Jump to content

nick800

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Logfile of random's system information tool 1.08 (written by random/random) Run by Nick at 2011-05-26 18:30:40 Microsoft
  2. OTL logfile created on: 25/05/2011 3:19:21 PM - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Nick\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.17037) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy 3.00 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 49.62% Memory free 6.17 Gb Paging File | 4.93 Gb Available in Paging File | 79.83% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 228.13 Gb Total Space | 44.26 Gb Free Space | 19.40% Space Free | Partition Type: NTFS Drive D: | 227.87 Gb Total Space | 166.06 Gb Free Space | 72.87% Space Free | Partition Type: NTFS Computer Name: NICK-PC | User Name: Nick | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Nick\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) PRC - C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe (Logitech Inc.) PRC - C:\Program Files\Saitek\SD6\Software\SaiMfd.exe (Saitek) PRC - C:\Program Files\Saitek\SD6\Software\ProfilerU.exe (Saitek) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.) PRC - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe (Acer Inc.) PRC - C:\Acer\Empowering Technology\SysMonitor.exe () PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software) PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT) PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST) PRC - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe () PRC - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel® Corporation) PRC - C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe () PRC - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\Nick\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (CLTNetCnService) -- File not found SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.) SRV - (Acer HomeMedia Connect Service) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink) SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software) SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT) SRV - (AcerMemUsageCheckService) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe () SRV - (AlertService) Intel® -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel® Corporation) SRV - (QualityManager) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe (Intel® Corporation) SRV - (Remote UI Service) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel® Corporation) SRV - (MCLServiceATL) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel® Corporation) SRV - (IntelDHSvcConf) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe (Intel® Corporation) SRV - (DHTRACE) Intel® -- C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe (Intel® Corporation) SRV - (ISSM) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe (Intel® Corporation) SRV - (NMSCore) Intel® -- C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe (Intel® Corporation) SRV - (M1 Server) Intel® Viiv -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe () SRV - (IAANTMON) Intel® -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (DQLWinService) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe () ========== Driver Services (SafeList) ========== DRV - (MpKsl85ad75ac) -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9054C1D5-CB19-489C-93DA-AA97AB8E8FCB}\MpKsl85ad75ac.sys (Microsoft Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (SaiNtBus) -- C:\Windows\System32\drivers\SaiBus.sys (Saitek) DRV - (SaiMini) -- C:\Windows\System32\drivers\SaiMini.sys (Saitek) DRV - (SaiK0CC3) -- C:\Windows\System32\drivers\SaiK0CC3.sys (Saitek) DRV - (SaiU0CC3) -- C:\Windows\System32\drivers\SaiU0CC3.sys (Saitek) DRV - (LGVirHid) -- C:\Windows\System32\drivers\LGVirHid.sys (Logitech Inc.) DRV - (LGBusEnum) -- C:\Windows\System32\drivers\LGBusEnum.sys (Logitech Inc.) DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation) DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies) DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys (Acer, Inc.) DRV - (e1express) Intel® -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation) DRV - (TSHWMDTCP) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys () DRV - (nmsunidr) -- C:\Windows\System32\drivers\nmsunidr.sys (Gteko Ltd.) DRV - (WSVD) -- C:\Windows\System32\drivers\WSVD.sys (Wasay) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.ca.acer.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search" FF - prefs.js..browser.startup.homepage: "http://www.google.ca/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4dbbb8ad&v=6.103.018.001&i=26&tp=ab&iy=&ychte=ca&lng=en-US&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 12:38:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 12:38:47 | 000,000,000 | ---D | M] [2010/05/04 17:45:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nick\AppData\Roaming\Mozilla\Extensions [2011/05/24 21:58:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\gfc1v2n8.default\extensions [2010/05/06 15:31:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\gfc1v2n8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/10/22 13:51:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/10/22 13:51:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/10/22 13:51:35 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll O1 HOSTS File: ([2011/05/24 22:35:43 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe () O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe () O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer Registration\ACE1.exe (Leader Technologies) O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.) O4 - HKLM..\Run: [CCUTRAYICON] File not found O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST) O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation) O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe () O4 - HKLM..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe (Saitek) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [saiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe (Saitek) O4 - HKCU..\Run: [Acer Tour Reminder] File not found O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe () O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab (System Requirements Lab Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Nick\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Nick\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/05/25 15:14:50 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Nick\Desktop\OTL.exe [2011/05/24 22:36:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011/05/24 22:36:53 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\temp [2011/05/24 22:27:46 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2011/05/24 22:27:46 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011/05/24 22:27:46 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011/05/24 22:27:46 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011/05/24 22:27:41 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011/05/24 22:27:34 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW [2011/05/24 22:22:14 | 000,000,000 | ---D | C] -- C:\Config.Msi [2011/05/24 22:14:15 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/05/24 22:08:12 | 004,293,296 | R--- | C] (Swearware) -- C:\Users\Nick\Desktop\ComboFix.exe [2011/05/24 21:55:49 | 001,422,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Nick\Desktop\TDSSKiller.exe [2011/05/24 16:40:10 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Nick\Desktop\HijackThis.exe [2011/05/24 16:20:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2011/05/07 03:01:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2008/11/18 17:28:26 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe [2007/07/10 19:00:17 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/05/25 15:14:53 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Nick\Desktop\OTL.exe [2011/05/25 14:45:25 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/05/25 