Inactive All Security Programs Unavailable

[Inactive] All Security Programs Unavailable

IMPORTANT!! Malwarebytes, GMER and aswMBR are affected so I am unable to provide those logs. Nothing I can do about it.

I believe that something has infected my system as all of my security programs have been rendered inaccessible. Yesterday morning everything was fine, I left for a couple hours, came back and there were some small issues (google redirect was worse then usual, aero theme was missing and there was an issue with email) so I went to do scans and each scanner worked fine for about 10 seconds before completely closing, no message or warning just closed. Upon trying to get into them again I received the message that Windows can not access the specified device, path or file.

I did some searching on my own though turned up nothing useful and also tried to redownload my security programs but they didn't work. Also tried installing from my zip drive and they still refused to work.

This is affecting Spyware Terminator, Malwarebytes, GMER, HijackThis and aswMBR. Windows Defender is also down though the firewall still seems fine.

No viruses have announced themselves the way they usually do so I am completely stumped as to what is causing this. Everything that I've tried that isn't Security is still working fine (not counting the increased google redirect problems)

DDS Log

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19088 BrowserJavaVersion: 1.6.0_20
Run by Lucas at 16:47:54 on 2011-10-10
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6001.1.1252.1.1033.18.3070.1670 [GMT -7:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Windows\System32\svchost.exe -k Akamai
C:\Windows\system32\libusbd-nt.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Windows\zHotkey.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\ModPS2Key.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Napster\napster.exe
C:\Program Files\Spare Backup\SpareBackup.exe
C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\conime.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Windows\367780982:2300253418.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\rundll32.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8
uStart Page = hxxp://google.com/
uWindow Title = Windows Internet Explorer provided by Yahoo!
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5662
mDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5662
uInternet Settings,ProxyServer = http=127.0.0.1:54202
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
uURLSearchHooks: H - No File
uWinlogon: Shell=explorer.exe,c:\windows\temp\conhost.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Shop to Win 6: {27376903-c3da-492b-9622-e4ab4debbe54} - c:\program files\shop to win 6\Shop to Win 6.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.0\coIEPlg.dll
BHO: EWPBrowseObject Class: {68f9551e-0411-48e4-9aaf-4bc42a6a46be} - c:\program files\canon\easy-webprint\EWPBrowseLoader.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - c:\programdata\wecarereminder\IEHelperv2.5.0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.0\CoIEPlg.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe "
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [ImageUpdate] \Image Converter Plus\ImageUpdate\Imageupdt32.exe
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [258.exe] c:\windows\temp\258.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [SpywareTerminator] "c:\program files\spyware terminator\SpywareTerminatorShield.exe "
mRun: [CHotkey] zHotkey.exe
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ModPS2] ModPS2Key.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe "
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [NapsterShell] c:\program files\napster\napster.exe /systray
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Spare Backup] "c:\program files\spare backup\SpareBackup.exe" /silent
mRun: [ShowWnd] ShowWnd.exe
mRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe "
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe "
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [MRT] "c:\windows\system32\MRT.exe" /R
mRun: [258.exe] c:\program files\internet explorer\258.exe
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
dRun: [-1469949828] c:\windows\temp\\jucheck.exe
dRun: [SampleView Update] rundll32 "c:\windows\system32\config\systemprofile\appdata\local\temp\tempupdate\Tempupdt32.dll ",DllRegisterServer
dRun: [DisplayOnlineProfile] rundll32.exe "c:\programdata\DisplayOnlineProfile.dll ",DllRegisterServer
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpbutt~1.lnk - c:\program files\hp button manager\BM.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
uPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-explorer: HideSCAHealth = 1 (0x1)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
LSP: mswsock.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.72.0.cab
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Mystery%20Case%20Files%20-%20Ravenhearst/Images/stg_drm.ocx
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.9.113.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} - hxxp://www.acclaim.com/cabs/acclaim_v5.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://ax.emsisoft.com/asquared.cab
DPF: {C0C0CB9B-BFEB-47C2-90FA-BE9692875ADB} - hxxp://aolsvc.aol.com/onlinegames/free-trial-pet-shop-hop/petshophopweb.1.0.0.16.cab
DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Mystery%20Case%20Files%20-%20Ravenhearst/Images/armhelper.ocx
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://games.myspace.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{EE254B5B-9AA5-4CF8-B9D6-3638BF47FB5C} : DhcpNameServer = 192.168.1.1
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20080401.001\IDSvix86.sys [2008-4-2 261680]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-7-28 8396800]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-7-28 247296]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-4-2 109616]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2010-11-21 33792]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2011-7-30 17920]
S3 BRDriver;BRDriver;c:\programdata\bitraider\BRDriver.sys [2011-10-3 61312]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2007-5-28 23888]
S3 FileObjInfo;STFileDriver;c:\programdata\spyware terminator\fileobjinfo.sys [2009-2-18 5632]
S3 NETw2v32;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\drivers\NETw2v32.sys [2006-11-2 2589184]
.
=============== Created Last 30 ================
.
2011-10-10 22:46:47 101888 ----a-w- c:\programdata\DisplayOnlineProfile.dll
2011-10-10 22:11:52 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-10-10 22:11:48 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-10 22:11:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-10 22:09:59 176640 ----a-w- c:\program files\windows nt\conhost.exe
2011-10-10 21:14:37 174592 ----a-w- c:\program files\internet explorer\258.exe
2011-10-10 21:08:36 -------- d-----w- C:\39344
2011-10-10 21:08:36 -------- d-----w- \39344
2011-10-09 20:21:53 -------- d-----w- c:\program files\Mass Effect
2011-10-09 03:36:07 -------- d-----w- c:\windows\system32\1066
2011-10-06 00:02:31 -------- d-----w- c:\programdata\PMB Files
2011-10-03 23:53:20 -------- d-----w- c:\programdata\bitraider
2011-10-01 01:29:41 1651595 ----a-w- c:\windows\Heroes of Hellas 3 Athens Uninstaller.exe
2011-10-01 01:29:18 -------- d-----w- c:\program files\Heroes of Hellas 3 Athens
2011-09-29 10:07:37 -------- d-----w- c:\windows\system32\MpEngineStore
2011-09-28 23:24:16 -------- d-----w- c:\users\lucas\appdata\local\Chromium
2011-09-23 16:45:02 -------- d-----w- c:\program files\Mount&Blade Warband
2011-09-19 19:47:08 -------- d-----w- c:\program files\FishBone Games
2011-09-16 06:15:22 -------- d-----w- c:\programdata\EA Core
.
==================== Find3M ====================
.
2011-08-03 02:25:56 0 ----a-w- c:\programdata\vhca.exe
2011-08-03 02:25:56 0 ----a-w- c:\programdata\mqjg.exe
2011-08-03 02:25:56 0 ----a-w- c:\programdata\jnmk.exe
2011-07-30 20:57:35 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-30 04:16:05 0 ----a-w- c:\programdata\ktpu.exe
2011-07-30 04:16:05 0 ----a-w- c:\programdata\gwcl.exe
2011-07-30 04:16:05 0 ----a-w- c:\programdata\auov.exe
2011-07-29 05:22:06 8396800 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-07-29 04:44:08 18388480 ----a-w- c:\windows\system32\atioglxx.dll
2011-07-29 04:41:00 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-07-29 04:40:46 726528 ----a-w- c:\windows\system32\aticfx32.dll
2011-07-29 04:36:28 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-07-29 04:35:54 401408 ----a-w- c:\windows\system32\atieclxx.exe
2011-07-29 04:35:26 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-07-29 04:34:12 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2011-07-29 04:33:56 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2011-07-29 04:33:44 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-07-29 04:33:36 20992 ----a-w- c:\windows\system32\atimuixx.dll
2011-07-29 04:33:28 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-07-29 04:30:28 4198912 ----a-w- c:\windows\system32\atidxx32.dll
2011-07-29 04:11:44 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-07-29 04:11:16 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-07-29 04:11:04 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-07-29 04:09:12 4256768 ----a-w- c:\windows\system32\atiumdag.dll
2011-07-29 04:07:26 8247296 ----a-w- c:\windows\system32\aticaldd.dll
2011-07-29 04:04:00 4056064 ----a-w- c:\windows\system32\atiumdva.dll
2011-07-29 04:01:50 52736 ----a-w- c:\windows\system32\coinst.dll
2011-07-29 03:54:44 266240 ----a-w- c:\windows\system32\atiadlxx.dll
2011-07-29 03:54:32 13312 ----a-w- c:\windows\system32\atiglpxx.dll
2011-07-29 03:54:20 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-07-29 03:53:48 247296 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-07-29 03:53:16 31744 ----a-w- c:\windows\system32\atiuxpag.dll
2011-07-29 03:53:02 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-07-29 03:52:40 37376 ----a-w- c:\windows\system32\atitmpxx.dll
2011-07-29 03:52:28 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-07-29 03:51:06 52736 ----a-w- c:\windows\system32\atimpc32.dll
2011-07-29 03:51:06 52736 ----a-w- c:\windows\system32\amdpcom32.dll
.
============= FINISH: 16:49:35.26 ===============


