonGuster Newcomer, in training Topic Starter Posts: 23

    Sorry I got so befuddled with these iexplorer processes I forgot the dds.

    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Enterprise
    Boot Device: \Device\HarddiskVolume1
    Install Date: 10/17/2010 7:26:09 PM
    System Uptime: 5/20/2014 4:50:56 PM (1 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. | | P7P55D EVO
    Processor: Intel(R) Core(TM) i5 CPU 760 @ 2.80GHz | LGA1156 | 2801/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 931 GiB total, 13.741 GiB free.
    D: is CDROM ()
    E: is CDROM ()
    F: is CDROM (CDFS)
    G: is FIXED (NTFS) - 1863 GiB total, 1100.116 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Description: Logitech Mic (Webcam 250)
    Device ID: USB\VID_046D&PID_0804&MI_02\7&182EB85&0&0002
    Manufacturer: Logitech
    Name: Logitech Mic (Webcam 250)
    PNP Device ID: USB\VID_046D&PID_0804&MI_02\7&182EB85&0&0002
    Service: usbaudio
    .
    ==== System Restore Points ===================
    .
    RP475: 5/18/2014 3:52:59 AM - Configured Platform
    RP476: 5/18/2014 7:20:16 PM - Windows Modules Installer
    RP477: 5/18/2014 8:15:01 PM - BeforeComboFix
    RP478: 5/18/2014 8:19:48 PM - Removed AVG 2014
    RP479: 5/18/2014 8:26:12 PM - Removed AVG 2014
    RP480: 5/20/2014 4:40:06 PM - Restore Operation
    RP481: 5/20/2014 4:58:25 PM - Windows Update
    .
    ==== Image File Execution Options =============
    .
    .
    ==== Installed Programs ======================
    .
    .
    ==== End Of File ===========================
  4. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    DDS produces two logs, DDS.txt and Attach.txt.
    You posted only the latter one.
  5. BurtonGuster

    BurtonGuster Newcomer, in training Topic Starter Posts: 23

    It said "dds has created one log file. 1.attach.txt (must be zipped then attached to your forum post.)" :oops: Where would the DDS.txt be?
  6. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    Download TDSSKiller and save it to your desktop.
    • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  7. BurtonGuster

    BurtonGuster Newcomer, in training Topic Starter Posts: 23

    19:33:03.0705 0x1ef4 TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
    19:33:15.0093 0x1ef4 ============================================================
    19:33:15.0093 0x1ef4 Current date / time: 2014/05/20 19:33:15.0093
    19:33:15.0093 0x1ef4 SystemInfo:
    19:33:15.0093 0x1ef4
    19:33:15.0093 0x1ef4 OS Version: 6.1.7601 ServicePack: 1.0
    19:33:15.0093 0x1ef4 Product type: Workstation
    19:33:15.0093 0x1ef4 ComputerName: GLADOS
    19:33:15.0093 0x1ef4 UserName: Will
    19:33:15.0093 0x1ef4 Windows directory: C:\Windows
    19:33:15.0093 0x1ef4 System windows directory: C:\Windows
    19:33:15.0093 0x1ef4 Running under WOW64
    19:33:15.0093 0x1ef4 Processor architecture: Intel x64
    19:33:15.0093 0x1ef4 Number of processors: 4
    19:33:15.0094 0x1ef4 Page size: 0x1000
    19:33:15.0094 0x1ef4 Boot type: Normal boot
    19:33:15.0094 0x1ef4 ============================================================
    19:33:19.0086 0x1ef4 KLMD registered as C:\Windows\system32\drivers\17952277.sys
    19:33:19.0204 0x1ef4 System UUID: {B1F902EC-E177-4005-D4D7-086C7DA75EE7}
    19:33:19.0830 0x1ef4 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    19:33:20.0061 0x1ef4 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    19:33:20.0072 0x1ef4 ============================================================
    19:33:20.0072 0x1ef4 \Device\Harddisk0\DR0:
    19:33:20.0072 0x1ef4 MBR partitions:
    19:33:20.0072 0x1ef4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    19:33:20.0072 0x1ef4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
    19:33:20.0072 0x1ef4 \Device\Harddisk1\DR1:
    19:33:20.0073 0x1ef4 MBR partitions:
    19:33:20.0073 0x1ef4 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
    19:33:20.0073 0x1ef4 ============================================================
    19:33:20.0098 0x1ef4 C: <-> \Device\Harddisk0\DR0\Partition2
    19:33:20.0123 0x1ef4 G: <-> \Device\Harddisk1\DR1\Partition1
    19:33:20.0123 0x1ef4 ============================================================
    19:33:20.0123 0x1ef4 Initialize success
    19:33:20.0123 0x1ef4 ============================================================
    19:33:40.0314 0x1a00 ============================================================
    19:33:40.0314 0x1a00 Scan started
    19:33:40.0314 0x1a00 Mode: Manual;
    19:33:40.0314 0x1a00 ============================================================
    19:33:40.0314 0x1a00 KSN ping started
    19:33:42.0931 0x1a00 KSN ping finished: true
    19:33:46.0705 0x1a00 ================ Scan system memory ========================
    19:33:46.0705 0x1a00 System memory - ok
    19:33:46.0706 0x1a00 ================ Scan services =============================
    19:33:46.0823 0x1a00 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    19:33:46.0830 0x1a00 1394ohci - ok
    19:33:46.0911 0x1a00 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    19:33:46.0933 0x1a00 ACPI - ok
    19:33:47.0017 0x1a00 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    19:33:47.0046 0x1a00 AcpiPmi - ok
    19:33:47.0181 0x1a00 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    19:33:47.0184 0x1a00 AdobeARMservice - ok
    19:33:47.0288 0x1a00 [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    19:33:47.0296 0x1a00 AdobeFlashPlayerUpdateSvc - ok
    19:33:47.0349 0x1a00 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
    19:33:47.0361 0x1a00 adp94xx - ok
    19:33:47.0381 0x1a00 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
    19:33:47.0390 0x1a00 adpahci - ok
    19:33:47.0405 0x1a00 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
    19:33:47.0411 0x1a00 adpu320 - ok
    19:33:47.0440 0x1a00 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    19:33:47.0442 0x1a00 AeLookupSvc - ok
    19:33:47.0514 0x1a00 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
    19:33:47.0528 0x1a00 AFD - ok
    19:33:47.0559 0x1a00 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
    19:33:47.0561 0x1a00 agp440 - ok
    19:33:47.0576 0x1a00 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
    19:33:47.0579 0x1a00 ALG - ok
    19:33:47.0615 0x1a00 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
    19:33:47.0631 0x1a00 aliide - ok
    19:33:47.0670 0x1a00 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
    19:33:47.0671 0x1a00 amdide - ok
    19:33:47.0705 0x1a00 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
    19:33:47.0707 0x1a00 AmdK8 - ok
    19:33:47.0717 0x1a00 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
    19:33:47.0719 0x1a00 AmdPPM - ok
    19:33:47.0756 0x1a00 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    19:33:47.0759 0x1a00 amdsata - ok
    19:33:47.0778 0x1a00 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
    19:33:47.0783 0x1a00 amdsbs - ok
    19:33:47.0793 0x1a00 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
    19:33:47.0794 0x1a00 amdxata - ok
    19:33:47.0827 0x1a00 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
    19:33:47.0829 0x1a00 AppID - ok
    19:33:47.0841 0x1a00 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    19:33:47.0842 0x1a00 AppIDSvc - ok
    19:33:47.0885 0x1a00 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
    19:33:47.0888 0x1a00 Appinfo - ok
    19:33:47.0980 0x1a00 [ D8E18021F91AD79CA8491CB5A5DA22D4, F44B5855BE8EF2D5FFED41E6E586071B0A90A8271FF79DF25F11C99C0B5481FF ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    19:33:47.0982 0x1a00 Apple Mobile Device - ok
    19:33:48.0031 0x1a00 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
    19:33:48.0037 0x1a00 AppMgmt - ok
    19:33:48.0051 0x1a00 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
    19:33:48.0054 0x1a00 arc - ok
    19:33:48.0069 0x1a00 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
    19:33:48.0072 0x1a00 arcsas - ok
    19:33:48.0107 0x1a00 [ 68726474C69B738EAC3A62E06B33ADDC, C470C9DB58840149CE002F3E6003382ECF740884A683BAE8F9D10831BE218FA2 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
    19:33:48.0108 0x1a00 AsIO - ok
    19:33:48.0224 0x1a00 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    19:33:48.0226 0x1a00 aspnet_state - ok
    19:33:48.0247 0x1a00 [ 798A87B2D7AD73B16B7CD968C5D1F18F, A2C1567D7BCF1280FDD827D25D4996FB55B3F2983C300BB91F3A96A3A8603446 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
    19:33:48.0250 0x1a00 AsSysCtrlService - ok
    19:33:48.0284 0x1a00 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    19:33:48.0286 0x1a00 AsyncMac - ok
    19:33:48.0321 0x1a00 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
    19:33:48.0322 0x1a00 atapi - ok
    19:33:48.0380 0x1a00 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    19:33:48.0405 0x1a00 AudioEndpointBuilder - ok
    19:33:48.0426 0x1a00 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
    19:33:48.0440 0x1a00 AudioSrv - ok
    19:33:48.0526 0x1a00 [ 2D5E8A35808FDA50274CFD22000DAB53, 3C11CCD0162DD5D036527D7DBEC8159CCB60E84C16F9ADA84773EC3302BEB4A5 ] Avgdiska C:\Windows\system32\DRIVERS\avgdiska.sys
    19:33:48.0529 0x1a00 Avgdiska - ok
    19:33:48.0703 0x1a00 [ 7645B56EE79C68DFE19298BD531A66A3, 4FB045E7B947A4C9D7FA0EADE0BBC2C14F55BF1B660D8BA7D479935D74A9F5E7 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
    19:33:48.0804 0x1a00 AVGIDSAgent - ok
    19:33:48.0830 0x1a00 [ E92276DB995B7E75DA9B9DD271058A8E, FFEC1ECE3ED25D8D757765452035369BBD45A0C158747C826D1696A2E3B38903 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
    19:33:48.0835 0x1a00 AVGIDSDriver - ok
    19:33:48.0876 0x1a00 [ F6CE2F1B6E890FB5EBC04A11A2E31DC1, 7F1442D6EDF18D089C7DBB00AF03BB4376A59006187D29D05402B2830E84F7E7 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
    19:33:48.0881 0x1a00 AVGIDSHA - ok
    19:33:48.0908 0x1a00 [ B323DE78E0C75F3605C7A200F3CF350F, 1CBBB65E9E91E0C787530B6B21D89771083C20604E6F8447FAA9BC5FAE1CA895 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
    19:33:48.0913 0x1a00 Avgldx64 - ok
    19:33:48.0941 0x1a00 [ 6E381AFF06BC6ABFAEF70405014D7A37, 887D6B766E27B18406BA30C02F46B5015A4BF9C9947462F75D87956BA4F61745 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
    19:33:48.0949 0x1a00 Avgloga - ok
    19:33:48.0972 0x1a00 [ DBFB9BEAE2816FDB4B4EF8C89AFA3DF0, 840C5015960904090298D820F526A1A333A4E88C56FA932D1E80F10BF62040E4 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
    19:33:48.0975 0x1a00 Avgmfx64 - ok
    19:33:49.0005 0x1a00 [ 9C6CD518AE78D532FB33240DE11C765D, 3532FB7D5434A5488C7513105B51734A27C1D95C8A7ADF1A5DE18A35FE8CE5A6 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
    19:33:49.0006 0x1a00 Avgrkx64 - ok
    19:33:49.0035 0x1a00 [ F86A506DA0BF61402E19DB8AF0684C9A, A4AB8FE25B3A27E7351ABFF6A8B7120C722E797BE38708A1C5E38211672C6AE8 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
    19:33:49.0040 0x1a00 Avgtdia - ok
    19:33:49.0076 0x1a00 [ DBAEB3D23C653018629A76E53260E122, DF402D83206EDA77818D3B59456240E66C69D307FCC7419354BF363413BC7963 ] avgwd C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
    19:33:49.0083 0x1a00 avgwd - ok
    19:33:49.0120 0x1a00 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
    19:33:49.0124 0x1a00 AxInstSV - ok
    19:33:49.0150 0x1a00 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
    19:33:49.0162 0x1a00 b06bdrv - ok
    19:33:49.0211 0x1a00 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    19:33:49.0217 0x1a00 b57nd60a - ok
    19:33:49.0231 0x1a00 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
    19:33:49.0234 0x1a00 BDESVC - ok
    19:33:49.0246 0x1a00 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
    19:33:49.0247 0x1a00 Beep - ok
    19:33:49.0310 0x1a00 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
    19:33:49.0335 0x1a00 BFE - ok
    19:33:49.0396 0x1a00 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
    19:33:49.0428 0x1a00 BITS - ok
    19:33:49.0442 0x1a00 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    19:33:49.0443 0x1a00 blbdrive - ok
    19:33:49.0528 0x1a00 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    19:33:49.0539 0x1a00 Bonjour Service - ok
    19:33:49.0570 0x1a00 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    19:33:49.0572 0x1a00 bowser - ok
    19:33:49.0589 0x1a00 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
    19:33:49.0591 0x1a00 BrFiltLo - ok
    19:33:49.0598 0x1a00 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
    19:33:49.0599 0x1a00 BrFiltUp - ok
    19:33:49.0641 0x1a00 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
    19:33:49.0651 0x1a00 Browser - ok
    19:33:49.0673 0x1a00 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    19:33:49.0681 0x1a00 Brserid - ok
    19:33:49.0697 0x1a00 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    19:33:49.0699 0x1a00 BrSerWdm - ok
    19:33:49.0716 0x1a00 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    19:33:49.0717 0x1a00 BrUsbMdm - ok
    19:33:49.0726 0x1a00 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    19:33:49.0727 0x1a00 BrUsbSer - ok
    19:33:49.0738 0x1a00 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
    19:33:49.0740 0x1a00 BTHMODEM - ok
    19:33:49.0763 0x1a00 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
    19:33:49.0766 0x1a00 bthserv - ok
    19:33:49.0908 0x1a00 [ 72551A9AE5F68905DFC3CBA0D5242566, 15C273519C3AD1B2AF68F669125AFE607A86A60D680E299631D5E893C3CAA7E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    19:33:49.0966 0x1a00 c2cautoupdatesvc - ok
    19:33:50.0068 0x1a00 [ 6B669A00A431FF6CDCE67458933F5F0F, 81419EB18BB4EB96E48C99A1D45B0267E779E135427B3AEC872A1A5DD810B23F ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    19:33:50.0133 0x1a00 c2cpnrsvc - ok
    19:33:50.0170 0x1a00 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    19:33:50.0173 0x1a00 cdfs - ok
    19:33:50.0218 0x1a00 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
    19:33:50.0222 0x1a00 cdrom - ok
    19:33:50.0265 0x1a00 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
    19:33:50.0268 0x1a00 CertPropSvc - ok
    19:33:50.0287 0x1a00 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
    19:33:50.0289 0x1a00 circlass - ok
    19:33:50.0334 0x1a00 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
    19:33:50.0342 0x1a00 CLFS - ok
    19:33:50.0394 0x1a00 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    19:33:50.0396 0x1a00 clr_optimization_v2.0.50727_32 - ok
    19:33:50.0430 0x1a00 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    19:33:50.0433 0x1a00 clr_optimization_v2.0.50727_64 - ok
    19:33:50.0516 0x1a00 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    19:33:50.0519 0x1a00 clr_optimization_v4.0.30319_32 - ok
    19:33:50.0554 0x1a00 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    19:33:50.0558 0x1a00 clr_optimization_v4.0.30319_64 - ok
    19:33:50.0572 0x1a00 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    19:33:50.0573 0x1a00 CmBatt - ok
    19:33:50.0601 0x1a00 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
    19:33:50.0602 0x1a00 cmdide - ok
    19:33:50.0645 0x1a00 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
    19:33:50.0657 0x1a00 CNG - ok
    19:33:50.0698 0x1a00 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    19:33:50.0699 0x1a00 Compbatt - ok
    19:33:50.0732 0x1a00 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    19:33:50.0734 0x1a00 CompositeBus - ok
    19:33:50.0739 0x1a00 COMSysApp - ok
    19:33:50.0750 0x1a00 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
    19:33:50.0751 0x1a00 crcdisk - ok
    19:33:50.0801 0x1a00 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
    19:33:50.0806 0x1a00 CryptSvc - ok
    19:33:50.0846 0x1a00 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
    19:33:50.0858 0x1a00 CSC - ok
    19:33:50.0921 0x1a00 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
    19:33:50.0947 0x1a00 CscService - ok
    19:33:50.0977 0x1a00 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
    19:33:50.0991 0x1a00 DcomLaunch - ok
    19:33:51.0021 0x1a00 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
    19:33:51.0028 0x1a00 defragsvc - ok
    19:33:51.0134 0x1a00 [ 2B9A817DC1BDAD9CE5495099B6A7136A, 6D040069C6CD249A4113E4BDD16658D02685F6018F804654934A03F5E2D161A8 ] Desura Install Service C:\Program Files (x86)\Common Files\Desura\desura_service.exe
    19:33:51.0137 0x1a00 Desura Install Service - ok
    19:33:51.0171 0x1a00 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    19:33:51.0174 0x1a00 DfsC - ok
    19:33:51.0211 0x1a00 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
    19:33:51.0219 0x1a00 Dhcp - ok
    19:33:51.0232 0x1a00 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
    19:33:51.0234 0x1a00 discache - ok
    19:33:51.0250 0x1a00 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
    19:33:51.0252 0x1a00 Disk - ok
    19:33:51.0286 0x1a00 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    19:33:51.0292 0x1a00 Dnscache - ok
    19:33:51.0325 0x1a00 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
    19:33:51.0332 0x1a00 dot3svc - ok
    19:33:51.0362 0x1a00 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
    19:33:51.0367 0x1a00 DPS - ok
    19:33:51.0408 0x1a00 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    19:33:51.0409 0x1a00 drmkaud - ok
    19:33:51.0479 0x1a00 [ E5B95C75557120881076C45CD146D72C, C4107822D70057C0A1EC41208D88550DDFAAA741395DF38A7E20E47316C6A1B5 ] DvmMDES C:\ASUS.SYS\config\DVMExportService.exe
    19:33:51.0488 0x1a00 DvmMDES - ok
    19:33:51.0550 0x1a00 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    19:33:51.0575 0x1a00 DXGKrnl - ok
    19:33:51.0580 0x1a00 EagleX64 - ok
    19:33:51.0598 0x1a00 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
    19:33:51.0601 0x1a00 EapHost - ok
    19:33:51.0732 0x1a00 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
    19:33:51.0829 0x1a00 ebdrv - ok
    19:33:51.0876 0x1a00 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
    19:33:51.0878 0x1a00 EFS - ok
    19:33:51.0913 0x1a00 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    19:33:51.0929 0x1a00 ehRecvr - ok
    19:33:51.0977 0x1a00 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
    19:33:51.0980 0x1a00 ehSched - ok
    19:33:51.0986 0x1a00 EIO64 - ok
    19:33:52.0045 0x1a00 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
    19:33:52.0070 0x1a00 elxstor - ok
    19:33:52.0358 0x1a00 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
    19:33:52.0360 0x1a00 ErrDev - ok
    19:33:52.0466 0x1a00 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
    19:33:52.0495 0x1a00 EventSystem - ok
    19:33:52.0515 0x1a00 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
    19:33:52.0521 0x1a00 exfat - ok
    19:33:52.0538 0x1a00 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
    19:33:52.0544 0x1a00 fastfat - ok
    19:33:52.0602 0x1a00 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
    19:33:52.0626 0x1a00 Fax - ok
    19:33:52.0636 0x1a00 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
    19:33:52.0638 0x1a00 fdc - ok
    19:33:52.0650 0x1a00 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
    19:33:52.0651 0x1a00 fdPHost - ok
    19:33:52.0668 0x1a00 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
    19:33:52.0670 0x1a00 FDResPub - ok
    19:33:52.0688 0x1a00 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    19:33:52.0690 0x1a00 FileInfo - ok
    19:33:52.0699 0x1a00 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    19:33:52.0700 0x1a00 Filetrace - ok
    19:33:52.0713 0x1a00 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
    19:33:52.0714 0x1a00 flpydisk - ok
    19:33:52.0760 0x1a00 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    19:33:52.0767 0x1a00 FltMgr - ok
    19:33:52.0833 0x1a00 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
    19:33:52.0873 0x1a00 FontCache - ok
    19:33:52.0915 0x1a00 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    19:33:52.0917 0x1a00 FontCache3.0.0.0 - ok
    19:33:52.0927 0x1a00 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    19:33:52.0929 0x1a00 FsDepends - ok
    19:33:52.0963 0x1a00 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    19:33:52.0965 0x1a00 Fs_Rec - ok
    19:33:53.0016 0x1a00 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    19:33:53.0022 0x1a00 fvevol - ok
    19:33:53.0039 0x1a00 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
    19:33:53.0041 0x1a00 gagp30kx - ok
    19:33:53.0070 0x1a00 [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    19:33:53.0071 0x1a00 GEARAspiWDM - ok
    19:33:53.0126 0x1a00 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
    19:33:53.0152 0x1a00 gpsvc - ok
    19:33:53.0208 0x1a00 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    19:33:53.0211 0x1a00 gupdate - ok
    19:33:53.0232 0x1a00 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    19:33:53.0234 0x1a00 gupdatem - ok
    19:33:53.0258 0x1a00 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    19:33:53.0262 0x1a00 gusvc - ok
    19:33:53.0267 0x1a00 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    19:33:53.0269 0x1a00 hcw85cir - ok
    19:33:53.0322 0x1a00 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    19:33:53.0330 0x1a00 HdAudAddService - ok
    19:33:53.0363 0x1a00 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
    19:33:53.0366 0x1a00 HDAudBus - ok
    19:33:53.0383 0x1a00 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
    19:33:53.0385 0x1a00 HidBatt - ok
    19:33:53.0398 0x1a00 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
    19:33:53.0401 0x1a00 HidBth - ok
    19:33:53.0418 0x1a00 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
    19:33:53.0420 0x1a00 HidIr - ok
    19:33:53.0440 0x1a00 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
    19:33:53.0442 0x1a00 hidserv - ok
    19:33:53.0461 0x1a00 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
    19:33:53.0462 0x1a00 HidUsb - ok
    19:33:53.0500 0x1a00 [ 82B2A78BCA8CA0B63BF09005783C6548, 56BE78B2B7F3EF80380D48F266763DF2035348C5DD4D7A7FE4E7452A8824299E ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    19:33:53.0500 0x1a00 HiPatchService - ok
    19:33:53.0533 0x1a00 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
    19:33:53.0536 0x1a00 hkmsvc - ok
    19:33:53.0573 0x1a00 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    19:33:53.0579 0x1a00 HomeGroupListener - ok
    19:33:53.0597 0x1a00 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    19:33:53.0603 0x1a00 HomeGroupProvider - ok
    19:33:53.0618 0x1a00 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    19:33:53.0655 0x1a00 HpSAMD - ok
    19:33:53.0719 0x1a00 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    19:33:53.0749 0x1a00 HTTP - ok
    19:33:53.0789 0x1a00 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    19:33:53.0790 0x1a00 hwpolicy - ok
    19:33:53.0831 0x1a00 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    19:33:53.0834 0x1a00 i8042prt - ok
    19:33:53.0877 0x1a00 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    19:33:53.0887 0x1a00 iaStorV - ok
    19:33:53.0932 0x1a00 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    19:33:53.0935 0x1a00 IDriverT - ok
    19:33:53.0986 0x1a00 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    19:33:54.0014 0x1a00 idsvc - ok
    19:33:54.0059 0x1a00 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
    19:33:54.0061 0x1a00 iirsp - ok
    19:33:54.0112 0x1a00 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
    19:33:54.0138 0x1a00 IKEEXT - ok
    19:33:54.0178 0x1a00 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
    19:33:54.0179 0x1a00 intelide - ok
    19:33:54.0216 0x1a00 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    19:33:54.0217 0x1a00 intelppm - ok
    19:33:54.0297 0x1a00 [ 1A263BD87C082FA7AB38093014C8FC79, AC056DBA008D4909AE7D219FB624B243FD15F6451B91387CE9B4D4B3E0364C85 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    19:33:54.0298 0x1a00 IntuitUpdateService - ok
    19:33:54.0312 0x1a00 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    19:33:54.0315 0x1a00 IPBusEnum - ok
    19:33:54.0354 0x1a00 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    19:33:54.0357 0x1a00 IpFilterDriver - ok
    19:33:54.0408 0x1a00 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    19:33:54.0422 0x1a00 iphlpsvc - ok
    19:33:54.0456 0x1a00 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    19:33:54.0459 0x1a00 IPMIDRV - ok
    19:33:54.0474 0x1a00 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    19:33:54.0478 0x1a00 IPNAT - ok
    19:33:54.0536 0x1a00 [ 3C0D4B3E80FC4854CA325DD123CC4DED, 737583FED3AC701D7CF9E3FC8136857B0FEBB5D41C1FBD64749912983F8804FB ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    19:33:54.0562 0x1a00 iPod Service - ok
    19:33:54.0596 0x1a00 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
    19:33:54.0597 0x1a00 IRENUM - ok
    19:33:54.0626 0x1a00 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    19:33:54.0628 0x1a00 isapnp - ok
    19:33:54.0663 0x1a00 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    19:33:54.0670 0x1a00 iScsiPrt - ok
    19:33:54.0711 0x1a00 [ 2224ABC439D115A44EDB5630A92C1D7E, CF671EB750BED713B39EE5C26F6C138FA326C6A2DBE7E09AD30CED715CC55798 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
    19:33:54.0714 0x1a00 JRAID - ok
    19:33:54.0723 0x1a00 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    19:33:54.0725 0x1a00 kbdclass - ok
    19:33:54.0734 0x1a00 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
    19:33:54.0736 0x1a00 kbdhid - ok
    19:33:54.0743 0x1a00 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
    19:33:54.0745 0x1a00 KeyIso - ok
    19:33:54.0780 0x1a00 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    19:33:54.0783 0x1a00 KSecDD - ok
    19:33:54.0813 0x1a00 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    19:33:54.0817 0x1a00 KSecPkg - ok
    19:33:54.0831 0x1a00 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    19:33:54.0832 0x1a00 ksthunk - ok
    19:33:54.0856 0x1a00 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
    19:33:54.0866 0x1a00 KtmRm - ok
    19:33:54.0905 0x1a00 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
    19:33:54.0912 0x1a00 LanmanServer - ok
    19:33:54.0943 0x1a00 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    19:33:54.0948 0x1a00 LanmanWorkstation - ok
    19:33:54.0964 0x1a00 libusb0 - ok
  8. BurtonGuster

