Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

internet extremely slow or now speed at all

Started by Jewels Ritchie , Oct 25 2011 02:57 AM

Please log in to reply

#1
Jewels Ritchie

Posted 25 October 2011 - 02:57 AM

Member

Member
10 posts

hey there, i recently bought myself a new laptop about a month ago and today(October 24) my internet suddenly droped from super fast to super slow after i got home. i have ran tons of scans with super antispyware, malwarebytes antimalware and microsoft security essentails and turned up nothing but a few cookies. I also use ccleaner and TFC to do some extra cleaning. The issue only seems to be on a LAN connection as i don't have wireless at home and i only go on wifi at my local coffee shop or at school. i followed the steps on the malware and spyware cleaning guide just in case i missed something.

here is the results from the OTL scan i ran:

OTL logfile created on: 10/25/2011 2:37:38 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = H:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

5.48 Gb Total Physical Memory | 2.52 Gb Available Physical Memory | 45.92% Memory free
10.96 Gb Paging File | 7.79 Gb Available in Paging File | 71.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 676.94 Gb Total Space | 539.32 Gb Free Space | 79.67% Space Free | Partition Type: NTFS
Drive D: | 21.40 Gb Total Space | 2.28 Gb Free Space | 10.64% Space Free | Partition Type: NTFS
Drive E: | 496.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 7.44 Gb Total Space | 6.26 Gb Free Space | 84.16% Space Free | Partition Type: FAT32

Computer Name: BIGBERTHA | User Name: gnt500p | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/25 02:35:36 | 000,584,192 | ---- | M] (OldTimer Tools) -- H:\OTL.exe
PRC - [2011/09/26 18:27:41 | 013,342,720 | ---- | M] (Square Enix Limited) -- C:\Program Files (x86)\Square Enix\Deus Ex - Human Revolution\dxhr.exe
PRC - [2011/09/05 10:04:54 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/08/02 01:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2011/08/02 01:33:22 | 002,998,592 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
PRC - [2011/04/06 13:01:06 | 004,326,472 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\oasrv.exe
PRC - [2011/04/06 13:01:06 | 002,477,032 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\oaui.exe
PRC - [2011/04/06 13:01:04 | 001,165,336 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\oahlp.exe
PRC - [2011/04/06 13:01:04 | 000,381,512 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\oacat.exe
PRC - [2011/03/22 12:42:40 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/02/15 16:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011/01/27 13:38:04 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010/11/09 16:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/11/09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/09/30 04:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/09/14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/04/23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe

========== Modules (No Company Name) ==========

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/09/15 18:12:12 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/08/11 17:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/04/02 00:06:22 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/03/11 04:23:16 | 000,297,984 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/02/16 23:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2010/10/11 03:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/07/29 20:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 04:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2011/10/19 19:00:47 | 003,552,856 | ---- | M] () [Auto | Running] -- C:/Program Files (x86)/Common Files/Akamai/netsession_win_807ba95.dll -- (Akamai)
SRV - [2011/09/05 10:04:54 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/06 13:01:06 | 004,326,472 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2011/04/06 13:01:04 | 000,381,512 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Online Armor\OAcat.exe -- (OAcat)
SRV - [2011/03/07 18:43:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/02/15 16:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2010/11/09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/30 04:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/09/14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/09/15 18:51:12 | 010,206,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/09/15 17:38:42 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/08/25 17:04:30 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/07/22 10:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 15:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/22 00:13:50 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/04/06 13:01:30 | 000,032,920 | ---- | M] (Emsisoft) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OAnet.sys -- (OAnet)
DRV:64bit: - [2011/03/24 18:20:36 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/03/11 04:23:16 | 000,521,728 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 16:46:20 | 000,078,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/03/04 16:46:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/12/16 20:28:38 | 001,403,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/12/16 01:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/17 10:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/09/14 05:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/09/14 05:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/09/14 05:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/09/14 05:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/07/28 10:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/07/20 15:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/07/20 15:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/07/20 15:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/07/14 08:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/03/19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/02 16:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/24 08:55:10 | 000,011,264 | ---- | M] (Primax Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NMgamingms.sys -- (NMgamingmsFltr)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/06/10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 14:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2011/04/06 13:02:26 | 000,055,088 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\oahlp64.sys -- (oahlpXX)
DRV - [2011/04/06 13:01:30 | 000,059,176 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysWOW64\drivers\OADriver.sys -- (OADevice)
DRV - [2011/04/06 13:01:30 | 000,038,064 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\OAmon.sys -- (OAmon)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/4

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/30 13:42:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/08/29 08:49:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gnt500p\AppData\Roaming\mozilla\Extensions
[2011/09/28 11:45:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gnt500p\AppData\Roaming\mozilla\Firefox\Profiles\7e24fbra.default\extensions
[2011/09/20 07:36:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\gnt500p\AppData\Roaming\mozilla\Firefox\Profiles\7e24fbra.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/08/29 19:18:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\gnt500p\AppData\Roaming\mozilla\Firefox\Profiles\7e24fbra.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/08/29 08:49:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\GNT500P\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7E24FBRA.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/09/30 13:42:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/09/30 13:42:33 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files (x86)\Online Armor\oaui.exe (Emsi Software GmbH)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 142.165.200.135 142.165.157.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B501822E-0BCB-402D-AD8F-1D51FCAB284E}: DhcpNameServer = 142.165.200.135 142.165.157.5
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/24 21:27:24 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{4CF75AE5-233D-4D53-883F-A7DC8420C333}
[2011/10/24 21:26:49 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{E4CBB876-3D50-4A44-9E57-5628E843E60E}
[2011/10/24 09:26:27 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{FD60B566-B66B-47E2-902E-E58AF085B7B9}
[2011/10/24 09:26:18 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{41FF3162-31AB-4029-8CDA-62FC6487F60B}
[2011/10/23 15:10:07 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{0A995FBB-706F-4834-A856-A6B3FBA002EA}
[2011/10/23 15:09:41 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{4299E40C-7960-4870-BA9B-02CF008E8C94}
[2011/10/22 22:21:48 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{A409F912-7528-4F63-A979-C3E400E44709}
[2011/10/22 22:21:33 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{1E00A345-968D-4611-8BE1-2409BB033757}
[2011/10/22 05:28:19 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2011/10/22 05:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2011/10/22 05:27:32 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Roaming\InstallShield
[2011/10/20 21:31:11 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{43B2D87E-96A2-4045-A99F-A0819EFAC158}
[2011/10/20 21:30:36 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{F8DEDE96-C734-485B-8767-432063B77CD0}
[2011/10/20 21:28:26 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{FCDFF032-38FC-4644-94CA-E40F3FF737F6}
[2011/10/20 06:33:05 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{185FE051-A4C0-4AD4-81B8-8F7E778D4E9D}
[2011/10/20 06:32:36 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{A756DCAD-EF25-4F00-B0C5-3CEFE0DD4098}
[2011/10/20 03:37:37 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\201280
[2011/10/19 19:00:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
[2011/10/19 18:31:54 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{8D1FF6FC-BD35-4B7B-81DE-88EA4DEBDDA8}
[2011/10/19 18:31:34 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{ECA72F2E-D88F-4FE1-A59F-7E9CBCA78ED0}
[2011/10/19 09:30:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/10/19 09:27:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011/10/19 09:27:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/10/19 09:23:58 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW
[2011/10/19 09:23:40 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\Microsoft Help
[2011/10/19 09:23:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/10/19 09:22:51 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/10/13 09:30:50 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{9F216D98-5F82-4927-8023-276B130EBBB5}
[2011/10/13 09:30:15 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{5ED1D66E-BFD3-4105-9C5D-69296AD4C081}
[2011/10/12 17:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/10/12 17:33:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/10/12 17:33:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/10/12 17:33:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/10/12 17:27:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/10/12 17:27:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/10/12 16:54:15 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{7EE49219-B0EC-4574-B3B6-C093A4CF08E4}
[2011/10/12 04:53:32 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{E11354FA-1748-4FD3-B972-05B2DB7505D8}
[2011/10/12 04:52:53 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{6F6D1BDD-A17F-41AC-AC46-B0A13B15D203}
[2011/10/11 22:56:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2011/10/11 22:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2011/10/11 22:38:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/10/11 21:51:53 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Roaming\.minecraft
[2011/10/11 16:51:20 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{E7DE2943-4647-4478-B4BA-94614F1B38FD}
[2011/10/11 02:08:16 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{F5FB8889-6EDF-409D-BC73-9BFCA72A5AF2}
[2011/10/11 02:07:37 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{D5A96ACC-BBE1-4C05-8F9D-DB61F4C2A57E}
[2011/10/11 00:20:15 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\SKIDROW
[2011/10/10 21:08:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Installer 2.1.0 by Kaise123
[2011/10/10 21:08:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
[2011/10/10 14:54:38 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft Beta Cracked
[2011/10/10 13:28:49 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{0A0309B1-826A-4894-870E-0FC4A408BCA1}
[2011/10/10 13:28:25 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{202E4063-50A4-4540-BF01-AC674DFB986D}
[2011/10/09 22:26:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[2011/10/09 22:25:59 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2011/10/09 18:42:21 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{1202E354-6532-4AD0-B2A8-A1E325EAD681}
[2011/10/09 18:41:05 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{41CF41D9-F2A5-4941-906B-8BE16E6A1921}
[2011/10/05 10:18:04 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{35999E02-A174-4564-B836-A4AA34DE4923}
[2011/10/05 10:17:49 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{3D836DE9-8F8D-4933-B9CC-B3A04D03315E}
[2011/10/03 19:07:34 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{31CC3FA3-0453-4DF0-9EF4-19360D9E92C2}
[2011/10/03 19:07:01 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{E18DBAA0-9BFE-451F-8518-5B5B576CC022}
[2011/10/03 12:51:01 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{448D8981-6E58-41E0-8B40-8F5B0FF66BD7}
[2011/10/03 08:58:14 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{BD63FC1F-048F-4A15-9E5E-BF46B09B667D}
[2011/10/02 17:47:00 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{BA3F791F-E084-4FDB-9D0E-A88E34379401}
[2011/10/02 17:46:46 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{39C65D2F-7460-459B-ADC3-3089F1BB2FB5}
[2011/10/02 01:50:31 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Roaming\Download Manager
[2011/10/02 01:44:40 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{DB24E4B8-65EB-4492-A1F4-59254CDE69D7}
[2011/10/02 01:44:27 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{40131B36-0326-4B7F-87C3-DE56C47B82F0}
[2011/10/02 01:04:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP3
[2011/10/02 01:04:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinSCP3
[2011/09/30 20:37:35 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{1C06E352-6454-4638-8FE8-EDD65826C858}
[2011/09/30 20:37:20 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{9AA14543-DA9D-49D4-9F68-D7DDC01D2491}
[2011/09/29 13:31:22 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{0FBBFCE4-5319-4E02-B189-5A00D36BA9F9}
[2011/09/29 01:21:02 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{E86B4D5B-961C-4356-8C5F-020FC3DCC60F}
[2011/09/29 01:20:48 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{5F76966F-A011-4A74-9576-08ED7B13410F}
[2011/09/28 17:01:22 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\Desktop\Lessons
[2011/09/25 21:06:21 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{ED45A04E-B5CD-4519-8EE8-C763C2E944BA}

========== Files - Modified Within 30 Days ==========

[2011/10/25 02:23:07 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/25 02:23:07 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/24 17:22:05 | 000,418,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/24 17:21:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/24 17:21:46 | 117,624,831 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/22 21:44:50 | 000,783,528 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/22 21:44:50 | 000,667,544 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/22 21:44:50 | 000,126,890 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/14 15:37:05 | 003,289,990 | ---- | M] () -- C:\Users\gnt500p\Documents\E4820_M4A785TD-V_EVO-manual.zip
[2011/10/13 13:28:35 | 000,000,600 | ---- | M] () -- C:\Users\gnt500p\AppData\Local\PUTTY.RND
[2011/10/13 12:20:19 | 000,114,886 | ---- | M] () -- C:\Users\gnt500p\Documents\Lysol-Brand-Bathroom-Cleaner-Complete-Clean-Trigger-US-English.pdf
[2011/10/13 12:19:59 | 000,000,600 | ---- | M] () -- C:\Users\gnt500p\winscp.RND
[2011/10/11 19:09:28 | 001,056,768 | ---- | M] () -- C:\Windows\SysNative\defltbase.sdb
[2011/10/01 20:34:47 | 000,000,000 | -H-- | M] () -- C:\Users\gnt500p\Documents\Default.rdp

========== Files Created - No Company Name ==========

[2011/10/14 15:36:51 | 003,289,990 | ---- | C] () -- C:\Users\gnt500p\Documents\E4820_M4A785TD-V_EVO-manual.zip
[2011/10/13 13:28:35 | 000,000,600 | ---- | C] () -- C:\Users\gnt500p\AppData\Local\PUTTY.RND
[2011/10/13 12:20:18 | 000,114,886 | ---- | C] () -- C:\Users\gnt500p\Documents\Lysol-Brand-Bathroom-Cleaner-Complete-Clean-Trigger-US-English.pdf
[2011/10/11 19:09:27 | 001,056,768 | ---- | C] () -- C:\Windows\SysNative\defltbase.sdb
[2011/10/02 01:05:16 | 000,000,600 | ---- | C] () -- C:\Users\gnt500p\winscp.RND
[2011/10/01 20:34:47 | 000,000,000 | -H-- | C] () -- C:\Users\gnt500p\Documents\Default.rdp
[2011/09/04 01:26:47 | 000,059,176 | ---- | C] () -- C:\Windows\SysWow64\drivers\OADriver.sys
[2011/09/04 01:26:47 | 000,055,088 | ---- | C] () -- C:\Windows\SysWow64\drivers\oahlp64.sys
[2011/09/01 10:20:25 | 000,007,607 | ---- | C] () -- C:\Users\gnt500p\AppData\Local\Resmon.ResmonCfg
[2011/06/22 00:21:04 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/06/22 00:11:02 | 000,791,920 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/21 23:59:34 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/05/20 22:29:04 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2011/03/21 20:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/03/03 22:04:58 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2010/12/16 20:26:22 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2009/07/13 23:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 20:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 20:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 18:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 15:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/10/18 19:37:05 | 000,000,000 | ---D | M] -- C:\Users\gnt500p\AppData\Roaming\.minecraft
[2011/08/24 21:22:56 | 000,000,000 | ---D | M] -- C:\Users\gnt500p\AppData\Roaming\Blio
[2011/10/20 20:34:58 | 000,000,000 | ---D | M] -- C:\Users\gnt500p\AppData\Roaming\DAEMON Tools Lite
[2011/09/20 07:37:21 | 000,000,000 | ---D | M] -- C:\Users\gnt500p\AppData\Roaming\DVDVideoSoft
[2011/09/20 07:36:49 | 000,000,000 | ---D | M] -- C:\Users\gnt500p\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/08/27 16:43:44 | 000,000,000 | ---D | M] -- C:\Users\gnt500p\AppData\Roaming\ImgBurn
[2011/09/04 01:29:13 | 000,000,000 | ---D | M] -- C:\Users\gnt500p\AppData\Roaming\OnlineArmor
[2011/09/11 01:43:43 | 000,000,000 | ---D | M] -- C:\Users\gnt500p\AppData\Roaming\Rovio
[2011/10/19 09:30:59 | 000,000,000 | ---D | M] -- C:\Users\gnt500p\AppData\Roaming\SoftGrid Client
[2011/08/24 21:10:45 | 000,000,000 | ---D | M] -- C:\Users\gnt500p\AppData\Roaming\Synaptics
[2011/09/04 03:57:37 | 000,000,000 | ---D | M] -- C:\Users\gnt500p\AppData\Roaming\SystemRequirementsLab
[2011/09/17 23:13:05 | 000,000,000 | ---D | M] -- C:\Users\gnt500p\AppData\Roaming\TP
[2011/10/21 13:20:22 | 000,000,000 | ---D | M] -- C:\Users\gnt500p\AppData\Roaming\uTorrent
[2011/09/09 14:59:50 | 000,000,000 | ---D | M] -- C:\Users\gnt500p\AppData\Roaming\Windows Live Writer
[2009/07/13 23:08:49 | 000,017,002 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >

if you can let me know if this is actually a harware issue or something else that would be great!!
thanks, jewels

#2
RKinner

Posted 26 October 2011 - 10:06 AM

Malware Expert

Expert
24,625 posts

Your OTL shows this new service:
SRV - [2011/10/19 19:00:47 | 003,552,856 | ---- | M] () [Auto | Running] -- C:/Program Files (x86)/Common Files/Akamai/netsession_win_807ba95.dll -- (Akamai)
Do you know what it is?

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

Rightclick on Malwarebytes' Anti-Malware and select Run As Administrator and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.

* Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html

Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.

* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then right click and Run as Administrator

If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator

change the a-v scan to None.
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc /scannow

(SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)

sigverif

Press Start in the new window. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.)

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning

Then use the 'Number of events' as follows:

1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application.

Ron

#3
Jewels Ritchie

Posted 26 October 2011 - 09:35 PM

Member

Topic Starter
Member
10 posts

hey there Ron,

yes i do know what it is, it came with an MMORPG that i downloaded recently that i have been playing for years.. the game is caleed Shaiya, it was created by Area Games.

here is the log from the malwarebytes scan:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8014

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

26/10/2011 3:38:16 PM
mbam-log-2011-10-26 (15-38-16).txt

Scan type: Quick scan
Objects scanned: 177720
Time elapsed: 3 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

next, the ComboFix:

ComboFix 11-10-26.08 - gnt500p 26/10/2011 15:48:15.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.5611.4106 [GMT -6:00]
Running from: H:\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
FW: Online Armor Firewall *Enabled* {32E71E58-6AAE-2557-2ABD-EA739069CE41}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-09-26 to 2011-10-26 )))))))))))))))))))))))))))))))
.
.
2011-10-26 23:06 . 2011-10-26 23:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-24 23:22 . 2011-10-24 23:22 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{92379446-B751-426B-A79A-9185BF643A0F}\offreg.dll
2011-10-24 05:41 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{92379446-B751-426B-A79A-9185BF643A0F}\mpengine.dll
2011-10-22 11:28 . 2011-10-22 11:28 -------- d-----w- C:\AeriaGames
2011-10-22 11:27 . 2011-10-22 11:27 -------- d-----w- c:\users\gnt500p\AppData\Roaming\InstallShield
2011-10-20 09:37 . 2011-10-20 09:37 -------- d-----w- c:\users\gnt500p\AppData\Local\201280
2011-10-20 09:00 . 2011-10-20 09:00 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-10-20 01:00 . 2011-10-26 21:45 -------- d-----w- c:\program files (x86)\Common Files\Akamai
2011-10-19 15:27 . 2011-10-21 05:41 -------- d-----w- c:\program files (x86)\Microsoft Works
2011-10-19 15:23 . 2011-10-19 15:27 -------- d-----w- c:\windows\SHELLNEW
2011-10-19 15:23 . 2011-10-19 15:23 -------- d-----w- c:\users\gnt500p\AppData\Local\Microsoft Help
2011-10-19 15:23 . 2011-10-22 09:11 -------- d-----w- c:\programdata\Microsoft Help
2011-10-19 15:22 . 2011-10-19 15:22 -------- d-----r- C:\MSOCache
2011-10-12 23:33 . 2011-10-12 23:33 -------- d-----w- c:\program files\iPod
2011-10-12 23:33 . 2011-10-12 23:34 -------- d-----w- c:\program files\iTunes
2011-10-12 23:33 . 2011-10-12 23:34 -------- d-----w- c:\program files (x86)\iTunes
2011-10-12 23:27 . 2011-10-12 23:27 -------- d-----w- c:\program files\Bonjour
2011-10-12 23:27 . 2011-10-12 23:27 -------- d-----w- c:\program files (x86)\Bonjour
2011-10-12 04:56 . 2011-10-12 04:56 -------- d-----w- c:\program files\Defraggler
2011-10-12 03:51 . 2011-10-19 01:37 -------- d-----w- c:\users\gnt500p\AppData\Roaming\.minecraft
2011-10-11 23:06 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys
2011-10-11 23:06 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-11 23:06 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-11 23:06 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-11 23:06 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-11 23:06 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-11 23:06 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-11 23:06 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-11 23:06 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-10-11 08:18 . 2011-10-11 08:18 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{195A4596-F1F7-4565-A188-2C5D6A1BEAD2}\gapaengine.dll
2011-10-11 06:20 . 2011-10-20 09:37 -------- d-----w- c:\users\gnt500p\AppData\Local\SKIDROW
2011-10-10 04:25 . 2011-10-10 04:26 -------- d-----w- c:\program files\Recuva
2011-10-02 07:50 . 2011-10-14 21:37 -------- d-----w- c:\users\gnt500p\AppData\Roaming\Download Manager
2011-10-02 07:04 . 2011-10-02 07:05 -------- d-----w- c:\program files (x86)\WinSCP3
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-07 04:16 . 2011-08-26 04:35 8570192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-16 00:51 . 2011-09-16 00:51 10206208 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-09-16 00:28 . 2011-09-16 00:28 24600576 ----a-w- c:\windows\system32\atio6axx.dll
2011-09-16 00:15 . 2011-09-16 00:15 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-09-16 00:15 . 2011-04-02 06:58 736768 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-09-16 00:14 . 2011-04-02 06:57 867328 ----a-w- c:\windows\system32\aticfx64.dll
2011-09-16 00:13 . 2011-09-16 00:13 18584064 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-09-16 00:12 . 2011-04-02 06:54 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-09-16 00:12 . 2011-04-02 06:54 487936 ----a-w- c:\windows\system32\atieclxx.exe
2011-09-16 00:12 . 2011-04-02 06:54 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-09-16 00:11 . 2011-09-16 00:11 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-09-16 00:11 . 2011-04-02 06:52 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-09-16 00:11 . 2011-09-16 00:11 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-09-16 00:10 . 2011-09-16 00:10 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-09-16 00:10 . 2011-09-16 00:10 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-09-16 00:10 . 2011-09-16 00:10 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-09-16 00:10 . 2011-09-16 00:10 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-09-16 00:08 . 2011-04-02 06:49 4231680 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-09-15 23:59 . 2011-09-15 23:59 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-09-15 23:59 . 2011-04-02 06:40 4960256 ----a-w- c:\windows\system32\atidxx64.dll
2011-09-15 23:59 . 2011-09-15 23:59 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-09-15 23:58 . 2011-04-02 06:44 4023296 ----a-w- c:\windows\system32\atiumd6a.dll
2011-09-15 23:52 . 2011-09-15 23:52 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-09-15 23:52 . 2011-09-15 23:52 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-09-15 23:51 . 2011-09-15 23:51 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-09-15 23:51 . 2011-09-15 23:51 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-09-15 23:51 . 2011-09-15 23:51 9809920 ----a-w- c:\windows\system32\aticaldd64.dll
2011-09-15 23:50 . 2011-09-15 23:50 4289024 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-09-15 23:50 . 2011-09-15 23:50 4174848 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-09-15 23:48 . 2011-09-15 23:48 8390656 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-09-15 23:45 . 2011-04-02 06:07 58880 ----a-w- c:\windows\system32\coinst.dll
2011-09-15 23:44 . 2011-04-02 06:23 5431808 ----a-w- c:\windows\system32\atiumd64.dll
2011-09-15 23:39 . 2011-04-02 06:16 479744 ----a-w- c:\windows\system32\atiadlxx.dll
2011-09-15 23:39 . 2011-09-15 23:39 335872 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-09-15 23:38 . 2011-09-15 23:38 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2011-09-15 23:38 . 2011-09-15 23:38 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-09-15 23:38 . 2011-09-15 23:38 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-09-15 23:38 . 2011-09-15 23:38 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-09-15 23:38 . 2011-09-15 23:38 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-09-15 23:38 . 2011-09-15 23:38 317952 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-09-15 23:38 . 2011-04-02 06:15 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-09-15 23:38 . 2011-04-02 06:15 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-09-15 23:38 . 2011-04-02 06:15 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-09-15 23:37 . 2011-09-15 23:37 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-09-15 23:37 . 2011-09-15 23:37 54784 ----a-w- c:\windows\system32\atimpc64.dll
2011-09-15 23:37 . 2011-09-15 23:37 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2011-09-15 23:37 . 2011-09-15 23:37 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-09-15 23:37 . 2011-09-15 23:37 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-09-15 23:37 . 2011-09-15 23:37 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-08-31 23:00 . 2011-08-27 22:54 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-31 05:05 . 2011-08-31 05:05 96104 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 05:05 . 2011-08-31 05:05 85864 ----a-w- c:\windows\system32\dnssd.dll
2011-08-31 05:05 . 2011-08-31 05:05 61288 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-31 05:05 . 2011-08-31 05:05 212840 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-31 05:05 . 2011-08-31 05:05 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-08-31 05:05 . 2011-08-31 05:05 73064 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-08-31 05:05 . 2011-08-31 05:05 50536 ----a-w- c:\windows\SysWow64\jdns_sd.dll
2011-08-31 05:05 . 2011-08-31 05:05 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll
2011-08-29 14:58 . 2011-08-29 14:58 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-26 21:15 . 2011-05-21 04:35 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-08-25 23:04 . 2011-08-25 23:04 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-08-25 05:54 . 2011-08-25 05:54 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-08-25 03:17 . 2011-09-08 18:34 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-02 336384]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-02-15 94264]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-03-16 61112]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-01-27 318520]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 oahlpXX;Online Armor helper driver;c:\windows\syswow64\drivers\oahlp64.sys [2011-04-06 55088]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SvcOnlineArmor;Online Armor;c:\program files (x86)\Online Armor\oasrv.exe [2011-04-06 4326472]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 pknbljyir;{B806D100-0859-4E48-9D92-EFB10E20E97F};h:\ophcrack\pwdump\servpw.exe [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 OADevice;OADriver;c:\windows\SysWow64\Drivers\OADriver.sys [2011-04-06 59176]
S1 OAmon;OAmon;c:\windows\SysWOW64\Drivers\OAmon.sys [2011-04-06 38064]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-09-05 64952]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-04-02 365568]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-17 682040]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-08 2375168]
S2 OAcat;Online Armor Helper Service;c:\program files (x86)\Online Armor\OAcat.exe [2011-04-06 381512]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
S3 NMgamingmsFltr;USB Optical Mouse;c:\windows\system32\drivers\NMgamingms.sys [x]
S3 OAnet;OnlineArmor Service;c:\windows\system32\DRIVERS\oanet.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-03-11 1128448]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
"@OnlineArmor GUI"="c:\program files (x86)\Online Armor\oaui.exe" [2011-04-06 2477032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
FF - ProfilePath - c:\users\gnt500p\AppData\Roaming\Mozilla\Firefox\Profiles\7e24fbra.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="C:/Program Files (x86)/Common Files/Akamai/netsession_win_807ba95.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="C:/Program Files (x86)/Common Files/Akamai/netsession_win_807ba95.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-10-26 17:10:40
ComboFix-quarantined-files.txt 2011-10-26 23:10
.
Pre-Run: 578,437,332,992 bytes free
Post-Run: 578,301,882,368 bytes free
.
- - End Of File - - 34C1A1F0AFE9F1C57BE243A5BFE92904

next the TDSSKILLER:

17:16:53.0785 1824 TDSS rootkit removing tool 2.6.13.0 Oct 25 2011 13:56:21
17:16:53.0816 1824 ============================================================
17:16:53.0816 1824 Current date / time: 2011/10/26 17:16:53.0816
17:16:53.0816 1824 SystemInfo:
17:16:53.0816 1824
17:16:53.0816 1824 OS Version: 6.1.7601 ServicePack: 1.0
17:16:53.0816 1824 Product type: Workstation
17:16:53.0816 1824 ComputerName: BIGBERTHA
17:16:53.0816 1824 UserName: gnt500p
17:16:53.0816 1824 Windows directory: C:\Windows
17:16:53.0816 1824 System windows directory: C:\Windows
17:16:53.0816 1824 Running under WOW64
17:16:53.0816 1824 Processor architecture: Intel x64
17:16:53.0816 1824 Number of processors: 4
17:16:53.0816 1824 Page size: 0x1000
17:16:53.0816 1824 Boot type: Normal boot
17:16:53.0816 1824 ============================================================
17:16:54.0487 1824 Initialize success
17:17:01.0429 3900 ============================================================
17:17:01.0429 3900 Scan started
17:17:01.0429 3900 Mode: Manual;
17:17:01.0429 3900 ============================================================
17:17:02.0849 3900 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:17:02.0849 3900 1394ohci - ok
17:17:02.0989 3900 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
17:17:02.0989 3900 Accelerometer - ok
17:17:03.0129 3900 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:17:03.0129 3900 ACPI - ok
17:17:03.0254 3900 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:17:03.0254 3900 AcpiPmi - ok
17:17:03.0441 3900 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:17:03.0441 3900 adp94xx - ok
17:17:03.0582 3900 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:17:03.0597 3900 adpahci - ok
17:17:03.0738 3900 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:17:03.0753 3900 adpu320 - ok
17:17:03.0909 3900 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
17:17:03.0909 3900 AFD - ok
17:17:04.0034 3900 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:17:04.0034 3900 agp440 - ok
17:17:04.0206 3900 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:17:04.0206 3900 aliide - ok
17:17:04.0377 3900 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:17:04.0377 3900 amdide - ok
17:17:04.0502 3900 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
17:17:04.0518 3900 amdiox64 - ok
17:17:04.0658 3900 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:17:04.0658 3900 AmdK8 - ok
17:17:05.0033 3900 amdkmdag (42d53daf85f948c39ce1351a8f5b5808) C:\Windows\system32\DRIVERS\atikmdag.sys
17:17:05.0173 3900 amdkmdag - ok
17:17:05.0454 3900 amdkmdap (75182b5784015b271932088551616a96) C:\Windows\system32\DRIVERS\atikmpag.sys
17:17:05.0454 3900 amdkmdap - ok
17:17:05.0579 3900 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:17:05.0579 3900 AmdPPM - ok
17:17:05.0719 3900 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:17:05.0719 3900 amdsata - ok
17:17:05.0859 3900 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:17:05.0859 3900 amdsbs - ok
17:17:06.0000 3900 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:17:06.0000 3900 amdxata - ok
17:17:06.0125 3900 amd_sata (2fbb00a7616106b95104574c6cd640c2) C:\Windows\system32\DRIVERS\amd_sata.sys
17:17:06.0125 3900 amd_sata - ok
17:17:06.0234 3900 amd_xata (87d0d7645cb0d53220649bd5fe15d93e) C:\Windows\system32\DRIVERS\amd_xata.sys
17:17:06.0234 3900 amd_xata - ok
17:17:06.0405 3900 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:17:06.0421 3900 AppID - ok
17:17:06.0608 3900 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:17:06.0608 3900 arc - ok
17:17:06.0749 3900 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:17:06.0749 3900 arcsas - ok
17:17:06.0889 3900 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:17:06.0905 3900 AsyncMac - ok
17:17:07.0029 3900 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:17:07.0029 3900 atapi - ok
17:17:07.0185 3900 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
17:17:07.0185 3900 AtiHDAudioService - ok
17:17:07.0404 3900 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:17:07.0419 3900 b06bdrv - ok
17:17:07.0560 3900 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:17:07.0575 3900 b57nd60a - ok
17:17:07.0778 3900 BCM43XX (0e7a9264576b40638a3fbc804de1ff76) C:\Windows\system32\DRIVERS\bcmwl664.sys
17:17:07.0825 3900 BCM43XX - ok
17:17:07.0965 3900 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:17:07.0965 3900 Beep - ok
17:17:08.0106 3900 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
17:17:08.0106 3900 blbdrive - ok
17:17:08.0246 3900 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:17:08.0262 3900 bowser - ok
17:17:08.0387 3900 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:17:08.0387 3900 BrFiltLo - ok
17:17:08.0511 3900 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:17:08.0511 3900 BrFiltUp - ok
17:17:08.0636 3900 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:17:08.0652 3900 Brserid - ok
17:17:08.0777 3900 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:17:08.0777 3900 BrSerWdm - ok
17:17:08.0917 3900 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:17:08.0917 3900 BrUsbMdm - ok
17:17:09.0042 3900 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:17:09.0042 3900 BrUsbSer - ok
17:17:09.0198 3900 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
17:17:09.0198 3900 BthEnum - ok
17:17:09.0354 3900 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
17:17:09.0354 3900 BTHMODEM - ok
17:17:09.0494 3900 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
17:17:09.0510 3900 BthPan - ok
17:17:09.0650 3900 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
17:17:09.0666 3900 BTHPORT - ok
17:17:09.0806 3900 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
17:17:09.0806 3900 BTHUSB - ok
17:17:09.0947 3900 btwampfl (7a2ce8c1bf4daa1f2766e21e9ca11078) C:\Windows\system32\drivers\btwampfl.sys
17:17:09.0947 3900 btwampfl - ok
17:17:10.0087 3900 btwaudio (a75bf6802a967f5aacecc3c67febdf55) C:\Windows\system32\drivers\btwaudio.sys
17:17:10.0087 3900 btwaudio - ok
17:17:10.0212 3900 btwavdt (d895dc213edbda5fcc53aad1f1e0e63b) C:\Windows\system32\drivers\btwavdt.sys
17:17:10.0212 3900 btwavdt - ok
17:17:10.0352 3900 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
17:17:10.0352 3900 btwl2cap - ok
17:17:10.0477 3900 btwrchid (6d7aa2bde0135599c5f230d69db3b420) C:\Windows\system32\DRIVERS\btwrchid.sys
17:17:10.0477 3900 btwrchid - ok
17:17:10.0602 3900 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:17:10.0602 3900 cdfs - ok
17:17:10.0727 3900 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:17:10.0727 3900 cdrom - ok
17:17:10.0867 3900 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:17:10.0867 3900 circlass - ok
17:17:10.0992 3900 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:17:10.0992 3900 CLFS - ok
17:17:11.0163 3900 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
17:17:11.0163 3900 clwvd - ok
17:17:11.0304 3900 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
17:17:11.0304 3900 CmBatt - ok
17:17:11.0429 3900 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:17:11.0429 3900 cmdide - ok
17:17:11.0585 3900 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
17:17:11.0585 3900 CNG - ok
17:17:11.0741 3900 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
17:17:11.0741 3900 Compbatt - ok
17:17:11.0865 3900 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:17:11.0865 3900 CompositeBus - ok
17:17:12.0006 3900 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:17:12.0006 3900 crcdisk - ok
17:17:12.0177 3900 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:17:12.0177 3900 DfsC - ok
17:17:12.0318 3900 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:17:12.0318 3900 discache - ok
17:17:12.0474 3900 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:17:12.0474 3900 Disk - ok
17:17:12.0630 3900 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:17:12.0630 3900 drmkaud - ok
17:17:12.0770 3900 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:17:12.0786 3900 dtsoftbus01 - ok
17:17:12.0926 3900 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:17:12.0942 3900 DXGKrnl - ok
17:17:13.0145 3900 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:17:13.0191 3900 ebdrv - ok
17:17:13.0379 3900 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:17:13.0394 3900 elxstor - ok
17:17:13.0535 3900 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:17:13.0535 3900 ErrDev - ok
17:17:13.0691 3900 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:17:13.0691 3900 exfat - ok
17:17:13.0831 3900 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:17:13.0831 3900 fastfat - ok
17:17:13.0956 3900 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:17:13.0956 3900 fdc - ok
17:17:14.0112 3900 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:17:14.0112 3900 FileInfo - ok
17:17:14.0237 3900 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:17:14.0237 3900 Filetrace - ok
17:17:14.0377 3900 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:17:14.0377 3900 flpydisk - ok
17:17:14.0502 3900 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:17:14.0502 3900 FltMgr - ok
17:17:14.0627 3900 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:17:14.0627 3900 FsDepends - ok
17:17:14.0751 3900 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:17:14.0751 3900 Fs_Rec - ok
17:17:14.0892 3900 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:17:14.0892 3900 fvevol - ok
17:17:15.0032 3900 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:17:15.0032 3900 gagp30kx - ok
17:17:15.0188 3900 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:17:15.0188 3900 GEARAspiWDM - ok
17:17:15.0329 3900 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:17:15.0344 3900 hcw85cir - ok
17:17:15.0469 3900 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:17:15.0469 3900 HdAudAddService - ok
17:17:15.0594 3900 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:17:15.0609 3900 HDAudBus - ok
17:17:15.0734 3900 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:17:15.0734 3900 HidBatt - ok
17:17:15.0859 3900 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
17:17:15.0859 3900 HidBth - ok
17:17:15.0999 3900 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:17:15.0999 3900 HidIr - ok
17:17:16.0140 3900 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:17:16.0140 3900 HidUsb - ok
17:17:16.0327 3900 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
17:17:16.0327 3900 hpdskflt - ok
17:17:16.0467 3900 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:17:16.0467 3900 HpSAMD - ok
17:17:16.0655 3900 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:17:16.0655 3900 HTTP - ok
17:17:16.0779 3900 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:17:16.0779 3900 hwpolicy - ok
17:17:16.0920 3900 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:17:16.0920 3900 i8042prt - ok
17:17:17.0060 3900 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:17:17.0076 3900 iaStorV - ok
17:17:17.0279 3900 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:17:17.0279 3900 iirsp - ok
17:17:17.0403 3900 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:17:17.0403 3900 intelide - ok
17:17:17.0544 3900 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
17:17:17.0544 3900 intelppm - ok
17:17:17.0684 3900 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:17:17.0684 3900 IpFilterDriver - ok
17:17:17.0825 3900 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:17:17.0825 3900 IPMIDRV - ok
17:17:17.0965 3900 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:17:17.0965 3900 IPNAT - ok
17:17:18.0121 3900 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:17:18.0121 3900 IRENUM - ok
17:17:18.0261 3900 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:17:18.0261 3900 isapnp - ok
17:17:18.0402 3900 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:17:18.0402 3900 iScsiPrt - ok
17:17:18.0542 3900 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:17:18.0542 3900 kbdclass - ok
17:17:18.0667 3900 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:17:18.0667 3900 kbdhid - ok
17:17:18.0807 3900 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
17:17:18.0807 3900 KSecDD - ok
17:17:18.0932 3900 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
17:17:18.0932 3900 KSecPkg - ok
17:17:19.0073 3900 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:17:19.0073 3900 ksthunk - ok
17:17:19.0275 3900 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:17:19.0275 3900 lltdio - ok
17:17:19.0431 3900 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:17:19.0431 3900 LSI_FC - ok
17:17:19.0572 3900 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:17:19.0572 3900 LSI_SAS - ok
17:17:19.0712 3900 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:17:19.0728 3900 LSI_SAS2 - ok
17:17:19.0868 3900 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:17:19.0868 3900 LSI_SCSI - ok
17:17:19.0993 3900 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:17:19.0993 3900 luafv - ok
17:17:20.0149 3900 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:17:20.0149 3900 megasas - ok
17:17:20.0305 3900 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:17:20.0305 3900 MegaSR - ok
17:17:20.0445 3900 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:17:20.0445 3900 Modem - ok
17:17:20.0570 3900 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:17:20.0570 3900 monitor - ok
17:17:20.0711 3900 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:17:20.0711 3900 mouclass - ok
17:17:20.0835 3900 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:17:20.0851 3900 mouhid - ok
17:17:20.0960 3900 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:17:20.0976 3900 mountmgr - ok
17:17:21.0101 3900 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
17:17:21.0101 3900 MpFilter - ok
17:17:21.0272 3900 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:17:21.0272 3900 mpio - ok
17:17:21.0397 3900 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
17:17:21.0397 3900 MpNWMon - ok
17:17:21.0522 3900 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:17:21.0522 3900 mpsdrv - ok
17:17:21.0647 3900 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:17:21.0662 3900 MRxDAV - ok
17:17:21.0771 3900 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:17:21.0771 3900 mrxsmb - ok
17:17:21.0912 3900 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:17:21.0912 3900 mrxsmb10 - ok
17:17:22.0037 3900 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:17:22.0037 3900 mrxsmb20 - ok
17:17:22.0146 3900 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:17:22.0146 3900 msahci - ok
17:17:22.0271 3900 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:17:22.0286 3900 msdsm - ok
17:17:22.0427 3900 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:17:22.0427 3900 Msfs - ok
17:17:22.0551 3900 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:17:22.0551 3900 mshidkmdf - ok
17:17:22.0676 3900 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:17:22.0676 3900 msisadrv - ok
17:17:22.0832 3900 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:17:22.0832 3900 MSKSSRV - ok
17:17:22.0957 3900 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:17:22.0957 3900 MSPCLOCK - ok
17:17:23.0097 3900 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:17:23.0097 3900 MSPQM - ok
17:17:23.0238 3900 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:17:23.0238 3900 MsRPC - ok
17:17:23.0378 3900 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:17:23.0378 3900 mssmbios - ok
17:17:23.0503 3900 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:17:23.0503 3900 MSTEE - ok
17:17:23.0628 3900 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:17:23.0628 3900 MTConfig - ok
17:17:23.0753 3900 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:17:23.0753 3900 Mup - ok
17:17:23.0893 3900 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:17:23.0909 3900 NativeWifiP - ok
17:17:24.0065 3900 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:17:24.0080 3900 NDIS - ok
17:17:24.0221 3900 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:17:24.0221 3900 NdisCap - ok
17:17:24.0345 3900 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:17:24.0345 3900 NdisTapi - ok
17:17:24.0470 3900 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:17:24.0470 3900 Ndisuio - ok
17:17:24.0579 3900 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:17:24.0595 3900 NdisWan - ok
17:17:24.0720 3900 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:17:24.0720 3900 NDProxy - ok
17:17:24.0860 3900 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:17:24.0860 3900 NetBIOS - ok
17:17:25.0001 3900 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:17:25.0001 3900 NetBT - ok
17:17:25.0203 3900 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:17:25.0203 3900 nfrd960 - ok
17:17:25.0344 3900 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:17:25.0344 3900 NisDrv - ok
17:17:25.0515 3900 NMgamingmsFltr (fbca3fd51604147770eb4fb53d6144a8) C:\Windows\system32\drivers\NMgamingms.sys
17:17:25.0515 3900 NMgamingmsFltr - ok
17:17:25.0640 3900 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:17:25.0656 3900 Npfs - ok
17:17:25.0781 3900 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:17:25.0781 3900 nsiproxy - ok
17:17:25.0937 3900 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:17:25.0952 3900 Ntfs - ok
17:17:26.0077 3900 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:17:26.0077 3900 Null - ok
17:17:26.0217 3900 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
17:17:26.0217 3900 NVENETFD - ok
17:17:26.0358 3900 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:17:26.0373 3900 nvraid - ok
17:17:26.0514 3900 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:17:26.0514 3900 nvstor - ok
17:17:26.0654 3900 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:17:26.0654 3900 nv_agp - ok
17:17:26.0841 3900 OADevice (76aa576a6abceea31dc05e959bd51e15) C:\Windows\SysWow64\Drivers\OADriver.sys
17:17:26.0841 3900 OADevice - ok
17:17:27.0013 3900 oahlpXX (89113f98156e9120d78f018cdfc5bec4) C:\Windows\syswow64\drivers\oahlp64.sys
17:17:27.0013 3900 oahlpXX - ok
17:17:27.0185 3900 OAmon (ecd517bc4fa048fbe3da2d12147c104e) C:\Windows\SysWOW64\Drivers\OAmon.sys
17:17:27.0185 3900 OAmon - ok
17:17:27.0341 3900 OAnet (3c1c4645a61f2d5cd4f85b2013fd182f) C:\Windows\system32\DRIVERS\oanet.sys
17:17:27.0341 3900 OAnet - ok
17:17:27.0512 3900 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:17:27.0512 3900 ohci1394 - ok
17:17:27.0668 3900 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:17:27.0668 3900 Parport - ok
17:17:27.0793 3900 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:17:27.0793 3900 partmgr - ok
17:17:27.0918 3900 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:17:27.0933 3900 pci - ok
17:17:28.0043 3900 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:17:28.0043 3900 pciide - ok
17:17:28.0183 3900 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:17:28.0183 3900 pcmcia - ok
17:17:28.0308 3900 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:17:28.0308 3900 pcw - ok
17:17:28.0448 3900 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:17:28.0448 3900 PEAUTH - ok
17:17:28.0698 3900 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:17:28.0698 3900 PptpMiniport - ok
17:17:28.0807 3900 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:17:28.0807 3900 Processor - ok
17:17:28.0947 3900 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:17:28.0963 3900 Psched - ok
17:17:29.0103 3900 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
17:17:29.0103 3900 PxHlpa64 - ok
17:17:29.0322 3900 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:17:29.0353 3900 ql2300 - ok
17:17:29.0493 3900 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:17:29.0493 3900 ql40xx - ok
17:17:29.0618 3900 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:17:29.0618 3900 QWAVEdrv - ok
17:17:29.0743 3900 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:17:29.0743 3900 RasAcd - ok
17:17:29.0883 3900 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:17:29.0883 3900 RasAgileVpn - ok
17:17:30.0008 3900 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:17:30.0024 3900 Rasl2tp - ok
17:17:30.0164 3900 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:17:30.0164 3900 RasPppoe - ok
17:17:30.0289 3900 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:17:30.0289 3900 RasSstp - ok
17:17:30.0429 3900 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:17:30.0445 3900 rdbss - ok
17:17:30.0554 3900 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
17:17:30.0570 3900 rdpbus - ok
17:17:30.0695 3900 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:17:30.0695 3900 RDPCDD - ok
17:17:30.0819 3900 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:17:30.0819 3900 RDPENCDD - ok
17:17:30.0944 3900 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:17:30.0944 3900 RDPREFMP - ok
17:17:31.0085 3900 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
17:17:31.0100 3900 RDPWD - ok
17:17:31.0303 3900 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:17:31.0303 3900 rdyboost - ok
17:17:31.0459 3900 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
17:17:31.0459 3900 RFCOMM - ok
17:17:31.0631 3900 RSPCIESTOR (9d21618e7a3b2c75cf1a2ecbbe723730) C:\Windows\system32\DRIVERS\RtsPStor.sys
17:17:31.0631 3900 RSPCIESTOR - ok
17:17:31.0771 3900 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:17:31.0771 3900 rspndr - ok
17:17:31.0911 3900 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:17:31.0927 3900 RTL8167 - ok
17:17:32.0005 3900 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:17:32.0005 3900 SASDIFSV - ok
17:17:32.0067 3900 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:17:32.0067 3900 SASKUTIL - ok
17:17:32.0208 3900 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:17:32.0208 3900 sbp2port - ok
17:17:32.0333 3900 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:17:32.0333 3900 scfilter - ok
17:17:32.0489 3900 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
17:17:32.0489 3900 sdbus - ok
17:17:32.0629 3900 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:17:32.0629 3900 secdrv - ok
17:17:32.0769 3900 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
17:17:32.0769 3900 Serenum - ok
17:17:32.0894 3900 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
17:17:32.0894 3900 Serial - ok
17:17:33.0035 3900 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:17:33.0035 3900 sermouse - ok
17:17:33.0175 3900 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:17:33.0175 3900 sffdisk - ok
17:17:33.0347 3900 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:17:33.0347 3900 sffp_mmc - ok
17:17:33.0471 3900 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:17:33.0471 3900 sffp_sd - ok
17:17:33.0612 3900 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:17:33.0612 3900 sfloppy - ok
17:17:33.0752 3900 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
17:17:33.0768 3900 Sftfs - ok
17:17:33.0908 3900 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:17:33.0924 3900 Sftplay - ok
17:17:34.0049 3900 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:17:34.0049 3900 Sftredir - ok
17:17:34.0189 3900 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
17:17:34.0189 3900 Sftvol - ok
17:17:34.0329 3900 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:17:34.0345 3900 SiSRaid2 - ok
17:17:34.0470 3900 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:17:34.0470 3900 SiSRaid4 - ok
17:17:34.0610 3900 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:17:34.0610 3900 Smb - ok
17:17:34.0751 3900 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:17:34.0751 3900 spldr - ok
17:17:34.0907 3900 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:17:34.0922 3900 srv - ok
17:17:35.0109 3900 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:17:35.0125 3900 srv2 - ok
17:17:35.0390 3900 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:17:35.0390 3900 SrvHsfHDA - ok
17:17:35.0562 3900 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:17:35.0593 3900 SrvHsfV92 - ok
17:17:35.0733 3900 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:17:35.0749 3900 SrvHsfWinac - ok
17:17:35.0889 3900 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:17:35.0889 3900 srvnet - ok
17:17:36.0045 3900 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:17:36.0045 3900 stexstor - ok
17:17:36.0201 3900 STHDA (74387b34b43f94e380608888c56a5ccd) C:\Windows\system32\DRIVERS\stwrt64.sys
17:17:36.0201 3900 STHDA - ok
17:17:36.0357 3900 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:17:36.0357 3900 swenum - ok
17:17:36.0529 3900 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
17:17:36.0560 3900 SynTP - ok
17:17:36.0747 3900 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
17:17:36.0779 3900 Tcpip - ok
17:17:36.0966 3900 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
17:17:36.0997 3900 TCPIP6 - ok
17:17:37.0122 3900 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:17:37.0122 3900 tcpipreg - ok
17:17:37.0356 3900 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:17:37.0356 3900 TDPIPE - ok
17:17:37.0527 3900 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
17:17:37.0527 3900 TDTCP - ok
17:17:37.0668 3900 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:17:37.0668 3900 tdx - ok
17:17:37.0793 3900 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:17:37.0808 3900 TermDD - ok
17:17:37.0949 3900 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:17:37.0964 3900 tssecsrv - ok
17:17:38.0089 3900 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:17:38.0089 3900 TsUsbFlt - ok
17:17:38.0214 3900 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:17:38.0229 3900 TsUsbGD - ok
17:17:38.0354 3900 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:17:38.0354 3900 tunnel - ok
17:17:38.0479 3900 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:17:38.0479 3900 uagp35 - ok
17:17:38.0604 3900 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:17:38.0619 3900 udfs - ok
17:17:38.0775 3900 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:17:38.0775 3900 uliagpkx - ok
17:17:38.0916 3900 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:17:38.0916 3900 umbus - ok
17:17:39.0041 3900 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:17:39.0041 3900 UmPass - ok
17:17:39.0181 3900 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
17:17:39.0181 3900 USBAAPL64 - ok
17:17:39.0353 3900 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:17:39.0353 3900 usbccgp - ok
17:17:39.0493 3900 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:17:39.0493 3900 usbcir - ok
17:17:39.0618 3900 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:17:39.0618 3900 usbehci - ok
17:17:39.0758 3900 usbfilter (573d192e268f0c5b486b7e96f661e538) C:\Windows\system32\DRIVERS\usbfilter.sys
17:17:39.0758 3900 usbfilter - ok
17:17:39.0899 3900 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:17:39.0899 3900 usbhub - ok
17:17:40.0023 3900 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:17:40.0023 3900 usbohci - ok
17:17:40.0211 3900 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
17:17:40.0211 3900 usbprint - ok
17:17:40.0335 3900 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:17:40.0335 3900 USBSTOR - ok
17:17:40.0460 3900 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:17:40.0460 3900 usbuhci - ok
17:17:40.0585 3900 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
17:17:40.0601 3900 usbvideo - ok
17:17:40.0741 3900 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:17:40.0741 3900 vdrvroot - ok
17:17:40.0866 3900 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:17:40.0866 3900 vga - ok
17:17:40.0991 3900 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:17:40.0991 3900 VgaSave - ok
17:17:41.0115 3900 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:17:41.0115 3900 vhdmp - ok
17:17:41.0381 3900 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:17:41.0381 3900 viaide - ok
17:17:41.0505 3900 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:17:41.0521 3900 volmgr - ok
17:17:41.0646 3900 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:17:41.0646 3900 volmgrx - ok
17:17:41.0771 3900 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:17:41.0786 3900 volsnap - ok
17:17:41.0927 3900 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:17:41.0927 3900 vsmraid - ok
17:17:42.0051 3900 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:17:42.0067 3900 vwifibus - ok
17:17:42.0192 3900 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:17:42.0192 3900 vwififlt - ok
17:17:42.0332 3900 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:17:42.0332 3900 WacomPen - ok
17:17:42.0488 3900 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:17:42.0488 3900 WANARP - ok
17:17:42.0504 3900 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:17:42.0504 3900 Wanarpv6 - ok
17:17:42.0675 3900 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:17:42.0675 3900 Wd - ok
17:17:42.0816 3900 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:17:42.0816 3900 Wdf01000 - ok
17:17:42.0987 3900 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:17:43.0003 3900 WfpLwf - ok
17:17:43.0128 3900 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:17:43.0128 3900 WIMMount - ok
17:17:43.0377 3900 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:17:43.0377 3900 WinUsb - ok
17:17:43.0518 3900 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:17:43.0518 3900 WmiAcpi - ok
17:17:43.0674 3900 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:17:43.0674 3900 ws2ifsl - ok
17:17:43.0814 3900 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
17:17:43.0814 3900 WSDPrintDevice - ok
17:17:43.0970 3900 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:17:43.0970 3900 WudfPf - ok
17:17:44.0111 3900 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:17:44.0111 3900 WUDFRd - ok
17:17:44.0173 3900 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:17:44.0189 3900 \Device\Harddisk0\DR0 - ok
17:17:44.0189 3900 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR2
17:17:44.0204 3900 \Device\Harddisk1\DR2 - ok
17:17:44.0220 3900 Boot (0x1200) (d56501f4608dd09f6e93b56136ae4c45) \Device\Harddisk0\DR0\Partition0
17:17:44.0220 3900 \Device\Harddisk0\DR0\Partition0 - ok
17:17:44.0235 3900 Boot (0x1200) (01c8575abb6aed81bfc1d808fb17cabb) \Device\Harddisk0\DR0\Partition1
17:17:44.0235 3900 \Device\Harddisk0\DR0\Partition1 - ok
17:17:44.0267 3900 Boot (0x1200) (e16e09c674acb169db8debc4ccf6d68f) \Device\Harddisk0\DR0\Partition2
17:17:44.0267 3900 \Device\Harddisk0\DR0\Partition2 - ok
17:17:44.0282 3900 Boot (0x1200) (11008ecdd8b3d918cf15a14619b1edfc) \Device\Harddisk0\DR0\Partition3
17:17:44.0282 3900 \Device\Harddisk0\DR0\Partition3 - ok
