Win64/patched.a virus

Gmer didnt produce a log.

Here is the adwcleaner scan.
# AdwCleaner v2.006 - Logfile created 11/01/2012 at 17:18:04
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Ultimate (64 bits)
# User : Owner - ANTYUNO
# Boot Mode : Normal
# Running from : C:\Users\Owner\Desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Premium
***** [Registry] *****
Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
*************************
AdwCleaner[R1].txt - [721 octets] - [01/11/2012 17:18:04]
########## EOF - C:\AdwCleaner[R1].txt - [780 octets] ##########

For some reason I cant enable my windows fire wall.

I downloaded the tdsskiler from the link provided and it seems to not work. Like it downloads a file not a program. When I double click to open/run it, it asks what program do I want to run it. I select Internet Explorer from the options provided and nothing happens. Please assist. Thanks.

Hello, sorry but I been busy. Yes im still here and still need assistance. ill try and re-download the program.

Tdss log.

07:54:29.0277 4260 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
07:54:29.0760 4260 ============================================================
07:54:29.0760 4260 Current date / time: 2012/11/10 07:54:29.0760
07:54:29.0760 4260 SystemInfo:
07:54:29.0760 4260
07:54:29.0760 4260 OS Version: 6.1.7600 ServicePack: 0.0
07:54:29.0760 4260 Product type: Workstation
07:54:29.0760 4260 ComputerName: ANTYUNO
07:54:29.0760 4260 UserName: Owner
07:54:29.0760 4260 Windows directory: C:\Windows
07:54:29.0760 4260 System windows directory: C:\Windows
07:54:29.0760 4260 Running under WOW64
07:54:29.0760 4260 Processor architecture: Intel x64
07:54:29.0760 4260 Number of processors: 2
07:54:29.0760 4260 Page size: 0x1000
07:54:29.0760 4260 Boot type: Normal boot
07:54:29.0760 4260 ============================================================
07:54:31.0040 4260 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:54:31.0040 4260 ============================================================
07:54:31.0040 4260 \Device\Harddisk0\DR0:
07:54:31.0040 4260 MBR partitions:
07:54:31.0040 4260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x94FE97E
07:54:31.0040 4260 ============================================================
07:54:31.0071 4260 C: <-> \Device\Harddisk0\DR0\Partition1
07:54:31.0071 4260 ============================================================
07:54:31.0071 4260 Initialize success
07:54:31.0071 4260 ============================================================
07:54:59.0712 4468 ============================================================
07:54:59.0712 4468 Scan started
07:54:59.0712 4468 Mode: Manual; SigCheck; TDLFS;
07:54:59.0712 4468 ============================================================
07:55:00.0321 4468 ================ Scan system memory ========================
07:55:00.0321 4468 System memory - ok
07:55:00.0321 4468 ================ Scan services =============================
07:55:00.0461 4468 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
07:55:00.0820 4468 1394ohci - ok
07:55:00.0882 4468 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
07:55:00.0929 4468 ACPI - ok
07:55:00.0960 4468 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
07:55:01.0007 4468 AcpiPmi - ok
07:55:01.0163 4468 [ CD3BDD45B62F15B137FEB4561DF8EB67 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
07:55:02.0286 4468 ADIHdAudAddService - ok
07:55:02.0380 4468 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:55:02.0411 4468 AdobeARMservice - ok
07:55:02.0458 4468 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
07:55:02.0525 4468 adp94xx - ok
07:55:02.0554 4468 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
07:55:02.0594 4468 adpahci - ok
07:55:02.0625 4468 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
07:55:02.0646 4468 adpu320 - ok
07:55:02.0694 4468 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
07:55:02.0788 4468 AeLookupSvc - ok
07:55:02.0843 4468 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
07:55:02.0913 4468 AFD - ok
07:55:02.0943 4468 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
07:55:02.0963 4468 agp440 - ok
07:55:02.0983 4468 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
07:55:03.0023 4468 ALG - ok
07:55:03.0043 4468 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
07:55:03.0073 4468 aliide - ok
07:55:03.0083 4468 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
07:55:03.0103 4468 amdide - ok
07:55:03.0123 4468 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
07:55:03.0183 4468 AmdK8 - ok
07:55:03.0183 4468 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
07:55:03.0233 4468 AmdPPM - ok
07:55:03.0273 4468 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
07:55:03.0303 4468 amdsata - ok
07:55:03.0333 4468 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
07:55:03.0363 4468 amdsbs - ok
07:55:03.0383 4468 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
07:55:03.0403 4468 amdxata - ok
07:55:03.0443 4468 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
07:55:03.0493 4468 AppID - ok
07:55:03.0513 4468 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
07:55:03.0593 4468 AppIDSvc - ok
07:55:03.0613 4468 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
07:55:03.0653 4468 Appinfo - ok
07:55:03.0703 4468 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
07:55:03.0743 4468 AppMgmt - ok
07:55:03.0763 4468 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
07:55:03.0793 4468 arc - ok
07:55:03.0813 4468 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
07:55:03.0843 4468 arcsas - ok
07:55:03.0883 4468 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
07:55:03.0923 4468 aswFsBlk - ok
07:55:03.0973 4468 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
07:55:03.0993 4468 aswMonFlt - ok
07:55:04.0013 4468 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
07:55:04.0043 4468 aswRdr - ok
07:55:04.0093 4468 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
07:55:04.0143 4468 aswSnx - ok
07:55:04.0163 4468 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
07:55:04.0203 4468 aswSP - ok
07:55:04.0223 4468 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
07:55:04.0243 4468 aswTdi - ok
07:55:04.0283 4468 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
07:55:04.0363 4468 AsyncMac - ok
07:55:04.0383 4468 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
07:55:04.0413 4468 atapi - ok
07:55:04.0573 4468 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
07:55:04.0795 4468 atikmdag - ok
07:55:04.0845 4468 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:55:04.0955 4468 AudioEndpointBuilder - ok
07:55:04.0985 4468 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
07:55:05.0055 4468 AudioSrv - ok
07:55:05.0165 4468 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
07:55:05.0195 4468 avast! Antivirus - ok
07:55:05.0235 4468 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
07:55:05.0305 4468 AxInstSV - ok
07:55:05.0355 4468 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
07:55:05.0415 4468 b06bdrv - ok
07:55:05.0455 4468 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
07:55:05.0495 4468 b57nd60a - ok
07:55:05.0517 4468 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
07:55:05.0564 4468 BDESVC - ok
07:55:05.0595 4468 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
07:55:05.0688 4468 Beep - ok
07:55:05.0704 4468 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
07:55:05.0751 4468 blbdrive - ok
07:55:05.0798 4468 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
07:55:05.0844 4468 bowser - ok
07:55:05.0860 4468 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
07:55:05.0907 4468 BrFiltLo - ok