    BurtonGuster Newcomer, in training Topic Starter Posts: 23

    19:33:54.0991 0x1a00 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    19:33:54.0993 0x1a00 lltdio - ok
    19:33:55.0017 0x1a00 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
    19:33:55.0025 0x1a00 lltdsvc - ok
    19:33:55.0030 0x1a00 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
    19:33:55.0032 0x1a00 lmhosts - ok
    19:33:55.0056 0x1a00 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
    19:33:55.0060 0x1a00 LSI_FC - ok
    19:33:55.0076 0x1a00 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
    19:33:55.0079 0x1a00 LSI_SAS - ok
    19:33:55.0102 0x1a00 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
    19:33:55.0104 0x1a00 LSI_SAS2 - ok
    19:33:55.0128 0x1a00 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
    19:33:55.0131 0x1a00 LSI_SCSI - ok
    19:33:55.0148 0x1a00 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
    19:33:55.0151 0x1a00 luafv - ok
    19:33:55.0185 0x1a00 [ B2085E335F2B57077B0CBADB6F1245CD, 69C81753B2ABAE8C89CEDADFCB73FB332E5FCD555576959AD412BF036EC9E343 ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
    19:33:55.0192 0x1a00 lvpopf64 - ok
    19:33:55.0214 0x1a00 [ DED333DBDBBCC3555A6E6244522E2F1A, 6909875090A9013685BA16EAAC666C173F138F0AF7172A40E746E6EFDE02D133 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
    19:33:55.0215 0x1a00 LVPr2M64 - ok
    19:33:55.0221 0x1a00 [ DED333DBDBBCC3555A6E6244522E2F1A, 6909875090A9013685BA16EAAC666C173F138F0AF7172A40E746E6EFDE02D133 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
    19:33:55.0222 0x1a00 LVPr2Mon - ok
    19:33:55.0280 0x1a00 [ A35679E56E78091E1042A2D7ADBF2958, F2282B697DCDD5767F65D99FEA374D3757C6133D42BD5A9C582C217619213290 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    19:33:55.0285 0x1a00 LVPrcS64 - ok
    19:33:55.0306 0x1a00 [ 986C1CB787A007BAA5F74E7D316D7246, 8846D5FF09A669816F57C98507FBCBE60F770B22BC784269765E46B36EE38D9D ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
    19:33:55.0315 0x1a00 LVRS64 - ok
    19:33:55.0500 0x1a00 [ 5747BC465ABEA2858C5D037252AED84E, 1D62E05ED1D3265FEFDD02C8653B2901B05994091F1D417632E2FBF053C5D451 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
    19:33:55.0630 0x1a00 LVUVC64 - ok
    19:33:55.0687 0x1a00 [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
    19:33:55.0690 0x1a00 MBAMSwissArmy - ok
    19:33:55.0742 0x1a00 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF, 2722E217AF11F928E58F694E5C1CC5776283A56C54E7F84401FECFBD73E91EBA ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
    19:33:55.0748 0x1a00 mcdbus - ok
    19:33:55.0787 0x1a00 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    19:33:55.0790 0x1a00 Mcx2Svc - ok
    19:33:55.0802 0x1a00 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
    19:33:55.0803 0x1a00 megasas - ok
    19:33:55.0824 0x1a00 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
    19:33:55.0831 0x1a00 MegaSR - ok
    19:33:55.0888 0x1a00 Microsoft SharePoint Workspace Audit Service - ok
    19:33:55.0907 0x1a00 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
    19:33:55.0909 0x1a00 MMCSS - ok
    19:33:55.0922 0x1a00 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
    19:33:55.0924 0x1a00 Modem - ok
    19:33:55.0933 0x1a00 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    19:33:55.0934 0x1a00 monitor - ok
    19:33:55.0971 0x1a00 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    19:33:55.0972 0x1a00 mouclass - ok
    19:33:55.0989 0x1a00 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    19:33:55.0991 0x1a00 mouhid - ok
    19:33:56.0023 0x1a00 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    19:33:56.0025 0x1a00 mountmgr - ok
    19:33:56.0080 0x1a00 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8, E9D1430C7C9199AECDF75B974E686B36E72F458FE398A0338D9D42F3BA76C399 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    19:33:56.0084 0x1a00 MozillaMaintenance - ok
    19:33:56.0121 0x1a00 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
    19:33:56.0126 0x1a00 mpio - ok
    19:33:56.0209 0x1a00 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    19:33:56.0211 0x1a00 mpsdrv - ok
    19:33:56.0265 0x1a00 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
    19:33:56.0290 0x1a00 MpsSvc - ok
    19:33:56.0332 0x1a00 MREMP50 - ok
    19:33:56.0357 0x1a00 MREMP50a64 - ok
    19:33:56.0361 0x1a00 MRESP50 - ok
    19:33:56.0398 0x1a00 MRESP50a64 - ok
    19:33:56.0453 0x1a00 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    19:33:56.0457 0x1a00 MRxDAV - ok
    19:33:56.0490 0x1a00 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    19:33:56.0494 0x1a00 mrxsmb - ok
    19:33:56.0530 0x1a00 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    19:33:56.0537 0x1a00 mrxsmb10 - ok
    19:33:56.0548 0x1a00 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    19:33:56.0552 0x1a00 mrxsmb20 - ok
    19:33:56.0587 0x1a00 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
    19:33:56.0589 0x1a00 msahci - ok
    19:33:56.0610 0x1a00 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    19:33:56.0614 0x1a00 msdsm - ok
    19:33:56.0633 0x1a00 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
    19:33:56.0637 0x1a00 MSDTC - ok
    19:33:56.0662 0x1a00 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    19:33:56.0663 0x1a00 Msfs - ok
    19:33:56.0678 0x1a00 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    19:33:56.0679 0x1a00 mshidkmdf - ok
    19:33:56.0711 0x1a00 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    19:33:56.0712 0x1a00 msisadrv - ok
    19:33:56.0748 0x1a00 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    19:33:56.0752 0x1a00 MSiSCSI - ok
    19:33:56.0758 0x1a00 msiserver - ok
    19:33:56.0793 0x1a00 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    19:33:56.0794 0x1a00 MSKSSRV - ok
    19:33:56.0833 0x1a00 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    19:33:56.0834 0x1a00 MSPCLOCK - ok
    19:33:56.0848 0x1a00 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    19:33:56.0848 0x1a00 MSPQM - ok
    19:33:56.0883 0x1a00 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    19:33:56.0891 0x1a00 MsRPC - ok
    19:33:56.0900 0x1a00 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    19:33:56.0901 0x1a00 mssmbios - ok
    19:33:56.0916 0x1a00 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    19:33:56.0917 0x1a00 MSTEE - ok
    19:33:56.0933 0x1a00 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
    19:33:56.0934 0x1a00 MTConfig - ok
    19:33:56.0971 0x1a00 [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
    19:33:56.0972 0x1a00 MTsensor - ok
    19:33:56.0979 0x1a00 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
    19:33:56.0980 0x1a00 Mup - ok
    19:33:57.0050 0x1a00 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
    19:33:57.0063 0x1a00 napagent - ok
    19:33:57.0091 0x1a00 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    19:33:57.0099 0x1a00 NativeWifiP - ok
    19:33:57.0150 0x1a00 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
    19:33:57.0184 0x1a00 NDIS - ok
    19:33:57.0189 0x1a00 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    19:33:57.0191 0x1a00 NdisCap - ok
    19:33:57.0223 0x1a00 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    19:33:57.0224 0x1a00 NdisTapi - ok
    19:33:57.0265 0x1a00 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    19:33:57.0267 0x1a00 Ndisuio - ok
    19:33:57.0301 0x1a00 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    19:33:57.0305 0x1a00 NdisWan - ok
    19:33:57.0326 0x1a00 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    19:33:57.0328 0x1a00 NDProxy - ok
    19:33:57.0345 0x1a00 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    19:33:57.0346 0x1a00 NetBIOS - ok
    19:33:57.0386 0x1a00 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    19:33:57.0393 0x1a00 NetBT - ok
    19:33:57.0401 0x1a00 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
    19:33:57.0403 0x1a00 Netlogon - ok
    19:33:57.0428 0x1a00 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
    19:33:57.0439 0x1a00 Netman - ok
    19:33:57.0476 0x1a00 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    19:33:57.0480 0x1a00 NetMsmqActivator - ok
    19:33:57.0487 0x1a00 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    19:33:57.0490 0x1a00 NetPipeActivator - ok
    19:33:57.0535 0x1a00 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
    19:33:57.0549 0x1a00 netprofm - ok
    19:33:57.0556 0x1a00 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    19:33:57.0559 0x1a00 NetTcpActivator - ok
    19:33:57.0567 0x1a00 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    19:33:57.0570 0x1a00 NetTcpPortSharing - ok
    19:33:57.0582 0x1a00 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
    19:33:57.0584 0x1a00 nfrd960 - ok
    19:33:57.0649 0x1a00 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
    19:33:57.0657 0x1a00 NlaSvc - ok
    19:33:57.0673 0x1a00 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
    19:33:57.0674 0x1a00 Npfs - ok
    19:33:57.0680 0x1a00 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
    19:33:57.0682 0x1a00 nsi - ok
    19:33:57.0690 0x1a00 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    19:33:57.0691 0x1a00 nsiproxy - ok
    19:33:57.0770 0x1a00 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    19:33:57.0846 0x1a00 Ntfs - ok
    19:33:57.0851 0x1a00 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
    19:33:57.0852 0x1a00 Null - ok
    19:33:57.0907 0x1a00 [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
    19:33:57.0911 0x1a00 NVHDA - ok
    19:33:58.0323 0x1a00 [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
    19:33:58.0643 0x1a00 nvlddmkm - ok
    19:33:58.0773 0x1a00 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
    19:33:58.0777 0x1a00 nvraid - ok
    19:33:58.0795 0x1a00 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
    19:33:58.0800 0x1a00 nvstor - ok
    19:33:58.0850 0x1a00 [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc C:\Windows\system32\nvvsvc.exe
    19:33:58.0868 0x1a00 nvsvc - ok
    19:33:58.0988 0x1a00 [ AA130938A27BB80A8B6438EF83232275, 7C5A4863CD22413723C9F7658855E34088A2F89DF740531ED7986F67A30935E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    19:33:59.0030 0x1a00 nvUpdatusService - ok
    19:33:59.0059 0x1a00 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    19:33:59.0063 0x1a00 nv_agp - ok
    19:33:59.0088 0x1a00 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    19:33:59.0090 0x1a00 ohci1394 - ok
    19:33:59.0153 0x1a00 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    19:33:59.0156 0x1a00 ose - ok
    19:33:59.0319 0x1a00 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    19:33:59.0451 0x1a00 osppsvc - ok
    19:33:59.0485 0x1a00 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    19:33:59.0494 0x1a00 p2pimsvc - ok
    19:33:59.0515 0x1a00 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
    19:33:59.0525 0x1a00 p2psvc - ok
    19:33:59.0542 0x1a00 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
    19:33:59.0545 0x1a00 Parport - ok
    19:33:59.0579 0x1a00 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
    19:33:59.0581 0x1a00 partmgr - ok
    19:33:59.0600 0x1a00 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
    19:33:59.0605 0x1a00 PcaSvc - ok
    19:33:59.0701 0x1a00 [ BAE04007A679893E975A2B75E9E001E9, 53E425F714BB8196B59E7250F87E0D3FAE6650262EDF02F37BC4F9563F673B82 ] pcCMService C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
    19:33:59.0709 0x1a00 pcCMService - ok
    19:33:59.0758 0x1a00 [ 3BEA1D461531D1D26F5695BB9CA97A18, 0A8C742DA85CF598F2E6130F450E55933951D9B1F7BB1E8FAB2E9E2668483EF1 ] pcCMService64 C:\Program Files\Common Files\Motive\pcCMService.exe
    19:33:59.0768 0x1a00 pcCMService64 - ok
    19:33:59.0826 0x1a00 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
    19:33:59.0830 0x1a00 pci - ok
    19:33:59.0862 0x1a00 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
    19:33:59.0863 0x1a00 pciide - ok
    19:33:59.0881 0x1a00 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
    19:33:59.0886 0x1a00 pcmcia - ok
    19:33:59.0900 0x1a00 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
    19:33:59.0901 0x1a00 pcw - ok
    19:33:59.0927 0x1a00 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    19:33:59.0942 0x1a00 PEAUTH - ok
    19:34:00.0006 0x1a00 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
    19:34:00.0091 0x1a00 PeerDistSvc - ok
    19:34:00.0170 0x1a00 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
    19:34:00.0171 0x1a00 PerfHost - ok
    19:34:00.0263 0x1a00 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
    19:34:00.0306 0x1a00 pla - ok
    19:34:00.0365 0x1a00 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    19:34:00.0376 0x1a00 PlugPlay - ok
    19:34:00.0398 0x1a00 PnkBstrA - ok
    19:34:00.0416 0x1a00 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    19:34:00.0418 0x1a00 PNRPAutoReg - ok
    19:34:00.0435 0x1a00 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    19:34:00.0443 0x1a00 PNRPsvc - ok
    19:34:00.0473 0x1a00 [ B8D8EC78B0F9ED8E220506181274F3D3, D920277EE66AAAB6D66BF328DD5A40DDD8382BF4F331EAB398069EDB842FF18E ] Point64 C:\Windows\system32\DRIVERS\point64.sys
    19:34:00.0475 0x1a00 Point64 - ok
    19:34:00.0519 0x1a00 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    19:34:00.0554 0x1a00 PolicyAgent - ok
    19:34:00.0574 0x1a00 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
    19:34:00.0579 0x1a00 Power - ok
    19:34:00.0624 0x1a00 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    19:34:00.0628 0x1a00 PptpMiniport - ok
    19:34:00.0639 0x1a00 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
    19:34:00.0641 0x1a00 Processor - ok
    19:34:00.0673 0x1a00 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
    19:34:00.0680 0x1a00 ProfSvc - ok
    19:34:00.0685 0x1a00 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
    19:34:00.0687 0x1a00 ProtectedStorage - ok
    19:34:00.0727 0x1a00 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    19:34:00.0730 0x1a00 Psched - ok
    19:34:00.0774 0x1a00 [ E7483BE1E7A6FB16FC9AD6B54F99DEE4, 40D35902C3EBBAEEDDF0149F22544E2F16A57CFAC3C3C23778F6C318937F3813 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    19:34:00.0779 0x1a00 PSI_SVC_2 - ok
    19:34:00.0814 0x1a00 [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
    19:34:00.0816 0x1a00 PxHlpa64 - ok
    19:34:00.0867 0x1a00 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
    19:34:00.0916 0x1a00 ql2300 - ok
    19:34:00.0935 0x1a00 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
    19:34:00.0939 0x1a00 ql40xx - ok
    19:34:00.0957 0x1a00 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
    19:34:00.0965 0x1a00 QWAVE - ok
    19:34:00.0971 0x1a00 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    19:34:00.0973 0x1a00 QWAVEdrv - ok
    19:34:00.0984 0x1a00 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    19:34:00.0985 0x1a00 RasAcd - ok
    19:34:01.0021 0x1a00 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    19:34:01.0023 0x1a00 RasAgileVpn - ok
    19:34:01.0042 0x1a00 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
    19:34:01.0046 0x1a00 RasAuto - ok
    19:34:01.0084 0x1a00 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    19:34:01.0088 0x1a00 Rasl2tp - ok
    19:34:01.0128 0x1a00 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
    19:34:01.0137 0x1a00 RasMan - ok
    19:34:01.0149 0x1a00 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    19:34:01.0151 0x1a00 RasPppoe - ok
    19:34:01.0182 0x1a00 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    19:34:01.0185 0x1a00 RasSstp - ok
    19:34:01.0196 0x1a00 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    19:34:01.0205 0x1a00 rdbss - ok
    19:34:01.0216 0x1a00 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
    19:34:01.0218 0x1a00 rdpbus - ok
    19:34:01.0228 0x1a00 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    19:34:01.0229 0x1a00 RDPCDD - ok
    19:34:01.0268 0x1a00 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
    19:34:01.0273 0x1a00 RDPDR - ok
    19:34:01.0289 0x1a00 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    19:34:01.0289 0x1a00 RDPENCDD - ok
    19:34:01.0297 0x1a00 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    19:34:01.0298 0x1a00 RDPREFMP - ok
    19:34:01.0369 0x1a00 [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
    19:34:01.0371 0x1a00 RdpVideoMiniport - ok
    19:34:01.0408 0x1a00 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    19:34:01.0413 0x1a00 RDPWD - ok
    19:34:01.0450 0x1a00 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    19:34:01.0455 0x1a00 rdyboost - ok
    19:34:01.0475 0x1a00 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
    19:34:01.0478 0x1a00 RemoteAccess - ok
    19:34:01.0496 0x1a00 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    19:34:01.0501 0x1a00 RemoteRegistry - ok
    19:34:01.0506 0x1a00 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    19:34:01.0509 0x1a00 RpcEptMapper - ok
    19:34:01.0532 0x1a00 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
    19:34:01.0534 0x1a00 RpcLocator - ok
    19:34:01.0574 0x1a00 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
    19:34:01.0585 0x1a00 RpcSs - ok
    19:34:01.0592 0x1a00 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    19:34:01.0595 0x1a00 rspndr - ok
    19:34:01.0667 0x1a00 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
    19:34:01.0679 0x1a00 RTL8167 - ok
    19:34:01.0711 0x1a00 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
    19:34:01.0712 0x1a00 s3cap - ok
    19:34:01.0726 0x1a00 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
    19:34:01.0727 0x1a00 SamSs - ok
    19:34:01.0755 0x1a00 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    19:34:01.0759 0x1a00 sbp2port - ok
    19:34:01.0804 0x1a00 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
    19:34:01.0809 0x1a00 SCardSvr - ok
    19:34:01.0843 0x1a00 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    19:34:01.0844 0x1a00 scfilter - ok
    19:34:01.0913 0x1a00 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
    19:34:01.0948 0x1a00 Schedule - ok
    19:34:01.0990 0x1a00 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
    19:34:01.0992 0x1a00 SCPolicySvc - ok
    19:34:02.0023 0x1a00 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    19:34:02.0029 0x1a00 SDRSVC - ok
    19:34:02.0037 0x1a00 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
    19:34:02.0038 0x1a00 secdrv - ok
    19:34:02.0065 0x1a00 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
    19:34:02.0067 0x1a00 seclogon - ok
    19:34:02.0080 0x1a00 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
    19:34:02.0083 0x1a00 SENS - ok
    19:34:02.0096 0x1a00 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
    19:34:02.0098 0x1a00 SensrSvc - ok
    19:34:02.0117 0x1a00 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
    19:34:02.0118 0x1a00 Serenum - ok
    19:34:02.0136 0x1a00 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
    19:34:02.0139 0x1a00 Serial - ok
  9. BurtonGuster