Operating System

OS Version: Microsoft® Windows Vistaâ„¢ Home Premium , Service Pack 1, 32 bit
Processor: AMD Phenom(tm) 9500 Quad-Core Processor, x64 Family 16 Model 2 Stepping 2
Processor Count: 4
RAM: 3069 Mb
Graphics Card: ATI Radeon HD 2400 XT , 256 Mb
Hard Drives: C: Total - 465643 MB, Free - 14540 MB; D: Total - 11295 MB, Free - 3792 MB;
Motherboard: ECS, MCP61PM-GM, 2.1 , OEM

 

DummyCreator by Farbar
Ran by Lucas (administrator) on 11-10-2011 at 20:13:59
**************************************************************

C:\Windows\367780982 [11-10-2011 20:13:12]

== End of log ==



20:28:35.0258 2852 TDSS rootkit removing tool 2.6.7.0 Oct 10 2011 09:40:06
20:28:35.0407 2852 ============================================================
20:28:35.0407 2852 Current date / time: 2011/10/11 20:28:35.0407
20:28:35.0407 2852 SystemInfo:
20:28:35.0407 2852
20:28:35.0407 2852 OS Version: 6.0.6001 ServicePack: 1.0
20:28:35.0407 2852 Product type: Workstation
20:28:35.0407 2852 ComputerName: ZIGGAMEMACHINE
20:28:35.0407 2852 UserName: Lucas
20:28:35.0407 2852 Windows directory: C:\Windows
20:28:35.0407 2852 System windows directory: C:\Windows
20:28:35.0408 2852 Processor architecture: Intel x86
20:28:35.0408 2852 Number of processors: 4
20:28:35.0408 2852 Page size: 0x1000
20:28:35.0408 2852 Boot type: Normal boot
20:28:35.0408 2852 ============================================================
20:28:36.0578 2852 Initialize success
20:28:43.0543 4972 ============================================================
20:28:43.0543 4972 Scan started
20:28:43.0543 4972 Mode: Manual;
20:28:43.0543 4972 ============================================================
20:28:50.0259 4972 61883 (585e64bb6dfbc0a2f1f0b554ded012df) C:\Windows\system32\DRIVERS\61883.sys
20:28:50.0262 4972 61883 - ok
20:28:50.0441 4972 76e4eb15 - ok
20:28:50.0855 4972 ac97intc (4b56caafed0b0b996341d74ce0e76565) C:\Windows\system32\drivers\ac97intc.sys
20:28:50.0888 4972 ac97intc - ok
20:28:51.0188 4972 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
20:28:51.0210 4972 ACPI - ok
20:28:51.0628 4972 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
20:28:51.0709 4972 adp94xx - ok
20:28:51.0976 4972 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
20:28:52.0008 4972 adpahci - ok
20:28:52.0211 4972 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
20:28:52.0226 4972 adpu160m - ok
20:28:52.0475 4972 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
20:28:52.0501 4972 adpu320 - ok
20:28:52.0709 4972 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
20:28:52.0735 4972 AFD - ok
20:28:52.0962 4972 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
20:28:52.0974 4972 agp440 - ok
20:28:53.0209 4972 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:28:53.0231 4972 aic78xx - ok
20:28:53.0395 4972 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
20:28:53.0396 4972 aliide - ok
20:28:53.0652 4972 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
20:28:53.0664 4972 amdagp - ok
20:28:53.0878 4972 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
20:28:53.0879 4972 amdide - ok
20:28:54.0072 4972 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
20:28:54.0086 4972 AmdK7 - ok
20:28:54.0162 4972 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
20:28:54.0173 4972 AmdK8 - ok
20:28:57.0117 4972 amdkmdag (68d791d78454684340433e52059eb45e) C:\Windows\system32\DRIVERS\atikmdag.sys
20:29:02.0952 4972 amdkmdag - ok
20:29:03.0084 4972 amdkmdap (96cd7053a516c30e61a05df9757da7de) C:\Windows\system32\DRIVERS\atikmpag.sys
20:29:03.0089 4972 amdkmdap - ok
20:29:03.0185 4972 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
20:29:03.0188 4972 arc - ok
20:29:03.0286 4972 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
20:29:03.0288 4972 arcsas - ok
20:29:03.0399 4972 ArcSoftKsUFilter (857b48965a0503b7ab795d4bfe7cbd8b) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
20:29:03.0410 4972 ArcSoftKsUFilter - ok
20:29:03.0729 4972 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:29:03.0731 4972 AsyncMac - ok
20:29:03.0846 4972 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
20:29:03.0847 4972 atapi - ok
20:29:04.0794 4972 atikmdag (68d791d78454684340433e52059eb45e) C:\Windows\system32\DRIVERS\atikmdag.sys
20:29:04.0866 4972 atikmdag - ok
20:29:05.0117 4972 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
20:29:05.0134 4972 atksgt - ok
20:29:05.0311 4972 Avc (f4b56425a00beb32f5fa6603ff7b0ea2) C:\Windows\system32\DRIVERS\avc.sys
20:29:05.0320 4972 Avc - ok
20:29:05.0465 4972 bcm4sbxp (08015d34f6fdd0b355805bad978497c3) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
20:29:05.0565 4972 bcm4sbxp - ok
20:29:05.0740 4972 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:29:05.0751 4972 Beep - ok
20:29:05.0856 4972 blbdrive - ok
20:29:06.0014 4972 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
20:29:06.0039 4972 bowser - ok
20:29:06.0142 4972 BRDriver (b9dda31f6dc2229882d141b9a1d1057e) C:\programdata\bitraider\BRDriver.sys
20:29:06.0181 4972 BRDriver - ok
20:29:06.0416 4972 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:29:06.0436 4972 BrFiltLo - ok
20:29:06.0731 4972 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:29:06.0737 4972 BrFiltUp - ok
20:29:06.0970 4972 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:29:07.0004 4972 Brserid - ok
20:29:07.0250 4972 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:29:07.0292 4972 BrSerWdm - ok
20:29:07.0994 4972 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:29:07.0996 4972 BrUsbMdm - ok
20:29:08.0140 4972 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:29:08.0148 4972 BrUsbSer - ok
20:29:08.0259 4972 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:29:08.0266 4972 BTHMODEM - ok
20:29:08.0379 4972 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS
20:29:08.0388 4972 BVRPMPR5 - ok
20:29:08.0862 4972 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:29:08.0937 4972 cdfs - ok
20:29:09.0083 4972 Cdr4_xp (814acb9b8a55804d9878248b3c79f862) C:\Windows\system32\drivers\Cdr4_xp.sys
20:29:09.0092 4972 Cdr4_xp - ok
20:29:09.0335 4972 Cdralw2k (0d856d16c08440bfb566d6cdd9948d4e) C:\Windows\system32\drivers\Cdralw2k.sys
20:29:09.0336 4972 Cdralw2k - ok
20:29:09.0532 4972 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
20:29:09.0540 4972 cdrom - ok
20:29:09.0877 4972 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
20:29:09.0891 4972 circlass - ok
20:29:10.0109 4972 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
20:29:10.0119 4972 CLFS - ok
20:29:10.0321 4972 CmBatt (0fed59edb4a83ff17f1778827b88ab1a) C:\Windows\system32\DRIVERS\CmBatt.sys
20:29:10.0334 4972 CmBatt - ok
20:29:10.0546 4972 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
20:29:10.0580 4972 cmdide - ok
20:29:10.0821 4972 COH_Mon (6186b6b953bdc884f0f379b84b3e3a98) C:\Windows\system32\Drivers\COH_Mon.sys
20:29:10.0828 4972 COH_Mon - ok
20:29:10.0993 4972 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
20:29:10.0994 4972 Compbatt - ok
20:29:11.0095 4972 CO_Mon (73f5d6835bfa66019c03e316d99649da) C:\Windows\system32\drivers\CO_Mon.sys
20:29:11.0104 4972 CO_Mon - ok
20:29:11.0317 4972 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
20:29:11.0330 4972 crcdisk - ok
20:29:11.0410 4972 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
20:29:11.0418 4972 Crusoe - ok
20:29:11.0529 4972 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
20:29:11.0543 4972 DfsC - ok
20:29:11.0707 4972 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
20:29:11.0709 4972 disk - ok
20:29:11.0764 4972 djmiepuw - ok
20:29:11.0854 4972 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:29:11.0855 4972 drmkaud - ok
20:29:12.0021 4972 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
20:29:12.0045 4972 DXGKrnl - ok
20:29:12.0141 4972 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:29:12.0147 4972 E1G60 - ok
20:29:12.0253 4972 EagleNT - ok
20:29:12.0669 4972 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
20:29:12.0707 4972 Ecache - ok