07:55:05.0922 4468 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
07:55:05.0969 4468 BrFiltUp - ok
07:55:06.0016 4468 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
07:55:06.0078 4468 Browser - ok
07:55:06.0094 4468 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
07:55:06.0156 4468 Brserid - ok
07:55:06.0172 4468 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
07:55:06.0203 4468 BrSerWdm - ok
07:55:06.0234 4468 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
07:55:06.0281 4468 BrUsbMdm - ok
07:55:06.0297 4468 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
07:55:06.0344 4468 BrUsbSer - ok
07:55:06.0359 4468 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
07:55:06.0406 4468 BTHMODEM - ok
07:55:06.0437 4468 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
07:55:06.0515 4468 bthserv - ok
07:55:06.0531 4468 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
07:55:06.0609 4468 cdfs - ok
07:55:06.0640 4468 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
07:55:06.0687 4468 cdrom - ok
07:55:06.0718 4468 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
07:55:06.0874 4468 CertPropSvc - ok
07:55:06.0905 4468 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
07:55:06.0952 4468 circlass - ok
07:55:06.0983 4468 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
07:55:07.0030 4468 CLFS - ok
07:55:07.0108 4468 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:55:07.0139 4468 clr_optimization_v2.0.50727_32 - ok
07:55:07.0186 4468 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:55:07.0217 4468 clr_optimization_v2.0.50727_64 - ok
07:55:07.0358 4468 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:55:07.0389 4468 clr_optimization_v4.0.30319_32 - ok
07:55:07.0607 4468 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:55:07.0654 4468 clr_optimization_v4.0.30319_64 - ok
07:55:07.0670 4468 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
07:55:07.0716 4468 CmBatt - ok
07:55:07.0748 4468 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
07:55:07.0794 4468 cmdide - ok
07:55:07.0841 4468 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
07:55:07.0904 4468 CNG - ok
07:55:07.0919 4468 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
07:55:07.0950 4468 Compbatt - ok
07:55:07.0966 4468 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
07:55:08.0013 4468 CompositeBus - ok
07:55:08.0044 4468 COMSysApp - ok
07:55:08.0060 4468 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
07:55:08.0091 4468 crcdisk - ok
07:55:08.0153 4468 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
07:55:08.0200 4468 CryptSvc - ok
07:55:08.0247 4468 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
07:55:08.0309 4468 CSC - ok
07:55:08.0340 4468 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
07:55:08.0496 4468 CscService - ok
07:55:08.0543 4468 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
07:55:08.0637 4468 DcomLaunch - ok
07:55:08.0668 4468 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
07:55:08.0762 4468 defragsvc - ok
07:55:08.0808 4468 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
07:55:08.0855 4468 DfsC - ok
07:55:08.0886 4468 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
07:55:08.0949 4468 Dhcp - ok
07:55:08.0964 4468 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
07:55:09.0042 4468 discache - ok
07:55:09.0089 4468 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
07:55:09.0120 4468 Disk - ok
07:55:09.0167 4468 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
07:55:09.0198 4468 Dnscache - ok
07:55:09.0230 4468 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
07:55:09.0308 4468 dot3svc - ok
07:55:09.0323 4468 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
07:55:09.0401 4468 DPS - ok
07:55:09.0417 4468 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
07:55:09.0464 4468 drmkaud - ok
07:55:09.0510 4468 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
07:55:09.0557 4468 DXGKrnl - ok
07:55:09.0588 4468 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
07:55:09.0666 4468 EapHost - ok
07:55:09.0760 4468 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
07:55:09.0916 4468 ebdrv - ok
07:55:09.0947 4468 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
07:55:09.0994 4468 EFS - ok
07:55:10.0088 4468 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
07:55:10.0166 4468 ehRecvr - ok
07:55:10.0181 4468 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
07:55:10.0228 4468 ehSched - ok
07:55:10.0259 4468 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
07:55:10.0322 4468 elxstor - ok
07:55:10.0337 4468 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
07:55:10.0384 4468 ErrDev - ok
07:55:10.0415 4468 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
07:55:10.0509 4468 EventSystem - ok
07:55:10.0509 4468 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
07:55:10.0587 4468 exfat - ok
07:55:10.0602 4468 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
07:55:10.0665 4468 fastfat - ok
07:55:10.0712 4468 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
07:55:10.0790 4468 Fax - ok
07:55:10.0790 4468 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
07:55:10.0836 4468 fdc - ok
07:55:10.0852 4468 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
07:55:10.0914 4468 fdPHost - ok
07:55:10.0930 4468 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
07:55:11.0008 4468 FDResPub - ok
07:55:11.0024 4468 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
07:55:11.0039 4468 FileInfo - ok
07:55:11.0070 4468 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
07:55:11.0133 4468 Filetrace - ok
07:55:11.0148 4468 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
07:55:11.0164 4468 flpydisk - ok
07:55:11.0195 4468 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
07:55:11.0211 4468 FltMgr - ok
07:55:11.0289 4468 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
07:55:11.0367 4468 FontCache - ok
07:55:11.0414 4468 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:55:11.0429 4468 FontCache3.0.0.0 - ok
07:55:11.0445 4468 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
07:55:11.0476 4468 FsDepends - ok
07:55:11.0507 4468 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
07:55:11.0538 4468 Fs_Rec - ok
07:55:11.0585 4468 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
07:55:11.0632 4468 fvevol - ok
07:55:11.0663 4468 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
07:55:11.0694 4468 gagp30kx - ok
07:55:11.0726 4468 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
07:55:11.0804 4468 gpsvc - ok
07:55:11.0819 4468 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
07:55:11.0866 4468 hcw85cir - ok
07:55:11.0897 4468 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:55:11.0960 4468 HdAudAddService - ok
07:55:11.0975 4468 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
07:55:12.0038 4468 HDAudBus - ok
07:55:12.0053 4468 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
07:55:12.0084 4468 HidBatt - ok
07:55:12.0100 4468 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
07:55:12.0131 4468 HidBth - ok
07:55:12.0147 4468 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
07:55:12.0194 4468 HidIr - ok
07:55:12.0209 4468 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
07:55:12.0287 4468 hidserv - ok
07:55:12.0318 4468 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
07:55:12.0365 4468 HidUsb - ok
07:55:12.0396 4468 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
07:55:12.0459 4468 hkmsvc - ok
07:55:12.0490 4468 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:55:12.0537 4468 HomeGroupListener - ok
07:55:12.0584 4468 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll

Continued...