    BurtonGuster Newcomer, in training Topic Starter Posts: 23

    19:34:02.0167 0x1a00 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
    19:34:02.0168 0x1a00 sermouse - ok
    19:34:02.0207 0x1a00 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
    19:34:02.0211 0x1a00 SessionEnv - ok
    19:34:02.0240 0x1a00 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    19:34:02.0241 0x1a00 sffdisk - ok
    19:34:02.0258 0x1a00 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    19:34:02.0259 0x1a00 sffp_mmc - ok
    19:34:02.0272 0x1a00 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    19:34:02.0273 0x1a00 sffp_sd - ok
    19:34:02.0288 0x1a00 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
    19:34:02.0289 0x1a00 sfloppy - ok
    19:34:02.0328 0x1a00 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
    19:34:02.0338 0x1a00 SharedAccess - ok
    19:34:02.0396 0x1a00 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    19:34:02.0406 0x1a00 ShellHWDetection - ok
    19:34:02.0464 0x1a00 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
    19:34:02.0466 0x1a00 SiSRaid2 - ok
    19:34:02.0482 0x1a00 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
    19:34:02.0484 0x1a00 SiSRaid4 - ok
    19:34:02.0580 0x1a00 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    19:34:02.0604 0x1a00 SkypeUpdate - ok
    19:34:02.0688 0x1a00 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    19:34:02.0714 0x1a00 Smb - ok
    19:34:02.0744 0x1a00 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    19:34:02.0746 0x1a00 SNMPTRAP - ok
    19:34:02.0751 0x1a00 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
    19:34:02.0752 0x1a00 spldr - ok
    19:34:02.0799 0x1a00 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
    19:34:02.0815 0x1a00 Spooler - ok
    19:34:02.0941 0x1a00 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
    19:34:03.0043 0x1a00 sppsvc - ok
    19:34:03.0063 0x1a00 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    19:34:03.0067 0x1a00 sppuinotify - ok
    19:34:03.0112 0x1a00 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
    19:34:03.0123 0x1a00 srv - ok
    19:34:03.0165 0x1a00 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    19:34:03.0175 0x1a00 srv2 - ok
    19:34:03.0189 0x1a00 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    19:34:03.0194 0x1a00 srvnet - ok
    19:34:03.0211 0x1a00 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    19:34:03.0217 0x1a00 SSDPSRV - ok
    19:34:03.0234 0x1a00 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
    19:34:03.0238 0x1a00 SstpSvc - ok
    19:34:03.0333 0x1a00 [ 706080AD43599D4AB04F1676A3A62CC1, BD9A645163501E2234CAB2B99DB297A634526786D2CDC55FE1C18F5019623E34 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    19:34:03.0347 0x1a00 Steam Client Service - ok
    19:34:03.0436 0x1a00 [ A9D26626BEADF5A0641BF6B5095EF309, EABC711466FECA20058D7E24CA2593059E1F113B38A2E7574822E48BFBBF4146 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    19:34:03.0446 0x1a00 Stereo Service - ok
    19:34:03.0458 0x1a00 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
    19:34:03.0459 0x1a00 stexstor - ok
    19:34:03.0515 0x1a00 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
    19:34:03.0531 0x1a00 stisvc - ok
    19:34:03.0553 0x1a00 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
    19:34:03.0554 0x1a00 storflt - ok
    19:34:03.0599 0x1a00 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
    19:34:03.0602 0x1a00 StorSvc - ok
    19:34:03.0618 0x1a00 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
    19:34:03.0620 0x1a00 storvsc - ok
    19:34:03.0634 0x1a00 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
    19:34:03.0634 0x1a00 swenum - ok
    19:34:03.0741 0x1a00 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    19:34:03.0753 0x1a00 SwitchBoard - ok
    19:34:03.0781 0x1a00 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
    19:34:03.0798 0x1a00 swprv - ok
    19:34:03.0821 0x1a00 Synth3dVsc - ok
    19:34:03.0895 0x1a00 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
    19:34:03.0947 0x1a00 SysMain - ok
    19:34:03.0993 0x1a00 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
    19:34:03.0997 0x1a00 TabletInputService - ok
    19:34:04.0268 0x1a00 [ B9E475AB1AABB21F278EA74965F918B9, 7563C990E44954190BCD796174D1E4636319F6D799B2EE1362D27604C3C0F89F ] TabletServiceWacom C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
    19:34:04.0482 0x1a00 TabletServiceWacom - ok
    19:34:04.0539 0x1a00 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
    19:34:04.0548 0x1a00 TapiSrv - ok
    19:34:04.0559 0x1a00 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
    19:34:04.0561 0x1a00 TBS - ok
    19:34:04.0638 0x1a00 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    19:34:04.0688 0x1a00 Tcpip - ok
    19:34:04.0750 0x1a00 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    19:34:04.0785 0x1a00 TCPIP6 - ok
    19:34:04.0814 0x1a00 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    19:34:04.0816 0x1a00 tcpipreg - ok
    19:34:04.0833 0x1a00 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    19:34:04.0834 0x1a00 TDPIPE - ok
    19:34:04.0860 0x1a00 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    19:34:04.0862 0x1a00 TDTCP - ok
    19:34:04.0896 0x1a00 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    19:34:04.0899 0x1a00 tdx - ok
    19:34:04.0911 0x1a00 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
    19:34:04.0913 0x1a00 TermDD - ok
    19:34:04.0959 0x1a00 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
    19:34:04.0983 0x1a00 TermService - ok
    19:34:04.0997 0x1a00 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
    19:34:05.0000 0x1a00 Themes - ok
    19:34:05.0022 0x1a00 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
    19:34:05.0025 0x1a00 THREADORDER - ok
    19:34:05.0082 0x1a00 [ B8F4A8AFFAAE521A20E8D2AF3F487124, F5B03312337AA0BE75F8EE26FEFDE25C0013A5E5BD33EC1AF85C33C6E75829EA ] TouchServiceWacom C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe
    19:34:05.0095 0x1a00 TouchServiceWacom - ok
    19:34:05.0116 0x1a00 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
    19:34:05.0120 0x1a00 TrkWks - ok
    19:34:05.0171 0x1a00 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    19:34:05.0176 0x1a00 TrustedInstaller - ok
    19:34:05.0200 0x1a00 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    19:34:05.0202 0x1a00 tssecsrv - ok
    19:34:05.0219 0x1a00 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    19:34:05.0221 0x1a00 TsUsbFlt - ok
    19:34:05.0227 0x1a00 tsusbhub - ok
    19:34:05.0274 0x1a00 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    19:34:05.0277 0x1a00 tunnel - ok
    19:34:05.0294 0x1a00 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
    19:34:05.0296 0x1a00 uagp35 - ok
    19:34:05.0329 0x1a00 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    19:34:05.0337 0x1a00 udfs - ok
    19:34:05.0371 0x1a00 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
    19:34:05.0374 0x1a00 UI0Detect - ok
    19:34:05.0390 0x1a00 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    19:34:05.0392 0x1a00 uliagpkx - ok
    19:34:05.0433 0x1a00 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
    19:34:05.0435 0x1a00 umbus - ok
    19:34:05.0450 0x1a00 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
    19:34:05.0451 0x1a00 UmPass - ok
    19:34:05.0467 0x1a00 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
    19:34:05.0474 0x1a00 UmRdpService - ok
    19:34:05.0498 0x1a00 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
    19:34:05.0508 0x1a00 upnphost - ok
    19:34:05.0544 0x1a00 [ AA33FC47ED58C34E6E9261E4F850B7EB, C6388127CAA695434ABFB6C59A53C8544E67E414012DE5F21B36D035BB1BACC8 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
    19:34:05.0546 0x1a00 USBAAPL64 - ok
    19:34:05.0574 0x1a00 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
    19:34:05.0577 0x1a00 usbaudio - ok
    19:34:05.0600 0x1a00 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    19:34:05.0602 0x1a00 usbccgp - ok
    19:34:05.0663 0x1a00 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
    19:34:05.0686 0x1a00 usbcir - ok
    19:34:05.0701 0x1a00 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
    19:34:05.0703 0x1a00 usbehci - ok
    19:34:05.0726 0x1a00 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    19:34:05.0734 0x1a00 usbhub - ok
    19:34:05.0765 0x1a00 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
    19:34:05.0766 0x1a00 usbohci - ok
    19:34:05.0790 0x1a00 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    19:34:05.0792 0x1a00 usbprint - ok
    19:34:05.0827 0x1a00 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
    19:34:05.0828 0x1a00 usbscan - ok
    19:34:05.0845 0x1a00 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    19:34:05.0848 0x1a00 USBSTOR - ok
    19:34:05.0869 0x1a00 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    19:34:05.0870 0x1a00 usbuhci - ok
    19:34:05.0884 0x1a00 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
    19:34:05.0887 0x1a00 UxSms - ok
    19:34:05.0900 0x1a00 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
    19:34:05.0902 0x1a00 VaultSvc - ok
    19:34:05.0908 0x1a00 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    19:34:05.0909 0x1a00 vdrvroot - ok
    19:34:05.0955 0x1a00 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
    19:34:05.0969 0x1a00 vds - ok
    19:34:06.0000 0x1a00 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    19:34:06.0001 0x1a00 vga - ok
    19:34:06.0006 0x1a00 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
    19:34:06.0008 0x1a00 VgaSave - ok
    19:34:06.0028 0x1a00 VGPU - ok
    19:34:06.0084 0x1a00 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    19:34:06.0089 0x1a00 vhdmp - ok
    19:34:06.0169 0x1a00 [ 627270F2103D41086BAB9675A3315DAB, 7BBCE942FD590D7F5CA85B25459B8A69D20F481855DDDD64407ED27D146A7A36 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
    19:34:06.0211 0x1a00 VIAHdAudAddService - ok
    19:34:06.0249 0x1a00 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
    19:34:06.0251 0x1a00 viaide - ok
    19:34:06.0267 0x1a00 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
    19:34:06.0273 0x1a00 vmbus - ok
    19:34:06.0283 0x1a00 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
    19:34:06.0284 0x1a00 VMBusHID - ok
    19:34:06.0290 0x1a00 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    19:34:06.0292 0x1a00 volmgr - ok
    19:34:06.0337 0x1a00 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    19:34:06.0346 0x1a00 volmgrx - ok
    19:34:06.0360 0x1a00 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
    19:34:06.0367 0x1a00 volsnap - ok
    19:34:06.0392 0x1a00 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
    19:34:06.0396 0x1a00 vsmraid - ok
    19:34:06.0460 0x1a00 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
    19:34:06.0520 0x1a00 VSS - ok
    19:34:06.0542 0x1a00 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
    19:34:06.0544 0x1a00 vwifibus - ok
    19:34:06.0567 0x1a00 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
    19:34:06.0577 0x1a00 W32Time - ok
    19:34:06.0614 0x1a00 [ FE75777289278A4941FE6139E82B3BD9, 4B0F3117C7D905240DB54EEE376404757258051CC5F8F312CAF748E1811368C6 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
    19:34:06.0615 0x1a00 wacmoumonitor - ok
    19:34:06.0657 0x1a00 [ E04D43C7D1641E95D35CAE6086C7E350, BF08ED680EC835D70C522B91560B8987F206793E8E2987117C1D7B77DEFF8556 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
    19:34:06.0658 0x1a00 wacommousefilter - ok
    19:34:06.0665 0x1a00 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
    19:34:06.0667 0x1a00 WacomPen - ok
    19:34:06.0694 0x1a00 [ EC1CEB237E365330C1FCFC4876AA0AC0, 9BFF9062AC5E4B9D0C6502D8DE7E59B887903ED29F26157A5F82966932F1EBD0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
    19:34:06.0694 0x1a00 wacomvhid - ok
    19:34:06.0700 0x1a00 WacomVKHid - ok
    19:34:06.0736 0x1a00 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    19:34:06.0739 0x1a00 WANARP - ok
    19:34:06.0755 0x1a00 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    19:34:06.0757 0x1a00 Wanarpv6 - ok
    19:34:06.0846 0x1a00 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    19:34:06.0913 0x1a00 WatAdminSvc - ok
    19:34:07.0003 0x1a00 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
    19:34:07.0054 0x1a00 wbengine - ok
    19:34:07.0069 0x1a00 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    19:34:07.0076 0x1a00 WbioSrvc - ok
    19:34:07.0133 0x1a00 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
    19:34:07.0143 0x1a00 wcncsvc - ok
    19:34:07.0153 0x1a00 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    19:34:07.0156 0x1a00 WcsPlugInService - ok
    19:34:07.0171 0x1a00 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
    19:34:07.0173 0x1a00 Wd - ok
    19:34:07.0223 0x1a00 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    19:34:07.0252 0x1a00 Wdf01000 - ok
    19:34:07.0283 0x1a00 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
    19:34:07.0287 0x1a00 WdiServiceHost - ok
    19:34:07.0292 0x1a00 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
    19:34:07.0296 0x1a00 WdiSystemHost - ok
    19:34:07.0329 0x1a00 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
    19:34:07.0337 0x1a00 WebClient - ok
    19:34:07.0357 0x1a00 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
    19:34:07.0364 0x1a00 Wecsvc - ok
    19:34:07.0382 0x1a00 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    19:34:07.0386 0x1a00 wercplsupport - ok
    19:34:07.0418 0x1a00 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
    19:34:07.0421 0x1a00 WerSvc - ok
    19:34:07.0435 0x1a00 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    19:34:07.0436 0x1a00 WfpLwf - ok
    19:34:07.0451 0x1a00 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    19:34:07.0453 0x1a00 WIMMount - ok
    19:34:07.0474 0x1a00 WinDefend - ok
    19:34:07.0482 0x1a00 WinHttpAutoProxySvc - ok
    19:34:07.0522 0x1a00 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    19:34:07.0529 0x1a00 Winmgmt - ok
    19:34:07.0620 0x1a00 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
    19:34:07.0698 0x1a00 WinRM - ok
    19:34:08.0030 0x1a00 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
    19:34:08.0053 0x1a00 WinUsb - ok
    19:34:08.0167 0x1a00 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
    19:34:08.0197 0x1a00 Wlansvc - ok
    19:34:08.0310 0x1a00 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    19:34:08.0385 0x1a00 wlidsvc - ok
    19:34:08.0394 0x1a00 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    19:34:08.0395 0x1a00 WmiAcpi - ok
    19:34:08.0410 0x1a00 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    19:34:08.0416 0x1a00 wmiApSrv - ok
    19:34:08.0421 0x1a00 WMPNetworkSvc - ok
    19:34:08.0433 0x1a00 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
    19:34:08.0435 0x1a00 WPCSvc - ok
    19:34:08.0452 0x1a00 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    19:34:08.0457 0x1a00 WPDBusEnum - ok
    19:34:08.0472 0x1a00 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    19:34:08.0473 0x1a00 ws2ifsl - ok
    19:34:08.0485 0x1a00 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
    19:34:08.0489 0x1a00 wscsvc - ok
    19:34:08.0494 0x1a00 WSearch - ok
    19:34:08.0604 0x1a00 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
    19:34:08.0672 0x1a00 wuauserv - ok
    19:34:08.0704 0x1a00 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    19:34:08.0706 0x1a00 WudfPf - ok
    19:34:08.0720 0x1a00 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    19:34:08.0726 0x1a00 WUDFRd - ok
    19:34:08.0759 0x1a00 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    19:34:08.0762 0x1a00 wudfsvc - ok
    19:34:08.0801 0x1a00 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
    19:34:08.0808 0x1a00 WwanSvc - ok
    19:34:08.0861 0x1a00 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
    19:34:08.0863 0x1a00 xusb21 - ok
    19:34:08.0871 0x1a00 ================ Scan global ===============================
    19:34:08.0894 0x1a00 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
    19:34:08.0927 0x1a00 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
    19:34:08.0955 0x1a00 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
    19:34:08.0969 0x1a00 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
    19:34:09.0031 0x1a00 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
    19:34:09.0038 0x1a00 [ Global ] - ok
    19:34:09.0039 0x1a00 ================ Scan MBR ==================================
    19:34:09.0052 0x1a00 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    19:34:09.0225 0x1a00 \Device\Harddisk0\DR0 - ok
    19:34:09.0229 0x1a00 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
    19:34:09.0255 0x1a00 \Device\Harddisk1\DR1 - ok
    19:34:09.0255 0x1a00 ================ Scan VBR ==================================
    19:34:09.0258 0x1a00 [ DFA2D73A6C5F7585545D834D64B49888 ] \Device\Harddisk0\DR0\Partition1
    19:34:09.0300 0x1a00 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
    19:34:09.0300 0x1a00 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
    19:34:22.0402 0x1a00 [ F2357E2045F3FEACDFFD99876F84E503 ] \Device\Harddisk0\DR0\Partition2
    19:34:22.0432 0x1a00 \Device\Harddisk0\DR0\Partition2 - ok
    19:34:22.0437 0x1a00 [ 24FCB86203BF06F58D55450D3C3DF06F ] \Device\Harddisk1\DR1\Partition1
    19:34:22.0502 0x1a00 \Device\Harddisk1\DR1\Partition1 - ok
    19:34:22.0564 0x1a00 AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4563 ), 0x40000 ( disabled : updated )
    19:34:22.0568 0x1a00 Win FW state via NFP2: enabled
    19:34:25.0527 0x1a00 ============================================================
    19:34:25.0527 0x1a00 Scan finished
    19:34:25.0527 0x1a00 ============================================================
    19:34:25.0538 0x16dc Detected object count: 1
    19:34:25.0538 0x16dc Actual detected object count: 1
    19:34:32.0604 0x16dc \Device\Harddisk0\DR0\Partition1 - copied to quarantine
    19:34:32.0608 0x16dc \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
    19:34:32.0646 0x16dc \Device\Harddisk0\DR0\Partition1 - ok
    19:34:32.0646 0x16dc \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
    19:34:33.0323 0x16dc KLMD registered as C:\Windows\system32\drivers\81066758.sys
    19:35:58.0863 0x0bf0 Deinitialize success


    Wow, it actually looks like it worked. I just rebooted and so far it looks clear. A friend of mine who I went to first had me doing all sorts of crazy stuff and we couldn't get it.
  10. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    Good news :)
    You were infected with a rootkit but we need to run more tools to see if you're totally clean.

    Re-run DDS and see if it'll create second log (DDS.txt).

    Then...

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2

    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Create new restore point before proceeding with the next step....
    How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

    Download Malwarebytes Anti-Rootkit (MBAR) from HERE
    • Unzip downloaded file.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
  11. BurtonGuster

    BurtonGuster Newcomer, in training Topic Starter Posts: 23

    It made the DDS.txt file this time. here ya go.