14:45:25 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/05/25 09:50:59 | 000,631,234 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/05/25 09:50:59 | 000,111,812 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/05/25 09:45:24 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat [2011/05/25 09:45:21 | 3220,389,888 | -HS- | M] () -- C:\hiberfil.sys [2011/05/24 22:35:43 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2011/05/24 22:12:34 | 000,000,000 | ---- | M] () -- C:\Users\Nick\AppData\Local\prvlcl.dat [2011/05/24 22:08:24 | 004,293,296 | R--- | M] (Swearware) -- C:\Users\Nick\Desktop\ComboFix.exe [2011/05/24 20:19:56 | 000,124,416 | ---- | M] () -- C:\Users\Nick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/05/24 16:40:17 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Nick\Desktop\HijackThis.exe [2011/05/24 16:20:56 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif [2011/05/24 11:02:30 | 001,422,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Nick\Desktop\TDSSKiller.exe [2011/05/10 20:49:18 | 000,001,134 | ---- | M] () -- C:\Users\Nick\AppData\Roaming\wklnhst.dat [2011/05/05 19:44:23 | 000,000,214 | ---- | M] () -- C:\Users\Nick\Desktop\Garry's Mod.url [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/05/24 22:27:46 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2011/05/24 22:27:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011/05/24 22:27:46 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2011/05/24 22:27:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011/05/24 22:27:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011/05/24 22:24:33 | 3220,389,888 | -HS- | C] () -- C:\hiberfil.sys [2011/05/24 16:20:56 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif [2011/05/24 16:20:38 | 000,001,812 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2011/05/05 19:44:23 | 000,000,214 | ---- | C] () -- C:\Users\Nick\Desktop\Garry's Mod.url [2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011/01/13 22:39:00 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll [2011/01/10 19:24:07 | 000,669,184 | ---- | C] () -- C:\Windows\System32\pbsvc.exe [2010/11/10 21:21:46 | 000,000,000 | ---- | C] () -- C:\Users\Nick\AppData\Local\prvlcl.dat [2010/10/18 20:12:16 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini [2010/10/05 18:35:15 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010/10/05 18:35:09 | 000,022,328 | ---- | C] () -- C:\Users\Nick\AppData\Roaming\PnkBstrK.sys [2010/10/05 18:34:51 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2010/10/05 18:34:50 | 002,601,752 | ---- | C] () -- C:\Windows\System32\pbsvc_moh.exe [2010/10/05 18:34:50 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2010/07/07 16:27:30 | 000,034,501 | ---- | C] () -- C:\Windows\scunin.dat [2010/05/20 15:44:50 | 000,002,535 | ---- | C] () -- C:\Windows\System32\msexcr.ini [2010/05/20 12:36:17 | 000,001,134 | ---- | C] () -- C:\Users\Nick\AppData\Roaming\wklnhst.dat [2010/05/19 17:59:05 | 000,076,279 | ---- | C] () -- C:\Windows\War3Unin.dat [2010/05/16 19:01:35 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2010/05/16 19:01:35 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2010/05/16 19:01:35 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2010/05/16 16:26:08 | 000,035,929 | ---- | C] () -- C:\Windows\DIIUnin.dat [2010/05/06 12:30:23 | 000,000,020 | ---- | C] () -- C:\Windows\System32\IGFXDEV.DLL [2010/05/05 21:08:09 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2010/05/04 22:44:26 | 000,124,416 | ---- | C] () -- C:\Users\Nick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/09/01 05:31:56 | 000,022,723 | ---- | C] () -- C:\Windows\System32\ssp2ml3.dll [2008/11/18 20:21:19 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll [2008/11/18 20:13:43 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll [2008/11/18 17:30:12 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini [2008/11/18 17:30:11 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini [2008/11/18 17:28:26 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe [2008/11/18 17:26:28 | 000,001,356 | ---- | C] () -- C:\Users\Nick\AppData\Local\d3d9caps.dat [2007/07/10 19:00:15 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll [2007/07/10 18:13:03 | 000,000,754 | ---- | C] () -- C:\Windows\generic.ini [2007/07/10 18:13:03 | 000,000,107 | ---- | C] () -- C:\Windows\Alaunch.ini [2007/07/10 18:12:59 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1283.dll [2007/04/25 19:33:22 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll [2007/04/25 19:32:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll [2007/04/25 19:32:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll [2007/04/25 19:31:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll [2007/04/25 19:30:44 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll [2006/12/25 18:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll [2006/11/13 08:50:06 | 000,071,680 | ---- | C] () -- C:\Windows\System32\HTCA_SelfExtract.bin [2006/11/02 08:57:28 | 000,067,584 | ---- | C] () -- C:\Windows\bootstat.dat [2006/11/02 08:47:37 | 000,295,896 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 06:33:01 | 000,631,234 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 06:33:01 | 000,111,812 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006/11/02 03:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2006/11/02 03:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2001/12/26 18:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001/09/04 01:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001/07/30 18:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001/07/24 00:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll ========== LOP Check ========== [2008/11/18 17:32:25 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\Acer [2010/10/18 14:53:04 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\AVG10 [2010/05/07 11:55:36 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\AVG9 [2011/03/04 19:56:09 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\DarksporeData [2010/06/13 21:57:13 | 000,000,000 | -H-D | M] -- C:\Users\Nick\AppData\Roaming\ijjigame [2008/11/18 17:32:25 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\Leadertech [2010/08/27 14:57:27 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\LolClient [2011/01/23 20:11:57 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files [2010/12/17 22:30:45 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\Regensoft [2011/03/02 18:40:28 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\RIFT [2010/07/07 21:22:51 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\runic games [2011/04/12 17:20:15 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\SystemRequirementsLab [2010/05/20 12:36:18 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\Template [2011/05/25 15:15:45 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\uTorrent [2011/05/24 22:43:13 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report >