20:29:12.0867 4972 eeCtrl (e89cc1363cb7f5320ae3b41c1333d0c3) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
20:29:12.0891 4972 eeCtrl - ok
20:29:13.0125 4972 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
20:29:13.0150 4972 elxstor - ok
20:29:13.0329 4972 EraserUtilRebootDrv (e7d1a496c71cd56bdd97f32c9141a03b) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:29:13.0362 4972 EraserUtilRebootDrv - ok
20:29:13.0525 4972 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
20:29:13.0558 4972 exfat - ok
20:29:13.0882 4972 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
20:29:13.0932 4972 fastfat - ok
20:29:14.0354 4972 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
20:29:14.0363 4972 fdc - ok
20:29:14.0571 4972 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:29:14.0578 4972 FileInfo - ok
20:29:14.0631 4972 FileObjInfo (3b172367379fa5cd6388f93657a7e9a4) C:\ProgramData\Spyware Terminator\FileObjInfo.sys
20:29:14.0646 4972 FileObjInfo - ok
20:29:14.0718 4972 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:29:14.0733 4972 Filetrace - ok
20:29:14.0870 4972 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
20:29:14.0885 4972 flpydisk - ok
20:29:14.0993 4972 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
20:29:15.0001 4972 FltMgr - ok
20:29:15.0078 4972 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
20:29:15.0079 4972 Fs_Rec - ok
20:29:15.0111 4972 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
20:29:15.0114 4972 gagp30kx - ok
20:29:15.0267 4972 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
20:29:15.0272 4972 HdAudAddService - ok
20:29:15.0311 4972 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:29:15.0320 4972 HDAudBus - ok
20:29:15.0381 4972 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:29:15.0393 4972 HidBth - ok
20:29:15.0502 4972 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:29:15.0503 4972 HidIr - ok
20:29:15.0600 4972 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
20:29:15.0610 4972 HidUsb - ok
20:29:15.0781 4972 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
20:29:15.0792 4972 HpCISSs - ok
20:29:16.0104 4972 HSF_DPV (1882827f41dee51c70e24c567c35bfb5) C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:29:16.0160 4972 HSF_DPV - ok
20:29:16.0441 4972 HSXHWBS2 (5f60f0ad32d43b9ab9ac9373117d8e54) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
20:29:16.0446 4972 HSXHWBS2 - ok
20:29:16.0615 4972 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
20:29:16.0621 4972 HTTP - ok
20:29:16.0718 4972 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
20:29:16.0732 4972 i2omp - ok
20:29:16.0812 4972 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:29:16.0824 4972 i8042prt - ok
20:29:16.0983 4972 ialm (8318e04a6455ced1020bcc5039b62cfa) C:\Windows\system32\DRIVERS\ialmnt5.sys
20:29:17.0031 4972 ialm - ok
20:29:17.0167 4972 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
20:29:17.0185 4972 iaStorV - ok
20:29:17.0364 4972 IDSvix86 (f49b22e2cc15de6e752fc8cb24eb7069) C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20080401.001\IDSvix86.sys
20:29:17.0381 4972 IDSvix86 - ok
20:29:17.0596 4972 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:29:17.0599 4972 iirsp - ok
20:29:17.0955 4972 IntcAzAudAddService (4e38a2883df3ba382a59132b3e7d709e) C:\Windows\system32\drivers\RTKVHDA.sys
20:29:18.0187 4972 IntcAzAudAddService - ok
20:29:18.0301 4972 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
20:29:18.0307 4972 intelide - ok
20:29:18.0425 4972 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
20:29:18.0475 4972 intelppm - ok
20:29:18.0696 4972 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:29:18.0697 4972 IpFilterDriver - ok
20:29:18.0834 4972 IpInIp - ok
20:29:18.0949 4972 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
20:29:18.0952 4972 IPMIDRV - ok
20:29:19.0051 4972 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:29:19.0060 4972 IPNAT - ok
20:29:19.0141 4972 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:29:19.0175 4972 IRENUM - ok
20:29:19.0315 4972 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
20:29:19.0331 4972 isapnp - ok
20:29:19.0510 4972 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
20:29:19.0560 4972 iScsiPrt - ok
20:29:19.0686 4972 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:29:19.0699 4972 iteatapi - ok
20:29:19.0782 4972 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:29:19.0793 4972 iteraid - ok
20:29:19.0888 4972 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:29:19.0893 4972 kbdclass - ok
20:29:19.0997 4972 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
20:29:19.0998 4972 kbdhid - ok
20:29:20.0085 4972 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
20:29:20.0093 4972 KSecDD - ok
20:29:20.0280 4972 libusb0 (e2f1dcf4a68cc6cf694fbfba1842f4cd) C:\Windows\system32\drivers\libusb0.sys
20:29:20.0282 4972 libusb0 - ok
20:29:20.0381 4972 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
20:29:20.0395 4972 lirsgt - ok
20:29:20.0698 4972 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:29:20.0699 4972 lltdio - ok
20:29:20.0837 4972 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
20:29:20.0894 4972 LSI_FC - ok
20:29:21.0030 4972 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
20:29:21.0045 4972 LSI_SAS - ok
20:29:21.0153 4972 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
20:29:21.0165 4972 LSI_SCSI - ok
20:29:21.0274 4972 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:29:21.0283 4972 luafv - ok
20:29:21.0390 4972 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\Windows\system32\DRIVERS\MarvinBus.sys
20:29:21.0397 4972 MarvinBus - ok
20:29:21.0719 4972 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys
20:29:21.0769 4972 mcdbus - ok
20:29:21.0856 4972 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:29:21.0857 4972 mdmxsdk - ok
20:29:21.0938 4972 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
20:29:21.0940 4972 megasas - ok
20:29:22.0036 4972 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:29:22.0037 4972 Modem - ok
20:29:22.0300 4972 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:29:22.0301 4972 monitor - ok
20:29:22.0580 4972 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:29:22.0605 4972 mouclass - ok
20:29:22.0779 4972 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:29:22.0790 4972 mouhid - ok
20:29:22.0931 4972 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:29:22.0940 4972 MountMgr - ok
20:29:23.0035 4972 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
20:29:23.0049 4972 mpio - ok
20:29:23.0176 4972 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:29:23.0178 4972 mpsdrv - ok
20:29:23.0381 4972 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:29:23.0383 4972 Mraid35x - ok
20:29:23.0583 4972 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
20:29:23.0600 4972 MRxDAV - ok
20:29:23.0697 4972 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:29:23.0705 4972 mrxsmb - ok
20:29:23.0849 4972 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:29:23.0863 4972 mrxsmb10 - ok
20:29:23.0954 4972 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:29:23.0956 4972 mrxsmb20 - ok
20:29:24.0182 4972 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
20:29:24.0194 4972 msahci - ok
20:29:24.0456 4972 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
20:29:24.0458 4972 msdsm - ok
20:29:24.0764 4972 MSDV (343291a4dfd7c923c3f71f550830ec1c) C:\Windows\system32\DRIVERS\msdv.sys
20:29:24.0777 4972 MSDV - ok
20:29:24.0869 4972 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:29:24.0871 4972 Msfs - ok
20:29:25.0026 4972 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:29:25.0039 4972 msisadrv - ok
20:29:25.0244 4972 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:29:25.0252 4972 MSKSSRV - ok
20:29:25.0351 4972 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:29:25.0353 4972 MSPCLOCK - ok
20:29:25.0575 4972 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:29:25.0577 4972 MSPQM - ok