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.55.2
    Run by Gabe at 21:45:29 on 2014-05-13
    #Option Extended Search is enabled.
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12175.7572 [GMT -4:00]
    .
    AV: Norton 360 *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
    SP: Norton 360 *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Norton 360 *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\nvvsvc.exe
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\windows\system32\nvvsvc.exe
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
    C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
    C:\windows\Explorer.EXE
    C:\windows\system32\ThpSrv.exe
    C:\windows\system32\TODDSrv.exe
    C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
    C:\Program Files\TOSHIBA\TECO\TecoService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\windows\system32\wbem\unsecapp.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\TOSHIBA\TECO\Teco.exe
    C:\Windows\System32\ThpSrv.exe
    C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    C:\Program Files (x86)\Gyazo\GyStation.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\PowerMenu\PowerMenu.exe
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
    C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TSleepSrv.exe
    C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
    C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
    c:\Program Files (x86)\Toshiba\ToshibaFB\fdbpinger.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
    C:\Program Files (x86)\Toshiba\ToshibaRegistration\TaisRegistPinger.exe
    C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\windows\system32\wuauclt.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\windows\servicing\TrustedInstaller.exe
    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\Users\Gabe\Desktop\Orion.exe
    C:\windows\system32\SearchProtocolHost.exe
    C:\windows\system32\SearchFilterHost.exe
    C:\windows\system32\taskeng.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://start.toshiba.com
    uDefault_Page_URL = hxxp://start.toshiba.com
    uProxyOverride = <local>
    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\CoIEPlg.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\CoIEPlg.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\CoIEPlg.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    mRun: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
    mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
    mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
    mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    StartupFolder: C:\Users\Gabe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\POWERM~1.LNK - C:\Program Files (x86)\PowerMenu\PowerMenu.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
    TCP: NameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{D2F34BC6-20EB-4DEE-8943-D294004B3272} : DHCPNameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{E14CAE3C-3694-4ABA-B9DD-B00ADE4377AD} : DHCPNameServer = 75.75.75.75 75.75.76.76
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\CoIEPlg.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
    x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\CoIEPlg.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [SRS Premium Sound 3D] "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_PS3D.zip" /h
    x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
    x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
    x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
    x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
    x64-Run: [ThpSrv] C:\windows\System32\thpsrv /logon
    x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
    x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
    x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
    x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
    x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
    x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    x64-Run: [ShadowPlay] C:\windows\System32\rundll32.exe C:\windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-2-27 16152]
    R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2014-5-12 33736]
    R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\System32\drivers\thpdrv.sys [2011-3-23 36992]
    R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\System32\drivers\Thpevm.sys [2009-6-29 14784]
    R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2009-6-24 482384]
    R1 RzFilter;RzFilter;C:\windows\System32\drivers\RzFilter.sys [2014-5-12 74432]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    R2 fbdpinger;fbdpinger;C:\Program Files (x86)\Toshiba\ToshibaFB\fdbpinger.exe [2014-5-12 2207128]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-11 627936]
    R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-5-12 128280]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2014-5-12 161560]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-5-13 1809720]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-5-13 857912]
    R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe [2014-5-12 265040]
    R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe [2014-5-12 135608]
    R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-5-12 1617696]
    R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-5-12 21007192]
    R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe [2014-5-12 126392]
    R2 RzOvlMon;Razer Overlay Subsystem Emergency Service;C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe [2014-4-18 32960]
    R2 taisregispinger;taisregispinger;C:\Program Files (x86)\Toshiba\ToshibaRegistration\TaisRegistPinger.exe [2012-4-25 2191240]
    R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-5-13 5024576]
    R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-11-24 294848]
    R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2014-5-12 363800]
    R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]
    R3 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [2014-4-9 1525976]
    R3 ccSet_N360;N360 Settings Manager;C:\windows\System32\drivers\N360x64\1502000.026\ccSetx64.sys [2014-5-12 162392]
    R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2014-5-12 9216]
    R3 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\IPSDefs\20140512.001\IDSviA64.sys [2014-5-13 525016]
    R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-2-27 356120]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-2-27 788760]
    R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\drivers\iwdbus.sys [2011-12-20 25496]
    R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2012-1-16 103536]
    R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2014-5-13 25816]
    R3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\drivers\MBAMSwissArmy.sys [2014-5-13 119512]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\drivers\mwac.sys [2014-5-13 63192]
    R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-5-12 18776]
    R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\windows\System32\drivers\nvvad64v.sys [2014-5-12 40392]
    R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2014-5-12 38096]
    R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\windows\System32\drivers\RtsP2Stor.sys [2014-5-12 259176]
    R3 RzDxgk;RzDxgk;C:\windows\System32\drivers\RzDxgk.sys [2014-5-12 129472]
    R3 rzudd;Razer Mouse Driver;C:\windows\System32\drivers\rzudd.sys [2014-4-8 154792]
    R3 SmbDrv;SmbDrv;C:\windows\System32\drivers\Smb_driver.sys [2012-2-24 22800]
    R3 SymDS;Symantec Data Store;C:\windows\System32\drivers\N360x64\1502000.026\SymDS64.sys [2014-5-12 493656]
    R3 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\N360x64\1502000.026\SymEFA64.sys [2014-5-12 1148120]
    R3 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\N360x64\1502000.026\Ironx64.sys [2014-5-12 264280]
    R3 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\drivers\N360x64\1502000.026\symnets.sys [2014-5-12 593112]
    R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2014-5-12 57216]
    R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-11-25 138152]
    R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-12-14 833976]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-5-13 111616]
    S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\drivers\intelaud.sys [2011-12-20 34200]
    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]
    S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2014-5-13 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 60 ================
    .
    2014-05-14 01:24:44 119512 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
    2014-05-14 01:24:23 88280 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
    2014-05-14 01:24:23 63192 ----a-w- C:\windows\System32\drivers\mwac.sys
    2014-05-14 01:24:23 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
    2014-05-14 01:24:23 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-05-14 01:22:20 -------- d-sh--w- C:\$RECYCLE.BIN
    2014-05-14 00:10:42 -------- d-----w- C:\windows\System32\MRT
    2014-05-13 22:30:23 -------- d-----w- C:\Program Files (x86)\TeamViewer
    2014-05-13 22:23:46 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
    2014-05-13 22:23:44 -------- d-----w- C:\Program Files (x86)\Steam
    2014-05-13 21:34:07 -------- d-----w- C:\Program Files (x86)\LastPass
    2014-05-13 08:49:37 -------- d-s---w- C:\windows\System32\CompatTel
    2014-05-13 08:49:29 -------- d-----w- C:\windows\SysWow64\Wat
    2014-05-13 08:49:29 -------- d-----w- C:\windows\System32\Wat
    2014-05-13 08:35:15 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
    2014-05-13 08:35:15 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    2014-05-13 08:35:14 12625920 ----a-w- C:\windows\System32\wmploc.DLL
    2014-05-13 08:35:14 12625408 ----a-w- C:\windows\SysWow64\wmploc.DLL
    2014-05-13 08:26:49 -------- d-----w- C:\windows\Migration
    2014-05-13 08:10:41 9728 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2014-05-13 07:53:49 2560 ----a-w- C:\windows\System32\drivers\en-US\wdf01000.sys.mui
    2014-05-13 07:22:38 87040 ----a-w- C:\windows\System32\drivers\WUDFPf.sys
    2014-05-13 07:22:38 198656 ----a-w- C:\windows\System32\drivers\WUDFRd.sys
    2014-05-13 07:22:37 84992 ----a-w- C:\windows\System32\WUDFSvc.dll
    2014-05-13 07:22:37 744448 ----a-w- C:\windows\System32\WUDFx.dll
    2014-05-13 07:22:37 45056 ----a-w- C:\windows\System32\WUDFCoinstaller.dll
    2014-05-13 07:22:37 229888 ----a-w- C:\windows\System32\WUDFHost.exe
    2014-05-13 07:22:37 194048 ----a-w- C:\windows\System32\WUDFPlatform.dll
    2014-05-13 07:08:18 5120 ----a-w- C:\windows\SysWow64\wmi.dll
    2014-05-13 07:08:18 5120 ----a-w- C:\windows\System32\wmi.dll
    2014-05-13 07:08:18 23408 ----a-w- C:\windows\System32\drivers\fs_rec.sys
    2014-05-13 05:58:46 -------- d-----r- C:\Program Files (x86)\Skype
    2014-05-13 05:31:16 -------- d-----w- C:\Users\Gabe\AppData\Roaming\Malwarebytes
    2014-05-13 05:31:11 -------- d-----w- C:\ProgramData\Malwarebytes
    2014-05-13 03:16:51 -------- d-----w- C:\Program Files (x86)\PowerMenu
    2014-05-12 23:37:22 -------- d-----w- C:\Users\Gabe\AppData\Roaming\Gyazo
    2014-05-12 09:22:05 20480 ----a-w- C:\windows\SysWow64\cliconfg.728
    2014-05-12 09:22:03 33340 ------w- C:\windows\SysWow64\dbmsqlgc.dll
    2014-05-12 09:22:03 24576 ------w- C:\windows\SysWow64\dbmsgnet.dll
    2014-05-12 09:21:59 306688 ----a-w- C:\windows\IsUninst.exe
    2014-05-12 09:21:48 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
    2014-05-12 09:19:07 -------- d-----w- C:\Program Files (x86)\Vstplugins
    2014-05-12 09:19:06 -------- d-----w- C:\windows\SysWow64\spool
    2014-05-12 09:19:04 -------- d-----w- C:\Program Files (x86)\Sony
    2014-05-12 09:17:18 -------- d-----w- C:\Program Files (x86)\Sony Setup
    2014-05-12 08:43:37 -------- d-----w- C:\Users\Gabe\AppData\Roaming\TS3Client
    2014-05-12 08:43:27 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client
    2014-05-12 08:26:09 -------- d-----w- C:\windows\SysWow64\Adobe
    2014-05-12 07:50:16 -------- d-----w- C:\Users\Gabe\AppData\Local\Adobe
    2014-05-12 07:45:52 -------- d-----w- C:\Program Files (x86)\Socialstamp
    2014-05-12 07:45:42 -------- d-----w- C:\TwitchBot
    2014-05-12 07:43:56 -------- d-----w- C:\Users\Gabe\jagexcache
    2014-05-12 07:43:02 -------- d-----w- C:\Users\Gabe\Orion
    2014-05-12 07:41:50 497152 ----a-w- C:\windows\System32\drivers\afd.sys
    2014-05-12 07:40:51 800768 ----a-w- C:\windows\System32\usp10.dll
    2014-05-12 07:39:49 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
    2014-05-12 07:29:02 -------- d-----w- C:\Users\Gabe\AppData\Local\SplitMediaLabs
    2014-05-12 07:28:13 -------- d-----w- C:\Program Files (x86)\Gyazo
    2014-05-12 07:25:22 177752 ----a-w- C:\windows\System32\drivers\SYMEVENT64x86.SYS
    2014-05-12 07:25:22 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
    2014-05-12 07:24:49 875736 ----a-r- C:\windows\System32\drivers\N360x64\1502000.026\srtsp64.sys
    2014-05-12 07:24:49 593112 ----a-r- C:\windows\System32\drivers\N360x64\1502000.026\symnets.sys
    2014-05-12 07:24:49 493656 ----a-r- C:\windows\System32\drivers\N360x64\1502000.026\SymDS64.sys
    2014-05-12 07:24:49 36952 ----a-r- C:\windows\System32\drivers\N360x64\1502000.026\srtspx64.sys
    2014-05-12 07:24:49 264280 ----a-r- C:\windows\System32\drivers\N360x64\1502000.026\Ironx64.sys
    2014-05-12 07:24:49 23568 ----a-r- C:\windows\System32\drivers\N360x64\1502000.026\SymELAM.sys
    2014-05-12 07:24:49 162392 ----a-r- C:\windows\System32\drivers\N360x64\1502000.026\ccSetx64.sys
    2014-05-12 07:24:49 1148120 ----a-r- C:\windows\System32\drivers\N360x64\1502000.026\SymEFA64.sys
    2014-05-12 07:24:32 -------- d-----w- C:\windows\System32\drivers\N360x64\1502000.026
    2014-05-12 07:24:32 -------- d-----w- C:\windows\System32\drivers\N360x64
    2014-05-12 07:24:30 -------- d-----w- C:\Program Files (x86)\Norton 360
    2014-05-12 06:47:25 -------- d-----w- C:\ProgramData\PCSettings
    2014-05-12 06:46:44 -------- d-----w- C:\Users\Gabe\AppData\Local\Programs
    2014-05-12 06:43:32 -------- d-----w- C:\Users\Gabe\AppData\Local\Skype
    2014-05-12 06:41:47 -------- d-----w- C:\windows\SysWow64\NV
    2014-05-12 06:41:47 -------- d-----w- C:\windows\System32\NV
    2014-05-12 06:38:27 -------- d-----w- C:\NVIDIA
    2014-05-12 06:36:05 276832 ----a-w- C:\windows\System32\d3dx11_43.dll
    2014-05-12 06:36:05 248672 ----a-w- C:\windows\SysWow64\d3dx11_43.dll
    2014-05-12 06:36:03 511328 ----a-w- C:\windows\System32\d3dx10_43.dll
    2014-05-12 06:36:03 470880 ----a-w- C:\windows\SysWow64\d3dx10_43.dll
    2014-05-12 06:36:03 2401112 ----a-w- C:\windows\System32\D3DX9_43.dll
    2014-05-12 06:36:03 1998168 ----a-w- C:\windows\SysWow64\D3DX9_43.dll
    2014-05-12 06:35:53 1225920 ----a-w- C:\windows\System32\nvspcap64.dll
    2014-05-12 06:35:53 1081112 ----a-w- C:\windows\SysWow64\nvspcap.dll
    2014-05-12 06:35:28 -------- d-----w- C:\Users\Gabe\AppData\Local\NVIDIA Corporation
    2014-05-12 06:35:28 -------- d-----w- C:\Users\Gabe\AppData\Local\NVIDIA
    2014-05-12 06:35:12 40392 ----a-w- C:\windows\System32\drivers\nvvad64v.sys
    2014-05-12 06:35:12 37320 ----a-w- C:\windows\System32\nvaudcap64v.dll
    2014-05-12 06:35:12 34760 ----a-w- C:\windows\SysWow64\nvaudcap32v.dll
    2014-05-12 06:32:54 74432 ----a-w- C:\windows\System32\drivers\RzFilter.sys
    2014-05-12 06:32:48 129472 ----a-w- C:\windows\System32\drivers\RzDxgk.sys
    2014-05-12 06:32:03 -------- d-----w- C:\windows\Razer Core
    2014-05-12 06:28:21 -------- d-----w- C:\Users\Gabe\AppData\Local\Razer
    2014-05-12 06:24:21 -------- d-----w- C:\ProgramData\Oracle
    2014-05-12 06:24:01 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
    2014-05-12 06:19:50 -------- d-sh--w- C:\windows\SysWow64\AI_RecycleBin
    2014-05-12 06:19:40 -------- d-----w- C:\ProgramData\SplitMediaLabs
    2014-05-12 06:19:40 -------- d-----w- C:\Program Files (x86)\SplitMediaLabs
    2014-05-12 06:18:13 -------- d-----w- C:\Users\Gabe\AppData\Roaming\SplitMediaLabs
    2014-05-12 06:08:17 -------- d-----w- C:\Users\Gabe\AppData\Local\Google
    2014-05-12 06:06:12 -------- d-----w- C:\Users\Gabe\AppData\Local\TOSHIBA
    2014-05-12 06:06:11 -------- d-----w- C:\Users\Gabe\AppData\Local\SRS Labs
    2014-05-12 06:04:52 -------- d-----w- C:\Users\Gabe\AppData\Local\VirtualStore
    2014-05-12 06:04:11 2622464 ----a-w- C:\windows\System32\wucltux.dll
    2014-05-12 06:04:09 13 --sh--r- C:\windows\System32\drivers\fbd.sys
    2014-05-12 06:04:02 99840 ----a-w- C:\windows\System32\wudriver.dll
    2014-05-12 05:13:16 -------- d-----w- C:\ProgramData\WildTangent
    2014-05-12 05:13:16 -------- d-----w- C:\Program Files (x86)\WildTangent Games
    2014-05-12 05:13:16 -------- d-----w- C:\Program Files (x86)\TOSHIBA Games
    2014-05-12 05:03:26 -------- d-----w- C:\Program Files (x86)\Toshiba Online Backup
    2014-05-12 05:03:16 -------- d-----w- C:\windows\System32\drivers\NortonPCCheckupx64\0200110.026
    2014-05-12 05:03:16 -------- d-----w- C:\windows\System32\drivers\NortonPCCheckupx64
    2014-05-12 05:03:16 -------- d-----w- C:\Program Files (x86)\Norton PC Checkup
    2014-05-12 05:02:59 -------- d-----w- C:\Program Files (x86)\PlayReady
    2014-05-12 04:56:23 4178264 ----a-w- C:\windows\SysWow64\D3DX9_41.dll
    2014-05-12 04:51:36 -------- d-----w- C:\Program Files (x86)\TOSHIBA Corporation
    2014-05-12 04:51:36 -------- d-----w- C:\Program Files (x86)\Common Files\Toshiba Shared
    2014-05-12 04:49:52 38096 ----a-w- C:\windows\System32\drivers\PGEffect.sys
    2014-05-12 04:49:10 27784 ----a-w- C:\windows\System32\drivers\tdcmdpst.sys
    2014-05-12 04:48:58 138656 ----a-w- C:\windows\System32\TODDSrv.exe
    2014-05-12 04:41:16 24576 ----a-w- C:\windows\SysWow64\TSCI.dll
    2014-05-12 04:41:16 24576 ----a-w- C:\windows\SysWow64\THCI.dll
    2014-05-12 04:37:45 1351392 ----a-w- C:\windows\SysWow64\COMCTL32.OCX
    2014-05-12 04:37:07 9728 ----a-w- C:\windows\SysWow64\TCMSVR.dll
    2014-05-12 04:37:07 9216 ----a-w- C:\windows\System32\drivers\FwLnk.sys
    2014-05-12 04:37:07 152848 ----a-w- C:\windows\SysWow64\Comdlg32.ocx
    2014-05-12 04:37:07 1081616 ----a-w- C:\windows\SysWow64\mscomctl.ocx
    2014-05-12 04:37:06 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
    2014-05-12 04:37:06 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
    2014-05-12 04:37:06 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
    2014-05-12 04:37:06 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
    2014-05-12 04:37:06 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
    2014-05-12 04:37:06 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
    2014-05-12 04:37:06 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
    2014-05-12 04:36:56 -------- d-----w- C:\Program Files\SRS Labs
    2014-05-12 04:36:21 -------- d-----w- C:\windows\SysWow64\sda
    2014-05-12 04:36:19 9888872 ----a-w- C:\windows\SysWow64\RtsP2StorIcon.dll
    2014-05-12 04:36:19 259176 ----a-w- C:\windows\System32\drivers\RtsP2Stor.sys
    2014-05-12 04:36:01 41984 ----a-w- C:\windows\System32\drivers\USB3Ver.dll
    2014-05-12 04:32:08 -------- d-----w- C:\Program Files (x86)\Intel Corporation
    2014-05-12 04:32:08 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
    2014-05-12 04:31:12 -------- d--h--w- C:\windows\System32\WLANProfiles
    2014-05-12 04:30:55 -------- d-----w- C:\ProgramData\Roaming
    2014-05-12 04:30:30 -------- d-----w- C:\Program Files (x86)\Cisco
    2014-05-12 04:23:58 -------- d-----w- C:\windows\SysWow64\Atheros_L1e
    2014-05-12 04:23:41 -------- d-----w- C:\Program Files\Synaptics
    2014-05-12 04:18:59 568600 ----a-w- C:\windows\System32\drivers\iaStor.sys
    2014-05-12 04:10:33 -------- d-----w- C:\Program Files\Common Files\Intel
    2014-05-12 04:10:33 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
    2014-05-12 04:05:30 15128 ----a-w- C:\windows\System32\drivers\IntelMEFWVer.dll
    2014-05-12 04:04:56 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
    2014-05-12 04:04:53 60184 ----a-w- C:\windows\System32\drivers\HECIx64.sys
    2014-05-12 04:04:53 -------- d-----w- C:\Intel
    2014-05-12 04:01:09 53248 ----a-w- C:\windows\SysWow64\CSVer.dll
    2014-04-18 15:03:03 2106216 ----a-w- C:\windows\SysWow64\D3DCompiler_43.dll
    2014-04-09 02:52:44 154792 ----a-w- C:\windows\System32\drivers\rzudd.sys
    2014-04-09 02:24:32 88576 ----a-w- C:\windows\SysWow64\rzdevinfo.dll
    2014-04-09 02:24:32 154624 ----a-w- C:\windows\SysWow64\rztouchdll.dll
    2014-04-09 02:24:30 117248 ----a-w- C:\windows\SysWow64\rzdisplaydll.dll
    2014-04-09 02:24:28 856576 ----a-w- C:\windows\SysWow64\rzdevicedll.dll
    2014-04-09 02:24:28 306688 ----a-w- C:\windows\SysWow64\rzaudiodll.dll
    .
    ==================== Find6M ====================
    .
    2014-05-13 08:10:41 9728 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2014-05-13 01:27:28 70832 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-05-13 01:27:28 692400 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
    2014-04-14 02:24:46 465408 ----a-w- C:\windows\System32\aepdu.dll
    2014-04-14 02:19:37 424448 ----a-w- C:\windows\System32\aeinv.dll
    2014-03-04 13:06:00 6714312 ----a-w- C:\windows\System32\nvcpl.dll
    2014-03-04 13:06:00 3497816 ----a-w- C:\windows\System32\nvsvc64.dll
    2014-03-04 13:05:58 922968 ----a-w- C:\windows\System32\nvvsvc.exe
    2014-03-04 13:05:58 64968 ----a-w- C:\windows\System32\nvshext.dll
    2014-03-04 13:05:58 2558808 ----a-w- C:\windows\System32\nvsvcr.dll
    2014-03-04 13:05:57 67072 ----a-w- C:\windows\System32\nv3dappshextr.dll
    2014-03-04 13:05:57 386336 ----a-w- C:\windows\System32\nvmctray.dll
    2014-03-04 13:05:57 1075032 ----a-w- C:\windows\System32\nv3dappshext.dll
    2014-03-04 13:05:53 3649185 ----a-w- C:\windows\System32\nvcoproc.bin
    2014-03-04 09:44:21 362496 ----a-w- C:\windows\System32\wow64win.dll
    2014-03-04 09:44:21 243712 ----a-w- C:\windows\System32\wow64.dll
    2014-03-04 09:44:21 13312 ----a-w- C:\windows\System32\wow64cpu.dll
    2014-03-04 09:44:03 16384 ----a-w- C:\windows\System32\ntvdm64.dll
    2014-03-04 09:17:19 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
    2014-03-04 09:17:05 44032 ----a-w- C:\windows\apppatch\acwow64.dll
    2014-03-04 09:16:54 25600 ----a-w- C:\windows\SysWow64\setup16.exe
    2014-03-04 09:16:18 5120 ----a-w- C:\windows\SysWow64\wow32.dll
    2014-03-04 08:09:30 7680 ----a-w- C:\windows\SysWow64\instnm.exe
    2014-03-04 08:09:29 2048 ----a-w- C:\windows\SysWow64\user.exe
    2014-02-07 01:23:30 3156480 ----a-w- C:\windows\System32\win32k.sys
    2014-02-04 02:35:56 190912 ----a-w- C:\windows\System32\drivers\storport.sys
    2014-02-04 02:35:49 274880 ----a-w- C:\windows\System32\drivers\msiscsi.sys
    2014-02-04 02:35:35 27584 ----a-w- C:\windows\System32\drivers\Diskdump.sys
    2014-02-04 02:32:12 624128 ----a-w- C:\windows\System32\qedit.dll
    2014-02-04 02:28:36 2048 ----a-w- C:\windows\System32\iologmsg.dll
    2014-02-04 02:04:11 509440 ----a-w- C:\windows\SysWow64\qedit.dll
    2014-02-04 02:00:39 2048 ----a-w- C:\windows\SysWow64\iologmsg.dll
    2014-01-29 02:32:18 484864 ----a-w- C:\windows\System32\wer.dll
    2014-01-29 02:06:47 381440 ----a-w- C:\windows\SysWow64\wer.dll
    2014-01-28 02:32:46 228864 ----a-w- C:\windows\System32\wwansvc.dll
    2014-01-24 02:37:55 1684928 ----a-w- C:\windows\System32\drivers\ntfs.sys
    2013-12-06 02:30:08 2048 ----a-w- C:\windows\System32\msxml3r.dll
    2013-12-06 02:30:08 1882112 ----a-w- C:\windows\System32\msxml3.dll
    2013-12-06 02:02:08 2048 ----a-w- C:\windows\SysWow64\msxml3r.dll
    2013-12-06 02:02:08 1237504 ----a-w- C:\windows\SysWow64\msxml3.dll
    2013-12-04 02:27:33 485888 ----a-w- C:\windows\System32\secproc_isv.dll
    2013-12-04 02:27:33 123392 ----a-w- C:\windows\System32\secproc_ssp_isv.dll
    2013-12-04 02:27:33 123392 ----a-w- C:\windows\System32\secproc_ssp.dll
    2013-12-04 02:27:16 488448 ----a-w- C:\windows\System32\secproc.dll
    2013-12-04 02:26:32 528384 ----a-w- C:\windows\System32\msdrm.dll
    2013-12-04 02:16:51 658432 ----a-w- C:\windows\System32\RMActivate_isv.exe
    2013-12-04 02:16:51 626176 ----a-w- C:\windows\System32\RMActivate.exe
    2013-12-04 02:16:50 552960 ----a-w- C:\windows\System32\RMActivate_ssp_isv.exe
    2013-12-04 02:16:48 553984 ----a-w- C:\windows\System32\RMActivate_ssp.exe
    2013-12-04 02:03:20 87040 ----a-w- C:\windows\SysWow64\secproc_ssp_isv.dll
    2013-12-04 02:03:20 87040 ----a-w- C:\windows\SysWow64\secproc_ssp.dll
    2013-12-04 02:03:20 423936 ----a-w- C:\windows\SysWow64\secproc_isv.dll
    2013-12-04 02:03:08 428032 ----a-w- C:\windows\SysWow64\secproc.dll
    2013-12-04 02:02:06 390144 ----a-w- C:\windows\SysWow64\msdrm.dll
    2013-12-04 01:54:14 510976 ----a-w- C:\windows\SysWow64\RMActivate_ssp.exe
    2013-12-04 01:54:10 594944 ----a-w- C:\windows\SysWow64\RMActivate_isv.exe
    2013-12-04 01:54:09 572416 ----a-w- C:\windows\SysWow64\RMActivate.exe
    2013-12-04 01:54:06 508928 ----a-w- C:\windows\SysWow64\RMActivate_ssp_isv.exe
    2013-11-27 01:41:37 343040 ----a-w- C:\windows\System32\drivers\usbhub.sys
    2013-11-27 01:41:15 99840 ----a-w- C:\windows\System32\drivers\usbccgp.sys
    2013-11-27 01:41:11 53248 ----a-w- C:\windows\System32\drivers\usbehci.sys
    2013-11-27 01:41:11 325120 ----a-w- C:\windows\System32\drivers\usbport.sys
    2013-11-27 01:41:09 25600 ----a-w- C:\windows\System32\drivers\usbohci.sys
    2013-11-27 01:41:06 30720 ----a-w- C:\windows\System32\drivers\usbuhci.sys
    2013-11-27 01:41:03 7808 ----a-w- C:\windows\System32\drivers\usbd.sys
    2013-11-26 11:40:00 376768 ----a-w- C:\windows\System32\drivers\netio.sys
    .
    ============= FINISH: 21:46:01.45 ===============

    I'm gonna run roguekiller now.
     
  12. Broni

    Broni Malware Annihilator Posts: 46,179   +251

  13. BurtonGuster

    BurtonGuster Newcomer, in training Topic Starter Posts: 23

    It created 3 txt files on my desktop, wasn't sure if they were all the same so I posted all of them.

    Roguekiller reports

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ Browser Addons : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

    ¤¤¤ External Hives: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts




    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD1002FAEX-00Z3A0 ATA Device +++++
    --- User ---
    [MBR] ee6a1489f7fc1a935a9333f4dfc5e7a6
    [BSP] 1135aad6b1205dd7e94cad4423b0be4e : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ST2000DM001-1CH164 ATA Device +++++
    --- User ---
    [MBR] ae6dc044a717c0794a2e7385ef884df1
    [BSP] d6c90c8854d95033ec583d3a5ff86bb6 : Windows 7/8 MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[0]_S_05202014_201915.txt >>
    RKreport[0]_D_05182014_200906.txt;RKreport[0]_S_05182014_200859.txt;RKreport[0]_S_05182014_201141.txt




    RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/softwares/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Will [Admin rights]
    Mode : Scan -- Date : 05/20/2014 20:50:33
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 1 ¤¤¤
    [SUSP PATH] {5B6D3C2B-8295-4DB2-8E34-49CC9462A599}.exe -- C:\Users\Will\AppData\Local\Temp\{5B6D3C2B-8295-4DB2-8E34-49CC9462A599}.exe [7] -> KILLED [TermProc]

    ¤¤¤ Registry Entries : 0 ¤¤¤

    ¤¤¤ Scheduled tasks : 0 ¤¤¤

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ Browser Addons : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

    ¤¤¤ External Hives: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts




    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD1002FAEX-00Z3A0 ATA Device +++++
    --- User ---
    [MBR] ee6a1489f7fc1a935a9333f4dfc5e7a6
    [BSP] 1135aad6b1205dd7e94cad4423b0be4e : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ST2000DM001-1CH164 ATA Device +++++
    --- User ---
    [MBR] ae6dc044a717c0794a2e7385ef884df1
    [BSP] d6c90c8854d95033ec583d3a5ff86bb6 : Windows 7/8 MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[0]_S_05202014_205033.txt >>
    RKreport[0]_D_05182014_200906.txt;RKreport[0]_S_05182014_200859.txt;RKreport[0]_S_05182014_201141.txt
    RKreport[0]_S_05202014_201915.txt


    RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/softwares/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Will [Admin rights]
    Mode : Remove -- Date : 05/20/2014 20:50:37
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 1 ¤¤¤
    [SUSP PATH] {5B6D3C2B-8295-4DB2-8E34-49CC9462A599}.exe -- C:\Users\Will\AppData\Local\Temp\{5B6D3C2B-8295-4DB2-8E34-49CC9462A599}.exe [7] -> KILLED [TermProc]

    ¤¤¤ Registry Entries : 0 ¤¤¤

    ¤¤¤ Scheduled tasks : 0 ¤¤¤

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ Browser Addons : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

    ¤¤¤ External Hives: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts




    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD1002FAEX-00Z3A0 ATA Device +++++
    --- User ---
    [MBR] ee6a1489f7fc1a935a9333f4dfc5e7a6
    [BSP] 1135aad6b1205dd7e94cad4423b0be4e : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ST2000DM001-1CH164 ATA Device +++++
    --- User ---
    [MBR] ae6dc044a717c0794a2e7385ef884df1
    [BSP] d6c90c8854d95033ec583d3a5ff86bb6 : Windows 7/8 MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[0]_D_05202014_205037.txt >>
    RKreport[0]_D_05182014_200906.txt;RKreport[0]_S_05182014_200859.txt;RKreport[0]_S_05182014_201141.txt
    RKreport[0]_S_05202014_201915.txt;RKreport[0]_S_05202014_205033.txt

    Running MBAR
  14. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    Good. Go on...
  15. BurtonGuster

    BurtonGuster Newcomer, in training Topic Starter Posts: 23

    Malwarebytes Anti-Rootkit BETA 1.07.0.1009
    www.malwarebytes.org

    Database version: v2014.05.21.01

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16899
    Will :: GLADOS [administrator]

    5/20/2014 8:58:07 PM
    mbar-log-2014-05-20 (20-58-07).txt

    Scan type: Quick scan
    Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
    Scan options disabled:
    Objects scanned: 381255
    Time elapsed: 16 minute(s), 41 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    Physical Sectors Detected: 0
    (No malicious items detected)