07:55:12.0646 4468 HomeGroupProvider - ok
07:55:12.0677 4468 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
07:55:12.0708 4468 HpSAMD - ok
07:55:12.0740 4468 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
07:55:12.0849 4468 HTTP - ok
07:55:12.0864 4468 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
07:55:12.0896 4468 hwpolicy - ok
07:55:12.0927 4468 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
07:55:12.0958 4468 i8042prt - ok
07:55:13.0005 4468 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
07:55:13.0052 4468 iaStorV - ok
07:55:13.0114 4468 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:55:13.0176 4468 idsvc - ok
07:55:13.0192 4468 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
07:55:13.0223 4468 iirsp - ok
07:55:13.0286 4468 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
07:55:13.0379 4468 IKEEXT - ok
07:55:13.0410 4468 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
07:55:13.0442 4468 intelide - ok
07:55:13.0488 4468 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
07:55:13.0520 4468 intelppm - ok
07:55:13.0535 4468 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
07:55:13.0629 4468 IPBusEnum - ok
07:55:13.0644 4468 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:55:13.0707 4468 IpFilterDriver - ok
07:55:13.0722 4468 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
07:55:13.0769 4468 IPMIDRV - ok
07:55:13.0785 4468 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
07:55:13.0847 4468 IPNAT - ok
07:55:13.0863 4468 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
07:55:13.0910 4468 IRENUM - ok
07:55:13.0925 4468 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
07:55:13.0956 4468 isapnp - ok
07:55:13.0988 4468 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
07:55:14.0019 4468 iScsiPrt - ok
07:55:14.0050 4468 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
07:55:14.0081 4468 kbdclass - ok
07:55:14.0112 4468 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
07:55:14.0144 4468 kbdhid - ok
07:55:14.0175 4468 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
07:55:14.0206 4468 KeyIso - ok
07:55:14.0237 4468 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
07:55:14.0253 4468 KSecDD - ok
07:55:14.0268 4468 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
07:55:14.0300 4468 KSecPkg - ok
07:55:14.0315 4468 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
07:55:14.0378 4468 ksthunk - ok
07:55:14.0424 4468 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
07:55:14.0487 4468 KtmRm - ok
07:55:14.0534 4468 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
07:55:14.0596 4468 LanmanServer - ok
07:55:14.0612 4468 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:55:14.0690 4468 LanmanWorkstation - ok
07:55:14.0721 4468 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
07:55:14.0814 4468 lltdio - ok
07:55:14.0846 4468 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
07:55:14.0924 4468 lltdsvc - ok
07:55:14.0955 4468 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
07:55:15.0017 4468 lmhosts - ok
07:55:15.0048 4468 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
07:55:15.0080 4468 LSI_FC - ok
07:55:15.0095 4468 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
07:55:15.0126 4468 LSI_SAS - ok
07:55:15.0142 4468 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
07:55:15.0173 4468 LSI_SAS2 - ok
07:55:15.0189 4468 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
07:55:15.0220 4468 LSI_SCSI - ok
07:55:15.0251 4468 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
07:55:15.0329 4468 luafv - ok
07:55:15.0423 4468 [ 3E6C47A46BDDE1B6B084012B5B69C069 ] Maxtor Sync Service C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe
07:55:15.0454 4468 Maxtor Sync Service - ok
07:55:15.0501 4468 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
07:55:15.0516 4468 MBAMProtector - ok
07:55:15.0594 4468 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
07:55:15.0626 4468 MBAMScheduler - ok
07:55:15.0672 4468 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
07:55:15.0719 4468 MBAMService - ok
07:55:15.0766 4468 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
07:55:15.0797 4468 Mcx2Svc - ok
07:55:15.0813 4468 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
07:55:15.0844 4468 megasas - ok
07:55:15.0875 4468 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
07:55:15.0906 4468 MegaSR - ok
07:55:15.0953 4468 Microsoft SharePoint Workspace Audit Service - ok
07:55:15.0984 4468 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
07:55:16.0062 4468 MMCSS - ok
07:55:16.0094 4468 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
07:55:16.0156 4468 Modem - ok
07:55:16.0203 4468 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
07:55:16.0250 4468 monitor - ok
07:55:16.0265 4468 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
07:55:16.0296 4468 mouclass - ok
07:55:16.0328 4468 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
07:55:16.0374 4468 mouhid - ok
07:55:16.0390 4468 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
07:55:16.0421 4468 mountmgr - ok
07:55:16.0437 4468 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
07:55:16.0468 4468 mpio - ok
07:55:16.0499 4468 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
07:55:16.0562 4468 mpsdrv - ok
07:55:16.0577 4468 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
07:55:16.0624 4468 MRxDAV - ok
07:55:16.0655 4468 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
07:55:16.0702 4468 mrxsmb - ok
07:55:16.0733 4468 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:55:16.0764 4468 mrxsmb10 - ok
07:55:16.0780 4468 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:55:16.0827 4468 mrxsmb20 - ok
07:55:16.0842 4468 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
07:55:16.0874 4468 msahci - ok
07:55:16.0889 4468 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
07:55:16.0920 4468 msdsm - ok
07:55:16.0936 4468 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
07:55:16.0983 4468 MSDTC - ok
07:55:17.0014 4468 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
07:55:17.0076 4468 Msfs - ok
07:55:17.0076 4468 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