20:29:25.0685 4972 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
20:29:25.0710 4972 MsRPC - ok
20:29:25.0843 4972 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:29:25.0844 4972 mssmbios - ok
20:29:25.0958 4972 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:29:25.0984 4972 MSTEE - ok
20:29:26.0077 4972 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
20:29:26.0087 4972 Mup - ok
20:29:27.0086 4972 naecd - ok
20:29:27.0221 4972 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
20:29:27.0235 4972 NativeWifiP - ok
20:29:27.0361 4972 NAVENG (69974d54db3ae9b63d6c721705f36bbc) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080402.021\NAVENG.SYS
20:29:27.0372 4972 NAVENG - ok
20:29:27.0657 4972 NAVEX15 (d79498c50b79550704c91f1d70528f11) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080402.021\NAVEX15.SYS
20:29:27.0691 4972 NAVEX15 - ok
20:29:27.0816 4972 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
20:29:27.0828 4972 NDIS - ok
20:29:28.0006 4972 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:29:28.0016 4972 NdisTapi - ok
20:29:28.0109 4972 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:29:28.0115 4972 Ndisuio - ok
20:29:28.0217 4972 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
20:29:28.0224 4972 NdisWan - ok
20:29:28.0417 4972 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:29:28.0475 4972 NDProxy - ok
20:29:29.0094 4972 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:29:29.0095 4972 NetBIOS - ok
20:29:29.0217 4972 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
20:29:29.0240 4972 netbt - ok
20:29:29.0820 4972 NETw2v32 (6e9edc1020b319e7676387b8cdf2398c) C:\Windows\system32\DRIVERS\NETw2v32.sys
20:29:30.0165 4972 NETw2v32 - ok
20:29:30.0300 4972 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:29:30.0311 4972 nfrd960 - ok
20:29:30.0472 4972 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
20:29:30.0473 4972 Npfs - ok
20:29:30.0788 4972 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:29:30.0789 4972 nsiproxy - ok
20:29:31.0140 4972 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
20:29:31.0166 4972 Ntfs - ok
20:29:31.0379 4972 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:29:31.0391 4972 ntrigdigi - ok
20:29:31.0638 4972 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:29:31.0639 4972 Null - ok
20:29:31.0930 4972 NVENETFD (1efec38a852ab35883bfff3427b92b3f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
20:29:31.0947 4972 NVENETFD - ok
20:29:31.0980 4972 NVNET (1efec38a852ab35883bfff3427b92b3f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
20:29:31.0982 4972 NVNET - ok
20:29:32.0079 4972 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
20:29:32.0094 4972 nvraid - ok
20:29:32.0191 4972 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
20:29:32.0202 4972 nvstor - ok
20:29:32.0313 4972 nvstor32 (dc5f166422beebf195e3e4bb8ab4ee22) C:\Windows\system32\DRIVERS\nvstor32.sys
20:29:32.0314 4972 nvstor32 - ok
20:29:32.0582 4972 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
20:29:32.0624 4972 nv_agp - ok
20:29:32.0866 4972 NwlnkFlt - ok
20:29:33.0016 4972 NwlnkFwd - ok
20:29:33.0239 4972 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
20:29:33.0255 4972 ohci1394 - ok
20:29:33.0407 4972 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:29:33.0473 4972 Parport - ok
20:29:33.0727 4972 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
20:29:33.0729 4972 partmgr - ok
20:29:33.0848 4972 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:29:33.0863 4972 Parvdm - ok
20:29:33.0972 4972 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
20:29:33.0975 4972 pci - ok
20:29:34.0056 4972 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
20:29:34.0069 4972 pciide - ok
20:29:34.0275 4972 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\DRIVERS\pcmcia.sys
20:29:34.0279 4972 pcmcia - ok
20:29:34.0511 4972 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:29:34.0643 4972 PEAUTH - ok
20:29:34.0861 4972 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:29:34.0867 4972 PptpMiniport - ok
20:29:34.0955 4972 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
20:29:34.0956 4972 Processor - ok
20:29:35.0069 4972 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
20:29:35.0070 4972 PSched - ok
20:29:35.0157 4972 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
20:29:35.0167 4972 PxHelp20 - ok
20:29:35.0322 4972 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
20:29:35.0356 4972 ql2300 - ok
20:29:35.0516 4972 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:29:35.0574 4972 ql40xx - ok
20:29:35.0836 4972 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:29:35.0860 4972 QWAVEdrv - ok
20:29:35.0976 4972 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:29:35.0977 4972 RasAcd - ok
20:29:36.0076 4972 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:29:36.0088 4972 Rasl2tp - ok
20:29:36.0176 4972 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
20:29:36.0185 4972 RasPppoe - ok
20:29:36.0301 4972 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
20:29:36.0312 4972 RasSstp - ok
20:29:36.0425 4972 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
20:29:36.0492 4972 rdbss - ok
20:29:36.0652 4972 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:29:36.0653 4972 RDPCDD - ok
20:29:36.0872 4972 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
20:29:36.0889 4972 rdpdr - ok
20:29:36.0985 4972 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:29:36.0991 4972 RDPENCDD - ok
20:29:37.0120 4972 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
20:29:37.0195 4972 RDPWD - ok
20:29:37.0310 4972 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:29:37.0322 4972 rspndr - ok
20:29:37.0713 4972 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:29:37.0738 4972 sbp2port - ok
20:29:38.0576 4972 sdbus (4339a2585708c7d9b0c0ce5aad3dd6ff) C:\Windows\system32\DRIVERS\sdbus.sys
20:29:38.0597 4972 sdbus - ok
20:29:39.0112 4972 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:29:39.0113 4972 secdrv - ok
20:29:39.0496 4972 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:29:39.0504 4972 Serenum - ok
20:29:39.0798 4972 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:29:39.0801 4972 Serial - ok
20:29:39.0904 4972 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:29:39.0919 4972 sermouse - ok
20:29:40.0085 4972 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
20:29:40.0104 4972 sffdisk - ok
20:29:40.0179 4972 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
20:29:40.0181 4972 sffp_mmc - ok
20:29:40.0288 4972 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
20:29:40.0290 4972 sffp_sd - ok
20:29:40.0350 4972 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:29:40.0353 4972 sfloppy - ok
20:29:40.0456 4972 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
20:29:40.0465 4972 sisagp - ok
20:29:40.0604 4972 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
20:29:40.0606 4972 SiSRaid2 - ok
20:29:40.0700 4972 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
20:29:40.0709 4972 SiSRaid4 - ok
20:29:40.0929 4972 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
20:29:40.0939 4972 Smb - ok
20:29:41.0121 4972 SPBBCDrv (dc4dc886d3779c446f9b0e9d6b006e72) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
20:29:41.0151 4972 SPBBCDrv - ok
20:29:41.0235 4972 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:29:41.0237 4972 spldr - ok
20:29:41.0395 4972 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
20:29:41.0395 4972 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
20:29:41.0412 4972 sptd ( LockedFile.Multi.Generic ) - warning
20:29:41.0412 4972 sptd - detected LockedFile.Multi.Generic (1)
20:29:41.0670 4972 SRTSP (6eb50ad90c84fadc446012206bcef90e) C:\Windows\system32\Drivers\SRTSP.SYS
20:29:41.0672 4972 Suspicious file (Forged): C:\Windows\system32\Drivers\SRTSP.SYS. Real md5: 6eb50ad90c84fadc446012206bcef90e, Fake md5: 655773f2f1a3730c6cf20280a49f4ee1
20:29:41.0674 4972 SRTSP ( ForgedFile.Multi.Generic ) - warning