17:17:44.0298 3900 Boot (0x1200) (70e7d642a17ec146a10f473fc053eaa1) \Device\Harddisk1\DR2\Partition0
17:17:44.0298 3900 \Device\Harddisk1\DR2\Partition0 - ok
17:17:44.0298 3900 ============================================================
17:17:44.0298 3900 Scan finished
17:17:44.0298 3900 ============================================================
17:17:44.0329 6052 Detected object count: 0
17:17:44.0329 6052 Actual detected object count: 0
17:17:47.0683 3520 ============================================================
17:17:47.0683 3520 Scan started
17:17:47.0683 3520 Mode: Manual;
17:17:47.0683 3520 ============================================================
17:17:48.0416 3520 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:17:48.0416 3520 1394ohci - ok
17:17:48.0541 3520 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
17:17:48.0541 3520 Accelerometer - ok
17:17:48.0666 3520 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:17:48.0681 3520 ACPI - ok
17:17:48.0791 3520 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:17:48.0791 3520 AcpiPmi - ok
17:17:48.0931 3520 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:17:48.0931 3520 adp94xx - ok
17:17:49.0071 3520 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:17:49.0071 3520 adpahci - ok
17:17:49.0227 3520 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:17:49.0243 3520 adpu320 - ok
17:17:49.0383 3520 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
17:17:49.0399 3520 AFD - ok
17:17:49.0524 3520 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:17:49.0524 3520 agp440 - ok
17:17:49.0649 3520 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:17:49.0649 3520 aliide - ok
17:17:49.0789 3520 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:17:49.0789 3520 amdide - ok
17:17:49.0914 3520 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
17:17:49.0914 3520 amdiox64 - ok
17:17:50.0039 3520 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:17:50.0039 3520 AmdK8 - ok
17:17:50.0397 3520 amdkmdag (42d53daf85f948c39ce1351a8f5b5808) C:\Windows\system32\DRIVERS\atikmdag.sys
17:17:50.0538 3520 amdkmdag - ok
17:17:50.0725 3520 amdkmdap (75182b5784015b271932088551616a96) C:\Windows\system32\DRIVERS\atikmpag.sys
17:17:50.0725 3520 amdkmdap - ok
17:17:50.0834 3520 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:17:50.0850 3520 AmdPPM - ok
17:17:50.0975 3520 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:17:50.0975 3520 amdsata - ok
17:17:51.0099 3520 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:17:51.0115 3520 amdsbs - ok
17:17:51.0271 3520 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:17:51.0271 3520 amdxata - ok
17:17:51.0411 3520 amd_sata (2fbb00a7616106b95104574c6cd640c2) C:\Windows\system32\DRIVERS\amd_sata.sys
17:17:51.0411 3520 amd_sata - ok
17:17:51.0521 3520 amd_xata (87d0d7645cb0d53220649bd5fe15d93e) C:\Windows\system32\DRIVERS\amd_xata.sys
17:17:51.0521 3520 amd_xata - ok
17:17:51.0630 3520 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:17:51.0645 3520 AppID - ok
17:17:51.0786 3520 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:17:51.0786 3520 arc - ok
17:17:51.0911 3520 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:17:51.0911 3520 arcsas - ok
17:17:52.0035 3520 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:17:52.0051 3520 AsyncMac - ok
17:17:52.0176 3520 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:17:52.0176 3520 atapi - ok
17:17:52.0301 3520 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
17:17:52.0301 3520 AtiHDAudioService - ok
17:17:52.0519 3520 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:17:52.0535 3520 b06bdrv - ok
17:17:52.0675 3520 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:17:52.0675 3520 b57nd60a - ok
17:17:52.0862 3520 BCM43XX (0e7a9264576b40638a3fbc804de1ff76) C:\Windows\system32\DRIVERS\bcmwl664.sys
17:17:52.0909 3520 BCM43XX - ok
17:17:53.0034 3520 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:17:53.0034 3520 Beep - ok
17:17:53.0159 3520 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
17:17:53.0159 3520 blbdrive - ok
17:17:53.0315 3520 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:17:53.0315 3520 bowser - ok
17:17:53.0439 3520 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:17:53.0439 3520 BrFiltLo - ok
17:17:53.0580 3520 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:17:53.0580 3520 BrFiltUp - ok
17:17:53.0689 3520 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:17:53.0689 3520 Brserid - ok
17:17:53.0814 3520 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:17:53.0814 3520 BrSerWdm - ok
17:17:53.0954 3520 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:17:53.0954 3520 BrUsbMdm - ok
17:17:54.0063 3520 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:17:54.0063 3520 BrUsbSer - ok
17:17:54.0188 3520 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
17:17:54.0188 3520 BthEnum - ok
17:17:54.0391 3520 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
17:17:54.0391 3520 BTHMODEM - ok
17:17:54.0531 3520 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
17:17:54.0531 3520 BthPan - ok
17:17:54.0656 3520 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
17:17:54.0672 3520 BTHPORT - ok
17:17:54.0875 3520 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
17:17:54.0875 3520 BTHUSB - ok
17:17:55.0015 3520 btwampfl (7a2ce8c1bf4daa1f2766e21e9ca11078) C:\Windows\system32\drivers\btwampfl.sys
17:17:55.0015 3520 btwampfl - ok
17:17:55.0140 3520 btwaudio (a75bf6802a967f5aacecc3c67febdf55) C:\Windows\system32\drivers\btwaudio.sys
17:17:55.0140 3520 btwaudio - ok
17:17:55.0296 3520 btwavdt (d895dc213edbda5fcc53aad1f1e0e63b) C:\Windows\system32\drivers\btwavdt.sys
17:17:55.0296 3520 btwavdt - ok
17:17:55.0483 3520 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
17:17:55.0483 3520 btwl2cap - ok
17:17:55.0686 3520 btwrchid (6d7aa2bde0135599c5f230d69db3b420) C:\Windows\system32\DRIVERS\btwrchid.sys
17:17:55.0686 3520 btwrchid - ok
17:17:55.0811 3520 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:17:55.0811 3520 cdfs - ok
17:17:55.0951 3520 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:17:55.0951 3520 cdrom - ok
17:17:56.0076 3520 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:17:56.0076 3520 circlass - ok
17:17:56.0201 3520 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:17:56.0216 3520 CLFS - ok
17:17:56.0357 3520 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
17:17:56.0357 3520 clwvd - ok
17:17:56.0466 3520 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
17:17:56.0466 3520 CmBatt - ok
17:17:56.0591 3520 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:17:56.0591 3520 cmdide - ok
17:17:56.0715 3520 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
17:17:56.0731 3520 CNG - ok
17:17:56.0840 3520 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
17:17:56.0856 3520 Compbatt - ok
17:17:56.0965 3520 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:17:56.0965 3520 CompositeBus - ok
17:17:57.0105 3520 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:17:57.0105 3520 crcdisk - ok
17:17:57.0293 3520 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:17:57.0293 3520 DfsC - ok
17:17:57.0417 3520 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:17:57.0417 3520 discache - ok
17:17:57.0573 3520 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:17:57.0573 3520 Disk - ok
17:17:57.0714 3520 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:17:57.0714 3520 drmkaud - ok
17:17:57.0839 3520 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:17:57.0854 3520 dtsoftbus01 - ok
17:17:57.0995 3520 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:17:58.0010 3520 DXGKrnl - ok
17:17:58.0213 3520 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:17:58.0260 3520 ebdrv - ok
17:17:58.0431 3520 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:17:58.0447 3520 elxstor - ok
17:17:58.0556 3520 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:17:58.0572 3520 ErrDev - ok
17:17:58.0712 3520 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:17:58.0712 3520 exfat - ok
17:17:58.0837 3520 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:17:58.0837 3520 fastfat - ok
17:17:58.0962 3520 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:17:58.0962 3520 fdc - ok
17:17:59.0102 3520 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:17:59.0102 3520 FileInfo - ok
17:17:59.0258 3520 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:17:59.0258 3520 Filetrace - ok
17:17:59.0383 3520 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:17:59.0383 3520 flpydisk - ok
17:17:59.0508 3520 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:17:59.0523 3520 FltMgr - ok
17:17:59.0648 3520 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:17:59.0648 3520 FsDepends - ok
17:17:59.0773 3520 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:17:59.0773 3520 Fs_Rec - ok
17:17:59.0898 3520 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:17:59.0898 3520 fvevol - ok
17:18:00.0023 3520 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:18:00.0023 3520 gagp30kx - ok
17:18:00.0147 3520 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:18:00.0147 3520 GEARAspiWDM - ok
17:18:00.0272 3520 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:18:00.0272 3520 hcw85cir - ok
17:18:00.0397 3520 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:18:00.0413 3520 HdAudAddService - ok
17:18:00.0537 3520 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:18:00.0537 3520 HDAudBus - ok
17:18:00.0662 3520 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:18:00.0662 3520 HidBatt - ok
17:18:00.0787 3520 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
17:18:00.0803 3520 HidBth - ok
17:18:00.0927 3520 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:18:00.0927 3520 HidIr - ok
17:18:01.0052 3520 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:18:01.0052 3520 HidUsb - ok
17:18:01.0239 3520 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
17:18:01.0239 3520 hpdskflt - ok
17:18:01.0427 3520 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:18:01.0427 3520 HpSAMD - ok
17:18:01.0567 3520 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:18:01.0583 3520 HTTP - ok
17:18:01.0707 3520 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:18:01.0707 3520 hwpolicy - ok
17:18:01.0832 3520 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:18:01.0848 3520 i8042prt - ok
17:18:01.0973 3520 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:18:01.0973 3520 iaStorV - ok
17:18:02.0129 3520 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:18:02.0129 3520 iirsp - ok
17:18:02.0253 3520 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:18:02.0253 3520 intelide - ok
17:18:02.0378 3520 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
17:18:02.0378 3520 intelppm - ok
17:18:02.0519 3520 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:18:02.0519 3520 IpFilterDriver - ok
17:18:02.0659 3520 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:18:02.0659 3520 IPMIDRV - ok
17:18:02.0831 3520 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:18:02.0831 3520 IPNAT - ok
17:18:02.0955 3520 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:18:02.0955 3520 IRENUM - ok
17:18:03.0080 3520 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:18:03.0080 3520 isapnp - ok
17:18:03.0283 3520 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:18:03.0299 3520 iScsiPrt - ok
17:18:03.0423 3520 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:18:03.0423 3520 kbdclass - ok
17:18:03.0533 3520 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:18:03.0533 3520 kbdhid - ok
17:18:03.0673 3520 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
17:18:03.0673 3520 KSecDD - ok
17:18:03.0798 3520 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
17:18:03.0798 3520 KSecPkg - ok
17:18:03.0923 3520 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:18:03.0923 3520 ksthunk - ok
17:18:04.0079 3520 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:18:04.0079 3520 lltdio - ok
17:18:04.0203 3520 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:18:04.0203 3520 LSI_FC - ok
17:18:04.0344 3520 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:18:04.0344 3520 LSI_SAS - ok
17:18:04.0484 3520 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:18:04.0484 3520 LSI_SAS2 - ok
17:18:04.0609 3520 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:18:04.0609 3520 LSI_SCSI - ok
17:18:04.0734 3520 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:18:04.0734 3520 luafv - ok
17:18:04.0874 3520 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:18:04.0874 3520 megasas - ok
17:18:05.0015 3520 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:18:05.0015 3520 MegaSR - ok
17:18:05.0327 3520 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:18:05.0327 3520 Modem - ok
17:18:05.0483 3520 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:18:05.0483 3520 monitor - ok
17:18:05.0623 3520 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:18:05.0623 3520 mouclass - ok
17:18:05.0732 3520 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:18:05.0732 3520 mouhid - ok
17:18:05.0857 3520 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:18:05.0857 3520 mountmgr - ok
17:18:05.0982 3520 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
17:18:05.0982 3520 MpFilter - ok
17:18:06.0122 3520 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:18:06.0122 3520 mpio - ok
17:18:06.0247 3520 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
17:18:06.0247 3520 MpNWMon - ok
17:18:06.0372 3520 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:18:06.0372 3520 mpsdrv - ok
17:18:06.0512 3520 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:18:06.0512 3520 MRxDAV - ok
17:18:06.0637 3520 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:18:06.0637 3520 mrxsmb - ok
17:18:06.0762 3520 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:18:06.0777 3520 mrxsmb10 - ok
17:18:06.0887 3520 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:18:06.0887 3520 mrxsmb20 - ok
17:18:07.0011 3520 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:18:07.0011 3520 msahci - ok
17:18:07.0136 3520 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:18:07.0136 3520 msdsm - ok
17:18:07.0292 3520 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:18:07.0292 3520 Msfs - ok
17:18:07.0417 3520 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:18:07.0417 3520 mshidkmdf - ok
17:18:07.0526 3520 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:18:07.0542 3520 msisadrv - ok
17:18:07.0667 3520 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:18:07.0667 3520 MSKSSRV - ok
17:18:07.0807 3520 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:18:07.0807 3520 MSPCLOCK - ok
17:18:07.0932 3520 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:18:07.0932 3520 MSPQM - ok
17:18:08.0057 3520 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:18:08.0072 3520 MsRPC - ok
17:18:08.0197 3520 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:18:08.0197 3520 mssmbios - ok
17:18:08.0337 3520 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:18:08.0337 3520 MSTEE - ok
17:18:08.0462 3520 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:18:08.0462 3520 MTConfig - ok
17:18:08.0587 3520 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:18:08.0587 3520 Mup - ok
17:18:08.0727 3520 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:18:08.0727 3520 NativeWifiP - ok
17:18:08.0868 3520 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:18:08.0883 3520 NDIS - ok
17:18:09.0008 3520 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:18:09.0008 3520 NdisCap - ok
17:18:09.0133 3520 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:18:09.0133 3520 NdisTapi - ok
17:18:09.0273 3520 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:18:09.0273 3520 Ndisuio - ok
17:18:09.0398 3520 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:18:09.0398 3520 NdisWan - ok
17:18:09.0539 3520 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:18:09.0539 3520 NDProxy - ok
17:18:09.0663 3520 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:18:09.0663 3520 NetBIOS - ok
17:18:09.0788 3520 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:18:09.0788 3520 NetBT - ok
17:18:09.0960 3520 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:18:09.0960 3520 nfrd960 - ok
17:18:10.0085 3520 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:18:10.0085 3520 NisDrv - ok
17:18:10.0209 3520 NMgamingmsFltr (fbca3fd51604147770eb4fb53d6144a8) C:\Windows\system32\drivers\NMgamingms.sys
17:18:10.0209 3520 NMgamingmsFltr - ok
17:18:10.0350 3520 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:18:10.0350 3520 Npfs - ok
17:18:10.0475 3520 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:18:10.0490 3520 nsiproxy - ok
17:18:10.0631 3520 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:18:10.0662 3520 Ntfs - ok
17:18:10.0771 3520 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:18:10.0771 3520 Null - ok
17:18:10.0911 3520 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
17:18:10.0927 3520 NVENETFD - ok
17:18:11.0052 3520 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:18:11.0052 3520 nvraid - ok
17:18:11.0192 3520 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:18:11.0192 3520 nvstor - ok
17:18:11.0411 3520 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:18:11.0411 3520 nv_agp - ok
17:18:11.0582 3520 OADevice (76aa576a6abceea31dc05e959bd51e15) C:\Windows\SysWow64\Drivers\OADriver.sys
17:18:11.0582 3520 OADevice - ok
17:18:11.0738 3520 oahlpXX (89113f98156e9120d78f018cdfc5bec4) C:\Windows\syswow64\drivers\oahlp64.sys
17:18:11.0738 3520 oahlpXX - ok
17:18:11.0894 3520 OAmon (ecd517bc4fa048fbe3da2d12147c104e) C:\Windows\SysWOW64\Drivers\OAmon.sys
17:18:11.0894 3520 OAmon - ok
17:18:12.0003 3520 OAnet (3c1c4645a61f2d5cd4f85b2013fd182f) C:\Windows\system32\DRIVERS\oanet.sys
17:18:12.0003 3520 OAnet - ok
17:18:12.0144 3520 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:18:12.0144 3520 ohci1394 - ok
17:18:12.0284 3520 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:18:12.0284 3520 Parport - ok
17:18:12.0409 3520 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:18:12.0409 3520 partmgr - ok
17:18:12.0534 3520 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:18:12.0534 3520 pci - ok
17:18:12.0659 3520 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:18:12.0659 3520 pciide - ok
17:18:12.0799 3520 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:18:12.0799 3520 pcmcia - ok
17:18:12.0924 3520 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:18:12.0924 3520 pcw - ok
17:18:13.0064 3520 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:18:13.0080 3520 PEAUTH - ok
17:18:13.0439 3520 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:18:13.0439 3520 PptpMiniport - ok
17:18:13.0610 3520 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:18:13.0610 3520 Processor - ok
17:18:13.0751 3520 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:18:13.0751 3520 Psched - ok
17:18:13.0875 3520 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
17:18:13.0875 3520 PxHlpa64 - ok
17:18:14.0047 3520 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:18:14.0063 3520 ql2300 - ok
17:18:14.0203 3520 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:18:14.0203 3520 ql40xx - ok
17:18:14.0343 3520 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:18:14.0343 3520 QWAVEdrv - ok
17:18:14.0468 3520 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:18:14.0468 3520 RasAcd - ok
17:18:14.0593 3520 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:18:14.0593 3520 RasAgileVpn - ok
17:18:14.0733 3520 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:18:14.0733 3520 Rasl2tp - ok
17:18:14.0858 3520 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:18:14.0874 3520 RasPppoe - ok
17:18:14.0999 3520 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:18:14.0999 3520 RasSstp - ok
17:18:15.0139 3520 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:18:15.0139 3520 rdbss - ok
17:18:15.0279 3520 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
17:18:15.0295 3520 rdpbus - ok
17:18:15.0420 3520 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:18:15.0420 3520 RDPCDD - ok
17:18:15.0545 3520 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:18:15.0545 3520 RDPENCDD - ok
17:18:15.0669 3520 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:18:15.0669 3520 RDPREFMP - ok
17:18:15.0810 3520 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
17:18:15.0810 3520 RDPWD - ok
17:18:15.0935 3520 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:18:15.0950 3520 rdyboost - ok
17:18:16.0091 3520 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
17:18:16.0091 3520 RFCOMM - ok
17:18:16.0247 3520 RSPCIESTOR (9d21618e7a3b2c75cf1a2ecbbe723730) C:\Windows\system32\DRIVERS\RtsPStor.sys
17:18:16.0247 3520 RSPCIESTOR - ok
17:18:16.0371 3520 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:18:16.0371 3520 rspndr - ok
17:18:16.0512 3520 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:18:16.0512 3520 RTL8167 - ok
17:18:16.0574 3520 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:18:16.0574 3520 SASDIFSV - ok
17:18:16.0574 3520 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:18:16.0590 3520 SASKUTIL - ok
17:18:16.0730 3520 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:18:16.0730 3520 sbp2port - ok
17:18:16.0855 3520 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:18:16.0871 3520 scfilter - ok
17:18:16.0995 3520 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
17:18:16.0995 3520 sdbus - ok
17:18:17.0120 3520 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:18:17.0120 3520 secdrv - ok
17:18:17.0292 3520 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
17:18:17.0292 3520 Serenum - ok
17:18:17.0417 3520 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
17:18:17.0417 3520 Serial - ok
17:18:17.0541 3520 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:18:17.0541 3520 sermouse - ok
17:18:17.0697 3520 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:18:17.0697 3520 sffdisk - ok
17:18:17.0822 3520 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:18:17.0822 3520 sffp_mmc - ok
17:18:17.0947 3520 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:18:17.0947 3520 sffp_sd - ok
17:18:18.0134 3520 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:18:18.0134 3520 sfloppy - ok
17:18:18.0275 3520 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
17:18:18.0290 3520 Sftfs - ok
17:18:18.0431 3520 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:18:18.0431 3520 Sftplay - ok
17:18:18.0555 3520 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:18:18.0555 3520 Sftredir - ok
17:18:18.0680 3520 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
17:18:18.0680 3520 Sftvol - ok
17:18:18.0821 3520 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:18:18.0836 3520 SiSRaid2 - ok
17:18:18.0961 3520 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:18:18.0961 3520 SiSRaid4 - ok
17:18:19.0101 3520 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:18:19.0101 3520 Smb - ok
17:18:19.0273 3520 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:18:19.0273 3520 spldr - ok
17:18:19.0429 3520 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:18:19.0445 3520 srv - ok
17:18:19.0569 3520 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:18:19.0585 3520 srv2 - ok
17:18:19.0710 3520 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:18:19.0725 3520 SrvHsfHDA - ok
17:18:19.0897 3520 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:18:19.0913 3520 SrvHsfV92 - ok
17:18:20.0069 3520 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:18:20.0069 3520 SrvHsfWinac - ok
17:18:20.0209 3520 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:18:20.0209 3520 srvnet - ok
17:18:20.0349 3520 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:18:20.0349 3520 stexstor - ok
17:18:20.0490 3520 STHDA (74387b34b43f94e380608888c56a5ccd) C:\Windows\system32\DRIVERS\stwrt64.sys
17:18:20.0490 3520 STHDA - ok
17:18:20.0615 3520 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:18:20.0615 3520 swenum - ok
17:18:20.0786 3520 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
17:18:20.0817 3520 SynTP - ok
17:18:21.0005 3520 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
17:18:21.0036 3520 Tcpip - ok
17:18:21.0207 3520 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
17:18:21.0239 3520 TCPIP6 - ok
17:18:21.0379 3520 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:18:21.0379 3520 tcpipreg - ok
17:18:21.0504 3520 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:18:21.0504 3520 TDPIPE - ok
17:18:21.0644 3520 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
17:18:21.0644 3520 TDTCP - ok
17:18:21.0769 3520 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:18:21.0769 3520 tdx - ok
17:18:21.0894 3520 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:18:21.0909 3520 TermDD - ok
17:18:22.0065 3520 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:18:22.0065 3520 tssecsrv - ok
17:18:22.0175 3520 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:18:22.0175 3520 TsUsbFlt - ok
17:18:22.0315 3520 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:18:22.0315 3520 TsUsbGD - ok
17:18:22.0440 3520 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:18:22.0440 3520 tunnel - ok
17:18:22.0565 3520 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:18:22.0565 3520 uagp35 - ok
17:18:22.0705 3520 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:18:22.0705 3520 udfs - ok
17:18:22.0845 3520 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:18:22.0861 3520 uliagpkx - ok
17:18:22.0986 3520 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:18:22.0986 3520 umbus - ok
17:18:23.0095 3520 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:18:23.0095 3520 UmPass - ok
17:18:23.0251 3520 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
17:18:23.0251 3520 USBAAPL64 - ok
17:18:23.0391 3520 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:18:23.0391 3520 usbccgp - ok
17:18:23.0516 3520 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:18:23.0532 3520 usbcir - ok
17:18:23.0641 3520 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:18:23.0657 3520 usbehci - ok
17:18:23.0766 3520 usbfilter (573d192e268f0c5b486b7e96f661e538) C:\Windows\system32\DRIVERS\usbfilter.sys
17:18:23.0766 3520 usbfilter - ok
17:18:23.0891 3520 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:18:23.0891 3520 usbhub - ok
17:18:24.0015 3520 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:18:24.0015 3520 usbohci - ok
17:18:24.0156 3520 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
17:18:24.0156 3520 usbprint - ok
17:18:24.0281 3520 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:18:24.0281 3520 USBSTOR - ok
17:18:24.0405 3520 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:18:24.0405 3520 usbuhci - ok
17:18:24.0530 3520 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
17:18:24.0530 3520 usbvideo - ok
17:18:24.0671 3520 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:18:24.0671 3520 vdrvroot - ok
17:18:24.0811 3520 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:18:24.0811 3520 vga - ok
17:18:24.0936 3520 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:18:24.0936 3520 VgaSave - ok
17:18:25.0061 3520 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:18:25.0061 3520 vhdmp - ok
17:18:25.0201 3520 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:18:25.0201 3520 viaide - ok
17:18:25.0419 3520 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:18:25.0435 3520 volmgr - ok
17:18:25.0560 3520 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:18:25.0560 3520 volmgrx - ok
17:18:25.0685 3520 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:18:25.0700 3520 volsnap - ok
17:18:25.0825 3520 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:18:25.0825 3520 vsmraid - ok
17:18:25.0965 3520 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:18:25.0965 3520 vwifibus - ok
17:18:26.0090 3520 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:18:26.0090 3520 vwififlt - ok
17:18:26.0231 3520 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:18:26.0231 3520 WacomPen - ok
17:18:26.0355 3520 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:18:26.0371 3520 WANARP - ok
17:18:26.0371 3520 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:18:26.0371 3520 Wanarpv6 - ok
17:18:26.0527 3520 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:18:26.0527 3520 Wd - ok
17:18:26.0667 3520 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:18:26.0683 3520 Wdf01000 - ok
17:18:26.0839 3520 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:18:26.0839 3520 WfpLwf - ok
17:18:26.0979 3520 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:18:26.0979 3520 WIMMount - ok
17:18:27.0151 3520 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:18:27.0151 3520 WinUsb - ok
17:18:27.0291 3520 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:18:27.0291 3520 WmiAcpi - ok
17:18:27.0432 3520 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:18:27.0432 3520 ws2ifsl - ok
17:18:27.0572 3520 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
17:18:27.0572 3520 WSDPrintDevice - ok
17:18:27.0728 3520 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:18:27.0728 3520 WudfPf - ok
17:18:27.0853 3520 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:18:27.0869 3520 WUDFRd - ok
17:18:27.0915 3520 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:18:27.0915 3520 \Device\Harddisk0\DR0 - ok
17:18:27.0931 3520 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR2
17:18:27.0947 3520 \Device\Harddisk1\DR2 - ok
17:18:27.0947 3520 Boot (0x1200) (d56501f4608dd09f6e93b56136ae4c45) \Device\Harddisk0\DR0\Partition0
17:18:27.0947 3520 \Device\Harddisk0\DR0\Partition0 - ok
17:18:27.0962 3520 Boot (0x1200) (01c8575abb6aed81bfc1d808fb17cabb) \Device\Harddisk0\DR0\Partition1
17:18:27.0978 3520 \Device\Harddisk0\DR0\Partition1 - ok
17:18:28.0009 3520 Boot (0x1200) (e16e09c674acb169db8debc4ccf6d68f) \Device\Harddisk0\DR0\Partition2
17:18:28.0009 3520 \Device\Harddisk0\DR0\Partition2 - ok
17:18:28.0040 3520 Boot (0x1200) (11008ecdd8b3d918cf15a14619b1edfc) \Device\Harddisk0\DR0\Partition3
17:18:28.0040 3520 \Device\Harddisk0\DR0\Partition3 - ok
17:18:28.0040 3520 Boot (0x1200) (70e7d642a17ec146a10f473fc053eaa1) \Device\Harddisk1\DR2\Partition0
17:18:28.0040 3520 \Device\Harddisk1\DR2\Partition0 - ok
17:18:28.0040 3520 ============================================================
17:18:28.0040 3520 Scan finished
17:18:28.0040 3520 ============================================================
17:18:28.0071 0388 Detected object count: 0
17:18:28.0071 0388 Actual detected object count: 0
17:25:10.0405 5744 Deinitialize success