    (end)

    System-log.txt

    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.07.0.1009

    (c) Malwarebytes Corporation 2011-2012

    OS version: 6.1.7601 Windows 7 Service Pack 1 x64

    Account is Administrative

    Internet Explorer version: 10.0.9200.16899

    Java version: 1.6.0_37

    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED, G:\ DRIVE_FIXED
    CPU speed: 2.808000 GHz
    Memory total: 17169440768, free: 13931347968

    Downloaded database version: v2014.05.21.01
    Downloaded database version: v2014.03.27.01
    Initializing...
    ======================
    ------------ Kernel report ------------
    05/20/2014 20:58:03
    ------------ Loaded modules -----------
    \SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kdcom.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\CLFS.SYS
    \SystemRoot\system32\CI.dll
    \SystemRoot\system32\drivers\81066758.sys
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\system32\drivers\ACPI.sys
    \SystemRoot\system32\drivers\WMILIB.SYS
    \SystemRoot\system32\drivers\msisadrv.sys
    \SystemRoot\system32\drivers\pci.sys
    \SystemRoot\system32\drivers\vdrvroot.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\system32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\system32\drivers\pciide.sys
    \SystemRoot\system32\drivers\PCIIDEX.SYS
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\system32\drivers\vmbus.sys
    \SystemRoot\system32\drivers\winhv.sys
    \SystemRoot\system32\drivers\atapi.sys
    \SystemRoot\system32\drivers\ataport.SYS
    \SystemRoot\system32\DRIVERS\jraid.sys
    \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
    \SystemRoot\system32\drivers\amdxata.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\system32\drivers\fileinfo.sys
    \SystemRoot\System32\Drivers\PxHlpa64.sys
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\msrpc.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\drivers\vmstorfl.sys
    \SystemRoot\system32\drivers\volsnap.sys
    \SystemRoot\System32\Drivers\spldr.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\hwpolicy.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\system32\DRIVERS\disk.sys
    \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
    \SystemRoot\system32\DRIVERS\avgrkx64.sys
    \SystemRoot\system32\DRIVERS\avgloga.sys
    \SystemRoot\system32\DRIVERS\avgmfx64.sys
    \SystemRoot\system32\DRIVERS\avgidsha.sys
    \SystemRoot\system32\DRIVERS\cdrom.sys
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\vga.sys
    \SystemRoot\System32\drivers\VIDEOPRT.SYS
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\System32\DRIVERS\RDPCDD.sys
    \SystemRoot\system32\drivers\rdpencdd.sys
    \SystemRoot\system32\drivers\rdprefmp.sys
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\system32\DRIVERS\avgtdia.sys
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\system32\DRIVERS\wfplwf.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\serial.sys
    \SystemRoot\system32\DRIVERS\wanarp.sys
    \SystemRoot\system32\drivers\termdd.sys
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\system32\drivers\mssmbios.sys
    \SystemRoot\System32\drivers\discache.sys
    \SystemRoot\system32\drivers\csc.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\DRIVERS\blbdrive.sys
    \SystemRoot\system32\DRIVERS\avgidsdrivera.sys
    \SystemRoot\system32\DRIVERS\avgdiska.sys
    \SystemRoot\SysWow64\drivers\AsIO.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\system32\DRIVERS\intelppm.sys
    \SystemRoot\system32\DRIVERS\nvlddmkm.sys
    \SystemRoot\System32\Drivers\nvBridge.kmd
    \SystemRoot\System32\drivers\dxgkrnl.sys
    \SystemRoot\System32\drivers\dxgmms1.sys
    \SystemRoot\system32\drivers\HDAudBus.sys
    \SystemRoot\system32\drivers\usbehci.sys
    \SystemRoot\system32\drivers\USBPORT.SYS
    \SystemRoot\system32\DRIVERS\Rt64win7.sys
    \SystemRoot\system32\drivers\1394ohci.sys
    \SystemRoot\system32\DRIVERS\ASACPI.sys
    \SystemRoot\system32\DRIVERS\serenum.sys
    \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    \SystemRoot\system32\drivers\wmiacpi.sys
    \SystemRoot\system32\drivers\CompositeBus.sys
    \SystemRoot\system32\DRIVERS\wacomvhid.sys
    \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\DRIVERS\rdpbus.sys
    \SystemRoot\system32\DRIVERS\kbdclass.sys
    \SystemRoot\system32\DRIVERS\mouclass.sys
    \SystemRoot\system32\DRIVERS\mcdbus.sys
    \SystemRoot\system32\drivers\swenum.sys
    \SystemRoot\system32\drivers\ks.sys
    \SystemRoot\system32\drivers\umbus.sys
    \SystemRoot\system32\DRIVERS\usbhub.sys
    \SystemRoot\system32\DRIVERS\mouhid.sys
    \SystemRoot\system32\DRIVERS\wacommousefilter.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\system32\drivers\nvhda64v.sys
    \SystemRoot\system32\drivers\portcls.sys
    \SystemRoot\system32\drivers\drmk.sys
    \SystemRoot\system32\drivers\ksthunk.sys
    \SystemRoot\system32\drivers\viahduaa.sys
    \SystemRoot\system32\DRIVERS\xusb21.sys
    \SystemRoot\system32\drivers\hidusb.sys
    \SystemRoot\system32\drivers\USBD.SYS
    \SystemRoot\system32\DRIVERS\usbccgp.sys
    \SystemRoot\system32\DRIVERS\cdfs.sys
    \SystemRoot\system32\DRIVERS\lvuvc64.sys
    \SystemRoot\System32\win32k.sys
    \SystemRoot\System32\drivers\Dxapi.sys
    \SystemRoot\system32\DRIVERS\kbdhid.sys
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\Drivers\dump_dumpata.sys
    \SystemRoot\System32\Drivers\dump_atapi.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\system32\DRIVERS\monitor.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\cdd.dll
    \SystemRoot\System32\ATMFD.DLL
    \SystemRoot\system32\drivers\luafv.sys
    \SystemRoot\system32\DRIVERS\lltdio.sys
    \SystemRoot\system32\DRIVERS\rspndr.sys
    \SystemRoot\system32\drivers\HTTP.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\drivers\peauth.sys
    \SystemRoot\System32\Drivers\secdrv.SYS
    \SystemRoot\System32\DRIVERS\srvnet.sys
    \SystemRoot\System32\drivers\tcpipreg.sys
    \SystemRoot\System32\DRIVERS\srv2.sys
    \SystemRoot\System32\DRIVERS\srv.sys
    \SystemRoot\system32\DRIVERS\LVPr2M64.sys
    \SystemRoot\system32\DRIVERS\asyncmac.sys
    \SystemRoot\system32\drivers\spsys.sys
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
    \Windows\System32\ntdll.dll
    \Windows\System32\smss.exe
    \Windows\System32\apisetschema.dll
    ----------- End -----------
    Done!
    <<<1>>>
    Upper Device Name: \Device\Harddisk1\DR1
    Upper Device Object: 0xfffffa800df99060
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\Ide\IdeDeviceP0T1L0-6\
    Lower Device Object: 0xfffffa800db89680
    Lower Device Driver Name: \Driver\atapi\
    <<<1>>>
    Upper Device Name: \Device\Harddisk0\DR0
    Upper Device Object: 0xfffffa800df98060
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
    Lower Device Object: 0xfffffa800db71060
    Lower Device Driver Name: \Driver\atapi\
    <<<2>>>
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa800df98060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa800dd448e0, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa800df98060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa800db8c520, DeviceName: Unknown, DriverName: \Driver\ACPI\
    DevicePointer: 0xfffffa800db71060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
    ------------ End ----------
    Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    Upper DeviceData: 0x0, 0x0, 0x0
    Lower DeviceData: 0x0, 0x0, 0x0
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    <<<2>>>
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
    <<<2>>>
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Done!
    Drive 0
    Scanning MBR on drive 0...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 8068784

    Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048 Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848 Numsec = 1953314816

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Disk Size: 1000204886016 bytes
    Sector size: 512 bytes

    Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1953505168-1953525168)...
    Done!
    Physical Sector Size: 512
    Drive: 1, DevicePointer: 0xfffffa800df99060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa800df98b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa800df99060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa800db6b580, DeviceName: Unknown, DriverName: \Driver\ACPI\
    DevicePointer: 0xfffffa800db89680, DeviceName: \Device\Ide\IdeDeviceP0T1L0-6\, DriverName: \Driver\atapi\
    ------------ End ----------
    Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
    Upper DeviceData: 0x0, 0x0, 0x0
    Lower DeviceData: 0x0, 0x0, 0x0
    Drive 1
    Scanning MBR on drive 1...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 231DC824

    Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048 Numsec = 3907024896

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Disk Size: 2000398934016 bytes
    Sector size: 512 bytes

    Done!
    Scan finished
    =======================================


    Removal queue found; removal started
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-I.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-I.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-I.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
    Removal finished
  16. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    Please download ComboFix from Here, Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
      If the connection is not there use restore point you created prior to running Combofix.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try the following...

    Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Download Rkill (courtesy of BleepingComputer.com) to your desktop.
    There are 2 different versions. If one of them won't run then download and try to run the other one.
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
    iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

    Restart computer in safe mode

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    When the scan is done Notepad will open with rKill.txt log.
    NOTE. rKill.txt log will also be present on your desktop.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
  17. BurtonGuster

    BurtonGuster Newcomer, in training Topic Starter Posts: 23

    ComboFix 14-05-19.01 - Will 05/20/2014 22:51:09.1.4 - x64
    Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.16374.13926 [GMT -5:00]
    Running from: c:\users\Will\Desktop\ComboFix.exe
    AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\install.exe
    c:\programdata\F6ED0288FE.sys
    c:\users\Mom\AppData\Local\cojpjewx.exe
    c:\users\Mom\AppData\Local\common_functions.dll
    c:\users\Mom\AppData\Local\ie_runner_app.exe
    c:\users\Mom\AppData\Local\sbxosmbv.exe
    c:\windows\SysWow64\tmpC162.tmp
    c:\windows\SysWow64\tmpC1F0.tmp
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    -------\Service_pcCMService
    .
    .
    ((((((((((((((((((((((((( Files Created from 2014-04-21 to 2014-05-21 )))))))))))))))))))))))))))))))
    .
    .
    2067-05-27 19:16 . 2012-08-06 17:23 1249280 ----a-w- c:\program files (x86)\Microsoft Games\Impossible Creatures\InsectMod.dll
    2067-05-22 02:35 . 2003-06-05 21:40 106496 ----a-w- c:\program files (x86)\Microsoft Games\Impossible Creatures\Filesystem.dll
    2014-05-21 04:00 . 2014-05-21 04:00 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
    2014-05-21 04:00 . 2014-05-21 04:00 -------- d-----w- c:\users\Mom\AppData\Local\temp
    2014-05-21 04:00 . 2014-05-21 04:00 -------- d-----w- c:\users\Guest\AppData\Local\temp
    2014-05-21 04:00 . 2014-05-21 04:00 -------- d-----w- c:\users\Default\AppData\Local\temp
    2014-05-21 01:58 . 2014-05-21 02:16 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
    2014-05-21 00:34 . 2014-05-21 00:34 -------- d-----w- C:\TDSSKiller_Quarantine
    2014-05-20 22:44 . 2014-05-06 05:14 97280 ----a-w- c:\windows\system32\mshtmled.dll
    2014-05-20 22:44 . 2014-05-06 05:14 19274752 ----a-w- c:\windows\system32\mshtml.dll
    2014-05-20 22:44 . 2014-05-06 03:37 2706432 ----a-w- c:\windows\system32\mshtml.tlb
    2014-05-20 22:44 . 2014-05-06 03:26 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2014-05-20 22:43 . 2013-12-21 09:39 600064 ----a-w- c:\windows\system32\vbscript.dll
    2014-05-20 22:43 . 2013-12-21 07:56 523776 ----a-w- c:\windows\SysWow64\vbscript.dll
    2014-05-19 01:28 . 2014-05-20 23:45 -------- d-----w- c:\users\Will\AppData\Local\CrashDumps
    2014-05-19 00:07 . 2014-05-19 00:07 -------- d-sh--w- c:\users\Will\AppData\Local\EmieUserList
    2014-05-19 00:07 . 2014-05-19 00:07 -------- d-sh--w- c:\users\Will\AppData\Local\EmieSiteList
    2014-05-18 18:59 . 2014-05-18 19:00 -------- d-----w- c:\users\Mom\AppData\Roaming\Abekewi
    2014-05-15 22:24 . 2014-05-15 22:24 -------- d-----w- c:\users\Will\AppData\Local\Unity
    2014-05-06 12:40 . 2014-05-14 08:29 -------- d-s---w- c:\windows\system32\CompatTel
    2014-04-29 23:58 . 2014-04-30 00:01 -------- d-----w- c:\users\Will\AppData\Local\SamuraiGunn
    2014-04-26 01:25 . 2014-04-26 01:25 -------- d-sh--w- c:\users\Mom\AppData\Local\EmieUserList
    2014-04-26 01:25 . 2014-04-26 01:25 -------- d-sh--w- c:\users\Mom\AppData\Local\EmieSiteList
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2014-05-21 01:58 . 2014-04-10 03:12 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2014-05-21 01:57 . 2014-04-10 03:02 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2014-05-14 08:03 . 2010-11-17 23:10 93223848 ----a-w- c:\windows\system32\MRT.exe
    2014-05-13 20:18 . 2012-05-30 13:32 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2014-05-13 20:18 . 2011-07-02 14:02 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-04-18 20:01 . 2014-04-18 20:01 237336 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
    2014-04-15 07:34 . 2014-04-15 07:34 1070232 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
    2014-04-03 14:51 . 2014-04-10 03:02 63192 ----a-w- c:\windows\system32\drivers\mwac.sys
    2014-04-03 14:50 . 2012-09-13 04:10 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
    2014-03-31 21:20 . 2014-03-31 21:20 274200 ----a-w- c:\windows\system32\drivers\avgtdia.sys
    2014-03-31 21:06 . 2014-03-31 21:06 130840 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
    2014-03-28 03:14 . 2014-03-28 03:14 192792 ----a-w- c:\windows\system32\drivers\avgidsha.sys
    2014-03-28 03:14 . 2014-03-28 03:14 153368 ----a-w- c:\windows\system32\drivers\avgdiska.sys
    2014-03-28 03:07 . 2014-03-28 03:07 236824 ----a-w- c:\windows\system32\drivers\avgldx64.sys
    2014-03-28 03:05 . 2014-03-28 03:05 324376 ----a-w- c:\windows\system32\drivers\avgloga.sys
    2014-03-28 03:03 . 2014-03-28 03:03 32536 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
    2014-03-04 21:11 . 2010-11-10 01:30 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
    2014-03-04 21:11 . 2010-11-09 14:03 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
    2014-03-04 09:44 . 2014-04-08 23:31 362496 ----a-w- c:\windows\system32\wow64win.dll
    2014-03-04 09:44 . 2014-04-08 23:31 243712 ----a-w- c:\windows\system32\wow64.dll
    2014-03-04 09:44 . 2014-04-08 23:31 13312 ----a-w- c:\windows\system32\wow64cpu.dll
    2014-03-04 09:44 . 2014-04-08 23:31 16384 ----a-w- c:\windows\system32\ntvdm64.dll
    2014-03-04 09:44 . 2014-04-08 23:31 1163264 ----a-w- c:\windows\system32\kernel32.dll
    2014-03-04 09:17 . 2014-04-08 23:31 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
    2014-03-04 09:17 . 2014-04-08 23:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
    2014-03-04 09:16 . 2014-04-08 23:31 25600 ----a-w- c:\windows\SysWow64\setup16.exe
    2014-03-04 09:16 . 2014-04-08 23:31 5120 ----a-w- c:\windows\SysWow64\wow32.dll
    2014-03-04 08:09 . 2014-04-08 23:31 7680 ----a-w- c:\windows\SysWow64\instnm.exe
    2014-03-04 08:09 . 2014-04-08 23:31 2048 ----a-w- c:\windows\SysWow64\user.exe
    2014-03-02 18:40 . 2010-11-09 14:03 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
    2014-02-20 23:14 . 2014-02-20 23:14 15453904 ----a-w- c:\windows\SysWow64\xlive.dll
    2014-02-20 23:14 . 2014-02-20 23:14 13642960 ----a-w- c:\windows\SysWow64\xlivefnt.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Spotify Web Helper"="c:\program files (x86)\Spotify\Data\SpotifyWebHelper.exe" [2012-11-04 1199576]
    "AdobeBridge"="" [BU]
    "f.lux"="c:\users\Will\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-15 1016712]
    "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-06-21 802136]
    "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-24 2245120]
    "TurboV EVO"="c:\program files\ASUS\TurboV EVO\TurboV_EVO.exe" [2009-08-21 7256576]
    "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736]
    "AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-04-07 5180432]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
    "googletalk"="c:\program files (x86)\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
    .
    c:\users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    CurseClientStartup.ccip [2012-12-13 0]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
    R1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys;c:\windows\SYSNATIVE\DRIVERS\EIO64.sys [x]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
    R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
    R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]
    R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
    R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys;c:\windows\SYSNATIVE\drivers\libusb0.sys [x]
    R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys;c:\windows\SYSNATIVE\DRIVERS\lvpopf64.sys [x]
    R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
    R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
    R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys;c:\windows\SYSNATIVE\DRIVERS\wacmoumonitor.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
    S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
    S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
    S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
    S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
    S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
    S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
    S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [x]
    S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
    S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
    S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe;c:\asus.sys\config\DVMExportService.exe [x]
    S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
    S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x]
    S2 pcCMService64;pcCMService64;c:\program files\Common Files\Motive\pcCMService.exe;c:\program files\Common Files\Motive\pcCMService.exe [x]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
    S2 TabletServiceWacom;TabletServiceWacom;c:\program files\Tablet\Wacom\Wacom_Tablet.exe;c:\program files\Tablet\Wacom\Wacom_Tablet.exe [x]
    S2 TouchServiceWacom;Wacom Professional Touch Service;c:\program files\Tablet\Wacom\Wacom_TouchService.exe;c:\program files\Tablet\Wacom\Wacom_TouchService.exe [x]
    S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
    S3 LVUVC64;Logitech Webcam 250(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
    S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - WS2IFSL
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
    start [BU]
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2014-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-30 20:18]
    .
    2014-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-11 23:30]
    .
    2014-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-11 23:30]
    .
    2014-05-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2259775512-1353646028-2121886952-1000Core.job
    - c:\users\Will\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-18 01:17]
    .
    2014-05-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2259775512-1353646028-2121886952-1000UA.job
    - c:\users\Will\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-18 01:17]
    .
    2014-05-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2259775512-1353646028-2121886952-1005Core.job
    - c:\users\Mom\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-20 12:46]
    .
    2014-05-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2259775512-1353646028-2121886952-1005UA.job
    - c:\users\Mom\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-20 12:46]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://search.yahoo.com/?type=714647&fr=spigot-yhp-ie
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
    Trusted Zone: $talisma_url$
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    TCP: DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{86C2E2F0-8AB8-4F29-B87E-5A1402715145}: NameServer = 192.168.1.254
    FF - ProfilePath -
    .
    - - - - ORPHANS REMOVED - - - -
    .
    URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
    Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    SafeBoot-89492018.sys
    WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    AddRemove-Command & Conquer - c:\program\EA GAMES\Uninstal.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-2259775512-1353646028-2121886952-1000\Software\SecuROM\License information*]
    "datasecu"=hex:89,a1,3c,e5,30,20,f5,8d,55,2f,7e,95,1d,e8,fd,b2,93,0f,a6,88,24,
    58,7c,e7,76,96,c8,f4,65,0e,ed,38,40,e4,c9,e9,b1,a9,7b,53,32,60,ec,1a,6d,c2,\
    "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
    "Version"=hex:25,1b,c0,1a,90,c9,a2,41,24,a0,d2,cf,ee,2c,ed,c4,74,f2,b3,cb,37,
    da,0f,d3,1d,86,13,31,f7,cf,1b,c4,b3,54,9f,ae,24,d6,69,b1,55,48,1e,1b,36,58,\
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.13"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
    @="?????????????????? v1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
    @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
    @="?????????????????? v2"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
    @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
    c:\windows\SysWOW64\PnkBstrA.exe
    c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    c:\program files\ASUS\TurboV EVO\TurboVHELP.exe
    c:\program files\ASUS\Six Engine\SixEngine.exe
    c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    .
    **************************************************************************
    .
    Completion time: 2014-05-20 23:09:06 - machine was rebooted
    ComboFix-quarantined-files.txt 2014-05-21 04:09
    ComboFix2.txt 2014-05-19 01:45
    .
    Pre-Run: 11,158,429,696 bytes free
    Post-Run: 10,766,290,944 bytes free
    .
    - - End Of File - - 9F0CE573E5A4D7FECBC36A50EEAEC6BC
    A36C5E4F47E84449FF07ED3517B43A31
  18. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    Looks good.

    [​IMG] Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.

    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.

    [​IMG] Download OTL to your Desktop.
    Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox.
    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
  19. BurtonGuster

    BurtonGuster Newcomer, in training Topic Starter Posts: 23

    Here the adware cleaner report. I'll post the JRT and
    OTL in the next reply.