07:55:17.0154 4468 mshidkmdf - ok
07:55:17.0170 4468 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
07:55:17.0201 4468 msisadrv - ok
07:55:17.0232 4468 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
07:55:17.0310 4468 MSiSCSI - ok
07:55:17.0326 4468 msiserver - ok
07:55:17.0342 4468 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
07:55:17.0420 4468 MSKSSRV - ok
07:55:17.0435 4468 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
07:55:17.0513 4468 MSPCLOCK - ok
07:55:17.0529 4468 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
07:55:17.0607 4468 MSPQM - ok
07:55:17.0622 4468 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
07:55:17.0669 4468 MsRPC - ok
07:55:17.0685 4468 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
07:55:17.0716 4468 mssmbios - ok
07:55:17.0732 4468 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
07:55:17.0810 4468 MSTEE - ok
07:55:17.0810 4468 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
07:55:17.0841 4468 MTConfig - ok
07:55:17.0872 4468 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
07:55:17.0903 4468 Mup - ok
07:55:17.0934 4468 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
07:55:18.0028 4468 napagent - ok
07:55:18.0059 4468 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
07:55:18.0122 4468 NativeWifiP - ok
07:55:18.0184 4468 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
07:55:18.0246 4468 NDIS - ok
07:55:18.0262 4468 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
07:55:18.0324 4468 NdisCap - ok
07:55:18.0356 4468 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
07:55:18.0434 4468 NdisTapi - ok
07:55:18.0465 4468 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
07:55:18.0543 4468 Ndisuio - ok
07:55:18.0558 4468 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
07:55:18.0621 4468 NdisWan - ok
07:55:18.0636 4468 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
07:55:18.0714 4468 NDProxy - ok
07:55:18.0746 4468 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
07:55:18.0808 4468 NetBIOS - ok
07:55:18.0839 4468 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
07:55:18.0902 4468 NetBT - ok
07:55:18.0917 4468 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
07:55:18.0964 4468 Netlogon - ok
07:55:18.0995 4468 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
07:55:19.0089 4468 Netman - ok
07:55:19.0120 4468 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
07:55:19.0214 4468 netprofm - ok
07:55:19.0229 4468 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:55:19.0260 4468 NetTcpPortSharing - ok
07:55:19.0292 4468 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
07:55:19.0307 4468 nfrd960 - ok
07:55:19.0338 4468 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
07:55:19.0416 4468 NlaSvc - ok
07:55:19.0432 4468 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
07:55:19.0510 4468 Npfs - ok
07:55:19.0541 4468 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
07:55:19.0604 4468 nsi - ok
07:55:19.0635 4468 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
07:55:19.0713 4468 nsiproxy - ok
07:55:19.0791 4468 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
07:55:19.0884 4468 Ntfs - ok
07:55:19.0900 4468 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
07:55:19.0978 4468 Null - ok
07:55:19.0994 4468 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
07:55:20.0025 4468 nvraid - ok
07:55:20.0056 4468 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
07:55:20.0087 4468 nvstor - ok
07:55:20.0103 4468 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
07:55:20.0134 4468 nv_agp - ok
07:55:20.0150 4468 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
07:55:20.0196 4468 ohci1394 - ok
07:55:20.0243 4468 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:55:20.0274 4468 ose - ok
07:55:20.0430 4468 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:55:20.0618 4468 osppsvc - ok
07:55:20.0649 4468 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
07:55:20.0711 4468 p2pimsvc - ok
07:55:20.0758 4468 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
07:55:20.0805 4468 p2psvc - ok
07:55:20.0852 4468 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
07:55:20.0883 4468 Parport - ok
07:55:20.0914 4468 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
07:55:20.0945 4468 partmgr - ok
07:55:20.0976 4468 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
07:55:21.0039 4468 PcaSvc - ok
07:55:21.0054 4468 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
07:55:21.0086 4468 pci - ok
07:55:21.0117 4468 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
07:55:21.0132 4468 pciide - ok
07:55:21.0164 4468 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
07:55:21.0195 4468 pcmcia - ok
07:55:21.0210 4468 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
07:55:21.0242 4468 pcw - ok
07:55:21.0273 4468 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
07:55:21.0382 4468 PEAUTH - ok
07:55:21.0444 4468 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
07:55:21.0538 4468 PeerDistSvc - ok
07:55:21.0600 4468 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
07:55:21.0647 4468 PerfHost - ok
07:55:21.0725 4468 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
07:55:21.0834 4468 pla - ok
07:55:21.0897 4468 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
07:55:21.0959 4468 PlugPlay - ok
07:55:21.0975 4468 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
07:55:22.0022 4468 PNRPAutoReg - ok
07:55:22.0037 4468 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
07:55:22.0084 4468 PNRPsvc - ok
07:55:22.0115 4468 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
07:55:22.0209 4468 PolicyAgent - ok
07:55:22.0256 4468 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
07:55:22.0334 4468 Power - ok
07:55:22.0365 4468 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
07:55:22.0427 4468 PptpMiniport - ok
07:55:22.0443 4468 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
07:55:22.0490 4468 Processor - ok
07:55:22.0521 4468 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
07:55:22.0568 4468 ProfSvc - ok
07:55:22.0599 4468 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe

Continued...

07:55:22.0630 4468 ProtectedStorage - ok
07:55:22.0661 4468 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
07:55:22.0724 4468 Psched - ok
07:55:22.0770 4468 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
07:55:22.0864 4468 ql2300 - ok
07:55:22.0880 4468 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
07:55:22.0911 4468 ql40xx - ok
07:55:22.0942 4468 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
07:55:22.0989 4468 QWAVE - ok
07:55:23.0020 4468 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
07:55:23.0067 4468 QWAVEdrv - ok
07:55:23.0067 4468 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
07:55:23.0129 4468 RasAcd - ok
07:55:23.0160 4468 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
07:55:23.0223 4468 RasAgileVpn - ok
07:55:23.0238 4468 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
07:55:23.0316 4468 RasAuto - ok
07:55:23.0332 4468 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
07:55:23.0410 4468 Rasl2tp - ok
07:55:23.0457 4468 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
07:55:23.0535 4468 RasMan - ok
07:55:23.0566 4468 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
07:55:23.0644 4468 RasPppoe - ok
07:55:23.0660 4468 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
07:55:23.0738 4468 RasSstp - ok
07:55:23.0769 4468 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
07:55:23.0862 4468 rdbss - ok
07:55:23.0878 4468 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
07:55:23.0909 4468 rdpbus - ok
07:55:23.0940 4468 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
07:55:24.0003 4468 RDPCDD - ok
07:55:24.0034 4468 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
07:55:24.0081 4468 RDPDR - ok
07:55:24.0112 4468 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
07:55:24.0190 4468 RDPENCDD - ok
07:55:24.0206 4468 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
07:55:24.0268 4468 RDPREFMP - ok
07:55:24.0299 4468 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
07:55:24.0362 4468 RDPWD - ok
07:55:24.0377 4468 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
07:55:24.0408 4468 rdyboost - ok
07:55:24.0440 4468 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
07:55:24.0533 4468 RemoteAccess - ok
07:55:24.0564 4468 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
07:55:24.0658 4468 RemoteRegistry - ok
07:55:24.0674 4468 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
07:55:24.0767 4468 RpcEptMapper - ok
07:55:24.0798 4468 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
07:55:24.0845 4468 RpcLocator - ok
07:55:24.0876 4468 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
07:55:24.0954 4468 RpcSs - ok
07:55:25.0001 4468 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
07:55:25.0064 4468 rspndr - ok
07:55:25.0095 4468 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
07:55:25.0126 4468 s3cap - ok
07:55:25.0142 4468 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
07:55:25.0173 4468 SamSs - ok
07:55:25.0204 4468 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
07:55:25.0235 4468 sbp2port - ok
07:55:25.0266 4468 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
07:55:25.0344 4468 SCardSvr - ok
07:55:25.0360 4468 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
07:55:25.0422 4468 scfilter - ok
07:55:25.0485 4468 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
07:55:25.0578 4468 Schedule - ok
07:55:25.0594 4468 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
07:55:25.0672 4468 SCPolicySvc - ok
07:55:25.0672 4468 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
07:55:25.0734 4468 SDRSVC - ok
07:55:25.0750 4468 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
07:55:25.0828 4468 secdrv - ok
07:55:25.0844 4468 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
07:55:25.0922 4468 seclogon - ok
07:55:25.0953 4468 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
07:55:26.0015 4468 SENS - ok
07:55:26.0046 4468 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
07:55:26.0093 4468 SensrSvc - ok
07:55:26.0093 4468 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
07:55:26.0140 4468 Serenum - ok
07:55:26.0156 4468 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
07:55:26.0187 4468 Serial - ok
07:55:26.0202 4468 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
07:55:26.0234 4468 sermouse - ok
07:55:26.0280 4468 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
07:55:26.0343 4468 SessionEnv - ok
07:55:26.0358 4468 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
07:55:26.0405 4468 sffdisk - ok
07:55:26.0436 4468 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
07:55:26.0468 4468 sffp_mmc - ok
07:55:26.0483 4468 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
07:55:26.0514 4468 sffp_sd - ok
07:55:26.0530 4468 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
07:55:26.0561 4468 sfloppy - ok
07:55:26.0577 4468 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:55:26.0639 4468 ShellHWDetection - ok
07:55:26.0670 4468 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
07:55:26.0686 4468 SiSRaid2 - ok
07:55:26.0733 4468 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
07:55:26.0764 4468 SiSRaid4 - ok
07:55:26.0780 4468 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
07:55:26.0858 4468 Smb - ok
07:55:26.0904 4468 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
07:55:26.0951 4468 SNMPTRAP - ok
07:55:26.0967 4468 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
07:55:26.0998 4468 spldr - ok
07:55:27.0045 4468 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
07:55:27.0107 4468 Spooler - ok
07:55:27.0216 4468 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
07:55:27.0388 4468 sppsvc - ok
07:55:27.0404 4468 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
07:55:27.0466 4468 sppuinotify - ok
07:55:27.0513 4468 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
07:55:27.0560 4468 srv - ok
07:55:27.0591 4468 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
07:55:27.0653 4468 srv2 - ok
07:55:27.0684 4468 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
07:55:27.0731 4468 srvnet - ok
07:55:27.0778 4468 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
07:55:27.0872 4468 SSDPSRV - ok
07:55:27.0887 4468 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
07:55:27.0950 4468 SstpSvc - ok
07:55:27.0981 4468 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
07:55:28.0012 4468 stexstor - ok
07:55:28.0059 4468 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
07:55:28.0137 4468 stisvc - ok
07:55:28.0168 4468 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
07:55:28.0199 4468 storflt - ok
07:55:28.0199 4468 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
07:55:28.0230 4468 storvsc - ok
07:55:28.0246 4468 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
07:55:28.0277 4468 swenum - ok
07:55:28.0324 4468 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
07:55:28.0402 4468 swprv - ok
07:55:28.0464 4468 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
07:55:28.0574 4468 SysMain - ok
07:55:28.0605 4468 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:55:28.0652 4468 TabletInputService - ok
07:55:28.0683 4468 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
07:55:28.0761 4468 TapiSrv - ok
07:55:28.0776 4468 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
07:55:28.0839 4468 TBS - ok
07:55:28.0917 4468 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
07:55:29.0026 4468 Tcpip - ok
07:55:29.0104 4468 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
07:55:29.0166 4468 TCPIP6 - ok
07:55:29.0198 4468 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
07:55:29.0276 4468 tcpipreg - ok
07:55:29.0291 4468 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
07:55:29.0322 4468 TDPIPE - ok
07:55:29.0369 4468 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
07:55:29.0400 4468 TDTCP - ok
07:55:29.0416 4468 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
07:55:29.0494 4468 tdx - ok
07:55:29.0510 4468 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
07:55:29.0541 4468 TermDD - ok
07:55:29.0588 4468 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
07:55:29.0666 4468 TermService - ok
07:55:29.0697 4468 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
07:55:29.0744 4468 Themes - ok
07:55:29.0775 4468 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
07:55:29.0837 4468 THREADORDER - ok
07:55:29.0853 4468 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
07:55:29.0931 4468 TrkWks - ok
07:55:30.0009 4468 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:55:30.0087 4468 TrustedInstaller - ok
07:55:30.0134 4468 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
07:55:30.0212 4468 tssecsrv - ok
07:55:30.0258 4468 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
07:55:30.0336 4468 tunnel - ok
07:55:30.0352 4468 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
07:55:30.0383 4468 uagp35 - ok
07:55:30.0399 4468 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
07:55:30.0492 4468 udfs - ok
07:55:30.0524 4468 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
07:55:30.0555 4468 UI0Detect - ok
07:55:30.0570 4468 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
07:55:30.0602 4468 uliagpkx - ok