next the aswMBR.exe:

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-10-26 17:23:12
-----------------------------
17:23:12.051 OS Version: Windows x64 6.1.7601 Service Pack 1
17:23:12.051 Number of processors: 4 586 0x100
17:23:12.051 ComputerName: BIGBERTHA UserName: gnt500p
17:23:15.545 Initialize success
17:24:03.489 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000071
17:24:03.489 Disk 0 Vendor: Hitachi_ JE4O Size: 715404MB BusType: 11
17:24:05.829 Disk 0 MBR read successfully
17:24:05.829 Disk 0 MBR scan
17:24:05.845 Disk 0 Windows 7 default MBR code
17:24:05.845 Service scanning
17:24:06.500 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
17:24:07.311 Modules scanning
17:24:07.311 Scan finished successfully
17:24:43.176 Disk 0 MBR has been saved successfully to "H:\MBR.dat"
17:24:43.207 The log file has been saved successfully to "H:\aswMBR.txt"

The OTL scan:

OTL logfile created on: 10/26/2011 5:25:45 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = H:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

5.48 Gb Total Physical Memory | 3.87 Gb Available Physical Memory | 70.65% Memory free
10.96 Gb Paging File | 8.95 Gb Available in Paging File | 81.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 676.94 Gb Total Space | 538.65 Gb Free Space | 79.57% Space Free | Partition Type: NTFS
Drive D: | 21.40 Gb Total Space | 2.28 Gb Free Space | 10.64% Space Free | Partition Type: NTFS
Drive E: | 496.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 7.44 Gb Total Space | 6.26 Gb Free Space | 84.06% Space Free | Partition Type: FAT32

Computer Name: BIGBERTHA | User Name: gnt500p | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/25 02:35:36 | 000,584,192 | ---- | M] (OldTimer Tools) -- H:\OTL.exe
PRC - [2011/09/05 10:04:54 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/08/02 01:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2011/08/02 01:33:22 | 002,998,592 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
PRC - [2011/04/06 13:01:04 | 000,381,512 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\oacat.exe
PRC - [2011/03/22 12:42:40 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/02/15 16:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011/01/27 13:38:04 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010/11/09 16:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/11/09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/09/30 04:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/09/14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/04/23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe

========== Modules (No Company Name) ==========

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/09/15 18:12:12 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/08/11 17:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/04/02 00:06:22 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/03/11 04:23:16 | 000,297,984 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/02/16 23:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2010/10/11 03:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/07/29 20:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 04:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2011/10/19 19:00:47 | 003,552,856 | ---- | M] () [Auto | Running] -- C:/Program Files (x86)/Common Files/Akamai/netsession_win_807ba95.dll -- (Akamai)
SRV - [2011/09/05 10:04:54 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/06 13:01:06 | 004,326,472 | ---- | M] (Emsi Software GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2011/04/06 13:01:04 | 000,381,512 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Online Armor\OAcat.exe -- (OAcat)
SRV - [2011/03/07 18:43:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/02/15 16:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2010/11/09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/30 04:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/09/14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/09/15 18:51:12 | 010,206,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/09/15 17:38:42 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/08/25 17:04:30 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/07/22 10:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 15:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/22 00:13:50 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/04/06 13:01:30 | 000,032,920 | ---- | M] (Emsisoft) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OAnet.sys -- (OAnet)
DRV:64bit: - [2011/03/24 18:20:36 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/03/11 04:23:16 | 000,521,728 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 16:46:20 | 000,078,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/03/04 16:46:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/12/16 20:28:38 | 001,403,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/12/16 01:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/17 10:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/09/14 05:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/09/14 05:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/09/14 05:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/09/14 05:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/07/28 10:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/07/20 15:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/07/20 15:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/07/20 15:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/07/14 08:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/03/19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/02 16:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/24 08:55:10 | 000,011,264 | ---- | M] (Primax Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NMgamingms.sys -- (NMgamingmsFltr)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/06/10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 14:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2011/04/06 13:02:26 | 000,055,088 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\oahlp64.sys -- (oahlpXX)
DRV - [2011/04/06 13:01:30 | 000,059,176 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysWOW64\drivers\OADriver.sys -- (OADevice)
DRV - [2011/04/06 13:01:30 | 000,038,064 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\OAmon.sys -- (OAmon)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/4

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/30 13:42:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/08/29 08:49:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gnt500p\AppData\Roaming\mozilla\Extensions
[2011/09/28 11:45:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gnt500p\AppData\Roaming\mozilla\Firefox\Profiles\7e24fbra.default\extensions
[2011/09/20 07:36:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\gnt500p\AppData\Roaming\mozilla\Firefox\Profiles\7e24fbra.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/08/29 19:18:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\gnt500p\AppData\Roaming\mozilla\Firefox\Profiles\7e24fbra.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/08/29 08:49:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\GNT500P\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7E24FBRA.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/09/30 13:42:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/09/30 13:42:33 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files (x86)\Online Armor\oaui.exe (Emsi Software GmbH)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/26 17:10:43 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/10/26 15:45:48 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/10/26 15:45:48 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/10/26 15:45:48 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/10/26 15:45:42 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/10/26 15:45:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/10/24 21:27:24 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{4CF75AE5-233D-4D53-883F-A7DC8420C333}
[2011/10/24 21:26:49 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{E4CBB876-3D50-4A44-9E57-5628E843E60E}
[2011/10/24 09:26:27 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{FD60B566-B66B-47E2-902E-E58AF085B7B9}
[2011/10/24 09:26:18 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{41FF3162-31AB-4029-8CDA-62FC6487F60B}
[2011/10/23 15:10:07 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{0A995FBB-706F-4834-A856-A6B3FBA002EA}
[2011/10/23 15:09:41 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{4299E40C-7960-4870-BA9B-02CF008E8C94}
[2011/10/22 22:21:48 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{A409F912-7528-4F63-A979-C3E400E44709}
[2011/10/22 22:21:33 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{1E00A345-968D-4611-8BE1-2409BB033757}
[2011/10/22 05:28:19 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2011/10/22 05:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2011/10/22 05:27:32 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Roaming\InstallShield
[2011/10/20 21:31:11 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{43B2D87E-96A2-4045-A99F-A0819EFAC158}
[2011/10/20 21:30:36 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{F8DEDE96-C734-485B-8767-432063B77CD0}
[2011/10/20 21:28:26 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{FCDFF032-38FC-4644-94CA-E40F3FF737F6}
[2011/10/20 06:33:05 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{185FE051-A4C0-4AD4-81B8-8F7E778D4E9D}
[2011/10/20 06:32:36 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{A756DCAD-EF25-4F00-B0C5-3CEFE0DD4098}
[2011/10/20 03:37:37 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\201280
[2011/10/19 19:00:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
[2011/10/19 18:31:54 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{8D1FF6FC-BD35-4B7B-81DE-88EA4DEBDDA8}
[2011/10/19 18:31:34 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{ECA72F2E-D88F-4FE1-A59F-7E9CBCA78ED0}
[2011/10/19 09:30:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/10/19 09:27:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011/10/19 09:27:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/10/19 09:23:58 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW
[2011/10/19 09:23:40 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\Microsoft Help
[2011/10/19 09:23:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/10/19 09:22:51 | 000,000,000 | R--D | C] -- C:\MSOCache
[2011/10/13 09:30:50 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{9F216D98-5F82-4927-8023-276B130EBBB5}
[2011/10/13 09:30:15 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{5ED1D66E-BFD3-4105-9C5D-69296AD4C081}
[2011/10/12 17:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/10/12 17:33:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/10/12 17:33:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/10/12 17:33:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/10/12 17:27:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/10/12 17:27:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/10/12 16:54:15 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{7EE49219-B0EC-4574-B3B6-C093A4CF08E4}
[2011/10/12 04:53:32 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{E11354FA-1748-4FD3-B972-05B2DB7505D8}
[2011/10/12 04:52:53 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{6F6D1BDD-A17F-41AC-AC46-B0A13B15D203}
[2011/10/11 22:56:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2011/10/11 22:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2011/10/11 22:38:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/10/11 21:51:53 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Roaming\.minecraft
[2011/10/11 18:51:53 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/10/11 18:51:52 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/10/11 18:51:51 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/10/11 18:51:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/10/11 18:51:48 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/10/11 18:51:47 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/10/11 18:51:47 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/10/11 18:51:46 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/10/11 18:51:45 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/10/11 17:06:38 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011/10/11 17:06:38 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011/10/11 17:06:38 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011/10/11 17:06:38 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011/10/11 17:06:11 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/10/11 17:06:11 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011/10/11 16:51:20 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{E7DE2943-4647-4478-B4BA-94614F1B38FD}
[2011/10/11 02:08:16 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{F5FB8889-6EDF-409D-BC73-9BFCA72A5AF2}
[2011/10/11 02:07:37 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{D5A96ACC-BBE1-4C05-8F9D-DB61F4C2A57E}
[2011/10/11 00:20:15 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\SKIDROW
[2011/10/10 21:08:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Installer 2.1.0 by Kaise123
[2011/10/10 21:08:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
[2011/10/10 14:54:38 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft Beta Cracked
[2011/10/10 13:28:49 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{0A0309B1-826A-4894-870E-0FC4A408BCA1}
[2011/10/10 13:28:25 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{202E4063-50A4-4540-BF01-AC674DFB986D}
[2011/10/09 22:26:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[2011/10/09 22:25:59 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2011/10/09 18:42:21 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{1202E354-6532-4AD0-B2A8-A1E325EAD681}
[2011/10/09 18:41:05 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{41CF41D9-F2A5-4941-906B-8BE16E6A1921}
[2011/10/05 10:18:04 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{35999E02-A174-4564-B836-A4AA34DE4923}
[2011/10/05 10:17:49 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{3D836DE9-8F8D-4933-B9CC-B3A04D03315E}
[2011/10/03 19:07:34 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{31CC3FA3-0453-4DF0-9EF4-19360D9E92C2}
[2011/10/03 19:07:01 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{E18DBAA0-9BFE-451F-8518-5B5B576CC022}
[2011/10/03 12:51:01 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{448D8981-6E58-41E0-8B40-8F5B0FF66BD7}
[2011/10/03 08:58:14 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{BD63FC1F-048F-4A15-9E5E-BF46B09B667D}
[2011/10/02 17:47:00 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{BA3F791F-E084-4FDB-9D0E-A88E34379401}
[2011/10/02 17:46:46 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{39C65D2F-7460-459B-ADC3-3089F1BB2FB5}
[2011/10/02 01:50:31 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Roaming\Download Manager
[2011/10/02 01:44:40 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{DB24E4B8-65EB-4492-A1F4-59254CDE69D7}
[2011/10/02 01:44:27 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{40131B36-0326-4B7F-87C3-DE56C47B82F0}
[2011/10/02 01:04:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP3
[2011/10/02 01:04:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinSCP3
[2011/09/30 20:37:35 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{1C06E352-6454-4638-8FE8-EDD65826C858}
[2011/09/30 20:37:20 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{9AA14543-DA9D-49D4-9F68-D7DDC01D2491}
[2011/09/29 13:31:22 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{0FBBFCE4-5319-4E02-B189-5A00D36BA9F9}
[2011/09/29 01:21:02 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{E86B4D5B-961C-4356-8C5F-020FC3DCC60F}
[2011/09/29 01:20:48 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\AppData\Local\{5F76966F-A011-4A74-9576-08ED7B13410F}
[2011/09/28 17:01:22 | 000,000,000 | ---D | C] -- C:\Users\gnt500p\Desktop\Lessons

========== Files - Modified Within 30 Days ==========

[2011/10/26 15:33:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/25 02:42:12 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/25 02:42:12 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/24 17:22:05 | 000,418,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/24 17:21:46 | 117,624,831 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/22 21:44:50 | 000,783,528 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/22 21:44:50 | 000,667,544 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/22 21:44:50 | 000,126,890 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/14 15:37:05 | 003,289,990 | ---- | M] () -- C:\Users\gnt500p\Documents\E4820_M4A785TD-V_EVO-manual.zip
[2011/10/13 13:28:35 | 000,000,600 | ---- | M] () -- C:\Users\gnt500p\AppData\Local\PUTTY.RND
[2011/10/13 12:20:19 | 000,114,886 | ---- | M] () -- C:\Users\gnt500p\Documents\Lysol-Brand-Bathroom-Cleaner-Complete-Clean-Trigger-US-English.pdf
[2011/10/13 12:19:59 | 000,000,600 | ---- | M] () -- C:\Users\gnt500p\winscp.RND
[2011/10/11 19:09:28 | 001,056,768 | ---- | M] () -- C:\Windows\SysNative\defltbase.sdb
[2011/10/01 20:34:47 | 000,000,000 | -H-- | M] () -- C:\Users\gnt500p\Documents\Default.rdp

========== Files Created - No Company Name ==========

[2011/10/26 15:45:48 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/10/26 15:45:48 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/10/26 15:45:48 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/10/26 15:45:48 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/10/26 15:45:48 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/10/14 15:36:51 | 003,289,990 | ---- | C] () -- C:\Users\gnt500p\Documents\E4820_M4A785TD-V_EVO-manual.zip
[2011/10/13 13:28:35 | 000,000,600 | ---- | C] () -- C:\Users\gnt500p\AppData\Local\PUTTY.RND
[2011/10/13 12:20:18 | 000,114,886 | ---- | C] () -- C:\Users\gnt500p\Documents\Lysol-Brand-Bathroom-Cleaner-Complete-Clean-Trigger-US-English.pdf
[2011/10/11 19:09:27 | 001,056,768 | ---- | C] () -- C:\Windows\SysNative\defltbase.sdb
[2011/10/02 01:05:16 | 000,000,600 | ---- | C] () -- C:\Users\gnt500p\winscp.RND
[2011/10/01 20:34:47 | 000,000,000 | -H-- | C] () -- C:\Users\gnt500p\Documents\Default.rdp
[2011/09/04 01:26:47 | 000,059,176 | ---- | C] () -- C:\Windows\SysWow64\drivers\OADriver.sys
[2011/09/04 01:26:47 | 000,055,088 | ---- | C] () -- C:\Windows\SysWow64\drivers\oahlp64.sys
[2011/09/01 10:20:25 | 000,007,607 | ---- | C] () -- C:\Users\gnt500p\AppData\Local\Resmon.ResmonCfg
[2011/06/22 00:21:04 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/06/22 00:11:02 | 000,791,920 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/21 23:59:34 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/05/20 22:29:04 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2011/03/21 20:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/03/03 22:04:58 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2010/12/16 20:26:22 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2009/07/13 23:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 20:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 20:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 18:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 15:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >

and heres the Extra file for the OTL scan:

OTL Extras logfile created on: 10/26/2011 5:25:45 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = H:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

5.48 Gb Total Physical Memory | 3.87 Gb Available Physical Memory | 70.65% Memory free
10.96 Gb Paging File | 8.95 Gb Available in Paging File | 81.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 676.94 Gb Total Space | 538.65 Gb Free Space | 79.57% Space Free | Partition Type: NTFS
Drive D: | 21.40 Gb Total Space | 2.28 Gb Free Space | 10.64% Space Free | Partition Type: NTFS
Drive E: | 496.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 7.44 Gb Total Space | 6.26 Gb Free Space | 84.06% Space Free | Partition Type: FAT32

Computer Name: BIGBERTHA | User Name: gnt500p | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0128D231-B23B-409C-A531-39D8D8774BA1}" = HP 3D DriveGuard
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java™ 6 Update 24 (64-bit)
"{26AF7BC7-DB35-B7C5-3169-29BC62835C48}" = AMD Fuel
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{71F13BA8-96D0-F281-6473-196A5842C6CF}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{942836D4-5395-652B-F1E8-A7C5B039910C}" = ATI Catalyst Install Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{CB1A2FE6-2BDF-DECC-C91B-4E5FFD59C5D6}" = WMV9/VC-1 Video Playback
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Recuva" = Recuva
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D1B9D71-7EB6-70DA-DB23-E14F59A14E1D}" = AMD VISION Engine Control Center
"{0DC33570-D9E6-9189-7143-612F34DC317B}" = CCC Help Danish
"{0F69006A-CD2F-4C12-A786-C659C8F98423}" = Catalyst Control Center - Branding
"{1146E8F3-4057-4F46-B39C-D18AB4BB1523}_is1" = Deus Ex - Human Revolution version 1.0
"{15822027-43D3-C69F-40EF-2AF83AA781AA}" = CCC Help English
"{1D04A14D-6C97-19C1-CA9D-FDDE5EAE1026}" = CCC Help Chinese Standard
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{210A03F5-B2ED-4947-B27E-516F50CBB292}" = HP Setup
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java™ 6 Update 27
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B37E43D-10AB-9D24-7234-31929A3A7D11}" = CCC Help German
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{33530062-0419-71CE-3BD3-13D7D5E4C7DE}" = CCC Help French
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{388A15E4-7507-CD40-4DBA-F78B4BBEB56E}" = CCC Help Japanese
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{448B78CF-4A52-191D-1436-54D039B382DB}" = CCC Help Spanish
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{521FA973-C4C9-249D-5CF6-0A6F7B18F7DC}" = CCC Help Greek
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5ED3BAF3-DA06-038D-F21E-AB35404626D4}" = CCC Help Dutch
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C44315-A107-D3F6-B868-52AC0481ED6B}" = CCC Help Finnish
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{6522241B-09FE-B16D-0E23-9485424507EB}" = CCC Help Korean
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}" = Command & Conquer The First Decade
"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A061262-C2B2-78E2-9BF8-32D3BDD68C43}" = Catalyst Control Center InstallProxy
"{6B075E9F-4D23-0883-F66C-C698E949CD90}" = Catalyst Control Center Graphics Previews Common
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{794A3AB9-DB12-1115-33B2-29C5DDD1DCD4}" = CCC Help Chinese Traditional
"{795AADBF-58C2-42D0-B779-E730702A247E}" = HP Connection Manager
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{803E2C5C-E39B-BEBA-4046-6C0CF7695DA4}" = CCC Help Hungarian
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B05D25F-504F-4C61-8A57-259939EF0D54}" = Minutor
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9325A80A-C2B4-141E-952E-30589770A79B}" = CCC Help Turkish
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}" = HP On Screen Display
"{9BBB19C0-1FE1-4A4E-B25F-C9E1B0497EC5}" = Shaiya(US)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A7393DB5-6CAB-70A7-4A5E-C96AF518858A}" = Catalyst Control Center Localization All
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.1) MUI
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B97E3520-C726-475E-BC0C-7561952633AB}" = HP Power Manager
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C43BC8-2460-4E01-9628-332E04523BDC}" = HP Documentation
"{C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}" = AMD System Monitor
"{C3579810-5AC8-545D-089D-6735792490B5}" = CCC Help Thai
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C915103C-F9E5-8989-233C-367DCFB07652}" = CCC Help Italian
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE8EF688-BD0E-29E2-3472-E23CC6AB0C98}" = CCC Help Polish
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D811186E-06BC-F7D3-E10B-4C7450F88611}" = CCC Help Swedish
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E45832B8-C3E6-C26B-A038-4599DCAC1F17}" = CCC Help Norwegian
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
"{F023440E-6D03-1AB2-1414-27A62074556C}" = CCC Help Portuguese
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{F7A9EFFB-F905-FA4D-A431-06B1E0A5EE5A}" = CCC Help Czech
"{F8070C51-4B1D-430C-8BCF-19696368366F}" = HP Software Framework
"{FD8966E8-8227-9180-51D2-F1C75D3222B8}" = CCC Help Russian
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"3herosoft iPod to Computer Transfer" = 3herosoft iPod to Computer Transfer
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"DAEMON Tools Lite" = DAEMON Tools Lite
"Deus Ex Human Revolution - The Missing Link_is1" = Deus Ex Human Revolution - The Missing Link
"EasyBits Magic Desktop" = Magic Desktop
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FLV Player2.0.25" = FLV Player
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 4.3.815
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.9.908
"Halo" = Microsoft Halo
"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43
"ImgBurn" = ImgBurn
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Minecraft Beta Cracked" = Minecraft Beta Cracked
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"OnlineArmor_is1" = Online Armor 5.0
"PremElem90" = Adobe Premiere Elements 9
"SpywareBlaster_is1" = SpywareBlaster 4.4
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 3.8.2
"WT087328" = Blackhawk Striker 2
"WT087330" = Bounce Symphony
"WT087335" = Build-a-lot 2
"WT087343" = Dora's World Adventure
"WT087393" = Mah Jong Medley
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089307" = Virtual Villagers 4 - The Tree of Life
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"WT089453" = Bejeweled 2 Deluxe
"WT089454" = Chuzzle Deluxe
"WT089455" = Zuma Deluxe
"WT089457" = Slingo Supreme
"WT089458" = Plants vs. Zombies - Game of the Year
"WT089470" = FATE - The Traitor Soul
"WT089484" = Namco All-Stars PAC-MAN
"WT089496" = Mystery P.I. - Stolen in San Francisco
"WT089498" = Bejeweled 3
"WT089504" = Final Drive Nitro
"YTdetect" = Yahoo! Detect

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

there was only one driver that poped up after the scan and it was dtsoftbus01.sys modified on 25/08/2011

#4
Jewels Ritchie

Posted 26 October 2011 - 09:37 PM

Member

Topic Starter
Member
10 posts

here is the event veiwer logs:

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 26/10/2011 9:19:12 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 27/10/2011 2:58:30 AM
Type: Error Category: 0
Event: 2001 Source: Microsoft Antimalware
Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.115.410.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/10/2011 11:39:44 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 26/10/2011 11:39:44 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll

and heres the other one:

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 26/10/2011 9:20:21 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 27/10/2011 2:49:55 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 27/10/2011 2:48:51 AM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=AE0}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: BIGBERTHA Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:

Log: 'Application' Date/Time: 27/10/2011 2:48:41 AM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=AE0}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)

thanks for the help!!

jewels

#5
RKinner

Posted 26 October 2011 - 11:59 PM

Malware Expert

Expert
24,625 posts

Copy the text between the lines of stars by highlighting and Ctrl + c.

******************************************

Killall::

DirLook::
C:\Program Files\Common
%user%\library
C:\Users\gnt500p\AppData\Local\201280
c:\users\Default\AppData\Local\Microsoft Help

File::
h:\ophcrack\pwdump\servpw.exe

Driver::
pknbljyir

******************************************

Now open notepad (Start, Run, notepad, OK) and Ctrl + V to paste the text into Notepad. Make sure you got it all then File, SAVE AS, (to your Desktop), CFScript , OK. Close notepad. (Overwrite the old one if it's still there.) You should see a file CFScript.txt on your desktop.

Pause your anti-virus.

Drag CFScript.txt over to Combofix and let go Combofix should start on its own.

Post the new log.

Get Process Explorer

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator). Click once or twice on the CPU column header to sort things by CPU usage with the big hitters at the top. File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.

Ron

#6
Jewels Ritchie

Posted 28 October 2011 - 07:41 PM

Member

Topic Starter
Member
10 posts

hey there Ron,

i just finished running ComboFix and then my computer restarted itself and all thwe widgets on my desktop aren't working and im trying to open the zip for the process explorer, i get a screen that pops up and says "Illegal operation attemptedon a registry that has been marked for deletion." so i tried to access the log from the ComboFix scan and i get the same screen... i did everything you told me to do, copied that stuff into a note pad and drag it over top ComboFix and let it do its stuff. What did i do wrong?

thanks,
jewels

Edited by Jewels Ritchie, 28 October 2011 - 07:42 PM.

#7
Jewels Ritchie

Posted 28 October 2011 - 08:05 PM

Member

Topic Starter
Member
10 posts

hey Ron,

i restarted my computer again and it seems to be working perfectly.

heres the scan logs:

ComboxFix(it was in a folder that ComboFix made in my c:):

ComboFix 11-10-26.08 - gnt500p 28/10/2011 17:41:45.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.5611.4275 [GMT -6:00]
Running from: H:\ComboFix.exe
Command switches used :: H:\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
FW: Online Armor Firewall *Disabled* {32E71E58-6AAE-2557-2ABD-EA739069CE41}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FILE ::
"h:\ophcrack\pwdump\servpw.exe"

Process Explorer:

Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 45.42 0 K 24 K
System 4 2.44 136 K 828 K
Interrupts n/a 1.05 0 K 0 K Hardware Interrupts and DPCs
smss.exe 284 540 K 1,192 K
csrss.exe 416 < 0.01 2,496 K 4,848 K
conhost.exe 1668 1,080 K 2,812 K
wininit.exe 516 1,696 K 4,628 K
services.exe 580 5,344 K 9,160 K
svchost.exe 704 < 0.01 5,104 K 9,772 K
WmiPrvSE.exe 3184 3,420 K 7,348 K
WmiPrvSE.exe 5468 5,112 K 10,072 K
svchost.exe 776 0.01 4,252 K 7,864 K
MsMpEng.exe 840 0.01 95,276 K 41,804 K Antimalware Service Executable Microsoft Corporation
atiesrxx.exe 888 1,704 K 4,464 K
atieclxx.exe 1444 2,688 K 6,808 K
svchost.exe 996 0.01 22,940 K 19,304 K
audiodg.exe 1080 17,272 K 18,236 K
svchost.exe 128 0.20 97,300 K 105,036 K
wlanext.exe 1660 1,884 K 5,080 K
dwm.exe 2196 1.79 36,840 K 39,368 K Desktop Window Manager Microsoft Corporation
WUDFHost.exe 3936 2,140 K 6,132 K
svchost.exe 328 0.41 38,492 K 43,336 K
taskeng.exe 3568 3,800 K 8,324 K Task Scheduler Engine Microsoft Corporation
YCMMirage.exe 4176 < 0.01 2,720 K 2,956 K YouCam Mirage CyberLink
stacsv64.exe 332 < 0.01 6,904 K 7,648 K
svchost.exe 1408 < 0.01 7,428 K 12,892 K
hpservice.exe 1496 < 0.01 1,852 K 4,732 K
svchost.exe 1572 < 0.01 11,276 K 13,748 K
oacat.exe 1652 4,292 K 2,952 K Online Armor Component Emsi Software GmbH
oasrv.exe 1768 12.63 26,008 K 8,652 K Online Armor Component Emsi Software GmbH
OAReg.exe 4700 1,240 K 3,784 K
spoolsv.exe 1968 7,584 K 13,048 K
svchost.exe 2000 10,964 K 13,396 K
SASCore64.exe 1204 < 0.01 1,596 K 3,748 K
PhotoshopElementsFileAgent.exe 1292 < 0.01 1,932 K 1,008 K
armsvc.exe 1420 1,284 K 3,936 K
AESTSr64.exe 1348 1,284 K 2,868 K
svchost.exe 1844 3.17 5,816 K 11,672 K
Fuel.Service.exe 1884 4,900 K 10,096 K
AppleMobileDeviceService.exe 1896 0.01 3,172 K 9,304 K
taskhost.exe 2064 4,768 K 9,152 K Host Process for Windows Tasks Microsoft Corporation
mDNSResponder.exe 2120 2,468 K 5,880 K
btwdins.exe 2168 2,468 K 5,884 K
ezSharedSvcHost.exe 2244 < 0.01 2,416 K 7,952 K
HPClientServices.exe 2324 3,992 K 7,932 K
HPWMISVC.exe 2368 1,760 K 5,020 K
RIconMan.exe 2444 0.01 2,416 K 5,928 K
sftvsa.exe 2796 1,576 K 4,872 K
svchost.exe 2824 2,036 K 5,516 K Host Process for Windows Services Microsoft Corporation
WLIDSVC.EXE 2888 5,604 K 11,180 K
WLIDSVCM.EXE 1908 1,536 K 3,480 K
HPAuto.exe 2932 < 0.01 2,428 K 5,916 K
sftlist.exe 3056 < 0.01 5,524 K 13,004 K
CVHSVC.EXE 3536 4,196 K 9,280 K
svchost.exe 3876 2,056 K 5,488 K
SearchIndexer.exe 4316 < 0.01 19,172 K 7,492 K
svchost.exe 4924 < 0.01 5,980 K 18,332 K
hpqWmiEx.exe 4980 3,812 K 8,372 K
sppsvc.exe 5748 2,644 K 8,124 K
wmpnetwk.exe 5920 13.83 14,708 K 35,268 K
hpCMSrv.exe 5376 3,692 K 8,076 K
PresentationFontCache.exe 1144 28,148 K 18,732 K
lsass.exe 596 2.91 4,908 K 11,288 K
lsm.exe 604 2,756 K 4,396 K
csrss.exe 536 0.34 3,000 K 6,376 K
winlogon.exe 956 3,240 K 7,104 K
explorer.exe 2392 0.08 43,296 K 62,448 K Windows Explorer Microsoft Corporation
sttray64.exe 4032 10,416 K 21,252 K IDT PC Audio IDT, Inc.
SynTPEnh.exe 3388 3.46 11,888 K 18,408 K Synaptics TouchPad Enhancements Synaptics Incorporated
SynTPHelper.exe 4240 2,948 K 5,980 K
msseces.exe 3272 7,752 K 16,360 K Microsoft Security Client User Interface Microsoft Corporation
oaui.exe 2520 0.24 14,648 K 8,220 K Online Armor Component Emsi Software GmbH
oahlp.exe 4048 0.01 9,380 K 1,028 K Online Armor Component Emsi Software GmbH
msnmsgr.exe 3104 41,664 K 37,084 K Windows Live Messenger Microsoft Corporation
sidebar.exe 1088 9.46 34,988 K 62,104 K Windows Desktop Gadgets Microsoft Corporation
DTShellHlp.exe 732 < 0.01 4,636 K 11,704 K DAEMON Tools Shell Extensions Helper DT Soft Ltd
DTLite.exe 656 4,924 K 12,632 K DAEMON Tools Lite DT Soft Ltd
StikyNot.exe 4120 0.01 8,560 K 16,028 K Sticky Notes Microsoft Corporation
BTTray.exe 4180 8,136 K 13,280 K Bluetooth Tray Application Broadcom Corporation.
rundll32.exe 4608 2,792 K 7,292 K Windows host process (Rundll32) Microsoft Corporation
WinRAR.exe 3180 < 0.01 9,704 K 20,140 K WinRAR archiver Alexander Roshal
procexp.exe 5316 3,256 K 8,900 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
procexp64.exe 5428 2.45 21,856 K 38,876 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
HPMSGSVC.exe 4400 < 0.01 4,664 K 10,008 K HP Message Service Hewlett-Packard Development Company, L.P.
HPOSD.exe 4468 < 0.01 10,560 K 12,516 K HP On Screen Display Hewlett-Packard Development Company, L.P.
MOM.exe 1684 0.02 45,368 K 5,100 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.
CCC.exe 788 0.02 112,932 K 2,172 K Catalyst Control Center: Host application ATI Technologies Inc.
HPConnectionManager.exe 688 84,492 K 94,524 K HPConnectionManager Hewlett-Packard Development Company L.P.
hpCaslNotification.exe 5500 33,116 K 7,872 K hpCaslNotification Hewlett-Packard Development Company L.P.

and Speccy:

Summary
Operating System
MS Windows 7 Home Premium 64-bit SP1
CPU
AMD K12 43 °C
Llano 32nm Technology
RAM
6.00 GB DDR3 @ 673MHz (9-9-9-24)
Motherboard
Hewlett-Packard 3590 (Socket FS1) 42 °C
Graphics
Generic PnP Monitor (1366x768@60Hz)
AMD Radeon™ HD 6620G (HP) 43 °C
AMD Radeon HD 6750M (HP)
CrossFire Disabled
Hard Drives
733GB Hitachi Hitachi HTS547575A9E384 SATA Disk Device (SATA)
Optical Drives
hp CDDVDW TS-L633J SATA CdRom Device
DTSOFT Virtual CdRom Device
DTSOFT Virtual CdRom Device
Audio
IDT High Definition Audio CODEC
Operating System
MS Windows 7 Home Premium 64-bit SP1
Installation Date: 24 August 2011, 21:01