    # AdwCleaner v3.210 - Report created 22/05/2014 at 18:53:25
    # Updated 19/05/2014 by Xplode
    # Operating System : Windows 7 Enterprise Service Pack 1 (64 bits)
    # Username : Will - GLADOS
    # Running from : C:\Users\Will\Desktop\adwcleaner_3.210.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Program Files (x86)\Upromise
    Folder Deleted : C:\Users\Will\AppData\LocalLow\AVG Security Toolbar
    Folder Deleted : C:\Users\Will\AppData\Roaming\Search Protection

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\AppID\CptUrlPassthru.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\dca-api.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\dca-bho.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor
    Key Deleted : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor.1
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A57F7191-1E7F-4852-BAAF-F80A43E2687A}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{DBBBC528-9C8C-4051-9187-ED6F01A457C9}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{DD7C44CC-0F60-4FD9-A38F-5CF30D698AC2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60260024-AA48-4A2F-84DA-2C2DCB24AAD0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022342291}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033343391}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066346691}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077347791}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A57F7191-1E7F-4852-BAAF-F80A43E2687A}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C8758BC4-4581-48C7-BA38-C1A650477AE9}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066346691}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077347791}
    Key Deleted : HKCU\Software\AVG Security Toolbar
    Key Deleted : HKCU\Software\installedbrowserextensions
    Key Deleted : HKCU\Software\YahooPartnerToolbar
    Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
    Key Deleted : HKLM\Software\CompeteInc
    Key Deleted : HKLM\Software\DeviceVM
    Key Deleted : HKLM\Software\TENCENT
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99AD9D6D-A456-49EE-8360-F22EE7AA1272}
    Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM

    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16866


    -\\ Google Chrome v

    [ File : C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    [ File : C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [5986 octets] - [22/05/2014 18:47:08]
    AdwCleaner[S0].txt - [5828 octets] - [22/05/2014 18:53:25]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5888 octets] ##########
  20. BurtonGuster

    BurtonGuster Newcomer, in training Topic Starter Posts: 23

    JTR:
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.4 (04.06.2014:1)
    OS: Windows 7 Enterprise x64
    Ran by Will on Thu 05/22/2014 at 19:19:01.61
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Thu 05/22/2014 at 19:24:00.02
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    OTL

    OTL.txt
    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 21:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 21:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== LOP Check ==========

    [2012/10/13 10:45:51 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
    [2012/10/13 10:45:51 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
    [2014/05/18 14:00:30 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Abekewi
    [2013/05/29 09:46:13 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\AVG
    [2013/11/01 18:21:28 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\AVG2014
    [2012/09/25 11:52:28 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\TuneUp Software
    [2013/11/19 16:00:04 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\.minecraft
    [2010/12/25 00:39:50 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\AnvSoft
    [2013/05/29 16:40:36 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\AVG
    [2013/10/28 19:46:02 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\AVG2014
    [2012/07/01 19:32:34 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Beat Hazard
    [2014/01/16 16:06:28 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Bioshock
    [2013/09/16 20:34:31 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Crazy Viking Studios
    [2013/04/06 11:01:31 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Curse Advertising
    [2013/07/24 17:33:53 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\FEZ
    [2011/07/23 13:50:47 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\fltk.org
    [2012/09/09 15:59:58 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\gd.sos.McPixel
    [2012/10/11 20:55:57 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\gnupg
    [2012/10/31 21:21:19 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Greyfirst
    [2011/06/25 19:23:41 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Hi-Rez Studios
    [2010/10/21 18:31:30 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Leadertech
    [2012/03/08 14:11:51 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\LolClient
    [2013/06/30 19:09:46 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\MinMaxGames
    [2010/10/21 00:04:42 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Mount&Blade
    [2011/01/03 23:21:51 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\mts
    [2014/05/10 23:07:02 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Mumble
    [2010/12/15 20:37:13 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Mumble(PR Edition)
    [2013/06/26 20:22:44 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\obscureworlds
    [2013/07/08 19:57:09 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\PACE Anti-Piracy
    [2014/02/22 15:57:44 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Project Reality
    [2013/06/27 21:53:26 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Rogue Legacy
    [2013/10/29 11:23:44 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Running with rifles
    [2011/09/19 19:09:06 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Spadille
    [2013/09/10 14:58:56 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Spotify
    [2011/08/31 22:24:43 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Subversion
    [2012/08/28 19:37:46 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\SystemRequirementsLab
    [2014/04/01 18:33:12 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\TheBannerSaga
    [2013/02/21 00:50:54 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\TS3Client
    [2013/03/25 20:29:15 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\TuneUp Software
    [2012/08/04 15:01:09 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Ubisoft
    [2014/05/22 19:01:35 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\uTorrent

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 1306 bytes -> C:\ProgramData\Microsoft:CiRT5JXt8tgBQuA0q9R8wnq
    @Alternate Data Stream - 1303 bytes -> C:\Users\Will\AppData\Local\Temp:Grivf5VFq0PAiFiYvx1t
    @Alternate Data Stream - 1133 bytes -> C:\ProgramData\Microsoft:BUuMjaD2PcCvKPo2SZzJvQpQQ
    @Alternate Data Stream - 1132 bytes -> C:\Program Files\Common Files\System:8XRhb9YZ1xSAqEu3U4xOQ9MjeIAB4i

    < End of report >

    Extras.txt from OTL in the next reply.
  21. BurtonGuster

    BurtonGuster Newcomer, in training Topic Starter Posts: 23

    OTL Extras.txt

    OTL Extras logfile created on: 5/22/2014 7:48:24 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = G:\Downloads
    64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16866)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    15.99 Gb Total Physical Memory | 12.96 Gb Available Physical Memory | 81.04% Memory free
    31.98 Gb Paging File | 28.47 Gb Available in Paging File | 89.03% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 931.41 Gb Total Space | 2.12 Gb Free Space | 0.23% Space Free | Partition Type: NTFS
    Drive F: | 2.20 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
    Drive G: | 1863.01 Gb Total Space | 1099.47 Gb Free Space | 59.02% Space Free | Partition Type: NTFS

    Computer Name: GLADOS | User Name: Will | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{07B46331-E86E-47F6-ADA5-4A261D003254}" = rport=445 | protocol=6 | dir=out | app=system |
    "{08202848-D0B4-402B-82C6-4AEBDB19677A}" = lport=137 | protocol=17 | dir=in | app=system |
    "{0F36DF55-B77E-4B0C-8D30-2C6C74FB823A}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
    "{11F6D13E-93A2-43A5-9D7A-977ACA88D900}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
    "{13A74864-5397-441F-BE50-CDB47BBDD947}" = lport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service\intuitupdater.exe |
    "{18C814D6-FF83-4742-AD32-FE1685B2F0B5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{1AEBA757-6A46-49B9-AA0C-8611FB71674C}" = lport=445 | protocol=6 | dir=in | app=system |
    "{1E01590F-4A78-4C2F-B781-362638C746F7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{23111302-6617-4DF7-BEA1-3525D6BCA106}" = rport=138 | protocol=17 | dir=out | app=system |
    "{300FB273-0F7E-47E6-9553-ECFBD7A75C71}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{35F34631-47FA-46F8-BC4F-449D700EF708}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{3644F067-8F69-42C7-9B34-6090438ABB25}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{3B12E8BE-8322-4BF0-899A-BB4841542E85}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
    "{42068723-0FCB-44FB-959D-8EABABDCFFD5}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{432498F7-3BA6-42BE-833C-D9E90FACD9E1}" = lport=57396 | protocol=17 | dir=in | name=pando media booster |
    "{50C3C900-7D1A-4E69-AD8D-546E088EB807}" = rport=80 | protocol=6 | dir=out | app=c:\users\will\appdata\local\warframe\downloaded\public\tools\launcher.exe |
    "{515F0A4B-6F4B-4A93-93C8-75677BD62D23}" = rport=139 | protocol=6 | dir=out | app=system |
    "{5AE9D0CE-1D0E-4C32-B9A1-E8E1172BC806}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
    "{5E3F9C89-9224-4DC8-8E05-8277B1768481}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{5EDAD996-3E95-4BDB-B734-847287267B86}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{61F33766-2B41-4DC6-82A1-E3A86B4B7F20}" = rport=137 | protocol=17 | dir=out | app=system |
    "{6812C285-7628-4A9B-AF9A-0AF97A2FC686}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{69F83030-F5F9-4B0C-9C4F-D94A6503419B}" = lport=3960 | protocol=17 | dir=in | app=g:\\downloaded\public\warframe.exe |
    "{6A6E5088-7CBC-497B-A5C7-7DFEB17B1AB0}" = lport=3960 | protocol=17 | dir=in | app=g:\\downloaded\public\warframe.x64.exe |
    "{6E0C9E35-93D0-4559-B087-EDACC84171B6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{6EA8E558-0095-46E2-93CD-2CEA60C42BBC}" = rport=80 | protocol=6 | dir=out | app=g:\\downloaded\public\warframe.x64.exe |
    "{7082D7EC-A10F-4D15-AA7E-6C5C352348FD}" = lport=57396 | protocol=17 | dir=in | name=pando media booster |
    "{76BD4F19-C0B4-41FB-9ACA-D3B6A9D33170}" = lport=57396 | protocol=6 | dir=in | name=pando media booster |
    "{8EAC9D8B-AF50-4F96-B41B-F09CD5E810E0}" = lport=443 | protocol=6 | dir=in | name=war thunder |
    "{8F2116AF-CCFD-46A8-977F-4F12B7597B19}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
    "{9068EEF2-C6BF-475E-883A-57A788547DBD}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
    "{96BF30DE-F607-4B06-B6AD-E71705C7603A}" = rport=80 | protocol=6 | dir=out | app=g:\\downloaded\public\warframe.exe |
    "{9AE9CAFF-5B53-4182-8CB4-BE8771C7DC93}" = lport=138 | protocol=17 | dir=in | app=system |
    "{9E49FA89-5F0C-4BEC-811F-39BB3FA9F6EA}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
    "{A0A5509E-7E19-4E61-9664-997F579E1BF7}" = lport=139 | protocol=6 | dir=in | app=system |
    "{A5260DFD-7968-4BD7-A7F9-7F5EEC6B25CE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{A61C9A2B-1730-44B4-B77D-E0428B065158}" = lport=80 | protocol=6 | dir=in | name=war thunder |
    "{C3DB601D-803B-46E2-8574-064F4D3A3522}" = lport=3960 | protocol=17 | dir=out | app=g:\\downloaded\public\warframe.exe |
    "{CA064497-3608-4E0D-A50A-24A34EDD2A0D}" = lport=25565 | protocol=6 | dir=in | name=minecraft server |
    "{CFB8192A-4BA8-4322-AC0C-FEF471E16A9F}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{D0B4B9F2-BB32-4B0C-941D-1B2C61A0272D}" = lport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service\intuitupdateservice.exe |
    "{D3968301-827F-4DE1-8E43-2FDAA91186A4}" = lport=3960 | protocol=17 | dir=out | app=g:\\downloaded\public\warframe.x64.exe |
    "{D9270F30-B1F6-4AE0-96A3-84777EC8EEAE}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
    "{E72B4AB9-FFA7-4EDE-A36C-BFE123A47225}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
    "{E7E336FF-06BA-43CB-AF2B-07D0C99BFAEF}" = lport=57396 | protocol=6 | dir=in | name=pando media booster |
    "{E8484596-CE41-4503-AC54-AF70FAC7D510}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{E8C4A795-8C7A-42A0-81AE-749B2DD35292}" = rport=80 | protocol=6 | dir=out | app=c:\users\will\appdata\local\warframe\downloaded\public\tools\remotecrashsender.exe |
    "{EAC60F79-CBE2-4AE5-8FAF-6201366080DA}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
    "{F6010900-2B1E-456E-9A52-7506B34D3414}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{F91AE164-6C37-4C9B-82E5-ADC8E6A25569}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{00DAA603-B9CA-4910-9EEF-ABD22F2AE5F9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{00E1EBB4-5613-4A90-ACCD-A5A3497BDFF4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe |
    "{00ED7B22-2519-442C-A082-3AA29AB8EA39}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
    "{01FE49BA-3469-40CF-B10A-D1C074443900}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
    "{022258C2-466A-4922-813F-DA89430FD91D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
    "{02912A5D-B539-4715-928F-16255FBCAEE4}" = protocol=17 | dir=in | app=g:\war thunder\launcher.exe |
    "{0351D7BE-7B13-441D-8142-A028C0433DA3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect\binaries\masseffect.exe |
    "{035A9109-A96F-4005-8EAB-8D7C904D8A68}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war gold\w40kwa.exe |
    "{0501F158-E75E-4D34-B137-5D78B09ABD29}" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2.exe |
    "{055DAF47-6358-4809-9872-2F570105F802}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war gold\w40kwa.exe |
    "{058D4D5D-7131-44D5-81CB-D67F84B6D8E9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
    "{06204729-7148-4840-B33C-263F99F76F5D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
    "{06EE529F-13F5-4EA2-87AE-61357116F007}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
    "{072C42C8-B7A7-45C7-B232-1418CFD24823}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
    "{075E661C-7ED0-427C-B381-B6CFAFBCD5EC}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
    "{080A368D-2DF8-4D74-8CC6-E00A77416BE7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
    "{08C50CA1-6D4C-4618-886D-810294EAE2FA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{0A7F0C04-6714-444D-90E3-973778FC3403}" = protocol=17 | dir=in | app=g:\steamlibrary\steamapps\common\the stanley parable\stanley.exe |
    "{0B394FA8-ADA9-435A-A74E-CD0D7C729089}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe |
    "{0BBADBD3-C2EC-45B8-AE24-91FEC0646EE9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\proteus\proteus.exe |
    "{0CAD3449-0AA5-48B0-8CFA-5BAB176CD5CD}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
    "{0CD55721-08CA-4FF7-9FC0-F14263F459D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\solidstick320\garrysmod\hl2.exe |
    "{0E0A4DB2-B1E5-4975-9F26-8221C18A4FD8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\state of decay\stateofdecay.exe |
    "{10A1C661-60C4-439C-9750-E2B8156D4072}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
    "{10B94ADF-9E81-4B64-B29F-F3F332405D68}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe |
    "{1131DB97-C3CA-4A25-AB9D-307DB4717705}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
    "{13C6B544-EA0E-41A7-B12E-5770E5EDBC47}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
    "{13EC4D8F-21C5-4946-978B-39974005303A}" = protocol=6 | dir=in | app=g:\steamlibrary\steamapps\common\the stanley parable\stanley.exe |
    "{14B166D4-06C8-4AE0-9040-0404C9FEC72F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
    "{14FAB86F-32B3-473C-B9A8-B8E3F82423DA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\proteus\proteus.exe |
    "{159255FF-425B-40A1-861D-3A3895B1AECD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
    "{159915D8-C0B5-4B62-A420-1D789378C954}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe |
    "{168DFA67-D3CA-476E-AEA9-7DFB4E5C076E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
    "{17B0FC6D-1FAE-45FA-8697-BE4BD17C2AA8}" = protocol=6 | dir=in | app=g:\steamlibrary\steamapps\common\sins of a solar empire rebellion\sins of a solar empire rebellion.exe |
    "{19A440B5-1789-42C7-9133-5D58B7E5C728}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
    "{19CB5B22-C5CD-4E17-9F0B-408141BDECF4}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
    "{19E605DC-93A9-41C6-9579-EDDEC098D341}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
    "{1A3BB4D2-3B95-4468-8169-617A063161C6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{1BB3E6EA-1BB0-4129-A36C-AF2C26D35DB9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\proteus\proteus.exe |
    "{1D25EDC2-EAB0-4ED6-9F47-A75491CF697E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\return to castle wolfenstein\wolfmp.exe |
    "{1E37C360-CCFF-4DD9-9740-6F1EDE59D07C}" = protocol=17 | dir=in | app=g:\steamlibrary\steamapps\common\the stanley parable\stanley.exe |
    "{1E837F3E-633C-490C-80A5-6460A233F24C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
    "{1E8C941C-521B-42B1-A391-A5647486D775}" = protocol=6 | dir=out | app=system |
    "{1F49DE24-AEEA-42CB-A318-19167165319A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
    "{1F55D2B8-AB4C-4F04-9913-28658D244955}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
    "{1F72357F-FE1F-499A-B14B-2535A0285982}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\return to castle wolfenstein\wolfsp.exe |
    "{22A44CAF-C7BB-477A-B5FF-565BB5D79E1C}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{2406B01A-58F9-43CA-BDB4-AB0E621D5DB7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3bdupdatersteam.exe |
    "{250AA6B9-7425-4441-9A5B-E831D28FE5ED}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
    "{263835A8-D3C4-4B5D-9723-5380CF0D952A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
    "{26A4C5AB-6989-4949-BEC1-2951AEDD09D7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
    "{26B8BFF2-87A2-4171-87A3-84DD152570A0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\return to castle wolfenstein\wolfsp.exe |
    "{27A67F9E-58DC-49EF-AA5E-9606139583DD}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
    "{28749194-5FA1-4930-BF92-AD47F7348F4A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
    "{29573B8D-9D0D-43CA-96E9-FFE2B3D8AD53}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\oil rush\launcher_steam.bat |
    "{29AE283D-8CF6-4DCC-A63C-E850CC72539B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
    "{2AAE9D87-E33B-46DB-BFF1-599576AB3234}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thomaswasalone\thomaswasalone.exe |
    "{2B7620FB-6327-49F5-94FC-C5C8D0E97E09}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman blood money\hitmanbloodmoney.exe |
    "{2BAB79B2-267D-4325-956F-883126BE9968}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\docs\ea help\electronic_arts_technical_support.htm |
    "{2BD4CC6C-CFFE-4B61-AC5E-77FF3FB3853B}" = protocol=6 | dir=in | app=g:\steamlibrary\steamapps\common\risk of rain\risk of rain.exe |
    "{2C0F9AC2-7CF7-41F5-B15D-C2DC7CD83C29}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
    "{2C152935-4895-47A4-BC21-865382EDDFC2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
    "{2D7790AE-6CF3-42CF-AB02-D1E41BE6A830}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman blood money\configure.exe |
    "{2DFAFDD5-DA45-48E1-8B87-B9F8FC207BE2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\state of decay\stateofdecay.exe |
    "{2EB3B020-2EF0-40F8-ADF7-204E4C5B86B4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{2EDA9AE3-AB3B-4B34-9B36-3B2866015242}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
    "{2F54C6AD-E0F4-4C28-A70C-3CF7F399EA20}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
    "{3167115B-EF47-4638-905E-C4AC3B5A6D42}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
    "{31C5AA3D-7818-4520-A491-E88BBC4B329A}" = protocol=17 | dir=in | app=g:\steamlibrary\steamapps\common\risk of rain\risk of rain.exe |
    "{3274D2E1-22DA-4B2E-A823-DA8D86957357}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
    "{3389F1A2-4307-4FE8-944C-B6A4DB2388C9}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
    "{33F5B813-C95B-4C59-B6ED-58DD746B9210}" = protocol=17 | dir=in | app=g:\steamlibrary\steamapps\common\overlord\overlord.exe |
    "{36342A8F-3509-4750-A07B-32B76FE72F9A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
    "{36E37BFB-72AF-478B-9501-455FC6C6727A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
    "{3737D0A1-C2B6-4BD2-BC70-236FE2313140}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher 2\launcher.exe |
    "{376F99BC-7321-4995-93A5-6CB5ED7CD5C8}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{38460981-D681-4F6E-8D2F-8864EE94837B}" = dir=in | app=c:\users\will\documents\the war z\infestation.exe |
    "{39A514C7-C831-4497-B898-12AB74A01423}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
    "{39B170EF-92A4-4445-855D-1448B9838B5D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
    "{3ACDABB0-E87A-4D1B-81EC-B4FB6913E811}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
    "{3B101B0B-2AD5-4C06-97F7-DCD0173832D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher 2\launcher.exe |
    "{3C33F7D5-51FE-4012-BD1D-C9ED4DC7CB3A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
    "{3CEA96F8-64C9-4B91-AC2B-3BE4957F9A80}" = protocol=17 | dir=in | app=g:\steamlibrary\steamapps\common\sins of a solar empire rebellion\sins of a solar empire rebellion.exe |
    "{3DC6D682-06B1-4E9D-BE10-C7936AB967E7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
    "{3E40CC3E-143C-4E31-BCC3-1D6A6F8D3400}" = protocol=17 | dir=in | app=g:\steamlibrary\steamapps\common\alan wake\alanwake.exe |
    "{3F42939A-C56C-48C6-A00B-611B272BB155}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount and blade\runme.exe |
    "{3FBBEF0B-2CEE-42C8-BE74-4520FD1D30B0}" = protocol=58 | dir=in | app=system |
    "{40C45F0B-C914-45F5-9E55-A5A01F09B8B7}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
    "{41042632-2F5A-471C-8AD2-185AD3DFFEA2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
    "{42E6D98B-751C-4BD4-B005-31E4765DE7F2}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{438848A3-F675-43A2-BA14-ACC1D8E6F74A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{4388A84F-8963-45E9-9D7A-4DEE0FE4E94E}" = protocol=6 | dir=in | app=g:\steamlibrary\steamapps\common\risk of rain\risk of rain.exe |
    "{43984EC2-01F3-4B3C-AC01-AC92CD0C3BF7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{44D589A6-38EC-4B80-A20A-CD50C46A8629}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
    "{45B67A87-3346-42FC-A200-6E9595201F3B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
    "{45CBECA9-E5C4-456B-83C7-4F611BF473BA}" = protocol=6 | dir=in | app=g:\steamlibrary\steamapps\common\risk of rain\risk of rain.exe |
    "{468F4FC1-6B8C-479A-AA22-D97610D2CAF2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
    "{4874A65B-D831-4633-9A58-BEB952AE98B2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
    "{49A5696C-09A4-4E13-9FB9-603C80CB9B68}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
    "{49D6C387-546B-41A2-9D75-1C325E809E81}" = protocol=6 | dir=in | app=g:\steamlibrary\steamapps\common\risk of rain\risk of rain.exe |
    "{4A7745F9-4B02-4456-910E-C9758A29479D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
    "{4AE568D0-4506-4442-9659-57B95DC50870}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
    "{4B94FC79-123B-4038-9511-9C8EC387DA1C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
    "{4C725B5B-E0F0-4C8B-A75C-2BE1F6246232}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
    "{4E27C699-A05D-4DDC-83E2-5B32FC30C075}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
    "{4E90254E-2A6D-4DF8-9707-9B97F52A5C91}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
    "{4F5DC966-9B50-4438-97DF-4C42D92F48C8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
    "{50039597-577B-4073-AAFB-5E56942398C6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rising storm beta\binaries\win32\rogame.exe |
    "{509C267D-2BF2-46B7-A1E6-A27A421A2582}" = protocol=17 | dir=in | app=g:\steamlibrary\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
    "{513BEE18-9244-4F12-A2AC-CE7F6D840F1A}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-downloader.exe |
    "{52348F8A-7FB9-46F2-B92A-00F2AB4A4ABC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\launcher.exe |
    "{52479B6F-4EE9-42AB-A676-C406CC288D8F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\state of decay\stateofdecay.exe |
    "{5297218B-A5A5-4250-A1D3-1D506704FC49}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
    "{52E7C44E-A8AB-4EF9-AAF0-3910BBE9E8F6}" = protocol=17 | dir=in | app=c:\users\will\appdata\local\apps\2.0\x87wrdle.2lo\7p41ye80.3dc\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\curseclient.exe |
    "{539EB586-83AB-464A-B327-DE58968F1E5F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\oblivion\oblivionlauncher.exe |
    "{549536DE-77DC-403A-8E0F-BF5C1ECCA5DF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
    "{55448AF8-EF6F-4C8A-9809-44E6553D5927}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
    "{555F225D-436B-487C-8F65-679CD7CE87B6}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{559CF19D-C2D2-4F79-9893-691A9F90052F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
    "{5651E54F-1DDC-4155-AD23-6BB91F82EE6C}" = dir=in | app=c:\program files (x86)\ea games\battlefield 2\prbf2.exe |
    "{574B9B39-095D-4C01-8684-9C1410BCF36A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
    "{57A63ECF-A660-4EFE-8EF1-269C320438DB}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
    "{57B9681E-71D7-4B17-9120-9C5652A049BF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
    "{582C28DD-39A5-4C1C-9B0B-D98720205DE7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{5845F5CC-1DBB-4FF4-AC58-30ADF3C62BA4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
    "{58649138-5ABD-4450-B626-D749017ADF0A}" = protocol=17 | dir=in | app=g:\steamlibrary\steamapps\common\risk of rain\risk of rain.exe |
    "{58923579-663D-426F-86FE-64520B43AA62}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
    "{58FF8DB0-218E-458C-9527-0D1CFF1FEF83}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\solidstick320\half-life\hl.exe |
    "{5BD75832-CE49-45AB-8CE2-1307F50D0C6C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\state of decay\stateofdecay.exe |
    "{5CC41273-2CFE-4F02-A35D-CB647783A84A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{5CCC8F67-BB1C-4371-A9BE-CAE5F1FE66EA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
    "{5EA696D3-3006-435A-8FBD-35318F13854D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
    "{5EE10823-8876-4696-9CD4-146DAFE00D12}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
    "{5EF10393-CBE4-49E2-B70D-1A49EC3484A1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
    "{6155951F-9EE8-4A29-8984-2B9764A3DBE7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
    "{6243375B-3ACF-45A1-B034-0233E90F72BF}" = dir=in | app=c:\program files (x86)\ea games\battlefield 2\mods\pr\bin\prmumble\prmumble.exe |
    "{627F4F80-0144-4C94-A3E8-9AE9FDA7B2ED}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
    "{62B25E56-0560-424D-B0FD-B78D9DCB692E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\eufloria\eufloria.exe |
    "{62E92684-188B-4418-8980-182BF1E02BC5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
    "{637120EA-33B3-4504-8595-A858A1C38E44}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
    "{64C8D704-A6A1-43F8-B372-EDF748267B0D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
    "{659853AA-AD07-4409-ABD1-8EEA2EE6F980}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbsp.exe |
    "{65E66AB4-4D1A-44ED-B93B-02487D0BCC26}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3bdupdatersteam.exe |
    "{66263A18-481C-4195-B79F-257CA98B30BA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war gold\w40k.exe |
    "{670159CE-99C7-465A-8BC7-AA06A2BF2DDE}" = protocol=17 | dir=in | app=g:\steamlibrary\steamapps\common\risk of rain\risk of rain.exe |
    "{6878C840-6D8D-4CF0-9F25-24802B90865A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
    "{692C29F6-B67A-403D-A7D2-1F0C35E46680}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
    "{696568FC-6CF7-4FFD-96E5-51AE891504C4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
    "{69854E47-9AA5-4C85-91AB-8D177B769EED}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
    "{6A23BAE5-B8D7-4EC6-BDCC-95C934391C4B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
    "{6A555A64-3096-446F-BA1B-B42D850A63EF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{6B69FF11-F8AA-44B9-A06D-FF226FC18F40}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe |
    "{6BAD57BD-686F-4297-B1B7-A3C37382B1C8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{6BEB029E-7325-464F-AED3-5E4206F3C49E}" = protocol=17 | dir=in | app=g:\steamlibrary\steamapps\common\volgarr\volgarr.exe |
    "{6C081BD5-4B0E-4944-A005-EB796A073859}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
    "{6C726B0A-FE71-469E-BD6D-AD2B10BDE2F5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon.exe |
    "{6D00CDC5-7239-48BA-A8D0-DDFC4AF4A059}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
    "{6E533A80-78E9-418A-9EAD-65C35587F63A}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
    "{6EBD3A00-54F6-41E5-92F7-4613D6EF907F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\kane & lynch 2 - dog days\kl2.exe |
    "{6F2CEDEE-1384-4487-8149-917F0A25CD3E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\no time to explain\notime\notimetoexplain.exe |
    "{70F18B93-8DBB-4150-A316-6DC0C825937E}" = protocol=6 | dir=in | app=g:\steamlibrary\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
    "{722AC740-3215-407C-A76D-9DF5C54635A5}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
    "{7320127D-F3FB-41CD-AC3F-0A74511B7152}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
    "{75A9E039-1B05-4636-B35C-3D51D7005578}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
  22. BurtonGuster