  3. OTL Extras logfile created on: 25/05/2011 3:19:21 PM - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Nick\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.17037) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy 3.00 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 49.62% Memory free 6.17 Gb Paging File | 4.93 Gb Available in Paging File | 79.83% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 228.13 Gb Total Space | 44.26 Gb Free Space | 19.40% Space Free | Partition Type: NTFS Drive D: | 227.87 Gb Total Space | 166.06 Gb Free Space | 72.87% Space Free | Partition Type: NTFS Computer Name: NICK-PC | User Name: Nick | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu -- (Acer Inc.) "C:\Acer\Empowering Technology\eDataSecurity\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption -- (HiTRUST) "C:\Acer\Empowering Technology\eDataSecurity\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption -- (HiTRUST) ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{08320144-CFAD-4EBE-8385-AEE9E498B0B1}" = lport=2869 | protocol=6 | dir=in | app=system | "{1BD42E88-FF3B-4A7F-8612-4DFEBB43CE8C}" = lport=8378 | protocol=17 | dir=in | name=league of legends launcher | "{1CE13C76-DF27-4F15-8937-F1DA12FCE50F}" = lport=8381 | protocol=17 | dir=in | name=league of legends launcher | "{4219261E-5028-41C1-B5A5-400AF9C56B69}" = lport=8378 | protocol=6 | dir=in | name=league of legends launcher | "{6E7FE167-A2A5-44CF-B99E-41705FEF1112}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{95584D2D-F590-4CE6-AF58-01BE25D5D900}" = lport=8379 | protocol=17 | dir=in | name=league of legends launcher | "{9B14CD66-359C-44C6-B0BD-192A8B05D7AB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{BA5DE8FF-12F3-4040-8F58-11233D0DED7F}" = lport=9442 | protocol=17 | dir=in | name=intel® viiv media server discovery | "{D75CFDA2-702B-4159-B21B-F646894244AF}" = lport=8379 | protocol=6 | dir=in | name=league of legends launcher | "{E6B232D8-2716-4430-9CCC-022D2F6C0504}" = lport=1900 | protocol=17 | dir=in | name=intel® viiv media server upnp discovery | "{F6B91D3B-0E03-4201-B674-AF4D0CB1AAB3}" = lport=8381 | protocol=6 | dir=in | name=league of legends launcher | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02FDEE64-5FE5-4248-B979-72D692C92FD4}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | "{09FE7E36-D12C-473F-B54D-0E0AA7FFFEE5}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe | "{0F89B4ED-5EB7-4293-8F52-E503F0205D4D}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{14916889-C276-4BE8-8AF0-17057900E5AE}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe | "{14BB6B72-0D1C-4061-9D6B-237336F8DED0}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe | "{19C76126-2641-45DC-AF55-3109F8EED6F0}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | "{1A70E062-B563-418D-B6A5-74107E6D6456}" = protocol=6 | dir=in | app=c:\program files\electronic arts\darkspore\darksporebin\darkspore.exe | "{1D3A0440-3A49-4957-A86C-528EDE110455}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | "{207B4621-2B0E-4410-AB04-9A43022604AE}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{287BA272-D032-433E-A8A7-6AEDD2FA4BEC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{28F35438-31FC-4C73-815B-9663E1643A50}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.0-enus-downloader.exe | "{2C235BAC-DC85-4A36-9878-570A49AC3B73}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe | "{3240D452-2D4B-4D96-84FD-4B64D954133C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\arron07\garrysmod\hl2.exe | "{349BCD52-42AB-4E7F-B005-14228111AFC8}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe | "{34AA4646-5FE1-4961-9C47-2E5AE095E033}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{37579BC0-C199-4D2B-BBA0-8AFAD59DCEF2}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe | "{39CCFEBB-677E-4877-B865-7B6581B663DE}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{3D205A63-04BB-411A-B32A-F1C456117235}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe | "{3F16FB17-0C1C-4C0A-8B90-55D3A3C7CBC3}" = protocol=6 | dir=in | app=c:\program files\ijji\ijji reactor\ijjioptimizer.exe | "{40E95882-8F14-4AC0-A72B-D7B73851351E}" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\launcher.patch.exe | "{41DCE02C-9070-4DE4-A4AA-097557D75583}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\acer videomagician.exe | "{4309A72B-AC97-4498-B11F-DA6A3792E3B9}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe | "{43B1AF57-1E69-43E5-9CB2-6214CEF47715}" = dir=in | app=c:\program files\itunes\itunes.exe | "{48691538-1026-4557-A86F-9909A7595CA3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\arron07\garrysmod\hl2.exe | "{48AD5E13-6ACD-449E-A234-55C886EAB4D9}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe | "{4AEB733A-4F4E-4A92-A5BA-CF34FF56962F}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe | "{4E61669F-D25E-4EA5-9CE2-4808B7B7E3EA}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{4F709574-AC90-44C4-8CDF-B7021F64EC75}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | "{4FDA5B7A-AD9A-46D0-B8E9-64C5B5DDF3C2}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe | "{5A8AD70F-9DD5-4D8A-9B7C-E626EC865F3A}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe | "{5AE28BE9-5B32-4C3F-BE69-1D5A30C0B1DF}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.0-enus-downloader.exe | "{602A311F-540B-4709-AABB-B94A90AB418E}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{6548A414-255F-44D5-A432-6F1EA14BBB52}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{67608B33-8F16-42CE-8AF8-3107AABB90ED}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe | "{689BF6DD-8C23-4E31-9146-3CF54DCD2717}" = protocol=17 | dir=in | app=c:\program files\electronic arts\the lord of the rings, the rise of the witch-king\game.dat | "{6C205EE7-6E99-49C4-974F-7B80F2BBA6F0}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe | "{6CBBBB27-BD8F-47F4-BCEC-8B4C233762F1}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe | "{6D76E5F5-765D-474E-992C-0C9AF019E89B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{6F9CE08E-5F9D-45A9-8EB0-4A634D307384}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{712344DC-3475-4A33-8CE2-9D00FC463310}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{7390071F-4922-4142-AA4C-DF0770FB8749}" = protocol=6 | dir=in | app=c:\program files\electronic arts\medal of honor mp open beta\mohmpupdater.exe | "{7A6AA98C-06E4-4F27-8B04-11A91DCEE65F}" = protocol=17 | dir=in | app=c:\program files\electronic arts\darkspore\darksporebin\darkspore.exe | "{7C9FDE30-4479-4A8C-B442-30EEC3FA0A53}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | "{7D292709-4806-4DDE-B2AE-70A81634EF97}" = protocol=6 | dir=in | app=c:\program files\electronic arts\the battle for middle-earth ii\game.dat | "{7F86B920-53C3-49A1-85E3-E004FC072142}" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\launcher.exe | "{811C9E28-08A4-4B13-973F-AD5F208F9A83}" = protocol=17 | dir=in | app=c:\program files\electronic arts\medal of honor mp open beta\mohmpupdater.exe | "{836F2C42-56E7-4F8C-B55A-55436C27A753}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3x.exe | "{84F46484-C76E-4861-8975-A604429ABA50}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{857E0EA8-AEE5-409D-BD76-35FD18E20BFD}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe | "{863D625F-0A02-4867-AA79-8F10B720AEF3}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe | "{86AEC65C-DBF7-46C8-BE53-3CC46ADA7EFA}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{8C8C87A6-68A5-4280-80CD-4793030EF4F6}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{8F0CA115-A418-4B23-A181-528822284301}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe | "{8FF0B0B5-E46A-4922-AC55-8215565D2C17}" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\launcher.patch.exe | "{91B2FB4D-344C-4E4C-A87C-22642230DFEF}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{9361F589-2C58-4607-9F3E-7EDDFC19A2FB}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\acer dv magician.exe | "{9742A5CA-5FDC-48D4-8CD0-CF19D79A8B27}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{9971D875-30D4-4AC0-8938-A0DBED266529}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe | "{999B170F-BED1-40D2-9E30-3EAE5B6EA264}" = protocol=17 | dir=in | app=c:\program files\ijji\ijji reactor\ijjioptimizer.exe | "{A1D59D45-3DDF-469D-9DE9-51A810813921}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{A2D23F29-8025-4936-820A-3DAB76AE31ED}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe | "{A5E2F4F9-4ACC-49D9-8E12-34C554A9F1C5}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe | "{A5FDA8B2-3A02-4486-85AD-6A7704897B16}" = protocol=6 | dir=in | app=c:\program files\electronic arts\the lord of the rings, the rise of the witch-king\game.dat | "{A6F6AFBC-E5E3-4FE5-99E2-7A541B465AFF}" = dir=in | app=c:\program files\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe | "{B2D10C74-4721-4F0B-A41A-7192555F055A}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe | "{B480AA2E-435C-46D3-B10C-CEBB9E4464DD}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | "{B8A9786B-41EC-4444-9633-78E6A090B347}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe | "{BCF9EA3A-39B0-4D3D-A4FF-2CF115F75C14}" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\launcher.exe | "{C1F47FE3-186E-414E-A484-CC9C16778858}" = protocol=17 | dir=in | app=c:\program files\electronic arts\the battle for middle-earth ii\game.dat | "{C42FEA86-940C-43FE-A9AA-4CF7A49F3D9D}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | "{C70677E0-F7F5-43E3-A5AE-8284AA97F0F0}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe | "{CB7A8998-4B1E-4D90-B5D9-67E2D40F82F4}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\acer dvdivine.exe | "{D1E30DAF-E7C9-4B24-942B-FF7CF52DEAE1}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe | "{D3075C8D-54AA-4573-89D5-873FD4561B65}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | "{D68DDEBB-E3A2-45D8-B957-9871FA0C47FB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{D7C7B185-CD7A-4FB4-9C8F-E488FF26D873}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\acer homemedia.exe | "{E367A69F-468B-4098-88AF-2D09BA3CAF14}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{E37D4661-1F10-4601-B312-3ABEEA43A718}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{EA07C234-CD94-4381-B9AD-FB5B74484FDE}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe | "{F514D5DD-3D8D-4015-8CF7-96B99D3333C1}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{F9116531-D140-4A84-9798-19C0F74ABEA6}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe | "{FCFFE81E-383B-443F-95C1-49030A4C07A8}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3x.exe | "TCP Query User{00230FFF-2F57-472C-B33C-9630D3A94B57}C:\riot games\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | "TCP Query User{0186AE36-EB9C-44C8-B414-D8EECFE1F4E6}C:\program files\ijji\ijji reactor\reactor.exe" = protocol=6 | dir=in | app=c:\program files\ijji\ijji reactor\reactor.exe | "TCP Query User{0738757B-3519-426F-8B21-071DA0B52232}C:\users\public\games\world of warcraft\blizzard downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\blizzard downloader.exe | "TCP Query User{0871AE78-BF42-4498-9B84-76B0E8BBAB93}C:\program files\microsoft games\project s\spartan.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\project s\spartan.exe | "TCP Query User{1B6BC4BE-5CE5-4EFF-AFB4-A346E11A8568}C:\users\public\games\world of warcraft\wow-2.1.1.1897-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-2.1.1.1897-enus-tools-downloader.exe | "TCP Query User{1E9AC2D9-C90B-4A34-90E3-809C8B3A48B3}C:\users\public\games\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe | "TCP Query User{2D08CF57-B381-4C8F-8465-134048A10798}C:\program files\starcraft ii\versions\base16755\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16755\sc2.exe | "TCP Query User{324663B5-BEDB-41FC-A80F-3602B20736FD}C:\program files\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe | "TCP Query User{346BB709-204F-40BE-86E8-A2F5FAAC2022}C:\users\public\games\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe | "TCP Query User{39D828B4-6D68-4C30-BFCC-0B3257313927}C:\program files\electronic arts\the lord of the rings, the rise of the witch-king\patchget.dat" = protocol=6 | dir=in | app=c:\program files\electronic arts\the lord of the rings, the rise of the witch-king\patchget.dat | "TCP Query User{3C936C8C-5B6C-46FB-83A9-6EF9F08D3DF9}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe | "TCP Query User{43291287-A06E-484E-AFAA-77E3ABF094AC}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe | "TCP Query User{43BF4E3C-809B-45B2-80F4-04FEFA8F8ED8}C:\program files\steam\steamapps\daniel570\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\daniel570\counter-strike source\hl2.exe | "TCP Query User{5406790C-EC0F-4AD9-90A9-7200A68BE7F5}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe | "TCP Query User{69A6EE31-FB1E-4005-A2DA-6256336BA275}C:\users\public\games\world of warcraft\repair.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\repair.exe | "TCP Query User{6DC4335D-5F5A-4DA4-B88F-B5FF0858A941}C:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-enus-downloader.exe | "TCP Query User{71F63264-7474-4B76-9330-A71C9AAC1363}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "TCP Query User{775BE630-FF46-4261-BF88-9EB1C3FBA1E5}C:\users\public\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe | "TCP Query User{85AEA624-64A8-4D75-85A7-0B1CF5C6117F}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe | "TCP Query User{9D98FEB3-FD99-4C93-8812-BAFD39B6D733}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2103-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2103-enus-tools-downloader.exe | "TCP Query User{9F3376A6-53B5-4E3A-A0EC-C63B12A87D84}C:\program files\starcraft ii\versions\base18092\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base18092\sc2.exe | "TCP Query User{A29A9CC5-074D-4A8D-9A55-51B8A3D29778}C:\program files\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe | "TCP Query User{B5AF4A25-C37F-4E19-9B69-C78603E11F00}C:\users\public\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe | "TCP Query User{B8DE5743-AB54-46AE-8252-C5AD8C83BBDC}C:\program files\starcraft ii\versions\base16561\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16561\sc2.exe | "TCP Query User{E16E413E-CC63-4B5F-8A58-2C0F6C04F16B}C:\program files\ijji\gunz\gunz.exe" = protocol=6 | dir=in | app=c:\program files\ijji\gunz\gunz.exe | "TCP Query User{EF884516-1AB1-4148-9B56-87F500BAE363}C:\program files\electronic arts\medal of honor mp open beta\mohmpgame.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\medal of honor mp open beta\mohmpgame.exe | "TCP Query User{F37A5C33-77B9-459E-B332-70E859F16E5C}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2072-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2072-enus-tools-downloader.exe | "TCP Query User{F4CE9D66-FD99-4693-A1AE-C1D7683DDDF1}C:\users\public\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\backgrounddownloader.exe | "TCP Query User{F7CBAEAF-936C-4ECE-9B9B-673FC95EF7DC}C:\users\public\games\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe | "TCP Query User{F7DCCAA1-4873-43EA-99B6-36DB48401A8D}C:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-enus-bkgnd-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-enus-bkgnd-downloader.exe | "UDP Query User{06B43542-FC74-4A00-A685-8E44D65A9B51}C:\program files\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe | "UDP Query User{13267FFF-FD2C-469E-9E88-115C7A3C93B3}C:\program files\electronic arts\medal of honor mp open beta\mohmpgame.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\medal of honor mp open beta\mohmpgame.exe | "UDP Query User{1986855B-8D18-44A0-9167-649E46BD4EDF}C:\program files\ijji\gunz\gunz.exe" = protocol=17 | dir=in | app=c:\program files\ijji\gunz\gunz.exe | "UDP Query User{1F06464C-6ABE-434C-95B6-5C404E5290AC}C:\users\public\games\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe | "UDP Query User{20CC9CD6-5DBE-454C-B1E2-4CE0A5DF9D63}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "UDP Query User{2B52E9C1-8D92-4B75-B837-36472E4BEF6B}C:\users\public\games\world of warcraft\repair.