Windows Security Center
User Account Control (UAC) Enabled
Notify level 2 - Default
Firewall Disabled
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Every day
Schedule Time 3 am
Windows Defender
Windows Defender Disabled
Antivirus
Antivirus Enabled
Company Name Microsoft
Display Name Microsoft Security Essentials
Product Version 2.1.1116.0
Environment Variables
USERPROFILE C:\Users\gnt500p
SystemRoot C:\Windows
User Variables
TEMP C:\Users\gnt500p\AppData\Local\Temp
TMP C:\Users\gnt500p\AppData\Local\Temp
Machine Variables
ComSpec C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
OS Windows_NT
Path
C:\Windows\system32
C:\Windows
C:\Windows\system32\wbem
C:\Program Files\Common Files\Microsoft Shared\Windows Live
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live
C:\Program Files (x86)\AMD APP\bin\x86_64
C:\Program Files (x86)\AMD APP\bin\x86
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
C:\Program Files (x86)\Windows Live\Shared
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
C:\Program Files\Broadcom\Broadcom 802.11\Driver
C:\Program Files\WIDCOMM\Bluetooth Software
C:\Program Files\WIDCOMM\Bluetooth Software\syswow64
C:\Program Files (x86)\QuickTime\QTSystem
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE AMD64
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
NUMBER_OF_PROCESSORS 4
PROCESSOR_LEVEL 18
PROCESSOR_IDENTIFIER AMD64 Family 18 Model 1 Stepping 0, AuthenticAMD
PROCESSOR_REVISION 0100
windows_tracing_logfile C:\BVTBin\Tests\installpackage\csilogfile.log
windows_tracing_flags 3
OnlineServices Online Services
Platform MCD
PCBRAND Pavilion
AMDAPPSDKROOT C:\Program Files (x86)\AMD APP\
asl.log Destination=file
CLASSPATH
.
C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
QTJAVA C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
TimeZone
TimeZone GMT -6 Hours
Language English
Country Canada
Currency $
Date Format dd/MM/yyyy
Time Format h:mm:ss tt
Power Profile
Active power scheme Home/Office Desk
Hibernation Enabled
Process List
aestsr64.exe
Process ID 1348
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\IDT\WDM\AESTSr64.exe
Memory Usage 2.80 MB
Peak Memory Usage 2.83 MB
applemobiledeviceservice.exe
Process ID 1896
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 9.14 MB
Peak Memory Usage 9.18 MB
armsvc.exe
Process ID 1420
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
Memory Usage 3.82 MB
Peak Memory Usage 3.87 MB
atieclxx.exe
Process ID 1444
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\atieclxx.exe
Memory Usage 6.60 MB
Peak Memory Usage 6.65 MB
atiesrxx.exe
Process ID 888
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\atiesrxx.exe
Memory Usage 4.36 MB
Peak Memory Usage 4.39 MB
audiodg.exe
Process ID 1080
bttray.exe
Process ID 4180
User gnt500p
Domain BigBertha
Path C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Memory Usage 13 MB
Peak Memory Usage 14 MB
btwdins.exe
Process ID 2168
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
Memory Usage 5.73 MB
Peak Memory Usage 6.36 MB
ccc.exe
Process ID 788
User gnt500p
Domain BigBertha
Path C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Memory Usage 26 MB
Peak Memory Usage 80 MB
conhost.exe
Process ID 1668
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\conhost.exe
Memory Usage 2.75 MB
Peak Memory Usage 2.75 MB
csrss.exe
Process ID 536
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 6.54 MB
Peak Memory Usage 11 MB
csrss.exe
Process ID 416
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 4.75 MB
Peak Memory Usage 4.75 MB
cvhsvc.exe
Process ID 3536
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
Memory Usage 9.03 MB
Peak Memory Usage 9.23 MB
dtlite.exe
Process ID 656
User gnt500p
Domain BigBertha
Path C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
dtshellhlp.exe
Process ID 732
User gnt500p
Domain BigBertha
Path C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
dwm.exe
Process ID 2196
User gnt500p
Domain BigBertha
Path C:\Windows\system32\Dwm.exe
Memory Usage 39 MB
Peak Memory Usage 47 MB
explorer.exe
Process ID 2392
User gnt500p
Domain BigBertha
Path C:\Windows\Explorer.EXE
Memory Usage 61 MB
Peak Memory Usage 62 MB
ezsharedsvchost.exe
Process ID 2244
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\SysWOW64\ezSharedSvcHost.exe
Memory Usage 7.74 MB
Peak Memory Usage 7.88 MB
fuel.service.exe
Process ID 1884
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Memory Usage 9.79 MB
Peak Memory Usage 9.89 MB
hpauto.exe
Process ID 2932
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
Memory Usage 5.76 MB
Peak Memory Usage 5.78 MB
hpcaslnotification.exe
Process ID 5500
User gnt500p
Domain BigBertha
Path C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
Memory Usage 8.66 MB
Peak Memory Usage 34 MB
hpclientservices.exe
Process ID 2324
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
Memory Usage 7.73 MB
Peak Memory Usage 7.76 MB
hpcmsrv.exe
Process ID 5376
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
Memory Usage 7.81 MB
Peak Memory Usage 7.89 MB
hpconnectionmanager.exe
Process ID 688
User gnt500p
Domain BigBertha
Path C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
Memory Usage 92 MB
Peak Memory Usage 93 MB
hpmsgsvc.exe
Process ID 4400
User gnt500p
Domain BigBertha
Path C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
Memory Usage 9.74 MB
Peak Memory Usage 9.88 MB
hposd.exe
Process ID 4468
User gnt500p
Domain BigBertha
Path C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
hpqwmiex.exe
Process ID 4980
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
Memory Usage 8.07 MB
Peak Memory Usage 8.18 MB
hpservice.exe
Process ID 1496
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\Hpservice.exe
Memory Usage 4.62 MB
Peak Memory Usage 4.65 MB
hpwmisvc.exe
Process ID 2368
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
Memory Usage 4.87 MB
Peak Memory Usage 4.98 MB
lsass.exe
Process ID 596
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
lsm.exe
Process ID 604
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 4.28 MB
Peak Memory Usage 4.30 MB
mdnsresponder.exe
Process ID 2120
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bonjour\mDNSResponder.exe
Memory Usage 5.74 MB
Peak Memory Usage 5.78 MB
mom.exe
Process ID 1684
User gnt500p
Domain BigBertha
Path C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
Memory Usage 1.95 MB
Peak Memory Usage 31 MB
msmpeng.exe
Process ID 840
User SYSTEM
Domain NT AUTHORITY
Path c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
Memory Usage 41 MB
Peak Memory Usage 150 MB
msnmsgr.exe
Process ID 3104
User gnt500p
Domain BigBertha
Path C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
Memory Usage 36 MB
Peak Memory Usage 36 MB
msseces.exe
Process ID 3272
User gnt500p
Domain BigBertha
Path C:\Program Files\Microsoft Security Client\msseces.exe
Memory Usage 16 MB
Peak Memory Usage 17 MB
oacat.exe
Process ID 1652
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Online Armor\OAcat.exe
Memory Usage 2.87 MB
Peak Memory Usage 11 MB
oahlp.exe
Process ID 4048
User gnt500p
Domain BigBertha
Path C:\Program Files (x86)\Online Armor\OAhlp.exe
Memory Usage 1.00 MB
Peak Memory Usage 15 MB
oareg.exe
Process ID 4700
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Online Armor\OAreg.exe
Memory Usage 3.69 MB
Peak Memory Usage 3.72 MB
oasrv.exe
Process ID 1768
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Online Armor\oasrv.exe
Memory Usage 11 MB
Peak Memory Usage 25 MB
oaui.exe
Process ID 2520
User gnt500p
Domain BigBertha
Path C:\Program Files (x86)\Online Armor\oaui.exe
Memory Usage 8.00 MB
Peak Memory Usage 19 MB
photoshopelementsfileagent.exe
Process ID 1292
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
Memory Usage 988 KB
Peak Memory Usage 4.83 MB
presentationfontcache.exe
Process ID 1144
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
riconman.exe
Process ID 2444
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
Memory Usage 5.77 MB
Peak Memory Usage 5.79 MB
rundll32.exe
Process ID 4608
User gnt500p
Domain BigBertha
Path C:\Windows\SysWOW64\RunDll32.exe
Memory Usage 7.09 MB
Peak Memory Usage 7.12 MB
sascore64.exe
Process ID 1204
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
Memory Usage 3.64 MB
Peak Memory Usage 3.67 MB
searchfilterhost.exe
Process ID 5288
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchFilterHost.exe
Memory Usage 7.97 MB
Peak Memory Usage 7.97 MB
searchindexer.exe
Process ID 4316
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchIndexer.exe
Memory Usage 13 MB
Peak Memory Usage 16 MB
searchprotocolhost.exe
Process ID 1368
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
services.exe
Process ID 580
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 8.95 MB
Peak Memory Usage 9.49 MB
sftlist.exe
Process ID 3056
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
sftvsa.exe
Process ID 2796
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
Memory Usage 4.73 MB
Peak Memory Usage 4.79 MB
sidebar.exe
Process ID 1088
User gnt500p
Domain BigBertha
Path C:\Program Files\Windows Sidebar\sidebar.exe
Memory Usage 62 MB
Peak Memory Usage 62 MB
smss.exe
Process ID 284
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 1.16 MB
Peak Memory Usage 1.21 MB
speccy64.exe
Process ID 5876
User gnt500p
Domain BigBertha
Path C:\Program Files\Speccy\Speccy64.exe
Memory Usage 22 MB
Peak Memory Usage 23 MB
spoolsv.exe
Process ID 1968
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
sppsvc.exe
Process ID 5748
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\sppsvc.exe
Memory Usage 7.71 MB
Peak Memory Usage 7.96 MB
stacsv64.exe
Process ID 332
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\IDT\WDM\STacSV64.exe
Memory Usage 7.50 MB
Peak Memory Usage 7.54 MB
stikynot.exe
Process ID 4120
User gnt500p
Domain BigBertha
Path C:\Windows\System32\StikyNot.exe
Memory Usage 16 MB
Peak Memory Usage 16 MB
sttray64.exe
Process ID 4032
User gnt500p
Domain BigBertha
Path C:\Program Files\IDT\WDM\sttray64.exe
Memory Usage 21 MB
Peak Memory Usage 21 MB
svchost.exe
Process ID 996
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 19 MB
Peak Memory Usage 19 MB
svchost.exe
Process ID 776
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 7.89 MB
Peak Memory Usage 7.89 MB
svchost.exe
Process ID 704
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 9.57 MB
Peak Memory Usage 9.88 MB
svchost.exe
Process ID 2824
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.37 MB
Peak Memory Usage 5.45 MB
svchost.exe
Process ID 2000
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 80 MB
svchost.exe
Process ID 4924
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
svchost.exe
Process ID 1572
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 3876
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.36 MB
Peak Memory Usage 5.47 MB
svchost.exe
Process ID 1844
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\SysWOW64\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 18 MB
svchost.exe
Process ID 1408
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 328
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 42 MB
Peak Memory Usage 42 MB
svchost.exe
Process ID 128
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 102 MB
Peak Memory Usage 123 MB
svchost.exe
Process ID 3864
User LOCAL SERVICE
Domain NT AUTHORITY
Memory Usage 112 KB
Peak Memory Usage 112 KB
syntpenh.exe
Process ID 3388
User gnt500p
Domain BigBertha
Path C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
syntphelper.exe
Process ID 4240
User gnt500p
Domain BigBertha
Path C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
Memory Usage 5.84 MB
Peak Memory Usage 5.85 MB
system
Process ID 4
system idle process
Process ID 0
taskeng.exe
Process ID 3568
User gnt500p
Domain BigBertha
Path C:\Windows\system32\taskeng.exe
Memory Usage 8.11 MB
Peak Memory Usage 8.18 MB
taskhost.exe
Process ID 2064
User gnt500p
Domain BigBertha
Path C:\Windows\system32\taskhost.exe
Memory Usage 8.97 MB
Peak Memory Usage 8.97 MB
wininit.exe
Process ID 516
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 4.52 MB
Peak Memory Usage 4.62 MB
winlogon.exe
Process ID 956
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 7.03 MB
Peak Memory Usage 8.32 MB
wlanext.exe
Process ID 1660
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\WLANExt.exe
Memory Usage 4.96 MB
Peak Memory Usage 4.98 MB
wlidsvc.exe
Process ID 2888
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
Memory Usage 11 MB
Peak Memory Usage 12 MB
wlidsvcm.exe
Process ID 1908
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
Memory Usage 3.38 MB
Peak Memory Usage 3.41 MB
wmiprvse.exe
Process ID 3184
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 7.29 MB
Peak Memory Usage 7.36 MB
wmiprvse.exe
Process ID 4680
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 5.34 MB
Peak Memory Usage 5.34 MB
wmpnetwk.exe
Process ID 5920
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Program Files\Windows Media Player\wmpnetwk.exe
Memory Usage 33 MB
Peak Memory Usage 37 MB
wudfhost.exe
Process ID 3936
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\WUDFHost.exe
Memory Usage 5.97 MB
Peak Memory Usage 6.00 MB
ycmmirage.exe
Process ID 4176
User gnt500p
Domain BigBertha
Path C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
Memory Usage 1.99 MB
Peak Memory Usage 7.46 MB
Scheduler
Hotfixes
28/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.115.792.0)
27/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.115.712.0)
24/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.115.410.0)
23/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.115.358.0)
22/10/2011 Security Update for Microsoft Office InfoPath 2007 (KB2510061)
22/10/2011 Security Update for Microsoft Office 2007 System (KB2553090)
22/10/2011 Update for Microsoft Office 2007 System (KB2539530)
22/10/2011 Security Update for Microsoft Office Publisher 2007 (KB2284697)
22/10/2011 Security Update for Microsoft Office Excel 2007 (KB2553073)
22/10/2011 Security Update for Microsoft Office Groove 2007 (KB2552997)
22/10/2011 Update for Microsoft Office OneNote 2007 (KB980729)
22/10/2011 Security Update for the 2007 Microsoft Office System (KB2345043)
22/10/2011 Security Update for Microsoft Office 2007 System (KB2553089)
22/10/2011 Security Update for the 2007 Microsoft Office System (KB2288621)
22/10/2011 Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
22/10/2011 Security Update for Microsoft Office Word 2007 (KB2344993)
22/10/2011 Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
22/10/2011 Security Update for Microsoft Office InfoPath 2007 (KB979441)
22/10/2011 Security Update for the 2007 Microsoft Office System (KB972581)
22/10/2011 Security Update for Microsoft Office Access 2007 (KB979440)
22/10/2011 Security Update for the 2007 Microsoft Office System (KB2553074)
22/10/2011 Security Update for the 2007 Microsoft Office System (KB976321)
22/10/2011 Security Update for the 2007 Microsoft Office System (KB969559)
22/10/2011 Security Update for the 2007 Microsoft Office System (KB974234)
22/10/2011 Security Update for Microsoft Office 2007 System (KB2288931)
22/10/2011 Update for the 2007 Microsoft Office System (KB2284654)
22/10/2011 Update for Microsoft Office Outlook 2007 (KB2583910)
22/10/2011 Security Update for Microsoft Office 2007 System (KB2584063)
22/10/2011 Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
22/10/2011 Security Update for Microsoft Office Outlook 2007 (KB2288953)
21/10/2011 The 2007 Microsoft Office Suite Service Pack 2 (SP2)
21/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.115.189.0)
20/10/2011 Update for Microsoft Office OneNote 2007 Help (KB963670)
20/10/2011 Update for Microsoft Office Publisher 2007 Help (KB963667)
20/10/2011 Security Update for Microsoft Office 2007 (KB951550)
20/10/2011 Update for Microsoft Office 2007 System (KB2508958)
20/10/2011 Security Update for the 2007 Microsoft Office System (KB951944)
20/10/2011 Update for Microsoft Office PowerPoint 2007 Help (KB963669)
20/10/2011 Update for the 2007 Microsoft Office System Help for Common Features (KB963673)
20/10/2011 Update for Microsoft Office Word 2007 Help (KB963665)
20/10/2011 Update for Microsoft Office Outlook 2007 Help (KB963677)
20/10/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2596560)
20/10/2011 Update for the 2007 Microsoft Office System (KB967642)
20/10/2011 Update for Microsoft Office Excel 2007 Help (KB963678)
20/10/2011 Update for Microsoft Office InfoPath 2007 Help (KB963662)
20/10/2011 The 2007 Microsoft Office Suite Service Pack 2 (SP2)
20/10/2011 Update for Microsoft Office Access 2007 Help (KB963663)
20/10/2011 Update for Microsoft Script Editor Help (KB963671)
20/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.115.151.0)
20/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.115.151.0)
19/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.115.33.0)
17/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.1817.0)
16/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.1775.0)
16/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.1755.0)
14/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.1701.0)
13/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.1594.0)
13/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.1536.0)
12/10/2011 Advanced Micro Devices, Inc. - Display, Other hardware - AMD Radeon™ HD 6620G
12/10/2011 Advanced Micro Devices, Inc. - Display, Other hardware - AMD Radeon HD 6750M
12/10/2011 Security Update for Microsoft Silverlight (KB2617986)
12/10/2011 Advanced Micro Devices, Inc. - Display, Other hardware - AMD Radeon™ HD 6620G
12/10/2011 Windows Malicious Software Removal Tool x64 - October 2011 (KB890830)
12/10/2011 Security Update for Windows 7 for x64-based Systems (KB2567053)
12/10/2011 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2572078)
12/10/2011 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2586448)
12/10/2011 Security Update for Windows 7 for x64-based Systems (KB2579686)
12/10/2011 Advanced Micro Devices, Inc. - Display, Other hardware - AMD Radeon HD 6750M
12/10/2011 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2572077)
12/10/2011 Security Update for Windows 7 for x64-based Systems (KB2564958)
12/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.1445.0)
11/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.1394.0)
10/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.1289.0)
05/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.993.0)
04/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.874.0)
02/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.773.0)
01/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.740.0)
30/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.681.0)
30/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.672.0)
29/09/2011 Windows Malicious Software Removal Tool x64 - September 2011 (KB890830)
29/09/2011 USB Optical Mouse - Input - USB Optical Mouse
29/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.515.0)
28/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.482.0)
23/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.85.0)
22/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.7.0)
20/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.2660.0)
19/09/2011 USB Optical Mouse - Input - USB Optical Mouse
17/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.2476.0)
16/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.2389.0)
14/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.2247.0)
14/09/2011 USB Optical Mouse - Input - USB Optical Mouse
14/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.2156.0)
14/09/2011 Realtek - Network - Realtek PCIe GBE Family Controller
14/09/2011 ATI Technologies Inc. - Display - AMD Radeon HD 6750M
14/09/2011 ATI Technologies Inc. - Display - AMD Radeon™ HD 6620G
14/09/2011 ATI Technologies Inc. - Display - AMD Radeon™ HD 6620G
14/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.2156.0)
14/09/2011 ATI Technologies Inc. - Display - AMD Radeon HD 6750M
14/09/2011 USB Optical Mouse - Input - USB Optical Mouse
14/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.2156.0)
14/09/2011 Realtek - Network - Realtek PCIe GBE Family Controller
14/09/2011 ATI Technologies Inc. - Display - AMD Radeon HD 6750M
14/09/2011 ATI Technologies Inc. - Display - AMD Radeon™ HD 6620G
14/09/2011 Security Update for Windows 7 for x64-based Systems (KB2570947)
14/09/2011 Update for Microsoft Office 2010 (KB2515417)
14/09/2011 Update for Microsoft Office 2010 (KB2494150), 32-Bit Edition
14/09/2011 Update for Windows 7 for x64-based Systems (KB2616676)
14/09/2011 Update for Windows 7 for x64-based Systems (KB2616676)
14/09/2011 Windows Malicious Software Removal Tool x64 - September 2011 (KB890830)
14/09/2011 USB Optical Mouse - Input - USB Optical Mouse
14/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.2156.0)
14/09/2011 Realtek - Network - Realtek PCIe GBE Family Controller
14/09/2011 ATI Technologies Inc. - Display - AMD Radeon HD 6750M
14/09/2011 ATI Technologies Inc. - Display - AMD Radeon™ HD 6620G
11/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.1975.0)
10/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.1915.0)
09/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.1889.0)
09/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.1858.0)
08/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.1771.0)
07/09/2011 Update for Windows 7 for x64-based Systems (KB2607712)
06/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.1570.0)
04/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.1425.0)
03/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.1396.0)
03/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.1351.0)
02/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.1264.0)
01/09/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.1236.0)
31/08/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.1162.0)
30/08/2011 Update for Microsoft Office 2010 (KB2077208)
30/08/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.1045.0)
29/08/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.939.0)
28/08/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.896.0)
26/08/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.839.0)
26/08/2011 Update for Windows 7 for x64-based Systems (KB2563227)
26/08/2011 Update for Windows 7 for x64-based Systems (KB2515325)
26/08/2011 ATI Technologies Inc. - Display - AMD Radeon™ HD 6620G
26/08/2011 Update for Windows 7 for x64-based Systems (KB2547666)
26/08/2011 Hewlett-Packard Development Company, L.P. - Other hardware - HP Mobile Data Protection Sensor
26/08/2011 ATI Technologies Inc. - Display - AMD Radeon HD 6750M
26/08/2011 Security Update for Microsoft Visual C++ 2010 Redistributable Package (KB2467173)
26/08/2011 Update for Windows 7 for x64-based Systems (KB2511250)
26/08/2011 Update for Windows 7 for x64-based Systems (KB2545698)
26/08/2011 Update for Windows 7 for x64-based Systems (KB2522422)
26/08/2011 Update for Windows 7 for x64-based Systems (KB2492386)
26/08/2011 Update for Windows 7 for x64-based Systems (KB2541014)
26/08/2011 Windows Malicious Software Removal Tool x64 - August 2011 (KB890830)
26/08/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.798.0)
26/08/2011 Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2533523)
26/08/2011 Update for Windows 7 for x64-based Systems (KB2529073)
26/08/2011 Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2468871)
26/08/2011 Update for Windows 7 for x64-based Systems (KB982018)
26/08/2011 Update for Windows 7 for x64-based Systems (KB2506928)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2532531)
26/08/2011 Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB973688)
26/08/2011 Security Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB954430)
26/08/2011 Update for Windows 7 for x64-based Systems (KB971033)
26/08/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.730.0)
26/08/2011 Update for Windows 7 for x64-based Systems (KB2570791)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2560656)
26/08/2011 Update for Windows 7 for x64-based Systems (KB2552343)
26/08/2011 Update for Windows 7 for x64-based Systems (KB2533552)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2536276)
26/08/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2503665)
26/08/2011 Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB2508272)
26/08/2011 Security Update for Microsoft Silverlight (KB2512827)
26/08/2011 Update Rollup for ActiveX Killbits for Windows 7 for x64-based Systems (KB2562937)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2506212)
26/08/2011 Update for Windows 7 for x64-based Systems (KB2524375)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2507618)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2509553)
26/08/2011 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2539635)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2536275)
26/08/2011 Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2518869)
26/08/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2518870)
26/08/2011 Update for Windows 7 for x64-based Systems (KB2506014)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2476490)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2567680)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2532531)
26/08/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2416472)
26/08/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2487367)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2555917)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2563894)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2491683)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2544893)
26/08/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2511455)
26/08/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2539636)
26/08/2011 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2559049)
26/08/2011 Security Update for Windows 7 for x64-based Systems (KB2556532)
25/08/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.111.647.0)
22/06/2011 Update for Windows (KB958488)
Battery
AC line Offline
Battery full time Unknown
Battery Charge % 92 %
Battery State High
Amount of time remaining (sec) 2 : 48
Device Tree
ACPI x64-based PC
Microsoft ACPI-Compliant System
AMD A8-3530MX APU with Radeon™ HD Graphics
AMD A8-3530MX APU with Radeon™ HD Graphics
AMD A8-3530MX APU with Radeon™ HD Graphics
AMD A8-3530MX APU with Radeon™ HD Graphics
ACPI Thermal Zone
ACPI Power Button
Microsoft ACPI-Compliant Control Method Battery
Microsoft AC Adapter
HP Mobile Data Protection Sensor
ACPI Lid
Microsoft Windows Management Interface for ACPI
ACPI Fixed Feature Button
PCI bus
PCI standard host CPU bridge
AMD SMBus
PCI standard PCI-to-PCI bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
Motherboard resources
High precision event timer
AMD Radeon™ HD 6620G
Generic PnP Monitor
High Definition Audio Controller
AMD High Definition Audio Device
PCI standard PCI-to-PCI bridge
AMD Radeon HD 6750M
PCI standard PCI-to-PCI bridge
Realtek PCIe GBE Family Controller
PCI standard PCI-to-PCI bridge
Broadcom 4313 802.11b/g/n
PCI standard PCI-to-PCI bridge
Realtek PCIE CardReader
AMD SATA Controller
Hitachi HTS547575A9E384 SATA Disk Device
hp CDDVDW TS-L633J SATA CdRom Device
Standard OpenHCD USB Host Controller
USB Root Hub
Standard Enhanced PCI to USB Host Controller
USB Root Hub
Standard OpenHCD USB Host Controller
USB Root Hub
Standard Enhanced PCI to USB Host Controller
USB Root Hub
USB Composite Device
HP TrueVision HD