20:29:41.0674 4972 SRTSP - detected ForgedFile.Multi.Generic (1)
20:29:41.0774 4972 SRTSPL (2a0aaf370d4c6574a34ae2f4a0709cae) C:\Windows\system32\Drivers\SRTSPL.SYS
20:29:41.0791 4972 SRTSPL - ok
20:29:41.0840 4972 SRTSPX (3104bdceace2d5710776dd05e6a286c1) C:\Windows\system32\Drivers\SRTSPX.SYS
20:29:41.0843 4972 SRTSPX - ok
20:29:41.0880 4972 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
20:29:41.0886 4972 srv - ok
20:29:41.0912 4972 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
20:29:41.0916 4972 srv2 - ok
20:29:41.0955 4972 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
20:29:41.0958 4972 srvnet - ok
20:29:42.0009 4972 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:29:42.0022 4972 swenum - ok
20:29:42.0124 4972 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:29:42.0146 4972 Symc8xx - ok
20:29:42.0289 4972 SYMDNS (fe9f8b3a8bc22d85332b42e92308ddf9) C:\Windows\System32\Drivers\SYMDNS.SYS
20:29:42.0303 4972 SYMDNS - ok
20:29:42.0371 4972 SymEvent (06b95820df51502099a8a15c93e87986) C:\Windows\system32\Drivers\SYMEVENT.SYS
20:29:42.0388 4972 SymEvent - ok
20:29:42.0440 4972 SYMFW (a0ea9d273889e53cfaabf2444692ccbf) C:\Windows\System32\Drivers\SYMFW.SYS
20:29:42.0455 4972 SYMFW - ok
20:29:42.0546 4972 SymIM (8eab28dd6cd25355b951ae460fa86b48) C:\Windows\system32\DRIVERS\SymIMv.sys
20:29:42.0554 4972 SymIM - ok
20:29:42.0573 4972 SymIMMP - ok
20:29:42.0630 4972 SYMNDISV (c94eaca4b522012ee0691f1e79c42a7d) C:\Windows\System32\Drivers\SYMNDISV.SYS
20:29:42.0644 4972 SYMNDISV - ok
20:29:42.0739 4972 SYMREDRV (7c6505ea598e58099d3b7e1f70426864) C:\Windows\System32\Drivers\SYMREDRV.SYS
20:29:42.0740 4972 SYMREDRV - ok
20:29:42.0761 4972 SYMTDI (e6ff7ace71d07ca90119f2c6ab592ba4) C:\Windows\System32\Drivers\SYMTDI.SYS
20:29:42.0765 4972 SYMTDI - ok
20:29:42.0803 4972 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:29:42.0805 4972 Sym_hi - ok
20:29:42.0822 4972 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:29:42.0825 4972 Sym_u3 - ok
20:29:42.0911 4972 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
20:29:42.0936 4972 Tcpip - ok
20:29:43.0242 4972 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
20:29:43.0249 4972 Tcpip6 - ok
20:29:43.0361 4972 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
20:29:43.0363 4972 tcpipreg - ok
20:29:43.0402 4972 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:29:43.0405 4972 TDPIPE - ok
20:29:43.0430 4972 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:29:43.0431 4972 TDTCP - ok
20:29:43.0575 4972 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
20:29:43.0577 4972 tdx - ok
20:29:43.0620 4972 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
20:29:43.0622 4972 TermDD - ok
20:29:43.0779 4972 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:29:43.0780 4972 tssecsrv - ok
20:29:43.0818 4972 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:29:43.0819 4972 tunmp - ok
20:29:43.0841 4972 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
20:29:43.0843 4972 tunnel - ok
20:29:43.0873 4972 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
20:29:43.0876 4972 uagp35 - ok
20:29:43.0934 4972 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
20:29:43.0939 4972 udfs - ok
20:29:43.0986 4972 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
20:29:43.0988 4972 uliagpkx - ok
20:29:44.0015 4972 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
20:29:44.0020 4972 uliahci - ok
20:29:44.0041 4972 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:29:44.0045 4972 UlSata - ok
20:29:44.0064 4972 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:29:44.0067 4972 ulsata2 - ok
20:29:44.0114 4972 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:29:44.0116 4972 umbus - ok
20:29:44.0166 4972 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
20:29:44.0169 4972 usbaudio - ok
20:29:44.0200 4972 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:29:44.0203 4972 usbccgp - ok
20:29:44.0241 4972 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:29:44.0254 4972 usbcir - ok
20:29:44.0306 4972 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
20:29:44.0319 4972 usbehci - ok
20:29:44.0359 4972 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
20:29:44.0363 4972 usbhub - ok
20:29:44.0383 4972 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
20:29:44.0384 4972 usbohci - ok
20:29:44.0414 4972 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:29:44.0423 4972 usbprint - ok
20:29:44.0454 4972 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
20:29:44.0464 4972 usbscan - ok
20:29:44.0489 4972 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:29:44.0490 4972 USBSTOR - ok
20:29:44.0549 4972 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
20:29:44.0551 4972 usbuhci - ok
20:29:44.0679 4972 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
20:29:44.0683 4972 usbvideo - ok
20:29:44.0815 4972 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
20:29:44.0817 4972 vga - ok
20:29:44.0910 4972 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:29:44.0920 4972 VgaSave - ok
20:29:45.0014 4972 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
20:29:45.0023 4972 viaagp - ok
20:29:45.0144 4972 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
20:29:45.0159 4972 ViaC7 - ok
20:29:45.0261 4972 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
20:29:45.0263 4972 viaide - ok
20:29:45.0363 4972 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:29:45.0369 4972 volmgr - ok
20:29:45.0494 4972 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
20:29:45.0567 4972 volmgrx - ok
20:29:45.0859 4972 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
20:29:45.0927 4972 volsnap - ok
20:29:46.0021 4972 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
20:29:46.0024 4972 vsmraid - ok
20:29:46.0256 4972 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:29:46.0267 4972 WacomPen - ok
20:29:46.0382 4972 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:29:46.0389 4972 Wanarp - ok
20:29:46.0407 4972 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:29:46.0408 4972 Wanarpv6 - ok
20:29:46.0784 4972 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
20:29:46.0786 4972 Wd - ok
20:29:46.0925 4972 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
20:29:46.0938 4972 Wdf01000 - ok
20:29:47.0147 4972 winachsf (e096ffb754f1e45ae1bddac1275ae2c5) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:29:47.0163 4972 winachsf - ok
20:29:47.0311 4972 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
20:29:47.0317 4972 WmiAcpi - ok
20:29:47.0587 4972 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
20:29:47.0600 4972 WpdUsb - ok
20:29:47.0682 4972 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:29:47.0684 4972 ws2ifsl - ok
20:29:47.0820 4972 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:29:47.0833 4972 WUDFRd - ok
20:29:47.0879 4972 XAudio (e3fcf2870b5d7979b3bf10e98a71c847) C:\Windows\system32\DRIVERS\xaudio.sys
20:29:47.0880 4972 XAudio - ok
20:29:47.0913 4972 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:29:47.0924 4972 \Device\Harddisk0\DR0 - ok
20:29:47.0927 4972 Boot (0x1200) (10ff9c14cd7c653f910b683224932980) \Device\Harddisk0\DR0\Partition0
20:29:47.0928 4972 \Device\Harddisk0\DR0\Partition0 - ok
20:29:47.0939 4972 Boot (0x1200) (eb0a0f56818ab2cc10773b4a36c4bc6f) \Device\Harddisk0\DR0\Partition1
20:29:47.0940 4972 \Device\Harddisk0\DR0\Partition1 - ok
20:29:47.0941 4972 ============================================================
20:29:47.0941 4972 Scan finished
20:29:47.0941 4972 ============================================================
20:29:47.0951 5280 Detected object count: 2
20:29:47.0951 5280 Actual detected object count: 2
20:36:13.0793 5280 sptd ( LockedFile.Multi.Generic ) - skipped by user
20:36:13.0793 5280 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
20:36:13.0795 5280 SRTSP ( ForgedFile.Multi.Generic ) - skipped by user
20:36:13.0795 5280 SRTSP ( ForgedFile.Multi.Generic ) - User select action: Skip