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\repair.exe | "UDP Query User{2CEE24BF-02B1-4E36-BC97-97E252360B83}C:\users\public\games\world of warcraft\wow-2.1.1.1897-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-2.1.1.1897-enus-tools-downloader.exe | "UDP Query User{32E28AA1-B5B2-4B02-8460-343FAABC5B37}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe | "UDP Query User{3B7FF6ED-3723-424F-A401-C8B7F6615C50}C:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-enus-downloader.exe | "UDP Query User{4926C7E2-A15E-4D6C-B39E-7E2B6B1540C2}C:\program files\starcraft ii\versions\base18092\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base18092\sc2.exe | "UDP Query User{5999CF65-A568-4366-AF32-E240578397F0}C:\users\public\games\world of warcraft\blizzard downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\blizzard downloader.exe | "UDP Query User{5F719AF3-9269-4C21-973B-859125DA20E1}C:\users\public\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\backgrounddownloader.exe | "UDP Query User{64842FB7-0D93-4F6C-8AFD-4397235E5C15}C:\program files\starcraft ii\versions\base16561\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16561\sc2.exe | "UDP Query User{6E59E04D-5FAE-41E2-9F86-589FEF7A9A95}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe | "UDP Query User{72E9C2EF-F23E-4A7D-B151-9DDB813CC4F0}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe | "UDP Query User{7DD2DFB2-9D75-4139-8A5C-CE9F0AC4A88D}C:\users\public\games\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe | "UDP Query User{8F018869-7AA5-4972-B9A9-6607ED522AFD}C:\program files\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe | "UDP Query User{90A17328-9AD6-4B22-90F0-946EE83BD894}C:\users\public\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe | "UDP Query User{99A965DA-8FEE-46AE-850C-E7B4874A1270}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2103-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2103-enus-tools-downloader.exe | "UDP Query User{A65354AA-5119-47D1-A74C-31EFAC6DAFB2}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe | "UDP Query User{A8FC4BD4-C30E-4D3B-8823-238352A3C78E}C:\program files\electronic arts\the lord of the rings, the rise of the witch-king\patchget.dat" = protocol=17 | dir=in | app=c:\program files\electronic arts\the lord of the rings, the rise of the witch-king\patchget.dat | "UDP Query User{B024FAB1-133C-4BB6-91BA-A88929BD8906}C:\program files\starcraft ii\versions\base16755\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16755\sc2.exe | "UDP Query User{C8F37112-8E92-46DF-A019-1247C6A71EEB}C:\users\public\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe | "UDP Query User{D13216B4-65C5-4BBE-977B-EA9587D73970}C:\users\public\games\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe | "UDP Query User{D69F51FA-CCBD-4769-8289-8EE35DBECCC0}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2072-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2072-enus-tools-downloader.exe | "UDP Query User{D930BF77-E086-4BF2-AA42-8675E8B69C2A}C:\program files\ijji\ijji reactor\reactor.exe" = protocol=17 | dir=in | app=c:\program files\ijji\ijji reactor\reactor.exe | "UDP Query User{DEFD3917-D324-41AE-9DEB-5B528106EBD2}C:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-enus-bkgnd-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-enus-bkgnd-downloader.exe | "UDP Query User{E1258A01-93AC-4F39-92AF-DB7BFAC0D717}C:\program files\steam\steamapps\daniel570\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\daniel570\counter-strike source\hl2.exe | "UDP Query User{E7ED3FCE-8228-4EB4-9DF9-F9446B63D24E}C:\program files\microsoft games\project s\spartan.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\project s\spartan.exe | "UDP Query User{EF7C05FD-7BFB-4C03-8EFF-7EAE06150518}C:\riot games\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis® "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{0DAA5653-60D4-44C1-AD10-EC7D4FA4D820}" = Intel® Viiv Software "{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool "{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM "{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect "{14C87AA7-08E6-419F-A165-998EBE5023D7}" = Oblivion - Knights of the Nine "{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "{16D919E6-F019-4E15-BFBE-4A85EF19DA57}" = Oblivion - Spell Tomes "{18d415fd-4862-4f82-bc6a-64794af28567}" = Nero 9 "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.5 "{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM "{1B343C8C-F170-4829-8481-E163317C5830}" = iTunes "{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20 "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = The Battle for Middle-earth II "{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support "{2F2E3D62-8B8C-448F-8900-451325E50948}" = Oblivion - Wizard's Tower "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion "{3ABEBD00-299D-4DCA-967F-B912163AB5EA}" = Oblivion - Horse Armor Pack "{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help "{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4D530942-9B89-4186-98B7-F51000000100}" = Project S "{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter "{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}" = Oblivion - Vile Lair "{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7 "{68DD6410-C93E-4BF0-BCEB-17024E27A7AC}" = Smart Technology Programming Software 7.0.0.26 "{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed "{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed "{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware "{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111263673}" = Treasures of the Deep "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111271497}" = Mystery Case Files - Prime Suspects "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11146090}" = Big Kahuna Reef 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}" = Dynasty "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112179547}" = MCF Ravenhearst "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter "{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center "{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109 "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia "{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool "{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology "{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0 "{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management "{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine "{B1AAE4BF-C98E-467E-94C7-4E1F51DD86E0}" = Darkspore
  4. ComboFix 11-05-24.01 - Nick 24/05/2011 22:30:19.1.4 - x86 Microsoft
  5. 2011/05/24 21:57:25.0369 7236 TDSS rootkit removing tool 2.5.2.0 May 24 2011 11:01:23 2011/05/24 21:57:27.0234 7236 ================================================================================ 2011/05/24 21:57:27.0234 7236 SystemInfo: 2011/05/24 21:57:27.0234 7236 2011/05/24 21:57:27.0234 7236 OS Version: 6.0.6000 ServicePack: 0.0 2011/05/24 21:57:27.0234 7236 Product type: Workstation 2011/05/24 21:57:27.0234 7236 ComputerName: NICK-PC 2011/05/24 21:57:27.0235 7236 UserName: Nick 2011/05/24 21:57:27.0235 7236 Windows directory: C:\Windows 2011/05/24 21:57:27.0235 7236 System windows directory: C:\Windows 2011/05/24 21:57:27.0235 7236 Processor architecture: Intel x86 2011/05/24 21:57:27.0235 7236 Number of processors: 4 2011/05/24 21:57:27.0235 7236 Page size: 0x1000 2011/05/24 21:57:27.0235 7236 Boot type: Normal boot 2011/05/24 21:57:27.0235 7236 ================================================================================ 2011/05/24 21:57:29.0049 7236 Initialize success 2011/05/24 21:57:59.0114 6484 ================================================================================ 2011/05/24 21:57:59.0114 6484 Scan started 2011/05/24 21:57:59.0114 6484 Mode: Manual; 2011/05/24 21:57:59.0114 6484 ================================================================================ 2011/05/24 21:57:59.0364 6484 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys 2011/05/24 21:57:59.0424 6484 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 2011/05/24 21:57:59.0520 6484 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 2011/05/24 21:57:59.0550 6484 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 2011/05/24 21:57:59.0585 6484 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 2011/05/24 21:57:59.0716 6484 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys 2011/05/24 21:57:59.0765 6484 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys 2011/05/24 21:57:59.0954 6484 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/05/24 21:58:00.0006 6484 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys 2011/05/24 21:58:00.0120 6484 