07:55:30.0633 4468 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
07:55:30.0680 4468 umbus - ok
07:55:30.0695 4468 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
07:55:30.0742 4468 UmPass - ok
07:55:30.0773 4468 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
07:55:30.0820 4468 UmRdpService - ok
07:55:30.0851 4468 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
07:55:30.0929 4468 upnphost - ok
07:55:30.0960 4468 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
07:55:31.0007 4468 usbccgp - ok
07:55:31.0038 4468 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
07:55:31.0070 4468 usbcir - ok
07:55:31.0116 4468 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
07:55:31.0148 4468 usbehci - ok
07:55:31.0179 4468 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
07:55:31.0241 4468 usbhub - ok
07:55:31.0272 4468 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
07:55:31.0319 4468 usbohci - ok
07:55:31.0335 4468 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
07:55:31.0382 4468 usbprint - ok
07:55:31.0413 4468 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:55:31.0460 4468 USBSTOR - ok
07:55:31.0491 4468 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
07:55:31.0538 4468 usbuhci - ok
07:55:31.0569 4468 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
07:55:31.0662 4468 UxSms - ok
07:55:31.0678 4468 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
07:55:31.0709 4468 VaultSvc - ok
07:55:31.0756 4468 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
07:55:31.0787 4468 vdrvroot - ok
07:55:31.0818 4468 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
07:55:31.0881 4468 vds - ok
07:55:31.0912 4468 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
07:55:31.0959 4468 vga - ok
07:55:31.0974 4468 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
07:55:32.0052 4468 VgaSave - ok
07:55:32.0068 4468 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
07:55:32.0115 4468 vhdmp - ok
07:55:32.0130 4468 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
07:55:32.0162 4468 viaide - ok
07:55:32.0193 4468 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
07:55:32.0224 4468 vmbus - ok
07:55:32.0240 4468 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
07:55:32.0271 4468 VMBusHID - ok
07:55:32.0302 4468 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
07:55:32.0333 4468 volmgr - ok
07:55:32.0364 4468 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
07:55:32.0396 4468 volmgrx - ok
07:55:32.0427 4468 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
07:55:32.0474 4468 volsnap - ok
07:55:32.0489 4468 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
07:55:32.0520 4468 vsmraid - ok
07:55:32.0583 4468 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
07:55:32.0692 4468 VSS - ok
07:55:32.0708 4468 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
07:55:32.0754 4468 vwifibus - ok
07:55:32.0770 4468 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
07:55:32.0817 4468 vwififlt - ok
07:55:32.0848 4468 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
07:55:32.0926 4468 W32Time - ok
07:55:32.0957 4468 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
07:55:33.0004 4468 WacomPen - ok
07:55:33.0020 4468 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
07:55:33.0098 4468 WANARP - ok
07:55:33.0129 4468 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
07:55:33.0191 4468 Wanarpv6 - ok
07:55:33.0254 4468 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
07:55:33.0332 4468 WatAdminSvc - ok
07:55:33.0378 4468 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
07:55:33.0488 4468 wbengine - ok
07:55:33.0503 4468 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
07:55:33.0566 4468 WbioSrvc - ok
07:55:33.0597 4468 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
07:55:33.0659 4468 wcncsvc - ok
07:55:33.0690 4468 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:55:33.0737 4468 WcsPlugInService - ok
07:55:33.0753 4468 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
07:55:33.0784 4468 Wd - ok
07:55:33.0815 4468 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
07:55:33.0878 4468 Wdf01000 - ok
07:55:33.0893 4468 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
07:55:33.0940 4468 WdiServiceHost - ok
07:55:33.0956 4468 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
07:55:34.0002 4468 WdiSystemHost - ok
07:55:34.0049 4468 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
07:55:34.0096 4468 WebClient - ok
07:55:34.0127 4468 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
07:55:34.0205 4468 Wecsvc - ok
07:55:34.0221 4468 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
07:55:34.0283 4468 wercplsupport - ok
07:55:34.0314 4468 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
07:55:34.0392 4468 WerSvc - ok
07:55:34.0424 4468 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
07:55:34.0486 4468 WfpLwf - ok
07:55:34.0517 4468 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
07:55:34.0548 4468 WIMMount - ok
07:55:34.0548 4468 WinHttpAutoProxySvc - ok
07:55:34.0611 4468 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
07:55:34.0689 4468 Winmgmt - ok
07:55:34.0767 4468 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
07:55:34.0923 4468 WinRM - ok
07:55:34.0985 4468 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
07:55:35.0063 4468 Wlansvc - ok
07:55:35.0079 4468 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
07:55:35.0110 4468 WmiAcpi - ok
07:55:35.0141 4468 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
07:55:35.0204 4468 wmiApSrv - ok
07:55:35.0219 4468 WMPNetworkSvc - ok
07:55:35.0297 4468 [ 18A73C8E381FF1FC69052D8C647395DB ] wna3100m C:\Windows\system32\DRIVERS\wna3100m.sys
07:55:35.0344 4468 wna3100m - ok
07:55:35.0360 4468 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
07:55:35.0406 4468 WPCSvc - ok
07:55:35.0422 4468 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
07:55:35.0469 4468 WPDBusEnum - ok
07:55:35.0484 4468 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
07:55:35.0547 4468 ws2ifsl - ok
07:55:35.0547 4468 WSearch - ok
07:55:35.0625 4468 [ E7C84A8A763C460FE182F4DCBC17B9DC ] WSWNA3100M C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe
07:55:35.0656 4468 WSWNA3100M - ok
07:55:35.0672 4468 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
07:55:35.0750 4468 WudfPf - ok
07:55:35.0781 4468 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
07:55:35.0843 4468 WUDFRd - ok
07:55:35.0890 4468 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
07:55:35.0952 4468 wudfsvc - ok
07:55:35.0968 4468 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
07:55:36.0030 4468 WwanSvc - ok
07:55:36.0046 4468 ================ Scan global ===============================
07:55:36.0062 4468 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
07:55:36.0108 4468 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
07:55:36.0124 4468 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
07:55:36.0171 4468 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
07:55:36.0202 4468 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
07:55:36.0218 4468 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
07:55:36.0218 4468 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
07:55:36.0218 4468 ================ Scan MBR ==================================
07:55:36.0233 4468 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
07:55:36.0842 4468 \Device\Harddisk0\DR0 - ok
07:55:36.0842 4468 ================ Scan VBR ==================================
07:55:36.0842 4468 [ 9DC18978E4D0A457CF0E51F488BA9D64 ] \Device\Harddisk0\DR0\Partition1
07:55:36.0842 4468 \Device\Harddisk0\DR0\Partition1 - ok
07:55:36.0842 4468 ============================================================
07:55:36.0842 4468 Scan finished
07:55:36.0842 4468 ============================================================
07:55:36.0857 4456 Detected object count: 1
07:55:36.0857 4456 Actual detected object count: 1
07:56:00.0211 4456 C:\Windows\system32\services.exe - copied to quarantine
07:56:04.0073 4456 C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
07:56:04.0143 4456 C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
07:56:04.0247 4456 C:\Windows\installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\@ - copied to quarantine
07:56:04.0247 4456 C:\Windows\installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\L\00000004.@ - copied to quarantine
07:56:04.0247 4456 C:\Windows\installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U\00000004.@ - copied to quarantine
07:56:04.0330 4456 C:\Windows\installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U\00000008.@ - copied to quarantine
07:56:04.0350 4456 C:\Windows\installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U\000000cb.@ - copied to quarantine
07:56:04.0424 4456 C:\Windows\installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U\80000000.@ - copied to quarantine
07:56:17.0077 4456 Backup copy not found, trying to cure infected file..
07:56:17.0077 4456 C:\Windows\system32\services.exe - Cure failed (FFFFFFFF)
07:56:17.0077 4456 C:\Windows\system32\services.exe - processing error
07:56:17.0077 4456 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure
07:57:00.0694 0944 Deinitialize success