 

aswMbr is still not working. Should I go ahead with the other steps?

 

Combofix got nowhere, I let it run for several hours and it never went past the screen that says times may double on badly infected machines. I know from checking a tutorial that it should be showing the stages as it scans and it never did.

Tried all the different options and they all ended up with the same result.

 

Junction.exe won't copy over to C:\Windows. It gives me the file moving popup when I try to copy it over but after the move finishes the file is still not there.

 

...I can't even get into Safe Mode now, though oddly the Google redirect problem seems to have vanished. Still leaves all the others to work out though.

 

SystemLook 30.07.11 by jpshortstuff
Log created at 21:57 on 13/10/2011 by Lucas
Administrator - Elevation successful

========== filefind ==========

Searching for "SRTSP.SYS "
C:\Windows\System32\drivers\srtsp.sys --a---- 279088 bytes [07:57 01/12/2007] [07:57 01/12/2007] 6EB50AD90C84FADC446012206BCEF90E

-= EOF =-

 

Junction.exe copied over on the Admin account but when I put the command into the Start Search box it opens and doesn't do anything, just sits there with a blinking cursor. I copied and pasted the command right off your post so I don't think I messed it up.

This is the command I put in: cmd /c junction -s c:\ >log.txt&log.txt& del log.txt


I'm going to stay in the Admin account for now so if you need me to switch back to my account you'll need to say so.

 

Extras.txt

OTL Extras logfile created on: 10/15/2011 1:57:04 PM - Run 1
OTL by OldTimer - Version 3.2.30.0 Folder = C:\Users\Lucas\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.08 Gb Available Physical Memory | 69.47% Memory free
6.20 Gb Paging File | 4.62 Gb Available in Paging File | 74.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 454.73 Gb Total Space | 143.20 Gb Free Space | 31.49% Space Free | Partition Type: NTFS
Drive D: | 11.03 Gb Total Space | 3.68 Gb Free Space | 33.40% Space Free | Partition Type: NTFS

Computer Name: ZIGGAMEMACHINE | User Name: Lucas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1 ",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- "C:\Users\Lucas\AppData\Local\vug.exe" -a "%1" %*

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- "C:\Users\Lucas\AppData\Local\vug.exe" -a "%1" %*