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys 2011/05/24 21:58:00.0150 6484 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys 2011/05/24 21:58:00.0205 6484 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 2011/05/24 21:58:00.0308 6484 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 2011/05/24 21:58:00.0374 6484 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 2011/05/24 21:58:00.0479 6484 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 2011/05/24 21:58:00.0530 6484 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/05/24 21:58:00.0653 6484 atapi (4f4fcb8b6ea06784fb6d475b7ec7300f) C:\Windows\system32\drivers\atapi.sys 2011/05/24 21:58:00.0777 6484 Avgfwfd (d30b785ab801a0e2b0ad922d66f971f3) C:\Windows\system32\DRIVERS\avgfwd6x.sys 2011/05/24 21:58:00.0917 6484 AVGIDSDriver (97824e8c95d9717777abd46a7b632310) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys 2011/05/24 21:58:00.0997 6484 AVGIDSEH (c59c9bc3f0612bd207ccdc5d8cb9ce39) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys 2011/05/24 21:58:01.0082 6484 AVGIDSFilter (c5559de2ec66cede15a1664f6d183d8e) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys 2011/05/24 21:58:01.0132 6484 AVGIDSShim (ae5e9667fa40206796d1bd5bd0427a8a) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys 2011/05/24 21:58:01.0227 6484 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\Windows\system32\DRIVERS\avgldx86.sys 2011/05/24 21:58:01.0295 6484 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\Windows\system32\DRIVERS\avgmfx86.sys 2011/05/24 21:58:01.0431 6484 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\Windows\system32\DRIVERS\avgrkx86.sys 2011/05/24 21:58:01.0492 6484 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\Windows\system32\DRIVERS\avgtdix.sys 2011/05/24 21:58:01.0580 6484 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys 2011/05/24 21:58:01.0667 6484 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys 2011/05/24 21:58:01.0742 6484 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/05/24 21:58:01.0783 6484 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/05/24 21:58:01.0839 6484 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/05/24 21:58:01.0901 6484 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/05/24 21:58:01.0942 6484 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/05/24 21:58:01.0962 6484 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/05/24 21:58:02.0037 6484 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/05/24 21:58:02.0077 6484 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys 2011/05/24 21:58:02.0102 6484 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys 2011/05/24 21:58:02.0176 6484 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 2011/05/24 21:58:02.0214 6484 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys 2011/05/24 21:58:02.0323 6484 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys 2011/05/24 21:58:02.0347 6484 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys 2011/05/24 21:58:02.0380 6484 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 2011/05/24 21:58:02.0472 6484 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 2011/05/24 21:58:02.0521 6484 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys 2011/05/24 21:58:02.0639 6484 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys 2011/05/24 21:58:02.0709 6484 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys 2011/05/24 21:58:02.0808 6484 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys 2011/05/24 21:58:02.0849 6484 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys 2011/05/24 21:58:02.0935 6484 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/05/24 21:58:03.0059 6484 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys 2011/05/24 21:58:03.0131 6484 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 2011/05/24 21:58:03.0263 6484 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys 2011/05/24 21:58:03.0313 6484 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 2011/05/24 21:58:03.0401 6484 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys 2011/05/24 21:58:03.0449 6484 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys 2011/05/24 21:58:03.0529 6484 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/05/24 21:58:03.0558 6484 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys 2011/05/24 21:58:03.0593 6484 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys 2011/05/24 21:58:03.0676 6484 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 2011/05/24 21:58:03.0704 6484 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/05/24 21:58:03.0770 6484 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 2011/05/24 21:58:03.0844 6484 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/05/24 21:58:03.0906 6484 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/05/24 21:58:03.0956 6484 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/05/24 21:58:04.0009 6484 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys 2011/05/24 21:58:04.0049 6484 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 2011/05/24 21:58:04.0126 6484 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys 2011/05/24 21:58:04.0190 6484 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 2011/05/24 21:58:04.0274 6484 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/05/24 21:58:04.0357 6484 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys 2011/05/24 21:58:04.0489 6484 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 2011/05/24 21:58:04.0630 6484 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/05/24 21:58:04.0707 6484 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Acer\Empowering Technology\eRecovery\int15.sys 2011/05/24 21:58:04.0852 6484 IntcAzAudAddService (75334eceef6f39eec569f2f445254eda) C:\Windows\system32\drivers\RTKVHDA.sys 2011/05/24 21:58:04.0992 6484 IntelDH (b7a420e4b137176234272d5ca9d51a49) C:\Windows\system32\Drivers\IntelDH.sys 2011/05/24 21:58:05.0031 6484 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys 2011/05/24 21:58:05.0145 6484 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys 2011/05/24 21:58:05.0230 6484 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/05/24 21:58:05.0443 6484 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 2011/05/24 21:58:05.0610 6484 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys 2011/05/24 21:58:05.0755 6484 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys 2011/05/24 21:58:05.0875 6484 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys 2011/05/24 21:58:05.0924 6484 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/05/24 21:58:06.0046 6484 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/05/24 21:58:06.0089 6484 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/05/24 21:58:06.0114 6484 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/05/24 21:58:06.0227 6484 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/05/24 21:58:06.0423 6484 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys 2011/05/24 21:58:06.0668 6484 LGBusEnum (170e7093a77ad586f3a012a3db651d94) C:\Windows\system32\drivers\LGBusEnum.sys 2011/05/24 21:58:06.0776 6484 LGVirHid (d2dd04d1c8df65eecd1f2c7fb947d43e) C:\Windows\system32\drivers\LGVirHid.sys 2011/05/24 21:58:06.0830 6484 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys 2011/05/24 21:58:06.0935 6484 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 2011/05/24 21:58:06.0968 6484 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 2011/05/24 21:58:06.0993 6484 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 2011/05/24 21:58:07.0082 6484 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys 2011/05/24 21:58:07.0173 6484 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 2011/05/24 21:58:07.0210 6484 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys 2011/05/24 21:58:07.0317 6484 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys 2011/05/24 21:58:07.0345 6484 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys 2011/05/24 