Standard Dual Channel PCI IDE Controller
ATA Channel 0
ATA Channel 1
High Definition Audio Controller
IDT High Definition Audio CODEC
PCI standard ISA bridge
Direct memory access controller
Numeric data processor
Programmable interrupt controller
System CMOS/real time clock
System timer
Standard PS/2 Keyboard
Synaptics PS/2 Port TouchPad
Motherboard resources
System board
Microsoft ACPI-Compliant Embedded Controller
Standard OpenHCD USB Host Controller
USB Root Hub
USB Optical Mouse
HID-compliant mouse
HID-compliant device
HID-compliant consumer control device
HID-compliant device
HID-compliant device
Standard Enhanced PCI to USB Host Controller
USB Root Hub
USB Mass Storage Device
Patriot Memory USB Device
Services
Running Adobe Acrobat Update Service
Running Adobe Active File Monitor V9
Running Akamai NetSession Interface
Running AMD External Events Utility
Running AMD FUEL Service
Running Andrea ST Filters Service
Running Apple Mobile Device
Running Application Experience
Running Application Information
Running Application Virtualization Client
Running Application Virtualization Service Agent
Running Audio Service
Running Background Intelligent Transfer Service
Running Base Filtering Engine
Running Bluetooth Service
Running Bonjour Service
Running Client Virtualization Handler
Running CNG Key Isolation
Running COM+ Event System
Running Computer Browser
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Diagnostic System Host
Running Distributed Link Tracking Client
Running DNS Client
Running Easybits Services for Windows
Running Extensible Authentication Protocol
Running Function Discovery Provider Host
Running Group Policy Client
Running HP Auto
Running HP Client Services
Running HP Connection Manager 4.0 Service
Running HP Service
Running HP Software Framework Service
Running HPWMISVC
Running Human Interface Device Access
Running IconMan_R
Running IKE and AuthIP IPsec Keying Modules
Running IP Helper
Running IPsec Policy Agent
Running Microsoft Antimalware Service
Running Multimedia Class Scheduler
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Online Armor
Running Online Armor Helper Service
Running Peer Networking Identity Manager
Running Plug and Play
Running PnP-X IP Bus Enumerator
Running Portable Device Enumerator Service
Running Power
Running Print Spooler
Running Program Compatibility Assistant Service
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running RPC Endpoint Mapper
Running SAS Core Service
Running Secondary Logon
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running Software Protection
Running SSDP Discovery
Running Superfetch
Running System Event Notification Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Themes
Running UPnP Device Host
Running User Profile Service
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows Live ID Sign-in Assistant
Running Windows Management Instrumentation
Running Windows Media Player Network Sharing Service
Running Windows Presentation Foundation Font Cache 3.0.0.0
Running Windows Search
Running Windows Update
Running WLAN AutoConfig
Running Workstation
Stopped ActiveX Installer (AxInstSV)
Stopped Adaptive Brightness
Stopped Application Identity
Stopped Application Layer Gateway Service
Stopped ASP.NET State Service
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Bluetooth Support Service
Stopped Certificate Propagation
Stopped COM+ System Application
Stopped Credential Manager
Stopped Disk Defragmenter
Stopped Distributed Transaction Coordinator
Stopped Encrypting File System (EFS)
Stopped Fax
Stopped Function Discovery Resource Publication
Stopped GamesAppService
Stopped Health Key and Certificate Management
Stopped HomeGroup Listener
Stopped HomeGroup Provider
Stopped InstallDriver Table Manager
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped iPod Service
Stopped KtmRm for Distributed Transaction Coordinator
Stopped Link-Layer Topology Discovery Mapper
Stopped Media Center Extender Service
Stopped Microsoft .NET Framework NGEN v2.0.50727_X64
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X64
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Network Inspection
Stopped Microsoft Office Diagnostics Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Net.Msmq Listener Adapter
Stopped Net.Pipe Listener Adapter
Stopped Net.Tcp Listener Adapter
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Office Source Engine
Stopped Office Software Protection Platform
Stopped Parental Controls
Start pending Peer Name Resolution Protocol
Stopped Peer Networking Grouping
Stopped Performance Counter DLL Host
Stopped Performance Logs & Alerts
Stopped PNRP Machine Name Publication Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Desktop Configuration
Stopped Remote Desktop Services
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped SPP Notification Service
Stopped Tablet PC Input Service
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped WebClient
Stopped Windows Activation Technologies Service
Stopped Windows Backup
Stopped Windows Biometric Service
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Defender
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Installer
Stopped Windows Media Center Receiver Service
Stopped Windows Media Center Scheduler Service
Stopped Windows Modules Installer
Stopped Windows Remote Management (WS-Management)
Stopped Windows Time
Stopped WinHTTP Web Proxy Auto-Discovery Service
Stopped Wired AutoConfig
Stopped WMI Performance Adapter
Stopped WWAN AutoConfig
CPU
AMD K12
Cores 4
Threads 4
Name AMD K12
Code Name Llano
Package Socket FS1 (905)
Technology 32nm
Specification AMD A8-3530MX APU with Radeon™ HD Graphics
Family F
Extended Family 12
Model 1
Extended Model 1
Stepping 0
Revision LN1-B0
Instructions MMX (+), 3DNow! (+), SSE, SSE2, SSE3, SSE4A, AMD 64
Virtualization Supported, Enabled
Hyperthreading Not supported
Bus Speed 101.2 MHz
Average Temperature 43 °C
Caches
L1 Data Cache Size 4 x 64 KBytes
L1 Instructions Cache Size 4 x 64 KBytes
L2 Unified Cache Size 4 x 1024 KBytes
Core 0
Core Speed 1009.7 MHz
Multiplier x 8.0
Bus Speed 101.2 MHz
Temperature 43 °C
Thread 1
APIC ID 0
Core 1
Core Speed 807.7 MHz
Multiplier x 8.0
Bus Speed 101.2 MHz
Temperature 43 °C
Thread 1
APIC ID 1
Core 2
Core Speed 807.7 MHz
Multiplier x 8.0
Bus Speed 101.2 MHz
Temperature 43 °C
Thread 1
APIC ID 2
Core 3
Core Speed 807.7 MHz
Multiplier x 8.0
Bus Speed 101.2 MHz
Temperature 44 °C
Thread 1
APIC ID 3
RAM
Memory slots
Total memory slots 2
Used memory slots 2
Free memory slots 0
Memory
Type DDR3
Size 6144 MBytes
DRAM Frequency 674.9 MHz
CAS# Latency (CL) 9 clocks
RAS# to CAS# Delay (tRCD) 9 clocks
RAS# Precharge (tRP) 9 clocks
Cycle Time (tRAS) 24 clocks
Bank Cycle Time (tRC) 33 clocks
Physical Memory
Memory Usage 28 %
Total Physical 5.48 GB
Available Physical 3.94 GB
Total Virtual 11 GB
Available Virtual 9.14 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR3
Size 4096 MBytes
Manufacturer Elpida
Max Bandwidth PC3-10700 (667 MHz)
Part Number EBJ41UF8BCS0-DJ-F
Serial Number 9D211258
Week/year 14 / 11
SPD Ext. EPP
JEDEC #6
Frequency 761.9 MHz
CAS# Latency 10.0
RAS# To CAS# 10
RAS# Precharge 10
tRAS 28
tRC 38
Voltage 1.500 V
JEDEC #5
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 34
Voltage 1.500 V
JEDEC #4
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #3
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #2
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 23
Voltage 1.500 V
JEDEC #1
Frequency 381.0 MHz
CAS# Latency 5.0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 14
tRC 19
Voltage 1.500 V
Slot #2
Type DDR3
Size 2048 MBytes
Manufacturer Samsung
Max Bandwidth PC3-10700 (667 MHz)
Part Number M471B5773DH0-CH9
Serial Number 672CCB59
Week/year 15 / 11
SPD Ext. EPP
JEDEC #5
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 34
Voltage 1.500 V
JEDEC #4
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #3
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #2
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 23
Voltage 1.500 V
JEDEC #1
Frequency 381.0 MHz
CAS# Latency 5.0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 14
tRC 19
Voltage 1.500 V
Motherboard
Manufacturer Hewlett-Packard
Model 3590 (Socket FS1)
Version 058F110000244610000620100
Chipset Vendor AMD
Chipset Model ID1705
Chipset Revision 00
Southbridge Vendor AMD
Southbridge Model A75
Southbridge Revision 11
System Temperature 42 °C
BIOS
Brand Hewlett-Packard
Version F.1C
Date 05/12/2011
PCI Data
Slot UNKNOWN
Slot Type UNKNOWN
Slot Usage Available
Bus Width Unknown
Slot Designation J6C1
Slot Number 0
Slot UNKNOWN
Slot Type UNKNOWN
Slot Usage Available
Bus Width Unknown
Slot Designation J8C1
Slot Number 1
Slot UNKNOWN
Slot Type UNKNOWN
Slot Usage Available
Bus Width Unknown
Slot Designation J7C1
Slot Number 2
Slot UNKNOWN
Slot Type UNKNOWN
Slot Usage Available
Bus Width Unknown
Slot Designation J8D1
Slot Number 3
Graphics
Monitor
Name Generic PnP Monitor on AMD Radeon HD 6620G
Current Resolution 1366x768 pixels
Work Resolution 1366x768 pixels
State enabled, primary
Monitor Width 1366
Monitor Height 768
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
AMD Radeon™ HD 6620G
GPU Sumo
Device ID 1002-9641
Subvendor HP (103C)
Current Performance Level Level 1
Voltage 0.875 V
Technology 33 nm
Die Size 32 nm²
Release Date Jun 15, 2011
DirectX Support 11.0
OpenGL Support 5.0
Bios Core Clock 200.00
Bios Mem Clock 667.00
Temperature 43 °C
Core Voltage 0.875 V
Crossfire Disabled
ROPs 8
Shaders 400 unified
Memory Type DDR3
Pixel Fillrate 2.2 GPixels/s
Texture Fillrate 0.0 GTexels/s
Bandwidth 21.3 GB/s
Count of performance levels : 1
Level 0
AMD Radeon HD 6750M
GPU Whistler
Device ID 1002-6741
Subvendor HP (103C)
Current Performance Level Level 1
Voltage 0.875 V
Die Size 40 nm²
Release Date Jan 04, 2011
DirectX Support 11.0
OpenGL Support 5.0
Bios Core Clock 200.00
Bios Mem Clock 667.00
Crossfire Disabled
ROPs 16
Shaders 480 unified
Memory Type GDDR5
Bandwidth 51.2 GB/s
Count of performance levels : 1
Level 0
Hard Drives
Hitachi HTS547575A9E384 SATA Disk Device
Manufacturer Hitachi
Product Family Travelstar
Series Prefix Standard
Model Capacity For This Specific Drive 750GB
Heads 16
Cylinders 16383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
LBA Size 48-bit LBA
Power On Count 364 ??
Power On Time 21 Days 6 Hours
Speed, Expressed in Revolutions Per Minute (rpm) 5400
Features S.M.A.R.T., APM, NCQ
Transfer Mode SATA II
Interface SATA
Capacity 733GB
Real size 750,156,374,016 bytes
RAID Type None
S.M.A.R.T
01 Read Error Rate 100 (100 worst) Data 0000000000
02 Throughput Performance 100 (100) Data 0000000000
03 Spin-Up Time 186 (100) Data 0000000001
04 Start/Stop Count 100 (100) Data 0000000187
05 Reallocated Sectors Count 100 (100) Data 0000000000
07 Seek Error Rate 100 (100) Data 0000000000
08 Seek Time Performance 100 (100) Data 0000000000
09 Power-On Hours (POH) 099 (099) Data 00000001FE
0A Spin Retry Count 100 (100) Data 0000000000
0C Device Power Cycle Count 100 (100) Data 000000016C
B7 SATA Downshift Error Count 100 (100) Data 0000000000
B8 End-to-End error / IOEDC 100 (100) Data 0000000000
BB Reported Uncorrectable Errors 100 (100) Data 00000A0000
BC Command Timeout 100 (100) Data 0000000002
BE Temperature Difference from 100 063 (051) Data 0017270025
BF G-sense error rate 099 (099) Data 0000000176
C0 Power-off Retract Count 100 (100) Data 0000070007
C1 Load/Unload Cycle Count 100 (100) Data 0000001056
C4 Reallocation Event Count 100 (100) Data 0000000000
C5 Current Pending Sector Count 100 (100) Data 0000000000
C6 Uncorrectable Sector Count 100 (100) Data 0000000000
C7 UltraDMA CRC Error Count 100 (100) Data 0000000000
DF Load/Unload Retry Count 100 (100) Data 0000000000
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Size 199 MB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number F424D565
Size 677GB
Used Space 139GB (21%)
Free Space 538GB (79%)
Partition 2
Partition ID Disk #0, Partition #2
Disk Letter D:
File System NTFS
Volume Serial Number DAE21CD0
Size 21.4GB
Used Space 19.1GB (90%)
Free Space 2.28GB (10%)
Partition 3
Partition ID Disk #0, Partition #3
Size 102 MB
Optical Drives
hp CDDVDW TS-L633J SATA CdRom Device
Media Type DVD Writer
Name hp CDDVDW TS-L633J SATA CdRom Device
Availability Running/Full Power
Capabilities Random Access, Supports Writing, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive E:
DriveIntegrity TRUE
Media Loaded TRUE
SCSI Bus 2
SCSI Logical Unit 0
SCSI Port 2
SCSI Target Id 0
Size 496 MB
Status OK
Volume Name SliTaz LiveCD
Volume Serial Number C1C0D159
DTSOFT Virtual CdRom Device
Media Type DVD-ROM
Name DTSOFT Virtual CdRom Device
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive F:
Media Loaded FALSE
Status OK
DTSOFT Virtual CdRom Device
Media Type DVD-ROM
Name DTSOFT Virtual CdRom Device
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive G:
Media Loaded FALSE
Status OK
Audio
Sound Cards
AMD High Definition Audio Device
IDT High Definition Audio CODEC
Playback Devices
Speakers and Headphones (IDT High Definition Audio CODEC) (default)
Communications Headphones (IDT High Definition Audio CODEC)
Recording Devices
Integrated Microphone Array (IDT High Definition Audio CODEC) (default)
External Mic (IDT High Definition Audio CODEC)
Stereo Mix (IDT High Definition Audio CODEC)
Speaker Configuration
Peripherals
Standard PS/2 Keyboard
Device Kind Keyboard
Device Name Standard PS/2 Keyboard
Location plugged into keyboard port
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor Unknown
Location USB Optical Mouse
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\mouhid.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
Synaptics PS/2 Port TouchPad
Device Kind Mouse
Device Name Synaptics PS/2 Port TouchPad
Location plugged into PS/2 mouse port
Driver
Date 12-15-2010
Version 15.2.4.4
File C:\Windows\system32\DRIVERS\SynTP.sys
File C:\Windows\system32\SynTPAPI.dll
File C:\Windows\system32\SynCOM.dll
File C:\Windows\system32\SynCtrl.dll
File C:\Program Files\Synaptics\SynTP\SynTPRes.dll
File C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
File C:\Program Files\Synaptics\SynTP\SynCntxt.rtf
File C:\Program Files\Synaptics\SynTP\SynZMetr.exe
File C:\Program Files\Synaptics\SynTP\SynMood.exe
File C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
File C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
File C:\Program Files\Synaptics\SynTP\SynTPCOM.dll
File C:\Program Files\Synaptics\SynTP\Tutorial.exe
File C:\Program Files\Synaptics\SynTP\InstNT.exe
File C:\Program Files\Synaptics\SynTP\SynISDLL.dll
File C:\Program Files\Synaptics\SynTP\SynUnst.ini
File C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
File C:\Program Files\Synaptics\SynTP\SynChiralRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynFlick.mpg
File C:\Program Files\Synaptics\SynTP\SynPinch.mpg
File C:\Program Files\Synaptics\SynTP\SynMomentum.mpg
File C:\Program Files\Synaptics\SynTP\SynLinearVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynChiralVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynTwoFingerVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynPivotRotate_ChiralRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynThreeFingerFlick.mpg
File C:\Program Files\Synaptics\SynTP\SynThreeFingersDown.mpg
File C:\Program Files\Synaptics\SynTP\StaticImg.html
File C:\Program Files\Synaptics\SynTP\StaticImg.png
File C:\Program Files\Synaptics\SynTP\SynSysDetect.js
File C:\Program Files\Synaptics\SynTP\Syn2FingerScrolling.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FingerFlick.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlick.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FingerPress.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotion.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentum.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynPinchZoom.wmv
File C:\Program Files\Synaptics\SynTP\SynPivotRotate.wmv
File C:\Program Files\Synaptics\SynTP\SynTwistRotate.wmv
File C:\Program Files\Synaptics\SynTP\SynCoverGesture.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralRotate.wmv
File C:\Program Files\Synaptics\SynTP\SynReverseScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynCoastingScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynPointing.wmv
File C:\Program Files\Synaptics\SynTP\SynPalmCheck.wmv
File C:\Program Files\Synaptics\SynTP\SynSensitivity.wmv
File C:\Program Files\Synaptics\SynTP\SynWindowConstrained.wmv
File C:\Program Files\Synaptics\SynTP\SynSlowMotion.wmv
File C:\Program Files\Synaptics\SynTP\SynConstrainedMotion.wmv
File C:\Program Files\Synaptics\SynTP\SynTapping.wmv
File C:\Program Files\Synaptics\SynTP\SynButtons.wmv
File C:\Program Files\Synaptics\SynTP\SynTouchStykSelect.wmv
File C:\Program Files\Synaptics\SynTP\SynTouchStykButton.wmv
File C:\Program Files\Synaptics\SynTP\SynTouchStykSensitivity.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionDragging.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionFixedSpeed.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionPointing.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionPressure.wmv
File C:\Program Files\Synaptics\SynTP\SynNoButtons.wmv
File C:\Program Files\Synaptics\SynTP\SynTapZones.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearHScrolling.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerHScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynTapHoldToDrag.wmv
File C:\Program Files\Synaptics\SynTP\Syn1FingerClickNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerFlickNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerHScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FingerFlickNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FingerPressNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickNB.wmv
File C:\Program Files\Synaptics\SynTP\SynButtonsNB.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralRotateNB.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynCoastingScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynConstrainedMotionNB.wmv
File C:\Program Files\Synaptics\SynTP\SynCoverGestureNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionDraggingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionFixedSpeedNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionPointingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionPressureNB.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearHScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumNB.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynPinchZoomNB.wmv
File C:\Program Files\Synaptics\SynTP\SynPivotRotateNB.wmv
File C:\Program Files\Synaptics\SynTP\SynReverseScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynSensitivityNB.wmv
File C:\Program Files\Synaptics\SynTP\SynSlowMotionNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTapHoldToDragNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTapZonesNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTwistRotateNB.wmv
File C:\Program Files\Synaptics\SynTP\SynPointingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynPalmCheckNB.wmv
File C:\Program Files\Synaptics\SynTP\SynWindowConstrainedNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTappingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerMomentumVHScrolling.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerMomentumVHScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerVHCoasting.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerVHCoastingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumVHScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumVHScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynVHCoasting.wmv
File C:\Program Files\Synaptics\SynTP\SynVHCoastingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerScrolling.html
File C:\Program Files\Synaptics\SynTP\Syn3FingerFlick.html
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlick.html
File C:\Program Files\Synaptics\SynTP\Syn3FingerPress.html
File C:\Program Files\Synaptics\SynTP\SynEdgeMotion.html
File C:\Program Files\Synaptics\SynTP\SynMomentum.html
File C:\Program Files\Synaptics\SynTP\SynPinchZoom.html
File C:\Program Files\Synaptics\SynTP\SynRotating.html
File C:\Program Files\Synaptics\SynTP\SynTwistRotate.html
File C:\Program Files\Synaptics\SynTP\SynCoverGesture.html
File C:\Program Files\Synaptics\SynTP\SynAccessibility.html
File C:\Program Files\Synaptics\SynTP\SynButtons.html
File C:\Program Files\Synaptics\SynTP\SynClicking.html
File C:\Program Files\Synaptics\SynTP\SynMultiFingerGestures.html
File C:\Program Files\Synaptics\SynTP\SynPalmCheck.html
File C:\Program Files\Synaptics\SynTP\SynPointing.html
File C:\Program Files\Synaptics\SynTP\SynScrolling.html
File C:\Program Files\Synaptics\SynTP\SynSensitivity.html
File C:\Program Files\Synaptics\SynTP\SynTapping.html
File C:\Program Files\Synaptics\SynTP\SynTouchStykButton.html
File C:\Program Files\Synaptics\SynTP\SynTouchStykSelect.html
File C:\Program Files\Synaptics\SynTP\SynTouchStykSensitivity.html
File C:\Program Files\Synaptics\SynTP\SynLinearVScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynPivotRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynTwistRotate.mpg
File C:\Program Files\Synaptics\SynTP\Ckp2FingerScrolling.mpg
File C:\Program Files\Synaptics\SynTP\Ckp3FingerDown.mpg
File C:\Program Files\Synaptics\SynTP\Ckp3FingerFlick.mpg
File C:\Program Files\Synaptics\SynTP\CkpChiralMotion.mpg
File C:\Program Files\Synaptics\SynTP\CkpClickDrag.mpg
File C:\Program Files\Synaptics\SynTP\CkpLinearScroll.mpg
File C:\Program Files\Synaptics\SynTP\CkpLRClick.mpg
File C:\Program Files\Synaptics\SynTP\CkpMomentum.mpg
File C:\Program Files\Synaptics\SynTP\CkpPinch.mpg
File C:\Program Files\Synaptics\SynTP\CkpPivotRotate.mpg
File C:\Program Files\Synaptics\SynTP\CkpPivotRotate2.mpg
File C:\Program Files\Synaptics\SynTP\CkpTouchpadDisable.mpg
File C:\Windows\SysWOW64\SynCOM.dll
File C:\Windows\SysWOW64\SynCtrl.dll
File C:\Windows\SysWOW64\SynTPCOM.dll
File C:\Windows\SysWOW64\SynTPEnhPS.dll
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
File C:\Windows\system32\SynTPCo5.dll
File C:\Windows\system32\WdfCoInstaller01009.dll
USB Video Device
Device Kind Camera/scanner
Device Name USB Video Device
Vendor Unknown
Comment HP TrueVision HD

Location USB Composite Device
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\drivers\usbvideo.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Comment Patriot Memory USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\disk.sys
Network
You are not connected to the internet
Computer Name
NetBIOS Name BIGBERTHA
DNS Name BigBertha
Domain Name BigBertha
Remote Desktop
Console
State Active
Domain BigBertha
WinInet Info
An internal error occurred.
Wi-Fi Info
Wi-Fi not enabled
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout 60000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout 30000
IEProxy Auto Detect Yes
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Disabled
File and Printer Sharing Disabled
Media Sharing Disabled
Adapters List
Broadcom 4313 802.11b/g/n
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
Realtek PCIe GBE Family Controller
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
Network Shares
Users C:\Users

#8
RKinner

Posted 29 October 2011 - 10:59 AM

Malware Expert

Expert
24,625 posts

You didn't post all of the combofix log or combofix stopped before it was done. The last Combofix.txt log should still be available down in C:\ or C:\Combofix(somenumber)\

#9
Jewels Ritchie

Posted 30 October 2011 - 03:09 AM

Member

Topic Starter
Member
10 posts

heya Ron,

i did another ComboFix scan with that txt file and it did the same thing as before, it restarts my computer and if i click on anything it says Illegal operation attemptedon a registry that has been marked for deletion. then after i restart my computer again it works perfectly fine but the log for the combofix is still the same as last time. anything else i can try?
thanks,
jewels

#10
RKinner

Posted 30 October 2011 - 11:23 PM

Malware Expert

Expert
24,625 posts

Can you run Combofix without the script file?

Ron

#11
Jewels Ritchie

Posted 31 October 2011 - 06:22 PM

Member

Topic Starter
Member
10 posts

ComboFix 11-10-26.08 - gnt500p 31/10/2011 6:31.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.5611.4179 [GMT -6:00]
Running from: c:\users\gnt500p\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
FW: Online Armor Firewall *Enabled* {32E71E58-6AAE-2557-2ABD-EA739069CE41}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_pknbljyir
.
.
((((((((((((((((((((((((( Files Created from 2011-09-28 to 2011-10-31 )))))))))))))))))))))))))))))))
.
.
2011-10-29 01:54 . 2011-10-29 01:55 -------- d-----w- c:\program files\Speccy
2011-10-22 11:28 . 2011-10-22 11:28 -------- d-----w- C:\AeriaGames
2011-10-20 01:00 . 2011-10-31 12:29 -------- d-----w- c:\program files (x86)\Common Files\Akamai
2011-10-19 15:27 . 2011-10-21 05:41 -------- d-----w- c:\program files (x86)\Microsoft Works
2011-10-19 15:23 . 2011-10-19 15:27 -------- d-----w- c:\windows\SHELLNEW
2011-10-19 15:22 . 2011-10-19 15:22 -------- d-----r- C:\MSOCache
2011-10-12 23:33 . 2011-10-12 23:33 -------- d-----w- c:\program files\iPod
2011-10-12 23:33 . 2011-10-12 23:34 -------- d-----w- c:\program files\iTunes
2011-10-12 23:33 . 2011-10-12 23:34 -------- d-----w- c:\program files (x86)\iTunes
2011-10-12 23:27 . 2011-10-12 23:27 -------- d-----w- c:\program files\Bonjour
2011-10-12 23:27 . 2011-10-12 23:27 -------- d-----w- c:\program files (x86)\Bonjour
2011-10-12 04:56 . 2011-10-12 04:56 -------- d-----w- c:\program files\Defraggler
2011-10-11 23:06 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys
2011-10-11 23:06 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-11 23:06 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-11 23:06 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-11 23:06 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-11 23:06 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-11 23:06 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-11 23:06 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-11 23:06 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-10-10 04:25 . 2011-10-10 04:26 -------- d-----w- c:\program files\Recuva
2011-10-02 07:04 . 2011-10-02 07:05 -------- d-----w- c:\program files (x86)\WinSCP3
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-16 00:51 . 2011-09-16 00:51 10206208 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-09-16 00:28 . 2011-09-16 00:28 24600576 ----a-w- c:\windows\system32\atio6axx.dll
2011-09-16 00:15 . 2011-09-16 00:15 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-09-16 00:15 . 2011-04-02 06:58 736768 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-09-16 00:14 . 2011-04-02 06:57 867328 ----a-w- c:\windows\system32\aticfx64.dll
2011-09-16 00:13 . 2011-09-16 00:13 18584064 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-09-16 00:12 . 2011-04-02 06:54 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-09-16 00:12 . 2011-04-02 06:54 487936 ----a-w- c:\windows\system32\atieclxx.exe
2011-09-16 00:12 . 2011-04-02 06:54 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-09-16 00:11 . 2011-09-16 00:11 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-09-16 00:11 . 2011-04-02 06:52 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-09-16 00:11 . 2011-09-16 00:11 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-09-16 00:10 . 2011-09-16 00:10 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-09-16 00:10 . 2011-09-16 00:10 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-09-16 00:10 . 2011-09-16 00:10 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-09-16 00:10 . 2011-09-16 00:10 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-09-16 00:08 . 2011-04-02 06:49 4231680 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-09-15 23:59 . 2011-09-15 23:59 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-09-15 23:59 . 2011-04-02 06:40 4960256 ----a-w- c:\windows\system32\atidxx64.dll
2011-09-15 23:59 . 2011-09-15 23:59 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-09-15 23:58 . 2011-04-02 06:44 4023296 ----a-w- c:\windows\system32\atiumd6a.dll
2011-09-15 23:52 . 2011-09-15 23:52 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-09-15 23:52 . 2011-09-15 23:52 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-09-15 23:51 . 2011-09-15 23:51 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-09-15 23:51 . 2011-09-15 23:51 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-09-15 23:51 . 2011-09-15 23:51 9809920 ----a-w- c:\windows\system32\aticaldd64.dll
2011-09-15 23:50 . 2011-09-15 23:50 4289024 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-09-15 23:50 . 2011-09-15 23:50 4174848 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-09-15 23:48 . 2011-09-15 23:48 8390656 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-09-15 23:45 . 2011-04-02 06:07 58880 ----a-w- c:\windows\system32\coinst.dll
2011-09-15 23:44 . 2011-04-02 06:23 5431808 ----a-w- c:\windows\system32\atiumd64.dll
2011-09-15 23:39 . 2011-04-02 06:16 479744 ----a-w- c:\windows\system32\atiadlxx.dll
2011-09-15 23:39 . 2011-09-15 23:39 335872 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-09-15 23:38 . 2011-09-15 23:38 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2011-09-15 23:38 . 2011-09-15 23:38 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-09-15 23:38 . 2011-09-15 23:38 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-09-15 23:38 . 2011-09-15 23:38 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-09-15 23:38 . 2011-09-15 23:38 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-09-15 23:38 . 2011-09-15 23:38 317952 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-09-15 23:38 . 2011-04-02 06:15 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-09-15 23:38 . 2011-04-02 06:15 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-09-15 23:38 . 2011-04-02 06:15 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-09-15 23:37 . 2011-09-15 23:37 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-09-15 23:37 . 2011-09-15 23:37 54784 ----a-w- c:\windows\system32\atimpc64.dll
2011-09-15 23:37 . 2011-09-15 23:37 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2011-09-15 23:37 . 2011-09-15 23:37 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-09-15 23:37 . 2011-09-15 23:37 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-09-15 23:37 . 2011-09-15 23:37 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-08-31 23:00 . 2011-08-27 22:54 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-31 05:05 . 2011-08-31 05:05 96104 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 05:05 . 2011-08-31 05:05 85864 ----a-w- c:\windows\system32\dnssd.dll
2011-08-31 05:05 . 2011-08-31 05:05 61288 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-31 05:05 . 2011-08-31 05:05 212840 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-31 05:05 . 2011-08-31 05:05 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-08-31 05:05 . 2011-08-31 05:05 73064 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-08-31 05:05 . 2011-08-31 05:05 50536 ----a-w- c:\windows\SysWow64\jdns_sd.dll
2011-08-31 05:05 . 2011-08-31 05:05 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll
2011-08-29 14:58 . 2011-08-29 14:58 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-26 21:15 . 2011-05-21 04:35 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-08-25 23:04 . 2011-08-25 23:04 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of %user%\library ----
.
.
---- Directory of c:\program files\Common ----
.
.
---- Directory of c:\users\Default\AppData\Local\Microsoft Help ----
.
.
---- Directory of c:\users\gnt500p\AppData\Local\201280 ----
.
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-26_23.07.04 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-10-24 23:22 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-10-30 04:28 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-10-30 04:28 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-24 23:22 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-30 04:28 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-24 23:22 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-21 03:09 . 2011-10-30 04:31 43222 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-10-30 04:31 43730 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2011-08-25 09:54 . 2011-10-24 23:22 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-08-25 09:54 . 2011-10-29 01:55 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-10-05 17:18 . 2011-10-24 23:22 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-10-05 17:18 . 2011-10-29 01:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-24 23:22 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-29 01:55 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-10-24 23:21 . 2011-10-24 23:21 5492 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2011-10-30 04:28 . 2011-10-30 04:28 5492 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2011-08-25 03:03 . 2011-10-30 04:31 8118 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4010893399-3904242687-3763681417-1001_UserData.bin
- 2011-10-24 23:22 . 2011-10-24 23:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-30 04:28 . 2011-10-30 04:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-24 23:22 . 2011-10-24 23:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-10-30 04:28 . 2011-10-30 04:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-25 19:12 . 2011-10-30 20:32 325878 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2011-08-25 04:36 . 2011-10-31 12:28 329906 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 05:01 . 2011-10-30 04:28 393860 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-10-24 23:20 393860 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-06-22 06:39 . 2011-10-29 22:48 1256352 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-08-25 05:58 . 2011-10-29 22:48 6580088 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4010893399-3904242687-3763681417-1001-8192.dat
+ 2011-08-25 03:43 . 2011-10-29 00:54 4362852 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4010893399-3904242687-3763681417-1001-12288.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-02 336384]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-02-15 94264]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-03-16 61112]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-01-27 318520]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 oahlpXX;Online Armor helper driver;c:\windows\syswow64\drivers\oahlp64.sys [2011-04-06 55088]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SvcOnlineArmor;Online Armor;c:\program files (x86)\Online Armor\oasrv.exe [2011-04-06 4326472]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 OADevice;OADriver;c:\windows\SysWow64\Drivers\OADriver.sys [2011-04-06 59176]
S1 OAmon;OAmon;c:\windows\SysWOW64\Drivers\OAmon.sys [2011-04-06 38064]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-09-05 64952]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-04-02 365568]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-17 682040]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-08 2375168]
S2 OAcat;Online Armor Helper Service;c:\program files (x86)\Online Armor\OAcat.exe [2011-04-06 381512]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
S3 NMgamingmsFltr;USB Optical Mouse;c:\windows\system32\drivers\NMgamingms.sys [x]
S3 OAnet;OnlineArmor Service;c:\windows\system32\DRIVERS\oanet.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-03-11 1128448]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
"@OnlineArmor GUI"="c:\program files (x86)\Online Armor\oaui.exe" [2011-04-06 2477032]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
FF - ProfilePath - c:\users\gnt500p\AppData\Roaming\Mozilla\Firefox\Profiles\7e24fbra.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-combofix - c:\combofix\CF18483.3XE
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="C:/Program Files (x86)/Common Files/Akamai/netsession_win_807ba95.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="C:/Program Files (x86)/Common Files/Akamai/netsession_win_807ba95.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-10-31 07:23:08
ComboFix-quarantined-files.txt 2011-10-31 13:23
.
Pre-Run: 577,849,081,856 bytes free
Post-Run: 577,795,366,912 bytes free
.
- - End Of File - - 94CEABE040C38A1EA3D594990919B144