Just so u know. at the end of scan the tdss program dispayed in red "there are unprocessed malware objects". so yea, whatever that means. lol.

thank you much.

OTL log.

OTL logfile created on: 11/10/2012 12:36:59 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.94 Gb Total Physical Memory | 3.02 Gb Available Physical Memory | 76.70% Memory free
7.87 Gb Paging File | 6.92 Gb Available in Paging File | 87.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.50 Gb Total Space | 43.77 Gb Free Space | 58.76% Space Free | Partition Type: NTFS

Computer Name: ANTYUNO | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/10 12:36:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2012/10/30 20:27:08 | 000,692,152 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe
PRC - [2012/10/30 14:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 14:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/09/29 18:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/09/29 18:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/29 18:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2011/12/07 17:31:24 | 000,303,360 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe
PRC - [2011/12/06 17:16:14 | 008,364,288 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2007/09/28 11:24:36 | 000,156,976 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe
PRC - [2007/09/06 13:53:40 | 000,169,264 | ---- | M] (Maxtor Corporation) -- C:\Program Files (x86)\Maxtor\OneTouch Status\MaxMenuMgr.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/06 17:16:14 | 008,364,288 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe
MOD - [2011/09/13 15:57:20 | 000,282,624 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvcLib.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/10/30 14:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/07/13 17:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/09/29 18:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 18:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/12/07 17:31:24 | 000,303,360 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe -- (WSWNA3100M)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/09/28 11:24:36 | 000,156,976 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/10/30 14:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/10/30 14:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/10/30 14:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/10/30 14:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/10/30 14:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/10/15 07:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/09/29 18:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/02/29 22:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/28 20:43:42 | 001,057,896 | ---- | M] (NETGEAR Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wna3100m.sys -- (wna3100m)
DRV:64bit: - [2011/03/10 22:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/20 13:44:04 | 000,497,152 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 13:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://flickr.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B1 52 DC 21 20 B2 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/09/22 09:36:56 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2012/10/24 13:44:40 | 000,001,800 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [mxomssmenu] C:\Program Files (x86)\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\pnrpnsp.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing

Continued...

pher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36C1698D-ECD5-415E-9015-09E9ED2B7484}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/10 12:36:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/11/10 07:56:00 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/11/10 07:52:34 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Owner\Desktop\svchost.exe
[2012/11/04 11:46:22 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Owner\Desktop\tdsskiller
[2012/11/01 15:25:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2012/11/01 15:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/11/01 15:24:56 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/11/01 15:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/11/01 15:15:07 | 000,687,724 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\dds.com
[2012/11/01 08:21:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/11/01 08:21:23 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/11/01 08:21:22 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/11/01 08:21:15 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/11/01 08:21:14 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/11/01 08:21:13 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/11/01 08:21:08 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/11/01 08:21:07 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/11/01 08:20:25 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/11/01 08:20:24 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/11/01 08:20:03 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/11/01 08:20:03 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/11/01 08:09:45 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/10/26 08:27:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxtor
[2012/10/26 08:26:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Maxtor
[2012/10/26 08:26:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Maxtor
[2012/10/26 08:25:31 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012/10/25 16:43:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Red Sky
[2012/10/25 04:43:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/10/25 04:43:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/10/24 12:37:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/10/24 12:37:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/10/24 11:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100M Genie
[2012/10/24 11:42:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NETGEAR

========== Files - Modified Within 30 Days ==========

[2012/11/10 12:40:40 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/10 12:40:40 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/10 12:40:26 | 000,726,142 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/11/10 12:40:26 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/10 12:40:26 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/10 12:36:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/11/10 12:33:33 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012/11/10 12:33:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/10 12:33:22 | 3169,013,760 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/10 07:52:34 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Owner\Desktop\svchost.exe
[2012/11/04 11:47:59 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Owner\Desktop\tdsskiller
[2012/11/01 16:10:52 | 000,540,977 | ---- | M] () -- C:\Users\Owner\Desktop\adwcleaner.exe
[2012/11/01 15:24:58 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/01 15:15:08 | 000,687,724 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\dds.com
[2012/11/01 15:05:19 | 000,302,592 | ---- | M] () -- C:\Users\Owner\Desktop\jlp6jg2s.exe
[2012/11/01 08:21:08 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/10/30 14:51:56 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/10/30 14:51:55 | 000,984,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/10/30 14:51:55 | 000,370,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/10/30 14:51:55 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/10/30 14:51:53 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/10/30 14:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/10/30 14:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/10/30 14:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/10/25 09:21:42 | 000,001,292 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2012/10/25 08:35:50 | 000,001,437 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/10/25 04:46:51 | 000,416,056 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/10/25 02:29:46 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/10/25 02:29:42 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/10/24 13:44:40 | 000,001,800 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/10/24 11:42:18 | 000,001,048 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk
[2012/10/15 07:59:28 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys

========== Files Created - No Company Name ==========

[2012/11/01 16:10:48 | 000,540,977 | ---- | C] () -- C:\Users\Owner\Desktop\adwcleaner.exe
[2012/11/01 15:24:58 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/01 15:05:19 | 000,302,592 | ---- | C] () -- C:\Users\Owner\Desktop\jlp6jg2s.exe
[2012/11/01 08:21:07 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/10/25 02:29:46 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/10/25 02:29:42 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/10/24 11:42:18 | 000,001,048 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk
[2012/10/23 20:42:58 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012/10/01 13:36:36 | 000,033,134 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\UserTile.png
[2012/09/22 09:18:32 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2011/11/16 23:14:10 | 000,002,048 | -HS- | M] () -- C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\@
[2012/11/01 08:05:48 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\L
[2012/11/10 12:38:06 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U
[2012/11/10 07:58:53 | 000,000,804 | ---- | M] () -- C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\L\00000004.@
[2012/11/01 15:19:52 | 000,002,048 | ---- | M] () -- C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U\00000004.@
[2012/11/01 16:19:33 | 000,232,960 | ---- | M] () -- C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U\00000008.@
[2012/11/02 08:00:44 | 000,001,632 | ---- | M] () -- C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U\000000cb.@
[2012/10/30 15:52:12 | 000,015,360 | ---- | M] () -- C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U\80000000.@
[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2012/11/10 12:33:28 | 000,004,608 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2012/11/10 12:33:28 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 21:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 17:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========


========== Purity Check ==========


< End of report >

The log posted above is the otl extras. didnt c there was 2 log files. guess this is the original otl file.

otl log.