    BurtonGuster Newcomer, in training Topic Starter Posts: 23

    "{76C954D1-B517-43BF-94D5-EE92BC89F4DC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
    "{78102ED3-5704-40C7-9DDE-C146683340C1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warhammer 40,000 space marine\spacemarine.exe |
    "{7875B698-E970-42C2-9CFD-AF5BFB91BF1D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
    "{79E26F54-A792-4589-917C-B07ABB53D130}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbsp.exe |
    "{7A0512F9-2977-4E9F-92E0-5BDDA2EB17D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\space pirates and zombies\spazgame.exe |
    "{7A8F1791-FB7A-4C74-B52D-951976D6AAB3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
    "{7C67DCB3-CA95-44BB-B8F4-910372264EF2}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
    "{7CC20B3A-F559-404E-8B87-7276C48C36AA}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
    "{7CDD2480-3254-46EE-BDA8-189E1512AFC0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
    "{7CDFEF16-C92D-4F82-B3D9-DF1B35EE043F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\no time to explain\notime\notimetoexplain.exe |
    "{7D261915-CFF5-4CA5-A857-82495FC4F423}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3.exe |
    "{7E5ADCCB-F94E-4219-8FC8-2F606085F924}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\solidstick320\garrysmod\hl2.exe |
    "{7E8D3945-8070-4406-9F7A-9D86683FA807}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ss2\shock2.exe |
    "{8095FC55-0A38-48C1-AF6E-82ABBA514422}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{80BB0CDB-3CFD-4DDD-9429-F9D6A2B2612D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{80C54A09-3055-4BE5-A3A7-6C642C4EF33E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mafia ii\pc\mafia2.exe |
    "{80CFD936-119D-4571-B5A6-1000A4C53820}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war dark crusade\darkcrusade.exe |
    "{813546C6-B8C1-4650-A1F6-5FEE8D9A9862}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
    "{8280870C-5851-4845-95B2-CC618F716E17}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
    "{82A2B61C-FD6B-4A5D-A45E-783514EE5D11}" = protocol=6 | dir=in | app=g:\steamlibrary\steamapps\common\the stanley parable\stanley.exe |
    "{8313207A-7C83-4D6E-8973-085BBA83D89D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\intrusion 2\intrusion2.exe |
    "{8389A774-E45D-41CE-BD7E-95F378B170DE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{83C94058-2FB1-4330-99C2-FE6FD188FE99}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
    "{85144506-0B8E-4035-868B-D172B0F9929B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\masseffect2launcher.exe |
    "{85C2CD09-D677-42D3-B7EA-934DAD9E988D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
    "{8626CD25-E072-4FC5-89DF-7A965BB0C9A8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe |
    "{8827A1E9-DFFE-4CDB-A85A-3763747A4BA4}" = protocol=6 | dir=in | app=g:\steamlibrary\steamapps\common\overlord\config.exe |
    "{8B3BAAC6-C076-4FB7-8E72-067DDDE1336B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\vslauncher.exe |
    "{8C95E080-B234-4B3E-803D-3B7C692152BB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
    "{8D0B41E1-928E-407D-9572-9DF759C1242F}" = protocol=17 | dir=in | app=g:\steamlibrary\steamapps\common\overlord\config.exe |
    "{8E6FD0CC-BA48-49E5-8489-FC6F0C24A503}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\proteus\proteus.exe |
    "{8EA20FBF-5785-4277-8C94-A006920C49BC}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
    "{8FA6119F-C094-477E-BD0B-1A8C8240EEDD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
    "{8FC2008C-9599-4020-9266-1D514B8C108F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
    "{8FC5960C-DAA3-4205-B9F2-8064273E5142}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tinyandbig\tinyandbig.exe |
    "{8FEDC44B-F0D5-4D07-95E3-A83DD02B19B0}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{909181B0-DC6A-453D-BFFB-093A9167B2B7}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
    "{91CEB8BC-AD40-4735-A9A5-F1B274F7A917}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war dark crusade\darkcrusade.exe |
    "{93C78A32-2206-4364-93D8-2C8D984FE3FC}" = dir=in | app=c:\program files (x86)\ea games\battlefield 2\mods\pr\bin\prlauncher.exe |
    "{93CF8C43-6F9E-4D46-96BE-E58F627AE182}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
    "{94366764-72F7-4E93-A0F2-2780BC28DAB7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
    "{94FC59B3-65B5-43B5-8417-9D835DA10B02}" = dir=in | app=c:\users\will\documents\the war z\warz.exe |
    "{96F5E47F-1B73-4776-99AC-919EDC0A31A4}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-downloader.exe |
    "{97E5EE1D-D69C-49CA-AD45-398A78383C6A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
    "{98EEDE4D-38EF-4932-ADCC-4363438F95A8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
    "{9B1B7836-2F6F-4D1F-B535-7E17A2370FD8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
    "{9C2396F4-B21F-4986-A1CD-923CF77D40E0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\solidstick320\garrysmod\hl2.exe |
    "{9D0BE560-B352-4F77-8411-9944D4CEE487}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
    "{9EA29D85-83C5-4DC3-8BC1-EE24F1FBCD85}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\masseffect2launcher.exe |
    "{9F8B4DC7-5EB7-4541-9D01-EC7D44271B41}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fez\fez.exe |
    "{A06B09F7-8300-4161-815F-1CBD63569499}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
    "{A102CFC3-F9E0-400C-9FB8-312BAEB71546}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
    "{A1D5C2D2-76BA-43B7-9B6B-2F8E39E29C4A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
    "{A31E1E10-4F44-48B6-90C9-D4150DC7CB8E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\nmservice.exe |
    "{A431E424-948C-42DA-82E4-7DFB7127B697}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
    "{A4492BF8-A01E-452E-A6A6-544A8A1B7E58}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{A4DA1341-8514-4CC9-AFCC-1A6B96E8E110}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ss2\shock2.exe |
    "{A4F56C2F-40D4-409C-BB33-A228E657F42F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
    "{A50906A2-5DEE-42F7-8FC8-386D5071BDCB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{A5EFA310-3459-40A0-A7A6-A55C1486FF5F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
    "{A5F0E6ED-7EA6-4C9E-9855-99D6FABFB49B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{A6ACBBB5-61A7-457A-A3B8-3E4DB5F0FD74}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\augmentededitioncontent\launch.bat |
    "{A80432E9-CF66-4B1E-839E-2F56F0104795}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\capsized\capsized.exe |
    "{A8628379-DECC-4A11-9892-8FE434206C36}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{A8670164-8611-4C98-9D52-55C69FF1D95B}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
    "{A910D279-EFFE-4B9A-A644-9C6D3B496C65}" = protocol=6 | dir=in | app=c:\users\will\appdata\local\apps\2.0\x87wrdle.2lo\7p41ye80.3dc\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\curseclient.exe |
    "{A9FDE768-559E-4503-B4DC-6175A9211EFA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fez\fez_launchoptions.exe |
    "{AAF73FDC-36A7-4A94-ADC4-37F976D1F1C0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{AB19CA08-46FA-4911-8B6F-FA15F3C037CF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
    "{AC15E693-245B-454A-8CA7-D3FC87BC26FD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
    "{AC8243FA-9148-4F8A-94C5-1E75B8B34884}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
    "{AD32AD7A-1520-42E8-9613-A94D1EB5943C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\little inferno beta\little inferno.exe |
    "{AD8B7067-D98F-4751-9FA2-D6A13F9265E0}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
    "{ADD130C0-2EE7-4A6B-A406-F0848891126E}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
    "{AF7628B4-8AA1-4D05-9695-ACB9C5CDE6F3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thomaswasalone\thomaswasalone.exe |
    "{B08BCA95-A294-41EA-BCC3-A9AD5EFE8A04}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
    "{B0CFB395-0147-46E5-ABB1-768222BFCF93}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
    "{B0D11120-A111-4576-BD67-281E3F57DA18}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\docs\ea help\electronic_arts_technical_support.htm |
    "{B246087D-1B97-4FFA-9A40-C7D43B824A9B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hotline_miami\hotlinemiami.exe |
    "{B2804314-1918-4AAD-A1A7-61D0BD28860C}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
    "{B422EA11-10BB-4555-826D-0D10C405190D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\solidstick320\half-life\hl.exe |
    "{B4E8BC9F-8FA5-4273-8BBD-477288F17744}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe |
    "{B4EFE24E-037E-4962-8D98-1168D10F575A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe |
    "{B5E8C394-4794-426F-B2EF-F14C677C1F49}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\augmentededitioncontent\launch.bat |
    "{B73B74C4-BEBE-48C6-BDF1-6473B4CE4FF6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\english country tune\english country tune.exe |
    "{B7C4E8CE-CFB0-4022-BA86-4B5D4A6E8DF0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dear esther\dearesther.exe |
    "{B8294B83-5D06-4B4D-AEF7-AF1B83F60742}" = protocol=17 | dir=in | app=g:\steamlibrary\steamapps\common\risk of rain\risk of rain.exe |
    "{B86D25F7-780C-446A-9BB8-02B98E10EB7E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{B92CF099-5A06-4AC8-8F25-4FA3EA5D9FD3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
    "{B9B9BC30-9560-4109-B966-3854C78825DE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
    "{BA55F1AC-5987-46EA-91FA-4A630D326410}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
    "{BA8FEEAC-EFAC-4693-87AC-2AC8FC21BCA0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
    "{BAAD6E4B-C47C-4BEA-854F-677C86714F2C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
    "{BB5B4577-85EF-4F9E-B3EF-D2E3E5A65969}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
    "{BBC64E23-7BF8-4B36-AA84-12D685F69A3E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war gold\w40k.exe |
    "{BE87B093-456A-47FE-B23B-92D1B2A6CFF5}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
    "{BEE522F8-AFE6-4BB0-80C3-B1B3F96F28AD}" = dir=in | app=c:\program files (x86)\ea games\battlefield 2\mods\pr\bin\prupdater.exe |
    "{BF221A0B-4500-4871-9468-1191F13B8342}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
    "{C2301132-A5EE-4E58-8CE5-E10B2F9EAFEF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount and blade\runme.exe |
    "{C339D335-35EF-4BA6-9A0B-BB9079F65FBC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\oil rush\launcher_steam.bat |
    "{C5C7C2D7-672A-46D2-B988-FB84016840F3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
    "{C5D13369-DBE0-4E4F-A46C-7AE8BFE9FC94}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{C7C53D88-D5BA-4952-9A1F-7A1F648B7C4C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mafia ii\pc\mafia2.exe |
    "{C8329B71-3F8A-4653-BF4A-D8FB7B724FE1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
    "{C886DAE2-17F8-40CE-B2E7-4A0FC10C97EF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
    "{C90C68BE-452E-4EBE-A3A1-780FA3F00540}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
    "{CA29BCA3-6CDA-473C-B672-AC7F06943BFF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
    "{CAFCE00F-FDDE-4FF2-95A1-1ED0B2A696C4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\little inferno beta\little inferno.exe |
    "{CB3F1B38-ED89-4E2E-9C76-0AE10A7F51E0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{CBCEDC56-262F-414A-BE0A-1398C91944FB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\space pirates and zombies\spazgame.exe |
    "{CD08FEBB-4646-4A24-96A5-8935FD88A4D4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
    "{CD09C226-AF16-44DA-8769-769225714690}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman blood money\configure.exe |
    "{CD61BC9C-DEB4-4A96-8BDC-8F6FD43D504D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tinyandbig\tinyandbig.exe |
    "{CD63131E-FB66-4C4C-A6A2-7FABB8177D18}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\nmservice.exe |
    "{CF8BE559-9C04-4054-A3AB-DD93069AE2F8}" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2.exe |
    "{D09D3CC1-33C7-44BD-AC2F-ACBE2569C684}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
    "{D2D7EFF8-262A-413D-93DA-96783AFC041F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman blood money\hitmanbloodmoney.exe |
    "{D34677D0-219F-41FA-A3C9-F40427B6C0D5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
    "{D446506C-F20E-4EE3-91EB-E972097018E1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\english country tune\english country tune.exe |
    "{D4469DB5-0FE1-43A8-A267-3234D6F2F65C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fez\fez.exe |
    "{D5E2D69C-756A-44D8-9EF6-0BAB067C9ACB}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
    "{D69081A5-9ECC-4389-B550-A598AAF2270F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rising storm beta\binaries\win32\rogame.exe |
    "{D7375989-64D5-43CD-921E-CCBFB577F943}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
    "{D7ECB933-1195-476B-A7F9-565185321042}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fez\fez_launchoptions.exe |
    "{D8B084FD-250D-4A5B-947D-0A558B619032}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe |
    "{D8E3863D-9109-4A91-BDA7-09A558ECE1FB}" = protocol=6 | dir=in | app=g:\war thunder\launcher.exe |
    "{D909593B-58A9-48F5-8C73-AC62EE37402A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3.exe |
    "{D984A8AE-E046-4A6D-81B2-FC546EE11F7B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
    "{DA7225D1-B788-46D1-8B57-5EAC76280258}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
    "{DB0945E6-DCC7-4327-B76C-01ED31385B92}" = protocol=6 | dir=in | app=g:\steamlibrary\steamapps\common\overlord\overlord.exe |
    "{DB387B92-E669-40E5-AF36-FCB9CC8F862A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
    "{DC831EED-E86C-4CAF-B60B-D7F13A8B11B0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\surgeon simulator 2013\ss2013.exe |
    "{DC974002-45AA-4748-A8E0-8CE03A8C8DEA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
    "{DD466C60-7CAE-4FB2-955A-469363790717}" = protocol=6 | dir=in | app=g:\steamlibrary\steamapps\common\volgarr\volgarr.exe |
    "{DDE489B4-04CA-4BFE-8FF6-84CB5156FD71}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
    "{DEB29F72-FEEA-4988-B43D-69BA1FE0121E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
    "{DF542D3B-13FC-4392-9F4D-43DAC4879915}" = protocol=6 | dir=in | app=c:\users\will\appdata\local\apps\2.0\x87wrdle.2lo\7p41ye80.3dc\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\curseclient.exe |
    "{DFC0F39C-C5F0-40EA-9AFD-6D663F270284}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
    "{E134A543-A2F0-4A9E-9AB5-729E46E1AE23}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
    "{E3B6607E-858E-46D8-8BFB-5528D2F53CFB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\solidstick320\garrysmod\hl2.exe |
    "{E3E986F3-EAC7-4461-AF13-061D6BC08E15}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\launcher.exe |
    "{E42894C3-8192-4415-A28B-0CBE0A7C965C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
    "{E4842923-7DA8-41A1-941D-F75EC42B2F76}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\oblivion\oblivionlauncher.exe |
    "{E4A23890-C605-4E29-BE53-82162067E04E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
    "{E4BE1C22-E688-4A05-8061-BB5A043EBEC6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon.exe |
    "{E55BA8BE-AF19-4A91-AFE2-55D833B13628}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warhammer 40,000 space marine\spacemarine.exe |
    "{E6D9D976-9182-412B-BA98-FA56FC1641AF}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{E79BA4AA-706B-45BA-B983-C1E80D483387}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{E96091FE-6B09-4A47-9214-68E557C7D64D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
    "{E9E72A94-B1E2-4401-9CC1-9ED837B0DFE0}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
    "{E9FD1456-0133-409F-876F-467EFA5AEA63}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{E9FFBAAA-D966-4F5E-95C7-4B3B75D1B2ED}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
    "{EAE20A3A-C65A-4C45-9E32-38CFF45C5BE9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
    "{EBDFCAAE-A4F9-42DF-A638-9F60347806CC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\eufloria\eufloria.exe |
    "{EC0BFB0E-F2D7-4E02-A8DB-BFACDF217CDC}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
    "{EC105251-FBA9-465E-8D57-D80D01AD6DA7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\return to castle wolfenstein\wolfmp.exe |
    "{ECB9D105-6A7D-41E8-BA0C-C1E2E932AACA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\surgeon simulator 2013\ss2013.exe |
    "{ED06642A-C162-4C4E-9BB7-6B4D90545659}" = protocol=17 | dir=in | app=c:\users\will\appdata\local\apps\2.0\x87wrdle.2lo\7p41ye80.3dc\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\curseclient.exe |
    "{ED2B4ADC-944B-4AE0-81AA-5D865B0AD148}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
    "{EECF5496-32A0-4507-A13C-B0B127B2FB3D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\capsized\capsized.exe |
    "{EEE3B330-091E-498C-A6BA-3D02F02C38FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{F1BF5742-565E-4759-810E-4B3E2B8AD794}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{F2565622-3BF8-4D15-BDAC-408AA019958A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\intrusion 2\intrusion2.exe |
    "{F4076E2E-A6CF-4403-9FFE-FDAC0620255F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe |
    "{F4EC7C91-C303-4F94-AC8E-6362EA15942C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\vslauncher.exe |
    "{F72EB155-B94C-44F1-A30F-1C6ABF570F14}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\kane & lynch 2 - dog days\kl2.exe |
    "{F81D0526-03E2-42F0-AD6F-C071D00921B1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
    "{FA204C28-D5EE-4264-A8D1-74063EAB74CC}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
    "{FB0FB86D-89D6-4C50-8EAC-689B1BAAD6A2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hotline_miami\hotlinemiami.exe |
    "{FBA18953-6737-4FD4-904B-BC57C0BEF589}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
    "{FCB7BE14-B538-44DF-96D4-E39476A5F3F1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect\binaries\masseffect.exe |
    "{FE0ED29E-E856-4A2D-8C07-903CA984B04C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
    "{FFA11AC2-DF1F-45A0-829C-940CE969929F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dear esther\dearesther.exe |
    "{FFE5DE42-F71E-4C91-84B1-1670B8E3D4D4}" = protocol=6 | dir=in | app=g:\steamlibrary\steamapps\common\alan wake\alanwake.exe |
    "TCP Query User{057A4473-E727-495C-BBFD-E5397F0C32D7}C:\program1\ea games\command and conquer generals\game.dat" = protocol=6 | dir=in | app=c:\program1\ea games\command and conquer generals\game.dat |
    "TCP Query User{09146D2C-3406-4D89-94F1-6085BB989AD2}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
    "TCP Query User{0B8CBD49-DF37-47FB-969C-1DBC4983EF96}G:\steamlibrary\steamapps\common\red orchestra 2\binaries\win32\rogame.exe" = protocol=6 | dir=in | app=g:\steamlibrary\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
    "TCP Query User{106DCE9F-4771-40BE-B80B-F2564F5A09B5}C:\program files (x86)\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2.exe |
    "TCP Query User{18169892-6C74-4D1E-A617-ED7CFA479E7C}C:\users\will\downloads\gang garrison 2 v2.2.3\gang garrison 2\gang garrison 2.exe" = protocol=6 | dir=in | app=c:\users\will\downloads\gang garrison 2 v2.2.3\gang garrison 2\gang garrison 2.exe |
    "TCP Query User{1A4D7911-9125-4E01-B8AD-16BFEB691BC6}C:\program files (x86)\steam\steamapps\solidstick320\source sdk base\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\solidstick320\source sdk base\hl2.exe |
    "TCP Query User{1BA7899F-3141-431A-BE7C-4013F6188CB5}G:\games\saints row iv\saintsrowiv.exe" = protocol=6 | dir=in | app=g:\games\saints row iv\saintsrowiv.exe |
    "TCP Query User{1E0F1CC3-2AD9-4878-81EE-A0004878AC96}C:\program files (x86)\steam\steamapps\common\global agenda live\binaries\globalagenda.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\globalagenda.exe |
    "TCP Query User{1E6F664C-60AE-4E26-A7EA-C966C2E36A86}C:\users\will\downloads\2010-12-25-liftv1\liftv1\lift.exe" = protocol=6 | dir=in | app=c:\users\will\downloads\2010-12-25-liftv1\liftv1\lift.exe |
    "TCP Query User{22691F9E-5263-4B66-B4B4-1A1948CCDEB7}C:\program files (x86)\microsoft games\freelancer\exe\freelancer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\freelancer\exe\freelancer.exe |
    "TCP Query User{24B95250-2D29-4C7D-B3AF-40746E67AD2A}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
    "TCP Query User{2564648E-CC2B-4898-A03A-9FCE663F310D}C:\program files (x86)\hi-rez studios\hirezgames\tribes alpha\binaries\win32\tribesascend.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\tribes alpha\binaries\win32\tribesascend.exe |
    "TCP Query User{28370FE1-D22F-47EF-964D-AD6C16654561}C:\program files (x86)\steam\steamapps\common\vindictus\en-us\vindictus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\vindictus.exe |
    "TCP Query User{293411B0-9E4C-4EE8-80E8-0C04C726F5EC}C:\the ball demo\binaries\win32\theball.exe" = protocol=6 | dir=in | app=c:\the ball demo\binaries\win32\theball.exe |
    "TCP Query User{2EECEC28-8663-4D67-831D-646A6F3F6FAB}G:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=6 | dir=in | app=g:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
    "TCP Query User{310A2E18-5058-4F6F-AF56-29052CBB4393}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 1942\bf1942.exe |
    "TCP Query User{33858773-9C5F-43FD-A010-5A1B572BEC1C}C:\users\will\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\will\appdata\local\akamai\netsession_win.exe |
    "TCP Query User{4E852274-F344-49DC-BB5B-8AB6952D9E49}G:\steamlibrary\steamapps\common\dark souls prepare to die edition\data\data.exe" = protocol=6 | dir=in | app=g:\steamlibrary\steamapps\common\dark souls prepare to die edition\data\data.exe |
    "TCP Query User{564B4FB6-5957-4B28-8E5A-ECFF5ECF5FDD}G:\starcitizen\citizenclient\bin64\starcitizen.exe" = protocol=6 | dir=in | app=g:\starcitizen\citizenclient\bin64\starcitizen.exe |
    "TCP Query User{5DCC6BBD-A59C-46F0-8CB2-15CF4497E169}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
    "TCP Query User{65A8AB9C-39FF-4EB3-8C6D-184FBA9791BB}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
    "TCP Query User{6EEADA5D-2284-447F-93B1-E4FEB464B82F}G:\downloaded\public\warframe.x64.exe" = protocol=6 | dir=in | app=g:\downloaded\public\warframe.x64.exe |
    "TCP Query User{7ECB84B8-D679-495F-8820-AFD6640AD845}C:\users\mom\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\mom\appdata\local\google\chrome\application\chrome.exe |
    "TCP Query User{8199A35B-2B66-4FE9-A8C1-4213D12E8B57}C:\program files (x86)\steam\steamapps\solidstick320\pirates, vikings, and knights ii\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\solidstick320\pirates, vikings, and knights ii\hl2.exe |
    "TCP Query User{854E6C86-C073-4FF1-B72B-D0529DDAD189}C:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe |
    "TCP Query User{8906707C-DBCE-444D-ADCD-663D3874ED36}C:\program files (x86)\steam\steamapps\solidstick320\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\solidstick320\team fortress 2\hl2.exe |
    "TCP Query User{8BC2F22F-6086-450B-B617-54DC14B6FFA5}G:\war thunder\aces.exe" = protocol=6 | dir=in | app=g:\war thunder\aces.exe |
    "TCP Query User{9082FDC5-7CA1-4071-8EAC-2C2F025B7CAC}C:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe |
    "TCP Query User{948A3802-433B-4583-8E08-FC27BB052634}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
    "TCP Query User{A18D8C1B-8971-455B-876B-E163DBEF714A}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe |
    "TCP Query User{A6F91CBA-0ACB-44A1-8394-20FD66363803}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe |
    "TCP Query User{AA59C1DE-4C69-4C0B-98C6-B0CBA5F2C3BE}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
    "TCP Query User{AB719967-4950-4D30-9CCC-D5380353237E}C:\program files (x86)\nox\game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nox\game.exe |
    "TCP Query User{B09C2D35-4A40-409E-B3A4-8DA5D16CBB8C}G:\games\starcitizen\citizenclient\bin64\starcitizen.exe" = protocol=6 | dir=in | app=g:\games\starcitizen\citizenclient\bin64\starcitizen.exe |
    "TCP Query User{B1BB7E1D-B35F-4C8D-BC9C-196F5FC4C26D}C:\users\will\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\will\appdata\local\akamai\netsession_win.exe |
    "TCP Query User{B69BA855-2C6C-4331-9455-F340A920D2DD}C:\program files (x86)\microsoft games\halo trial\halo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\halo trial\halo.exe |
    "TCP Query User{B92DA5A7-2333-4552-883E-B74CCE18C7A2}C:\users\will\downloads\obsidian\obsidian\obsidian.exe" = protocol=6 | dir=in | app=c:\users\will\downloads\obsidian\obsidian\obsidian.exe |
    "TCP Query User{D2730769-F8DB-413F-93BF-17D946AF17D0}G:\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe" = protocol=6 | dir=in | app=g:\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe |
    "TCP Query User{D83E4B71-3504-445D-B6C7-0A33A1076731}C:\program\ea games\command and conquer generals\game.dat" = protocol=6 | dir=in | app=c:\program\ea games\command and conquer generals\game.dat |
    "TCP Query User{D8D5D93E-843C-4752-AFD8-D4EEDCBBE81F}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe |
    "TCP Query User{E42C51BA-FA7F-491A-AB9D-1121C77D4D16}G:\games\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=g:\games\planetside 2\planetside2.exe |
    "TCP Query User{F1F1E62D-8309-4D15-BBF2-093FAD20C846}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
    "UDP Query User{03AF31A1-AA41-4CCE-8FCA-96ADA0724A59}C:\program files (x86)\steam\steamapps\common\global agenda live\binaries\globalagenda.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\globalagenda.exe |
    "UDP Query User{0C0B538A-2DC9-435B-A915-0D03F6CECC83}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
    "UDP Query User{0E7900A1-DABC-416B-BA2B-042EA997427B}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe |
    "UDP Query User{109403C9-B5DD-4593-A26E-7204A7350F05}C:\users\mom\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\mom\appdata\local\google\chrome\application\chrome.exe |
    "UDP Query User{11D24411-B16F-4BBC-910E-8E4E9496CAB9}G:\games\starcitizen\citizenclient\bin64\starcitizen.exe" = protocol=17 | dir=in | app=g:\games\starcitizen\citizenclient\bin64\starcitizen.exe |
    "UDP Query User{1C5AF125-105B-4937-86E2-3C680D396AC3}C:\program files (x86)\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2.exe |
    "UDP Query User{3D37852A-A73F-467B-A838-CE687227331F}G:\downloaded\public\warframe.x64.exe" = protocol=17 | dir=in | app=g:\downloaded\public\warframe.x64.exe |
    "UDP Query User{45B3FA5B-DD99-406A-B060-F99B2AB9309F}C:\program files (x86)\steam\steamapps\solidstick320\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\solidstick320\team fortress 2\hl2.exe |
    "UDP Query User{4615BD2B-9F3C-406A-980A-4C63B5F19EB0}G:\war thunder\aces.exe" = protocol=17 | dir=in | app=g:\war thunder\aces.exe |
    "UDP Query User{46628E4D-5D0A-4E60-9ED5-ADCF495E15B4}C:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe |
    "UDP Query User{47104C3F-CA05-4AF1-B811-D61D49BBB469}C:\program files (x86)\microsoft games\freelancer\exe\freelancer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\freelancer\exe\freelancer.exe |
    "UDP Query User{52D99B4A-FC53-4E19-A797-F8228EAEBF5A}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
    "UDP Query User{530584BF-38D9-4A92-9F9D-691E919529AE}C:\program1\ea games\command and conquer generals\game.dat" = protocol=17 | dir=in | app=c:\program1\ea games\command and conquer generals\game.dat |
    "UDP Query User{571C78E7-2D90-496C-9592-078A9AA72AB4}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
    "UDP Query User{59C6C991-7FFD-4687-A3F7-0CE1673BBD0C}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
    "UDP Query User{646B5A22-5C5D-4D58-B2CA-7AC36B45E757}G:\games\saints row iv\saintsrowiv.exe" = protocol=17 | dir=in | app=g:\games\saints row iv\saintsrowiv.exe |
    "UDP Query User{675AB67F-0C1F-4D3B-92F7-2440B99C64E6}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 1942\bf1942.exe |
    "UDP Query User{6A8EBD8F-181E-46DA-A06A-EE58626DA91F}C:\users\will\downloads\2010-12-25-liftv1\liftv1\lift.exe" = protocol=17 | dir=in | app=c:\users\will\downloads\2010-12-25-liftv1\liftv1\lift.exe |
    "UDP Query User{6FC989DE-C501-476D-969F-A106AD8B6155}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
    "UDP Query User{76640144-4A2C-4885-9A12-44AF578647FA}C:\program files (x86)\steam\steamapps\solidstick320\pirates, vikings, and knights ii\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\solidstick320\pirates, vikings, and knights ii\hl2.exe |
    "UDP Query User{7B9D4864-A89C-4F91-98F1-3F55F6B94666}C:\program files (x86)\microsoft games\halo trial\halo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\halo trial\halo.exe |
    "UDP Query User{7D5DDF2C-A6DE-4C8C-BF0B-40354C10C8C4}G:\games\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=g:\games\planetside 2\planetside2.exe |
    "UDP Query User{8080670F-40EA-4953-813D-65DBEB1D958F}C:\program files (x86)\steam\steamapps\common\vindictus\en-us\vindictus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\vindictus.exe |
    "UDP Query User{8E93D9B6-4F66-4CC0-BB6A-D56BE5CA13BF}G:\steamlibrary\steamapps\common\red orchestra 2\binaries\win32\rogame.exe" = protocol=17 | dir=in | app=g:\steamlibrary\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
    "UDP Query User{945E7C8D-9E11-4708-8D8A-89FF53FCA22D}C:\users\will\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\will\appdata\local\akamai\netsession_win.exe |
    "UDP Query User{989D32CE-99A4-475B-B8DF-E2C22967973E}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
    "UDP Query User{99729C93-C4F4-430E-8BC5-79EE20224E68}G:\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe" = protocol=17 | dir=in | app=g:\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe |
    "UDP Query User{9B1DFA92-2148-461C-84B3-57B7EF00D733}C:\program files (x86)\hi-rez studios\hirezgames\tribes alpha\binaries\win32\tribesascend.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\tribes alpha\binaries\win32\tribesascend.exe |
    "UDP Query User{9B553646-DC91-4395-A2C2-E379BD9A95E3}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
    "UDP Query User{9CDAC295-F659-4EAB-ADCA-BC82D0ADD229}C:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe |
    "UDP Query User{A993B750-24C9-4764-BA87-08AA2AF3DD1B}C:\users\will\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\will\appdata\local\akamai\netsession_win.exe |
    "UDP Query User{B45DE7CE-9AE3-49B9-8662-2531A9E3DA71}G:\starcitizen\citizenclient\bin64\starcitizen.exe" = protocol=17 | dir=in | app=g:\starcitizen\citizenclient\bin64\starcitizen.exe |
    "UDP Query User{B7BCE5D0-80CB-4B05-A66D-F9D7D729B8F2}C:\the ball demo\binaries\win32\theball.exe" = protocol=17 | dir=in | app=c:\the ball demo\binaries\win32\theball.exe |
    "UDP Query User{BCB58A3D-4C7C-4F56-B34A-EEF49B48494D}C:\program files (x86)\steam\steamapps\solidstick320\source sdk base\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\solidstick320\source sdk base\hl2.exe |
    "UDP Query User{D64F22B0-C00C-48A1-9617-8A3B3A252157}C:\users\will\downloads\obsidian\obsidian\obsidian.exe" = protocol=17 | dir=in | app=c:\users\will\downloads\obsidian\obsidian\obsidian.exe |
    "UDP Query User{D86638A8-50BB-4796-95FF-DF8E938656F9}C:\users\will\downloads\gang garrison 2 v2.2.3\gang garrison 2\gang garrison 2.exe" = protocol=17 | dir=in | app=c:\users\will\downloads\gang garrison 2 v2.2.3\gang garrison 2\gang garrison 2.exe |
    "UDP Query User{DB18FD86-A5B5-4F29-B0B4-692ECDB204B4}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe |
    "UDP Query User{DD528BB8-5302-4919-BC37-629FF963C6B9}G:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=17 | dir=in | app=g:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
    "UDP Query User{DE95B2F9-3335-4D45-8161-C559F7FA4A89}G:\steamlibrary\steamapps\common\dark souls prepare to die edition\data\data.exe" = protocol=17 | dir=in | app=g:\steamlibrary\steamapps\common\dark souls prepare to die edition\data\data.exe |
    "UDP Query User{E4CC0B10-380F-43E5-B231-FA46E899DA9E}C:\program files (x86)\nox\game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nox\game.exe |
    "UDP Query User{ED6493B0-D2AD-45C2-94DB-E33A816DF20C}C:\program\ea games\command and conquer generals\game.dat" = protocol=17 | dir=in | app=c:\program\ea games\command and conquer generals\game.dat |
    "UDP Query User{FA93068A-FC55-4223-A756-2D1E799D7B20}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe |
  23. BurtonGuster