21:58:07.0377 6484 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys 2011/05/24 21:58:07.0465 6484 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys 2011/05/24 21:58:07.0521 6484 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\Windows\system32\DRIVERS\MpFilter.sys 2011/05/24 21:58:07.0623 6484 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 2011/05/24 21:58:07.0749 6484 MpKsl20cbda6e (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5AE1E833-42ED-4D20-8375-06DA24A897B5}\MpKsl20cbda6e.sys 2011/05/24 21:58:07.0856 6484 MpNWMon (f32e2d6a1640a469a9ed4f1929a4a861) C:\Windows\system32\DRIVERS\MpNWMon.sys 2011/05/24 21:58:07.0884 6484 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys 2011/05/24 21:58:07.0988 6484 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/05/24 21:58:08.0017 6484 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys 2011/05/24 21:58:08.0047 6484 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/05/24 21:58:08.0091 6484 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/05/24 21:58:08.0169 6484 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/05/24 21:58:08.0223 6484 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys 2011/05/24 21:58:08.0255 6484 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 2011/05/24 21:58:08.0333 6484 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys 2011/05/24 21:58:08.0386 6484 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys 2011/05/24 21:58:08.0469 6484 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys 2011/05/24 21:58:08.0529 6484 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/05/24 21:58:08.0599 6484 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys 2011/05/24 21:58:08.0627 6484 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys 2011/05/24 21:58:08.0686 6484 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/05/24 21:58:08.0749 6484 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys 2011/05/24 21:58:08.0779 6484 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys 2011/05/24 21:58:08.0908 6484 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys 2011/05/24 21:58:09.0041 6484 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys 2011/05/24 21:58:09.0167 6484 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/05/24 21:58:09.0240 6484 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/05/24 21:58:09.0279 6484 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/05/24 21:58:09.0353 6484 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys 2011/05/24 21:58:09.0398 6484 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys 2011/05/24 21:58:09.0428 6484 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys 2011/05/24 21:58:09.0560 6484 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/05/24 21:58:09.0626 6484 nmsunidr (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\nmsunidr.sys 2011/05/24 21:58:09.0695 6484 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys 2011/05/24 21:58:09.0735 6484 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys 2011/05/24 21:58:09.0825 6484 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys 2011/05/24 21:58:09.0924 6484 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys 2011/05/24 21:58:09.0951 6484 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/05/24 21:58:09.0969 6484 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys 2011/05/24 21:58:10.0216 6484 nvlddmkm (73a70f1d89c942eedd99a3f10459b051) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/05/24 21:58:10.0492 6484 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 2011/05/24 21:58:10.0520 6484 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 2011/05/24 21:58:10.0550 6484 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys 2011/05/24 21:58:10.0694 6484 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/05/24 21:58:10.0825 6484 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\DRIVERS\parport.sys 2011/05/24 21:58:10.0851 6484 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys 2011/05/24 21:58:10.0944 6484 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\DRIVERS\parvdm.sys 2011/05/24 21:58:10.0978 6484 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys 2011/05/24 21:58:11.0010 6484 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys 2011/05/24 21:58:11.0108 6484 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/05/24 21:58:11.0165 6484 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/05/24 21:58:11.0339 6484 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys 2011/05/24 21:58:11.0368 6484 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 2011/05/24 21:58:11.0488 6484 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys 2011/05/24 21:58:11.0516 6484 PSDFilter (e801d5cc24e1cf18fa87d24d7074b876) C:\Windows\system32\DRIVERS\psdfilter.sys 2011/05/24 21:58:11.0537 6484 PSDNServ (24b5e3429f7f0e779fc2e6e36a0a5f73) C:\Windows\system32\drivers\PSDNServ.sys 2011/05/24 21:58:11.0626 6484 psdvdisk (01cbfd08c0e8a6106bb26fcda297154e) C:\Windows\system32\drivers\psdvdisk.sys 2011/05/24 21:58:11.0681 6484 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 2011/05/24 21:58:11.0789 6484 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/05/24 21:58:11.0827 6484 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys 2011/05/24 21:58:11.0848 6484 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys 2011/05/24 21:58:11.0947 6484 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/05/24 21:58:11.0981 6484 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/05/24 21:58:12.0005 6484 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys 2011/05/24 21:58:12.0103 6484 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/05/24 21:58:12.0146 6484 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys 2011/05/24 21:58:12.0198 6484 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys 2011/05/24 21:58:12.0240 6484 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys 2011/05/24 21:58:12.0364 6484 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys 2011/05/24 21:58:12.0432 6484 SaiK0CC3 (830e6e79cea8164d8b43ff7df79e6e40) C:\Windows\system32\DRIVERS\SaiK0CC3.sys 2011/05/24 21:58:12.0535 6484 SaiMini (646d8be92ecfbfbea9fea7682b0e579a) C:\Windows\system32\DRIVERS\SaiMini.sys 2011/05/24 21:58:12.0582 6484 SaiNtBus (f47b3689cb50c5ee571da6ed1d2ef3c6) C:\Windows\system32\drivers\SaiBus.sys 2011/05/24 21:58:12.0669 6484 SaiU0CC3 (5fd14d230c3cf39a120dcc43d73cfe25) C:\Windows\system32\DRIVERS\SaiU0CC3.sys 2011/05/24 21:58:12.0729 6484 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/05/24 21:58:12.0831 6484 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/05/24 21:58:12.0890 6484 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys 2011/05/24 21:58:12.0964 6484 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\DRIVERS\serial.sys 2011/05/24 21:58:13.0019 6484 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys 2011/05/24 21:58:13.0068 6484 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys 2011/05/24 21:58:13.0141 6484 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys 2011/05/24 21:58:13.0208 6484 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys 2011/05/24 21:58:13.0284 6484 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/05/24 21:58:13.0342 6484 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys 2011/05/24 21:58:13.0389 6484 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 2011/05/24 21:58:13.0423 6484 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 2011/05/24 21:58:13.0523 6484 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys 2011/05/24 21:58:13.0606 6484 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys 2011/05/24 21:58:13.0723 6484 sptd (7f1b7c4d446cd3f926af45b8c48bd593) C:\Windows\system32\Drivers\sptd.sys 2011/05/24 21:58:13.0723 6484 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 7f1b7c4d446cd3f926af45b8c48bd593 2011/05/24 21:58:13.0730 6484 sptd - detected LockedFile.Multi.Generic (1) 2011/05/24 