[HKEY_USERS\S-1-5-21-3010283643-4083402107-944152190-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1 ",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [DOS Prompt Here] -- cmd.exe (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{163D32B4-1DE8-4B59-B966-86DEC0D53CC0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1760DC84-1E9F-4470-9400-22796EE4FDAC}" = rport=2178 | protocol=6 | dir=out | app=system |
"{269B9643-A527-4DC5-843B-0CA76A01773E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{35E53673-1834-4AB5-B7E8-294980C44F8D}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{439BE862-26A7-4FC2-A583-669D8676478C}" = lport=57251 | protocol=6 | dir=in | name=akamai netsession interface |
"{5A7B46B7-3C17-4553-8161-A3E6CB83129E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6290D9B5-170C-44C4-A57D-4EFE6C9CC2E2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{630B247C-4421-49B0-8EB7-1B34CADA6084}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{996C242E-4D08-4E28-9523-F7D5DF1794F5}" = lport=2178 | protocol=6 | dir=in | app=system |
"{9A23B782-E477-4096-AD8C-22FB637B54DC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CA88E1A8-67AC-4823-85C8-5E0765902A5D}" = lport=rpc | protocol=6 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{D3FCAF41-5D10-4124-9FED-E1B2929CE924}" = rport=3702 | protocol=17 | dir=out | svc=bits | app=c:\windows\system32\svchost.exe |
"{F264E92D-D9C0-4F6F-A772-CAB23B35EF3D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{F76505D9-BEBB-4634-B404-1845EB061D13}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{FE908724-9AF4-4B2E-A3F6-DAB108F406A0}" = lport=3702 | protocol=17 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D35DD6-B067-4779-A2EC-66124118EFBA}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{07D2703A-BF8F-4E29-93D1-945BB126BBBA}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{1A61AB4C-F7F1-43F6-AA87-6F0A7B8F1133}" = protocol=6 | dir=in | app=c:\program files\codemasters\overlord ii\overlord2.exe |
"{258A7046-7F7D-4AFD-ACAA-5C29834F81F4}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{262CD44E-322D-4B90-A239-E92EF66F409B}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{30649DAD-2C3E-42AF-B6AF-EB200FD02517}" = protocol=6 | dir=in | app=c:\program files\mass effect\masseffectlauncher.exe |
"{3898FD5B-5A27-46E0-BB90-8965A189455A}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{40514DCB-0F16-418B-8423-956022E55270}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4209989E-5A86-40A8-8256-DE93A327A710}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{44F0C985-89BC-497A-B636-F461D5D38C69}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{46FDE8A0-5638-4F89-8A7F-3921D1919874}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4C294802-C663-43A1-B9A1-AB6EF870A805}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{5BA98F08-2093-4ECD-9435-5B65E3577B70}" = protocol=6 | dir=in | app=c:\program files\mass effect\binaries\masseffect.exe |
"{69C4C619-4677-47EF-9978-4E22C2EB486E}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{71DBAD10-DF76-4637-B069-7CF276906C09}" = protocol=17 | dir=in | app=c:\program files\firaxis games\sid meier's civilization 4\civilization4.exe |
"{78BA813F-53EE-4D38-B21D-4881EFD7B5C1}" = protocol=17 | dir=in | app=c:\program files\mass effect\binaries\masseffect.exe |
"{8471F8F9-D3D5-491E-9F6B-66B67D623042}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8F61C35A-1421-4C31-8C75-B19B3E10B685}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{9ED74BC0-7D14-4519-B8F1-0EC10DEF29D4}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{A625CAD0-59EE-405F-B11B-FAB74EDE922A}" = protocol=17 | dir=in | app=c:\program files\mass effect\masseffectlauncher.exe |
"{A93938D2-77DE-4A9A-B756-E6DBA839575D}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{AB071F5C-9D46-4FD0-9CEF-3A9C7C3E1001}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{C1FF79D6-5216-4860-B225-2E64E1BC6737}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{C4239F08-F46B-4FB3-AD95-A5A5114DEF4A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{C7DDA4E8-A85D-405A-A75D-D275225908B0}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{CBDDB9AD-EFD4-49B3-BC1E-B7707FC1D49A}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{D379FA55-D1D3-44F2-AB36-FD3B53C790CA}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{DE586162-2E7E-4A27-8666-46294BABD108}" = protocol=6 | dir=in | app=c:\program files\firaxis games\sid meier's civilization 4\civilization4.exe |
"{DFBD2D92-20F5-48D2-B7C6-2351AE4243DF}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{E4B4D1C1-C150-4193-9D89-4E778F72F818}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E7613ADA-F6D0-4575-8332-49EC781D52A3}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{EFE6296B-E272-4BFA-9583-DD94B7E0254E}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{F27EB56A-BCFF-401D-BE6B-F3D337AA85EA}" = protocol=17 | dir=in | app=c:\program files\codemasters\overlord ii\overlord2.exe |
"{F87C0844-EE27-4056-AA97-2DA7FA4C0769}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{F93AE053-54F3-4275-8257-1F6D1F71D383}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{418DB996-AD10-45D8-A963-F565FA684D62}C:\users\lucas\appdata\local\microsoft\windows\temporary internet files\content.ie5\uf89hr3a\conquer_v5069_bc[1].exe" = protocol=6 | dir=in | app=c:\users\lucas\appdata\local\microsoft\windows\temporary internet files\content.ie5\uf89hr3a\conquer_v5069_bc[1].exe |
"TCP Query User{587D9FA9-9E9E-478C-B953-27CF59D2FA82}C:\users\lucas\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\lucas\program files\dna\btdna.exe |
"TCP Query User{9D6A2C1A-545F-40F8-8A4E-BC5229A299E6}C:\users\lucas\appdata\local\microsoft\windows\temporary internet files\content.ie5\q1udpex1\conquer_v5069_bc[1].exe" = protocol=6 | dir=in | app=c:\users\lucas\appdata\local\microsoft\windows\temporary internet files\content.ie5\q1udpex1\conquer_v5069_bc[1].exe |
"UDP Query User{45B49083-B97D-4B14-965C-175F622E96A5}C:\users\lucas\appdata\local\microsoft\windows\temporary internet files\content.ie5\uf89hr3a\conquer_v5069_bc[1].exe" = protocol=17 | dir=in | app=c:\users\lucas\appdata\local\microsoft\windows\temporary internet files\content.ie5\uf89hr3a\conquer_v5069_bc[1].exe |
"UDP Query User{8E16A423-A7BE-41A0-AC22-58327AECB555}C:\users\lucas\appdata\local\microsoft\windows\temporary internet files\content.ie5\q1udpex1\conquer_v5069_bc[1].exe" = protocol=17 | dir=in | app=c:\users\lucas\appdata\local\microsoft\windows\temporary internet files\content.ie5\q1udpex1\conquer_v5069_bc[1].exe |
"UDP Query User{DFDFC0E4-B4F7-4C53-A8E2-AD3C69F3F050}C:\users\lucas\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\lucas\program files\dna\btdna.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03290E9A-A1E7-4ACD-2F51-C5A94CEAC6AD}" = Catalyst Control Center Localization Czech
"{0510B629-3F4E-4143-8F94-89405E3EA9C3}" = ArcSoft Print Creations
"{0556F885-2415-4666-B53E-33727E46AEA1}" = The Movies(TM)
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Societies
"{0CC21836-A5D6-4641-B4AE-6FA01D021E41}" = The Sims Medieval Pirates and Nobles
"{0E485F33-3537-1E80-29AB-21CD2ABC3696}" = CCC Help Swedish
"{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}" = Studio 11
"{11233A17-BFFC-434A-8FC8-2E93369AF008}_is1" = Ruby 1.9.1-p243
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = The Sims™ 3 Outdoor Living Stuff
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1700" = Canon iP1700
"{15292416-A464-4FBA-BB96-7298EAACFC07}" = Zoo Tycoon 2 - Extinct Animals
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"{17863712-03FA-D2FC-9E70-168A801B363C}" = Catalyst Control Center Localization Turkish
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{186A63A2-4256-43C6-8061-95EF77A5CDB6}" = Sid Meier's Civilization 4
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{197B13B4-FC9F-0C40-528F-03E78A7963C3}" = Catalyst Control Center Graphics Full Existing
"{198193A7-DD1F-BBF5-D413-843F601EE8C6}" = CCC Help French
"{1A5B672C-66B6-43C4-8265-9B1D49462EA0}" = ArcSoft WebCam Companion 3
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FC5CEBB-434B-6B0F-9328-D4D97C6A8151}" = CCC Help Dutch
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20AC583C-A6FB-410A-807D-25308225C201}" = Paint.NET v3.35
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{259A8A5E-2886-4BED-9EF1-D5485282CCC3}" = Overlord
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{27E116CC-6D90-4B4D-BD43-AE9E5E8BE6F2}" = ArcSoft Panorama Maker 4
"{2B393511-8610-0457-4E9B-E5D243916953}" = ccc-core-static
"{2B520884-433A-E833-5EBA-0B995A1109BB}" = Catalyst Control Center Localization Norwegian
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{2DA3B2C6-C28F-453E-8C8D-13127850113B}" = CCC Help Polish
"{2F42F74B-F4DB-275B-DC0C-ECF10D0CC8FE}" = Catalyst Control Center Localization Chinese Traditional
"{2F952048-3220-4AC7-A206-D01EFC774BB2}" = Studio 11
"{2F95C932-2730-525C-6575-56BC36E9909D}" = CCC Help Thai
"{2FAE7E90-746B-13C1-AC76-9299266172ED}" = Catalyst Control Center Localization Spanish
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{3248F0A8-6813-11D6-A77B-00B0D0150170}" = J2SE Runtime Environment 5.0 Update 17
"{33BEE6F3-9987-4F98-A069-97A64EC8321A}" = Microsoft Works Suite Add-in for Microsoft Word
"{34FF0741-EC67-4C05-AC2A-6D257123DF2E}" = BigFix
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}" = Norton Internet Security
"{36DECF15-CB43-E506-DE01-8B99ECDFD363}" = CCC Help Hungarian
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CA7CFB1-36C9-71E0-D3A1-537958142A7B}" = Catalyst Control Center Localization Finnish
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{40939C6D-8F27-40B8-9CBC-72701624185D}" = Redistributed Files
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{42442CA9-90E6-4011-BB55-7C263F6D5EC1}" = BIAS SoundSoap PE 2.1
"{44F47986-6CA3-74FD-3C6A-4A824B6B4505}" = Catalyst Control Center Localization Korean
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{45A1BF92-700A-4408-B95E-79F462E3D67D}" = Studio 11 Bonus DVD
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4723f199-fa64-4233-8e6e-9fccc95a18ee}" = Python 2.6.5
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{53FCBAC9-8D76-4755-A558-DE9F2E072A9B}" = ASPCA Tri Reminder by We-Care.com v4.0.9.5
"{54AE3C08-D7D8-45FF-9348-0B4BE0D5A6CB}" = Comcast Universal Installer v1.2
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{59E04C6D-9EE0-4F70-9358-62108888C719}" = 2010 DR PEPPER EA GAMES EVERY BOTTLE/CUP WINS PROMOTION
"{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}" = RGSS-RTP Standard
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{5C316513-EF94-3FD4-C714-8144C9FBFA8D}" = Catalyst Control Center Localization Thai