    BurtonGuster Newcomer, in training Topic Starter Posts: 23

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{14FD69D0-3B87-404C-BEE1-6390CC1CA960}" = AVG 2014
    "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
    "{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
    "{26A24AE4-039D-4CA4-87B4-2F86416029FF}" = Java(TM) 6 Update 29 (64-bit)
    "{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
    "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
    "{35135EBA-F700-4A40-A8D4-DB8353293893}" = NVIDIA CUDA Toolkit v4.2 (64 bit)
    "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{4E82E2E9-668B-4F8A-814A-78E163FCDBCD}" = IconHandler 64 bit
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
    "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
    "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
    "{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
    "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
    "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
    "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
    "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
    "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
    "{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
    "{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
    "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 331.65
    "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 331.65
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 331.65
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 314.22
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.15.2
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
    "{BC06BAEB-6D52-4D69-82EB-56CF1594C6A7}" = AVG 2014
    "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
    "{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
    "{E3047FA0-2D6B-4BD6-8CD4-599955F1CE9D}" = Microsoft Mouse and Keyboard Center
    "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
    "{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
    "6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
    "AVG" = AVG 2014
    "lvdrivers_12.10" = Logitech Webcam Software Driver Package
    "Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
    "Wacom Tablet Driver" = Wacom Tablet
    "WinRAR archiver" = WinRAR archiver

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "_{5B51BB5F-4E7C-4275-A653-E98534E9C1D2}" = Corel Painter 11
    "_{EAB6F4ED-B18D-4BF5-B18E-3C7921560EC4}" = Corel Painter Sketch Pad
    "{00D6C191-50A2-4D9C-9285-1817D8420FB6}" = IPM
    "{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
    "{127B684B-A002-44C8-99A7-6CF8F1E26873}" = PunkBuster for Battlefield 1942
    "{1AED4ABF-0852-4B3F-9F87-00CF88F25CE0}" = IconHandler 32 bit
    "{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}" = Star Wars Jedi Knight Jedi Academy
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
    "{20E23A40-38E5-4DD6-B738-BC8097AE66B6}_is1" = FTL version 1.03.3
    "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
    "{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37
    "{26C3330F-0E08-4CBA-955A-55164829A168}_is1" = Creature Chaos 4.23
    "{28F8F8F0-C278-454A-9507-46B344AAD188}" = Corel Painter 11
    "{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
    "{29F28823-1183-483D-BEFE-1B15250D56C8}_is1" = Creature Chaos 4.23
    "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
    "{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}" = Tribes Ascend Open Beta
    "{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
    "{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
    "{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}" = Microsoft Games for Windows - LIVE Redistributable
    "{491D92A9-69CA-4EB4-81D3-0106F9337957}" = TurboV EVO
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
    "{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
    "{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
    "{5B51BB5F-4E7C-4275-A653-E98534E9C1D2}" = Corel Painter 11 - ICA
    "{5BD093B2-58E6-467D-99E4-E88A5FFC412C}" = Painter Sketch Pad
    "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6B2B0D05-2B4A-4855-A47B-D69CD9E3CDD6}" = Impossible Creatures 1.0.1
    "{6FE5398E-748B-417D-B0D7-E8881F93B5A2}" = Warframe
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{72F6D9F1-98C4-473F-A540-ECDCEB6D3D76}" = Registration
    "{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
    "{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
    "{7EC69F77-5494-4E1F-8BC6-956DAA5A91F2}" = Corel Painter 11 - IPM
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{840BF2FE-033D-437C-89D1-AAA206BA13B6}" = Langauge
    "{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
    "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
    "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
    "{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
    "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
    "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
    "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
    "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
    "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
    "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
    "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
    "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
    "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
    "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
    "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
    "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
    "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
    "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
    "{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
    "{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
    "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
    "{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
    "{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
    "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
    "{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.10)
    "{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
    "{AF72E557-0647-4DE5-ACDA-ECFB38D5D732}" = Licensing Service Install
    "{AF8EEB05-8E9B-438B-B73B-DF9191DF29DD}" = PR Mumble 1.0.0
    "{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
    "{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
    "{B369483E-0728-405C-8F8C-3427B263B01F}" = Content
    "{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
    "{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
    "{B73B4A99-4173-4747-BBEC-0F05E966F9D2}" = Battlefield 1942: Secret Weapons of WWII
    "{BA6A41DC-603B-49D5-AC40-2A125DFF6DB8}_is1" = Creature Chaos 4.22
    "{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call
    "{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1" = The War Z version 1.0
    "{BCE46757-7674-4416-BEDB-68205A60409E}" = CanoScan Toolbox Ver4.1
    "{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}" = Adobe Flash Professional CS6
    "{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
    "{C325F588-D6B1-4A7F-B6A2-914C75DDA348}" = Morrowind
    "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CE7CB214-DB11-4B5D-A6AF-3B4ED47C68B7}" = Microsoft Game Studios Common Redistributables Pack 1
    "{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}" = Battlefield 1942: The Road To Rome
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8
    "{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{DB3C800B-081B-4146-B4E3-EFB5B77AA913}" = TES Construction Set
    "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
    "{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
    "{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
    "{EAB6F4ED-B18D-4BF5-B18E-3C7921560EC4}" = Corel SketchPad - ICA
    "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
    "{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.252
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{FB36174F-6AA4-4532-B011-F86FD597D471}" = TurboTax 2008 wlaiper
    "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
    "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 12.0
    "Any Video Converter_is1" = Any Video Converter 3.1.7
    "Celtx (2.9.7)" = Celtx (2.9.7)
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "Combined Community Codec Pack_is1" = Combined Community Codec Pack 2007-02-22
    "Command & Conquer" = Command & Conquer
    "Desura" = Desura
    "Desura_101674760798240" = Desura: MTBFreeride
    "Desura_18631568130064" = Desura: Project Reality: Battlefield 2
    "Desura_70806830841888" = Desura: Running with Rifles
    "Desura_76652281331744" = Desura: Deer Hunter 1066
    "Diablo II" = Diablo II
    "Digital Copy" = Digital Copy
    "DMC Devi May Cry (c) Capcom_is1" = DMC Devi May Cry (c) Capcom version 1
    "Fraps" = Fraps (remove only)
    "Freelancer 1.0" = Freelancer
    "GameSpy Arcade" = GameSpy Arcade
    "Graboid Video" = Graboid Video 2.06
    "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
    "JFK Reloaded" = JFK Reloaded 1.1
    "LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
    "Life Goes On 1.0" = Life Goes On 1.0
    "Logitech Vid" = Logitech Vid HD
    "Magic ISO Maker v5.4 (build 0239)" = Magic ISO Maker v5.4 (build 0239)
    "MagicDisc 2.7.106" = MagicDisc 2.7.106
    "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
    "Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "Nox_is1" = Nox 1.2b
  24. BurtonGuster

    BurtonGuster Newcomer, in training Topic Starter Posts: 23

    "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
    "Oblivion mod manager_is1" = Oblivion mod manager 1.1.9
    "Octodad" = Octodad
    "Office14.PROPLUS" = Microsoft Office Professional Plus 2010
    "OpenAL" = OpenAL
    "Picasa 3" = Picasa 3
    "Project Reality: BF2 (pr)_is1" = Project Reality: BF2
    "PunkBusterSvc" = PunkBuster Services
    "Rockstar Games Social Club" = Rockstar Games Social Club
    "Spadille" = Spadille 1.4.7
    "Spotify" = Spotify
    "Steam App 104320" = Red Orchestra 2: Heroes of Stalingrad Beta
    "Steam App 107200" = Space Pirates and Zombies
    "Steam App 108710" = Alan Wake
    "Steam App 110800" = L.A. Noire
    "Steam App 11450" = Overlord
    "Steam App 12220" = Grand Theft Auto: Episodes from Liberty City
    "Steam App 1250" = Killing Floor
    "Steam App 12710" = Overlord: Raising Hell
    "Steam App 130" = Half-Life: Blue Shift
    "Steam App 15620" = Warhammer® 40,000™: Dawn of War® II
    "Steam App 17020" = Global Agenda
    "Steam App 17460" = Mass Effect
    "Steam App 17570" = Pirates, Vikings, & Knights II
    "Steam App 200260" = Batman: Arkham City GOTY
    "Steam App 200390" = Oil Rush
    "Steam App 201870" = Assassin's Creed Revelations
    "Steam App 202170" = Sleeping Dogs™
    "Steam App 203810" = Dear Esther
    "Steam App 204300" = Awesomenauts
    "Steam App 204880" = Sins of a Solar Empire: Rebellion
    "Steam App 20570" = Warhammer® 40,000™: Dawn of War® II – Chaos Rising™
    "Steam App 205910" = Tiny and Big: Grandpa's Leftovers
    "Steam App 207570" = English Country Tune
    "Steam App 208140" = Endless Space
    "Steam App 20900" = The Witcher: Enhanced Edition
    "Steam App 20920" = The Witcher 2: Assassins of Kings Enhanced Edition
    "Steam App 211420" = Dark Souls: Prepare to Die Edition
    "Steam App 214970" = Intrusion 2
    "Steam App 215" = Source SDK Base 2006
    "Steam App 218" = Source SDK Base 2007
    "Steam App 218620" = PAYDAY 2
    "Steam App 219150" = Hotline Miami
    "Steam App 219680" = Proteus
    "Steam App 220" = Half-Life 2
    "Steam App 220240" = Far Cry® 3
    "Steam App 220780" = Thomas Was Alone
    "Steam App 22100" = Mount & Blade
    "Steam App 221260" = Little Inferno
    "Steam App 221910" = The Stanley Parable
    "Steam App 22330" = The Elder Scrolls IV: Oblivion
    "Steam App 22380" = Fallout: New Vegas
    "Steam App 224760" = FEZ
    "Steam App 224780" = Rising Storm Beta
    "Steam App 227280" = No Time to Explain
    "Steam App 233270" = Far Cry® 3 Blood Dragon
    "Steam App 233720" = Surgeon Simulator 2013
    "Steam App 238210" = System Shock 2
    "Steam App 241540" = State of Decay
    "Steam App 241600" = Rogue Legacy
    "Steam App 247240" = Volgarr the Viking
    "Steam App 248820" = Risk of Rain
    "Steam App 24980" = Mass Effect 2
    "Steam App 259080" = Just Cause 2: Multiplayer Mod
    "Steam App 28000" = Kane & Lynch 2: Dog Days
    "Steam App 28050" = Deus Ex: Human Revolution
    "Steam App 28110" = Deus Ex Human Revolution Augmented Edition Bonus Content
    "Steam App 340" = Half-Life 2: Lost Coast
    "Steam App 35140" = Batman: Arkham Asylum GOTY Edition
    "Steam App 35420" = Killing Floor Mod: Defence Alliance 2
    "Steam App 35450" = Red Orchestra 2: Heroes of Stalingrad
    "Steam App 380" = Half-Life 2: Episode One
    "Steam App 4000" = Garry's Mod
    "Steam App 40100" = Supreme Commander 2
    "Steam App 40800" = Super Meat Boy
    "Steam App 41210" = Eufloria
    "Steam App 43110" = Metro 2033
    "Steam App 440" = Team Fortress 2
    "Steam App 4570" = Warhammer 40,000: Dawn of War - Game of the Year Edition
    "Steam App 4580" = Warhammer 40,000: Dawn of War – Dark Crusade
    "Steam App 48190" = Assassin's Creed Brotherhood
    "Steam App 49520" = Borderlands 2
    "Steam App 49600" = Beat Hazard
    "Steam App 50" = Half-Life: Opposing Force
    "Steam App 500" = Left 4 Dead
    "Steam App 50130" = Mafia II
    "Steam App 550" = Left 4 Dead 2
    "Steam App 55150" = Warhammer 40,000 Space Marine
    "Steam App 55230" = Saints Row: The Third
    "Steam App 56400" = Warhammer® 40,000™: Dawn of War® II – Retribution™
    "Steam App 57300" = Amnesia: The Dark Descent
    "Steam App 630" = Alien Swarm
    "Steam App 635" = Alien Swarm Dedicated Server
    "Steam App 6860" = Hitman: Blood Money
    "Steam App 70" = Half-Life
    "Steam App 72850" = The Elder Scrolls V: Skyrim
    "Steam App 730" = Counter-Strike: Global Offensive
    "Steam App 745" = Counter-Strike: Global Offensive - SDK
    "Steam App 7670" = BioShock
    "Steam App 8190" = Just Cause 2
    "Steam App 8980" = Borderlands
    "Steam App 9010" = Return to Castle Wolfenstein
    "Steam App 9310" = Warhammer 40,000: Dawn of War – Winter Assault
    "Steam App 95300" = Capsized
    "Street Cleaning Simulator" = Street Cleaning Simulator
    "TeamSpeak 3 Client" = TeamSpeak 3 Client
    "The KMPlayer" = The KMPlayer (remove only)
    "Tombraider_is1" = Tombraider
    "TurboTax 2008" = TurboTax 2008
    "U2FpbnRzUm93SVY=_is1" = Saints Row IV
    "Uplay" = Uplay
    "uTorrent" = µTorrent
    "VGhlQmFubmVyU2FnYQ==_is1" = The Banner Saga
    "VLC media player" = VLC media player 2.0.3
    "Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
    "Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
    "Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
    "Warcraft III" = Warcraft III
    "World of Warcraft" = World of Warcraft

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2259775512-1353646028-2121886952-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Akamai" = Akamai NetSession Interface
    "Flux" = f.lux
    "Google Chrome" = Google Chrome
    "SOE Web Installer" = SOE Web Installer
    "SOE-Clone Wars" = Clone Wars
    "SOE-Free Realms" = Free Realms
    "SOE-PlanetSide 2" = PlanetSide 2
    "Spotify" = Spotify
    "UnityWebPlayer" = Unity Web Player
    "uTorrent" = µTorrent

    < End of report >
  25. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    OTL.txt log is incomplete.
    Please redo.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.