21:58:13.0792 6484 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys 2011/05/24 21:58:13.0877 6484 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys 2011/05/24 21:58:13.0944 6484 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys 2011/05/24 21:58:14.0049 6484 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys 2011/05/24 21:58:14.0101 6484 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/05/24 21:58:14.0129 6484 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/05/24 21:58:14.0159 6484 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/05/24 21:58:14.0270 6484 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys 2011/05/24 21:58:14.0325 6484 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys 2011/05/24 21:58:14.0360 6484 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys 2011/05/24 21:58:14.0437 6484 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys 2011/05/24 21:58:14.0489 6484 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys 2011/05/24 21:58:14.0556 6484 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys 2011/05/24 21:58:14.0579 6484 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys 2011/05/24 21:58:14.0667 6484 TSHWMDTCP (de8829c9da8fa4eda99948f1b78da80a) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys 2011/05/24 21:58:14.0759 6484 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/05/24 21:58:14.0798 6484 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys 2011/05/24 21:58:14.0908 6484 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys 2011/05/24 21:58:14.0949 6484 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 2011/05/24 21:58:15.0045 6484 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys 2011/05/24 21:58:15.0108 6484 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys 2011/05/24 21:58:15.0201 6484 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 2011/05/24 21:58:15.0237 6484 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/05/24 21:58:15.0279 6484 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/05/24 21:58:15.0374 6484 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys 2011/05/24 21:58:15.0510 6484 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys 2011/05/24 21:58:15.0554 6484 usbccgp (0916972fb98080355ac1e9a4f92183f7) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/05/24 21:58:15.0647 6484 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/05/24 21:58:15.0694 6484 usbehci (fb50f987304f907a0103b14a5f2f2344) C:\Windows\system32\DRIVERS\usbehci.sys 2011/05/24 21:58:15.0785 6484 usbhub (16675ab7e199635086ab0556137371f5) C:\Windows\system32\DRIVERS\usbhub.sys 2011/05/24 21:58:15.0832 6484 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/05/24 21:58:15.0928 6484 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys 2011/05/24 21:58:15.0968 6484 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/05/24 21:58:15.0999 6484 usbuhci (165bb1f0801118dc86aa3fc87d3d101c) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/05/24 21:58:16.0121 6484 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/05/24 21:58:16.0165 6484 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys 2011/05/24 21:58:16.0272 6484 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys 2011/05/24 21:58:16.0313 6484 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 2011/05/24 21:58:16.0341 6484 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys 2011/05/24 21:58:16.0370 6484 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys 2011/05/24 21:58:16.0455 6484 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys 2011/05/24 21:58:16.0485 6484 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys 2011/05/24 21:58:16.0542 6484 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 2011/05/24 21:58:16.0640 6484 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/05/24 21:58:16.0674 6484 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys 2011/05/24 21:58:16.0691 6484 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys 2011/05/24 21:58:16.0743 6484 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 2011/05/24 21:58:16.0856 6484 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys 2011/05/24 21:58:16.0915 6484 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys 2011/05/24 21:58:17.0072 6484 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys 2011/05/24 21:58:17.0173 6484 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/05/24 21:58:17.0257 6484 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys 2011/05/24 21:58:17.0361 6484 WSVD (2584df81cc9f7e7bd3545691106f8cae) C:\Windows\system32\drivers\WSVD.sys 2011/05/24 21:58:17.0428 6484 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/05/24 21:58:17.0539 6484 xnacc (69d5c58a3a03f86196db66ee95435652) C:\Windows\system32\DRIVERS\xnacc.sys 2011/05/24 21:58:17.0585 6484 MBR (0x1B8) (9a60a21600304533d523088c7b447e29) \Device\Harddisk0\DR0 2011/05/24 21:58:17.0591 6484 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0) 2011/05/24 21:58:17.0595 6484 ================================================================================ 2011/05/24 21:58:17.0595 6484 Scan finished 2011/05/24 21:58:17.0595 6484 ================================================================================ 2011/05/24 21:58:17.0610 1444 Detected object count: 2 2011/05/24 21:58:17.0610 1444 Actual detected object count: 2 2011/05/24 21:58:36.0459 1444 LockedFile.Multi.Generic(sptd) - User select action: Skip 2011/05/24 21:58:36.0499 1444 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot 2011/05/24 21:58:36.0500 1444 \Device\Harddisk0\DR0 - ok 2011/05/24 21:58:36.0501 1444 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure 2011/05/24 22:02:39.0294 6348 Deinitialize success
  6. basically i got a virus which seems to keep giving me more and more viruses mainly trojans and opens web pages and redirects my pages often. i was using avg and it gets some of the trojans but when i downloaded microsoft security essentials it found other trojans avg did not avg did a rootkit scan and found a file called rootkit.TDSS.TDL4 microsoft security essentials found a trojan named Trojan:DOS/alureon.A my friend told me to download hijackthis and post the logs on this site and i may have some luck so here they are Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\RtHDVCpl.exe C:\Acer\Empowering Technology\SysMonitor.exe C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\Saitek\SD6\Software\ProfilerU.exe C:\Program Files\Saitek\SD6\Software\SaiMfd.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe C:\Windows\ehome\ehtray.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Windows Media Player\WMPSideShowGadget.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Windows\ehome\ehmsas.exe C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\AVG\AVG10\avgui.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\Nick\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ca.rd.yahoo.com/customize/ycomp/defaults/sp/*http://ca.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.ca.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.ca.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ca.rd.yahoo.com/customize/ycomp/defaults/su/*http://ca.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\SetApanel.cmd O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe O4 - HKLM\..\Run: [saiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe" O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Global Startup: Empowering Technology Launcher.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Intel® DHTrace Controller (DHTRACE) - Intel® Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: IntelDHSvcConf - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: Intel® NMSCore (NMSCore) - Intel® Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Intel® Quality Manager (QualityManager) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- End of file - 12762 bytes any help is appreciated thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.