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries
"{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center
"{631EBC45-9F7C-E682-7ED2-C771DC9D9B84}" = CCC Help Norwegian
"{6522FA47-BE84-54C5-D0B0-4A812638C381}" = Catalyst Control Center Localization Swedish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{667A1F4B-BFFA-4CF0-8C0B-6ED397370BCB}" = Immortal Cities: Children of the Nile
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A65BE06-2F50-376C-D48F-89E5DA4A276A}" = Skins
"{6D2C4B0C-1752-D091-6B1D-F5C8C4F0A937}" = ATI Catalyst Install Manager
"{6D5E4EC5-8E6C-FB39-1C42-59834C343BD4}" = CCC Help Turkish
"{6EC5A101-7484-1D9F-9499-55FF1C610918}" = Catalyst Control Center Core Implementation
"{6EEA339D-D79A-A551-F7D5-A40EF907D73F}" = CCC Help Japanese
"{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1" = Shop To Win
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{712FEC03-A269-4312-9737-023584C658EE}" = Yuri Software HEdit
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75FD939A-A871-6061-FB50-C20CEED2419A}" = Catalyst Control Center Localization Polish
"{77030BB4-4FFD-1EC3-6F43-0C6B643181ED}" = Catalyst Control Center Localization Dutch
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{7797C70B-11EB-446A-9B1E-3D9039DB581F}" = TotalAccess Core Applications
"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus
"{7A24C23C-C830-B155-0B06-5CCA0E84DEA7}" = Catalyst Control Center Localization Hungarian
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = The Sims™ 3 Town Life Stuff
"{7C8172A4-2DA8-D207-7F79-F00051D88C50}" = CCC Help Russian
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = Gateway Recovery Center Installer
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}" = The Sims Medieval
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{911B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab
"{924EF682-FA54-4B8E-A371-EC7DC7F474FA}" = Atlantica Online
"{92CB9D44-A108-4716-0BE8-A4F831D2002F}" = Catalyst Control Center Graphics Full New
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99E1A31C-63E9-498C-AFD8-22008624C889}" = CCC Help Italian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A6AA265-101C-4756-E19D-97EE6C823BD0}" = Catalyst Control Center Localization French
"{9B34CAC6-738F-4A20-B428-A115C3E3474C}" = RPGXP
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CE4E9E2-EDB1-31F4-E4C5-384809ABF5D5}" = Catalyst Control Center Localization Japanese
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9FC4F2D3-97F7-29F3-8035-DD5DD91CF78D}" = CCC Help Chinese Traditional
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A111D34B-7021-44CE-BEFB-3C17688F463B}" = SoulSeekkor's TQ Defiler
"{A1F8A68F-C445-0A8C-EA90-2BE52E215AE6}" = CCC Help German
"{A3966E11-60DB-B561-AF76-4DC15C793284}" = Catalyst Control Center Graphics Light
"{A57C6094-FC5A-4DEC-B1E0-1B2F48EEE8F4}" = Spare Backup
"{A61A59E2-5499-4164-B588-470387E149C9}" = TQ Defiler.NET
"{A61BEDB6-85DE-401B-BFA4-D89E342E4AC9}" = Symantec Real Time Storage Protection Component
"{A85ACC14-8A0D-AC25-99F2-159690BE893A}" = CCC Help Portuguese
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8ABE86A-E542-0C4D-EB19-FA28B1F23E75}" = CCC Help Korean
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}" = Wizard101
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{AC8116E1-290A-4317-B14F-200B71CAFB9D}" = Science Girls
"{AE1CB9E7-89B9-10F2-A6CB-3C541C5925DC}" = CCC Help Greek
"{AFBBF30D-ADA9-4313-464E-14458B6BE034}" = PhotoshopdotcomInspirationBrowser
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B35E86C1-AE3B-7864-4819-8414E0BE422C}" = CCC Help Spanish
"{B433E3D6-4D5F-FE01-ACAD-EBF96B49E081}" = Catalyst Control Center Localization Greek
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{B785CA1C-3EA0-4EFC-91BC-330EC34555BA}" = GhostMaster
"{B9966F27-9678-4620-9579-925E3084647E}" = Microsoft Works
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BF663FD1-AEA8-ACA1-44A9-E26CA24372EA}" = CCC Help Danish
"{C01091B1-237C-0E89-D125-1937B3697772}" = CCC Help Finnish
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C06A7DAC-1708-417C-B694-28C84DFE2DF9}" = The Movies(TM) Stunts & Effects
"{C10C3A01-2431-4DA5-A9C8-866DB0443F95}" = SymNet
"{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security
"{C4D417AC-63E7-418C-9910-8D2AF59A9603}" = Battle Slots
"{C58DEE92-BFF3-4037-9E37-E4C672FDDF7B}" = Circus Rmpire
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C7227EE3-6954-22FB-D54B-7A6FEE680BB3}" = Catalyst Control Center Localization Portuguese
"{CA634931-0CC3-4067-ABCC-7182E1DC23B7}" = HP Button Manager
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CC874CBB-BD87-4126-9465-AE73BB62D6E0}" = Studio Ultimate
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF2371B6-8422-49DB-908B-14B67C074667}" = ArcSoft Magic-i Visual Effects 2
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D1D8A8EA-753D-D754-FCFC-115BEFC3629D}" = Catalyst Control Center Graphics Previews Vista
"{D31612BB-C6D7-4142-96AE-16DB062354CF}" = HP Webcam User's Guide
"{D39F6935-5A59-4091-866B-D63D074CF08E}" = TQVault
"{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
"{DB3C800B-081B-4146-B4E3-EFB5B77AA913}" = TES Construction Set
"{DEA243C5-9448-9B0A-D96D-9A2A980E92F8}" = Catalyst Control Center Localization Chinese Standard
"{E17EC53E-E86E-AAD4-E9B8-8AFC26171821}" = CCC Help English
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help
"{E426CEC1-35C5-42BF-913E-6EF8F1211D01}" = Overlord II
"{E5794CEF-F506-112F-3A4B-907F24D27903}" = Catalyst Control Center Localization German
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{EA926717-CE5A-4CB4-AB21-9E6E9565A458}" = RCT3 Soaked
"{EB5F211D-85D5-44C4-BB15-1207C77EF430}" = Visual C++ 8.0 Runtime Setup Package
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Fast Lane Stuff
"{EDB42D3A-F64D-CEED-1E54-A23A6F49D670}" = CCC Help Czech
"{EE5EEDAF-F932-462B-A2CB-EEBDF819D5F5}" = Gateway Connect
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2462493-1411-41CA-B205-4EA9D91995A7}" = Catalyst Control Center Localization Danish
"{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}" = Microsoft WSE 2.0 SP3 Runtime
"{F53457D9-F5D9-1254-2BCD-65942C0E5694}" = Catalyst Control Center Localization Italian
"{F61CE400-BD11-A4E0-F370-8C96ACBA2E81}" = Catalyst Control Center Localization Russian
"{F6B0FF01-14C3-45A0-A365-BD84B49059EC}" = ccc-utility
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F9AEEC34-CF00-4CBD-9E36-DF9DC4002685}" = Yahoo! Desktop Login
"{FF087B26-DD20-4DD0-B97F-0B08B76A04D1}" = Deal Info
"{FF262740-C85A-11D5-BBEC-00D0B740900A}" = PS2 Multimedia Keyboard Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"AXIS Media Control SDK_is1" = AXIS Media Control SDK 5.90
"BitRaider Web Client" = BitRaider Web Client
"BitTorrent" = BitTorrent
"Blender" = Blender (remove only)
"Bolt Screensaver" = Bolt Screensaver
"Build in Time1.0" = Build in Time
"Byzantine - The Betrayal (TM)" = Byzantine - The Betrayal (TM)
"Cake Shop1.0" = Cake Shop
"Canon iP1700 User Registration" = Canon iP1700 User Registration
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_HSF" = Soft Data Fax Modem with SmartCP
"comtypes-py2.6" = Python 2.6 comtypes-0.6.2
"Costume Editor" = Costume Editor 0.2.1
"Creatures 3" = Creatures 3
"DivX Setup.divx.com" = DivX Setup
"Dungeon Keeper 2" = Dungeon Keeper 2
"EarthLink TotalAccess 2004" = EarthLink Software
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"EAX Unified" = EAX Unified
"Eye for Design1.0" = Eye for Design
"Flower Paradise 1.00" = Flower Paradise 1.00
"Galactic Civilizations II - Ultimate Edition" = Galactic Civilizations II - Ultimate Edition
"Google Desktop" = Google Desktop
"Heroes of Hellas 3 Athens" = Heroes of Hellas 3 Athens
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ImageConverter Plus_is1" = ImageConverter Plus 7.1
"InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}" = The Movies(TM) Stunts & Effects
"InstallShield_{15292416-A464-4FBA-BB96-7298EAACFC07}" = Zoo Tycoon 2 - Extinct Animals
"InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"InstallShield_{667A1F4B-BFFA-4CF0-8C0B-6ED397370BCB}" = Immortal Cities: Children of the Nile
"InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.8.3 (Full)
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Money2007b" = Microsoft Money Essentials
"Mozilla Firefox (3.6.23)" = Mozilla Firefox (3.6.23)
"NatGeo Eco Rescue-Rivers ." = NatGeo Eco Rescue-Rivers .
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Patapon 2_is1" = Patapon 2
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"proDAD-Heroglyph-2.5" = proDAD Heroglyph 2.5
"proDAD-Vitascene-1.0" = proDAD Vitascene 1.0
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"psyco-py2.6" = Python 2.6 psyco-1.6
"PunkBusterSvc" = PunkBuster Services
"pywin32-py2.6" = Python 2.6 pywin32-214
"RADVideo" = RAD Video Tools
"Samantha Swift and the Golden Touch 1.0.3" = Samantha Swift and the Golden Touch 1.0.3
"Samantha Swift and the Hidden Roses of Athena1.10" = Samantha Swift and the Hidden Roses of Athena
"Simple Spreadsheet_is1" = Simple Spreadsheet V1.3
"SimpleMU MUD Client" = SimpleMU MUD Client
"Spyware Terminator_is1" = Spyware Terminator
"Station Installer" = Station Installer 1.0.3.58
"Swiff Player_is1" = Swiff Player 1.7.2
"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation)
"The Movies Editor" = The Movies Editor 0.8.6.1
"The Movies Editor}" = The Movies Editor
"The Timebuilders - Pyramid Rising" = The Timebuilders - Pyramid Rising
"UnityWebPlayer" = Unity Web Player
"Warriors Screensaver" = Warriors Screensaver
"WebPost" = Microsoft Web Publishing Wizard 1.52
"WildTangent gateway Master Uninstall" = Gateway Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Works2004Setup" = Microsoft Works 2004 Setup Launcher
"Wrye Bash" = Wrye Bash
"WTA-061be33c-b5b0-46f5-a493-7728f9608e6a" = Rachel's Retreat
"wxPython2.8-ansi-py25_is1" = wxPython 2.8.0.1 (ansi) for Python 2.5
"wxPython2.8-ansi-py26_is1" = wxPython 2.8.11.0 (ansi) for Python 2.6
"XML Marker_is1" = XML Marker version 1.1
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3010283643-4083402107-944152190-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"SOE-EverQuest II Extended" = EverQuest II Extended
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

 

Having trouble posting the second log, every time I try it says that the connection was reset while the page was loading.

Also, the problem of losing focus on whatever window is open is back again...

 

...Like I said, whenever I try to post the second log it gives me an error page that says the connection was reset while the page was loading. Weird because I was able to post that I was having trouble just fine.

Is there a limit on the size of posts here that could be messing things up? This log is rather long.