OTL logfile created on: 11/10/2012 12:36:59 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.94 Gb Total Physical Memory | 3.02 Gb Available Physical Memory | 76.70% Memory free
7.87 Gb Paging File | 6.92 Gb Available in Paging File | 87.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.50 Gb Total Space | 43.77 Gb Free Space | 58.76% Space Free | Partition Type: NTFS

Computer Name: ANTYUNO | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/10 12:36:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2012/10/30 20:27:08 | 000,692,152 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe
PRC - [2012/10/30 14:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 14:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/09/29 18:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/09/29 18:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/29 18:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2011/12/07 17:31:24 | 000,303,360 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe
PRC - [2011/12/06 17:16:14 | 008,364,288 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2007/09/28 11:24:36 | 000,156,976 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe
PRC - [2007/09/06 13:53:40 | 000,169,264 | ---- | M] (Maxtor Corporation) -- C:\Program Files (x86)\Maxtor\OneTouch Status\MaxMenuMgr.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/06 17:16:14 | 008,364,288 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe
MOD - [2011/09/13 15:57:20 | 000,282,624 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvcLib.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/10/30 14:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/07/13 17:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/09/29 18:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 18:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/12/07 17:31:24 | 000,303,360 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe -- (WSWNA3100M)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/09/28 11:24:36 | 000,156,976 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/10/30 14:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/10/30 14:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/10/30 14:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/10/30 14:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/10/30 14:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/10/15 07:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/09/29 18:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/02/29 22:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/28 20:43:42 | 001,057,896 | ---- | M] (NETGEAR Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wna3100m.sys -- (wna3100m)
DRV:64bit: - [2011/03/10 22:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/20 13:44:04 | 000,497,152 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 13:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://flickr.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B1 52 DC 21 20 B2 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/09/22 09:36:56 | 000,000,000 | ---D | M]

Continued....


O1 HOSTS File: ([2012/10/24 13:44:40 | 000,001,800 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [mxomssmenu] C:\Program Files (x86)\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\pnrpnsp.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36C1698D-ECD5-415E-9015-09E9ED2B7484}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/10 12:36:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/11/10 07:56:00 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/11/10 07:52:34 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Owner\Desktop\svchost.exe
[2012/11/04 11:46:22 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Owner\Desktop\tdsskiller
[2012/11/01 15:25:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2012/11/01 15:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/11/01 15:24:56 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/11/01 15:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/11/01 15:15:07 | 000,687,724 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\dds.com
[2012/11/01 08:21:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/11/01 08:21:23 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/11/01 08:21:22 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/11/01 08:21:15 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/11/01 08:21:14 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/11/01 08:21:13 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/11/01 08:21:08 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/11/01 08:21:07 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/11/01 08:20:25 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/11/01 08:20:24 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/11/01 08:20:03 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/11/01 08:20:03 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/11/01 08:09:45 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/10/26 08:27:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxtor
[2012/10/26 08:26:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Maxtor
[2012/10/26 08:26:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Maxtor
[2012/10/26 08:25:31 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012/10/25 16:43:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Red Sky
[2012/10/25 04:43:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/10/25 04:43:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/10/24 12:37:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/10/24 12:37:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/10/24 11:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100M Genie
[2012/10/24 11:42:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NETGEAR

========== Files - Modified Within 30 Days ==========

[2012/11/10 12:40:40 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/10 12:40:40 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/10 12:40:26 | 000,726,142 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/11/10 12:40:26 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/10 12:40:26 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/10 12:36:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/11/10 12:33:33 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012/11/10 12:33:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/10 12:33:22 | 3169,013,760 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/10 07:52:34 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Owner\Desktop\svchost.exe
[2012/11/04 11:47:59 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Owner\Desktop\tdsskiller
[2012/11/01 16:10:52 | 000,540,977 | ---- | M] () -- C:\Users\Owner\Desktop\adwcleaner.exe
[2012/11/01 15:24:58 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/01 15:15:08 | 000,687,724 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\dds.com
[2012/11/01 15:05:19 | 000,302,592 | ---- | M] () -- C:\Users\Owner\Desktop\jlp6jg2s.exe
[2012/11/01 08:21:08 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/10/30 14:51:56 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/10/30 14:51:55 | 000,984,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/10/30 14:51:55 | 000,370,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/10/30 14:51:55 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/10/30 14:51:53 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/10/30 14:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/10/30 14:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/10/30 14:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/10/25 09:21:42 | 000,001,292 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2012/10/25 08:35:50 | 000,001,437 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/10/25 04:46:51 | 000,416,056 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/10/25 02:29:46 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/10/25 02:29:42 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/10/24 13:44:40 | 000,001,800 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/10/24 11:42:18 | 000,001,048 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk
[2012/10/15 07:59:28 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys

========== Files Created - No Company Name ==========

[2012/11/01 16:10:48 | 000,540,977 | ---- | C] () -- C:\Users\Owner\Desktop\adwcleaner.exe
[2012/11/01 15:24:58 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/01 15:05:19 | 000,302,592 | ---- | C] () -- C:\Users\Owner\Desktop\jlp6jg2s.exe
[2012/11/01 08:21:07 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/10/25 02:29:46 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/10/25 02:29:42 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/10/24 11:42:18 | 000,001,048 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk
[2012/10/23 20:42:58 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012/10/01 13:36:36 | 000,033,134 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\UserTile.png
[2012/09/22 09:18:32 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2011/11/16 23:14:10 | 000,002,048 | -HS- | M] () -- C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\@
[2012/11/01 08:05:48 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\L
[2012/11/10 12:38:06 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U
[2012/11/10 07:58:53 | 000,000,804 | ---- | M] () -- C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\L\00000004.@
[2012/11/01 15:19:52 | 000,002,048 | ---- | M] () -- C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U\00000004.@
[2012/11/01 16:19:33 | 000,232,960 | ---- | M] () -- C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U\00000008.@
[2012/11/02 08:00:44 | 000,001,632 | ---- | M] () -- C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U\000000cb.@
[2012/10/30 15:52:12 | 000,015,360 | ---- | M] () -- C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U\80000000.@
[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2012/11/10 12:33:28 | 000,004,608 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2012/11/10 12:33:28 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 21:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 17:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========


========== Purity Check ==========


< End of report >

OTL log.

All processes killed
========== OTL ==========
C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\@ moved successfully.
C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\L folder moved successfully.
C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U folder moved successfully.
File C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\L\00000004.@ not found.
File C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U\00000004.@ not found.
File C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U\00000008.@ not found.
File C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U\000000cb.@ not found.
File C:\Windows\Installer\{61c191d9-7645-28ae-740b-ebf7ee023bc1}\U\80000000.@ not found.
C:\Windows\assembly\Desktop.ini moved successfully.
C:\Windows\assembly\GAC_32\Desktop.ini moved successfully.
C:\Windows\assembly\GAC_64\Desktop.ini moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Owner\Desktop\antivirusSoft\cmd.bat deleted successfully.
C:\Users\Owner\Desktop\antivirusSoft\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Owner
->Temp folder emptied: 2098210 bytes
->Temporary Internet Files folder emptied: 67314169 bytes
->Flash cache emptied: 1511 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 114012661 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46445031 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 219.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11112012_132042
Files\Folders moved on Reboot...
C:\Users\Owner\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...