#12
RKinner

Posted 31 October 2011 - 06:56 PM

Malware Expert

Expert
24,625 posts

Combofix apparently worked even tho we didn't get a proper log before.

What I am seeing is something eating up a lot of CPU time. You didn't sort the ProcessExplorer output by clicking on the CPU column header so it's hard to see what is eating up the CPU.

Run Process Explorer again as before. Click twice on the CPU column header. Wait a minute for things to settle down. Then File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply. With Process Explorer still running look at the processes that are using the most CPU. If one of them is svchost then hover over it and it should tell you more about the process. (If you hit the Space bar it should pause the updating so that things stand still or you can do View, Update Speed, Pause.)

Also:

Start, All Programs, Accessories then right click on Command Prompt and Run as Admin. Type with an Enter after each line:

tasklist  /m  >  \junk.txt
notepad  \junk.txt

Copy the text in notepad into a replay.

Ron

#13
Jewels Ritchie

Posted 31 October 2011 - 07:38 PM

Member

Topic Starter
Member
10 posts

Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 60.00 0 K 24 K
oasrv.exe 1724 14.50 25,924 K 8,192 K Online Armor Component Emsi Software GmbH
sidebar.exe 3400 9.02 39,736 K 67,456 K Windows Desktop Gadgets Microsoft Corporation
procexp64.exe 3476 4.37 23,680 K 40,788 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
svchost.exe 1176 3.42 6,168 K 12,012 K
System 4 3.02 136 K 824 K
dwm.exe 4044 1.98 40,828 K 43,116 K Desktop Window Manager Microsoft Corporation
Interrupts n/a 1.15 0 K 0 K Hardware Interrupts and DPCs
SynTPEnh.exe 420 1.05 11,812 K 18,468 K Synaptics TouchPad Enhancements Synaptics Incorporated
svchost.exe 168 0.52 25,300 K 41,372 K
csrss.exe 536 0.48 2,960 K 17,964 K
oaui.exe 648 0.22 14,964 K 8,192 K Online Armor Component Emsi Software GmbH
explorer.exe 3228 0.10 42,716 K 62,956 K Windows Explorer Microsoft Corporation
CCC.exe 5544 0.03 110,124 K 5,800 K Catalyst Control Center: Host application ATI Technologies Inc.
lsass.exe 592 0.02 4,484 K 11,056 K
RIconMan.exe 2236 0.02 2,400 K 5,936 K
MOM.exe 5380 0.02 44,212 K 4,824 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.
svchost.exe 996 0.02 22,676 K 19,380 K
AppleMobileDeviceService.exe 1852 0.01 3,276 K 9,508 K
svchost.exe 1516 0.01 14,260 K 14,952 K
svchost.exe 776 0.01 4,640 K 8,344 K
oahlp.exe 4344 0.01 9,328 K 1,024 K Online Armor Component Emsi Software GmbH
SASCore64.exe 1248 < 0.01 1,564 K 3,720 K
YCMMirage.exe 3984 < 0.01 2,660 K 852 K YouCam Mirage CyberLink
SearchIndexer.exe 352 < 0.01 23,968 K 11,280 K
WinRAR.exe 3044 < 0.01 9,384 K 19,792 K WinRAR archiver Alexander Roshal
csrss.exe 416 < 0.01 2,184 K 4,556 K
msnmsgr.exe 1324 < 0.01 49,280 K 46,724 K Windows Live Messenger Microsoft Corporation
ezSharedSvcHost.exe 2116 < 0.01 2,372 K 7,956 K
HPOSD.exe 5088 < 0.01 10,588 K 12,500 K HP On Screen Display Hewlett-Packard Development Company, L.P.
HPMSGSVC.exe 5032 < 0.01 5,228 K 10,488 K HP Message Service Hewlett-Packard Development Company, L.P.
wmpnetwk.exe 216 < 0.01 13,100 K 11,216 K
DTShellHlp.exe 4900 < 0.01 4,648 K 11,752 K DAEMON Tools Shell Extensions Helper DT Soft Ltd
PhotoshopElementsFileAgent.exe 1220 < 0.01 1,868 K 1,020 K
HPConnectionManager.exe 1868 < 0.01 84,236 K 94,816 K HPConnectionManager Hewlett-Packard Development Company L.P.
svchost.exe 700 < 0.01 4,740 K 9,636 K
stacsv64.exe 656 < 0.01 7,084 K 7,884 K
hpservice.exe 1456 < 0.01 1,856 K 4,760 K
WUDFHost.exe 3396 2,140 K 6,112 K
WmiPrvSE.exe 2276 3,876 K 8,212 K
WLIDSVCM.EXE 2948 1,504 K 3,464 K
WLIDSVC.EXE 2644 4,812 K 11,184 K
wlanext.exe 1636 1,884 K 5,052 K
winlogon.exe 956 2,984 K 7,240 K
wininit.exe 516 1,676 K 4,620 K
taskhost.exe 3116 4,628 K 9,268 K Host Process for Windows Tasks Microsoft Corporation
taskhost.exe 4188 7,192 K 13,952 K
taskeng.exe 1112 3,760 K 8,288 K Task Scheduler Engine Microsoft Corporation
SynTPHelper.exe 4428 2,956 K 5,972 K
svchost.exe 124 125,680 K 134,116 K
svchost.exe 2580 2,088 K 5,736 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1984 11,416 K 12,244 K
svchost.exe 1404 10,100 K 15,640 K
svchost.exe 3464 2,000 K 5,464 K
svchost.exe 3908 5,928 K 17,812 K
sttray64.exe 3104 10,332 K 21,268 K IDT PC Audio IDT, Inc.
StikyNot.exe 4132 8,436 K 15,996 K Sticky Notes Microsoft Corporation
spoolsv.exe 1948 7,540 K 13,100 K
smss.exe 284 572 K 1,216 K
sftvsa.exe 2552 1,512 K 4,840 K
sftlist.exe 2736 5,480 K 13,008 K
services.exe 580 5,596 K 9,488 K
rundll32.exe 4836 2,744 K 7,280 K Windows host process (Rundll32) Microsoft Corporation
procexp.exe 408 3,256 K 8,868 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
PresentationFontCache.exe 4052 27,108 K 18,720 K
oacat.exe 1628 4,228 K 2,552 K Online Armor Component Emsi Software GmbH
msseces.exe 1040 7,748 K 16,496 K Microsoft Security Client User Interface Microsoft Corporation
MsMpEng.exe 840 94,304 K 41,244 K Antimalware Service Executable Microsoft Corporation
mDNSResponder.exe 1556 2,472 K 5,880 K
lsm.exe 600 2,800 K 4,504 K
HPWMISVC.exe 2200 2,068 K 6,468 K
hpqWmiEx.exe 4648 3,724 K 8,440 K
hpCMSrv.exe 4024 3,592 K 8,020 K
HPClientServices.exe 2152 3,980 K 7,936 K
hpCaslNotification.exe 5192 32,656 K 9,680 K hpCaslNotification Hewlett-Packard Development Company L.P.
HPAuto.exe 2684 2,404 K 5,916 K
Fuel.Service.exe 1880 4,804 K 10,000 K
DTLite.exe 528 5,032 K 12,708 K DAEMON Tools Lite DT Soft Ltd
CVHSVC.EXE 3216 4,156 K 9,312 K
conhost.exe 1644 1,072 K 2,804 K
btwdins.exe 2052 2,512 K 5,976 K
BTTray.exe 4460 8,108 K 13,236 K Bluetooth Tray Application Broadcom Corporation.
audiodg.exe 1120 16,584 K 17,384 K
atiesrxx.exe 884 1,708 K 4,460 K
atieclxx.exe 1568 2,544 K 6,780 K
armsvc.exe 1368 1,232 K 3,908 K
AESTSr64.exe 1344 1,292 K 2,872 K

i did the tasklist thing and in the CMD Prompt is said no tasks are running which match the specified criteria and the txt came up empty

#14
RKinner

Posted 31 October 2011 - 09:15 PM

Malware Expert

Expert
24,625 posts

Copy the next line:

tasklist /m > \junk.txt

Start, All Programs, Accessories then right click on Command Prompt and Run as Admin.

Right click and Paste or Edit then Paste and the copied line should appear.

Hit Enter.

Now do the

notepad \junk.txt

#15
Jewels Ritchie

Posted 31 October 2011 - 09:29 PM

Member

Topic Starter
Member
10 posts

Image Name PID Modules
========================= ======== ============================================
System Idle Process 0 N/A
System 4 N/A
smss.exe 284 ntdll.dll
csrss.exe 416 ntdll.dll, CSRSRV.dll, basesrv.DLL,
winsrv.DLL, USER32.dll, GDI32.dll,
kernel32.dll, KERNELBASE.dll, LPK.dll,
USP10.dll, msvcrt.dll, sxssrv.DLL, sxs.dll,
RPCRT4.dll, CRYPTBASE.dll, ADVAPI32.dll,
sechost.dll
wininit.exe 516 ntdll.dll, kernel32.dll, KERNELBASE.dll,
USER32.dll, GDI32.dll, LPK.dll, USP10.dll,
msvcrt.dll, RPCRT4.dll, sechost.dll,
profapi.dll, IMM32.DLL, MSCTF.dll,
RpcRtRemote.dll, apphelp.dll,
CRYPTBASE.dll, WS2_32.dll, NSI.dll,
mswsock.dll, wshtcpip.dll, wship6.dll,
secur32.dll, SSPICLI.DLL, credssp.dll,
ADVAPI32.dll
csrss.exe 536 ntdll.dll, CSRSRV.dll, basesrv.DLL,
winsrv.DLL, USER32.dll, GDI32.dll,
kernel32.dll, KERNELBASE.dll, LPK.dll,
USP10.dll, msvcrt.dll, sxssrv.DLL, sxs.dll,
RPCRT4.dll, CRYPTBASE.dll, ADVAPI32.dll,
sechost.dll
services.exe 580 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, RPCRT4.dll, SspiCli.dll,
profapi.dll, sechost.dll, CRYPTBASE.dll,
scext.dll, USER32.dll, GDI32.dll, LPK.dll,
USP10.dll, Secur32.dll, SCESRV.dll,
srvcli.dll, IMM32.DLL, MSCTF.dll,
RpcRtRemote.dll, credssp.dll, AUTHZ.dll,
UBPM.dll, ADVAPI32.dll, apphelp.dll,
WTSAPI32.dll, WINSTA.dll, WS2_32.dll,
NSI.dll, mswsock.dll, wshtcpip.dll,
wship6.dll
lsass.exe 592 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, RPCRT4.dll, SspiSrv.dll,
lsasrv.dll, sechost.dll, SspiCli.dll,
ADVAPI32.dll, USER32.dll, GDI32.dll,
LPK.dll, USP10.dll, SAMSRV.dll,
cryptdll.dll, MSASN1.dll, wevtapi.dll,
IMM32.DLL, MSCTF.dll, cngaudit.dll,
AUTHZ.dll, ncrypt.dll, bcrypt.dll,
msprivs.DLL, netjoin.dll, negoexts.DLL,
Secur32.dll, cryptbase.dll, kerberos.DLL,
CRYPTSP.dll, WS2_32.dll, NSI.dll,
mswsock.dll, wship6.dll, msv1_0.DLL,
netlogon.DLL, DNSAPI.dll, logoncli.dll,
schannel.DLL, CRYPT32.dll, wdigest.DLL,
rsaenh.dll, tspkg.DLL, pku2u.DLL,
livessp.DLL, PSAPI.DLL, SHLWAPI.dll,
bcryptprimitives.dll, RpcRtRemote.dll,
efslsaext.dll, scecli.DLL, credssp.dll,
WINSTA.dll, keyiso.dll, wshtcpip.dll,
dssenh.dll, USERENV.dll, profapi.dll,
GPAPI.dll, IPHLPAPI.DLL, WINNSI.DLL,
netutils.dll, WLDAP32.dll
lsm.exe 600 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
SYSNTFY.dll, WMsgAPI.dll, CRYPTBASE.dll,
pcwum.dll, RpcRtRemote.dll, secur32.dll,
SSPICLI.DLL, credssp.dll, ADVAPI32.dll
svchost.exe 700 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
umpnpmgr.dll, SPINF.dll, USER32.dll,
GDI32.dll, LPK.dll, USP10.dll, DEVRTL.dll,
IMM32.DLL, MSCTF.dll, RpcRtRemote.dll,
USERENV.dll, profapi.dll, GPAPI.dll,
CRYPTBASE.dll, umpo.dll, WINSTA.dll,
SETUPAPI.dll, CFGMGR32.dll, ADVAPI32.dll,
OLEAUT32.dll, ole32.dll, DEVOBJ.dll,
pcwum.DLL, rpcss.dll, SspiCli.dll,
credssp.dll, CLBCatQ.DLL, ntmarta.dll,
WLDAP32.dll, wmidcprv.dll, FastProx.dll,
wbemcomn.dll, WS2_32.dll, NSI.dll,
NTDSAPI.dll, wbemprox.dll, CRYPTSP.dll,
rsaenh.dll, wbemsvc.dll, wmiutils.dll,
apphelp.dll, WINTRUST.dll, CRYPT32.dll,
MSASN1.dll, WTSAPI32.dll
svchost.exe 776 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
rpcepmap.dll, RpcRtRemote.dll, secur32.dll,
SSPICLI.DLL, credssp.dll, CRYPTBASE.dll,
rpcss.dll, ADVAPI32.dll, CRYPTSP.dll,
rsaenh.dll, WS2_32.dll, NSI.dll,
mswsock.dll, user32.dll, GDI32.dll,
LPK.dll, USP10.dll, IMM32.DLL, MSCTF.dll,
wshtcpip.dll, wship6.dll, FirewallAPI.dll,
VERSION.dll, CLBCatQ.DLL, ole32.dll,
OLEAUT32.dll, fwpuclnt.dll, WTSAPI32.dll,
WINSTA.dll
MsMpEng.exe 840 ntdll.dll, kernel32.dll, KERNELBASE.dll,
MpSvc.dll, msvcrt.dll, USER32.dll,
GDI32.dll, LPK.dll, USP10.dll,
ADVAPI32.dll, sechost.dll, RPCRT4.dll,
ole32.dll, VERSION.dll, WTSAPI32.dll,
MpClient.dll, OLEAUT32.dll, USERENV.dll,
profapi.dll, WINTRUST.dll, CRYPT32.dll,
MSASN1.dll, SHELL32.dll, SHLWAPI.dll,
IMM32.DLL, MSCTF.dll, GPAPI.dll,
CRYPTBASE.dll, CRYPTSP.dll, rsaenh.dll,
ntmarta.dll, WLDAP32.dll, imagehlp.dll,
ncrypt.dll, bcrypt.dll,
bcryptprimitives.dll, mprtp.dll,
FLTLIB.DLL, NisIpsPlugin.dll, mpengine.dll,
offreg.dll, WS2_32.dll, NSI.dll,
secur32.dll, SSPICLI.DLL, credssp.dll,
RpcRtRemote.dll, apphelp.dll, wscapi.dll,
urlmon.dll, iertutil.dll, WININET.dll,
Normaliz.dll, CLBCatQ.DLL, XmlLite.dll,
MpAsDesc.dll
atiesrxx.exe 884 ntdll.dll, kernel32.dll, KERNELBASE.dll,
USER32.dll, GDI32.dll, LPK.dll, USP10.dll,
msvcrt.dll, ADVAPI32.dll, sechost.dll,
RPCRT4.dll, WTSAPI32.dll, PSAPI.DLL,
USERENV.dll, profapi.dll, POWRPROF.dll,
SETUPAPI.dll, CFGMGR32.dll, OLEAUT32.dll,
ole32.dll, DEVOBJ.dll, IMM32.DLL,
MSCTF.dll, WINSTA.dll, apphelp.dll
winlogon.exe 956 ntdll.dll, kernel32.dll, KERNELBASE.dll,
USER32.dll, GDI32.dll, LPK.dll, USP10.dll,
msvcrt.dll, WINSTA.dll, RPCRT4.dll,
IMM32.DLL, MSCTF.dll, ADVAPI32.dll,
sechost.dll, profapi.dll, RpcRtRemote.dll,
apphelp.dll, UXINIT.dll, UxTheme.dll,
CRYPTSP.dll, rsaenh.dll, CRYPTBASE.dll,
WindowsCodecs.dll, ole32.dll, wkscli.dll,
netjoin.dll, netutils.dll, SspiCli.dll,
slc.dll, MPR.dll
svchost.exe 996 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
ole32.dll, GDI32.dll, USER32.dll, LPK.dll,
USP10.dll, IMM32.DLL, MSCTF.dll,
CRYPTBASE.dll, ADVAPI32.dll, wevtsvc.dll,
RpcRtRemote.dll, secur32.dll, SSPICLI.DLL,
credssp.dll, WS2_32.dll, NSI.dll,
mswsock.dll, wshtcpip.dll, wship6.dll,
GPAPI.dll, audiosrv.dll, POWRPROF.dll,
SETUPAPI.dll, CFGMGR32.dll, OLEAUT32.dll,
DEVOBJ.dll, MMDevAPI.DLL, PROPSYS.dll,
AVRT.dll, CLBCatQ.DLL, WINSTA.dll,
SHLWAPI.dll, CRYPTSP.dll, rsaenh.dll,
audioses.dll, lmhsvc.dll, IPHLPAPI.DLL,
WINNSI.DLL, nrpsrv.DLL, dhcpcore.dll,
DNSAPI.dll, firewallapi.dll, VERSION.dll,
dhcpcore6.dll, wscsvc.dll, dbghelp.dll,
wbemprox.dll, wbemcomn.dll, wbemsvc.dll,
fastprox.dll, NTDSAPI.dll, CRYPT32.dll,
MSASN1.dll, WINTRUST.DLL, imagehlp.dll,
ncrypt.dll, bcrypt.dll,
bcryptprimitives.dll, wuapi.dll,
Cabinet.dll, profapi.dll, USERENV.dll,
wkscli.dll, netutils.dll, stapo64.dll,
audioeng.dll, WMALFXGFXDSP.dll, mfplat.DLL,
EEL64A.dll, EED64A.dll
svchost.exe 124 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
ole32.dll, GDI32.dll, USER32.dll, LPK.dll,
USP10.dll, IMM32.DLL, MSCTF.dll,
CRYPTBASE.dll, ADVAPI32.dll, audiosrv.dll,
POWRPROF.dll, SETUPAPI.dll, CFGMGR32.dll,
OLEAUT32.dll, DEVOBJ.dll, MMDevAPI.DLL,
PROPSYS.dll, AVRT.dll, CLBCatQ.DLL,
SHLWAPI.dll, uxsms.dll, WTSAPI32.dll,
WINSTA.dll, wudfsvc.dll, WUDFPlatform.dll,
PSAPI.DLL, VERSION.dll, wevtapi.dll,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
wlansvc.dll, bcrypt.dll, dsrole.dll,
SHELL32.dll, WLANMSM.DLL, WLANSEC.dll,
WS2_32.dll, NSI.dll, OneX.DLL,
eappprxy.dll, AUTHZ.dll, dhcpcsvc.DLL,
IPHLPAPI.DLL, WINNSI.DLL, eappcfg.dll,
wlgpclnt.dll, l2gpstore.dll, wlanutil.dll,
SYSNTFY.dll, WinSCard.dll, msxml6.dll,
CRYPTSP.dll, rsaenh.dll, RpcRtRemote.dll,
secur32.dll, SSPICLI.DLL, credssp.dll,
kerberos.DLL, cryptdll.dll, apphelp.dll,
profapi.dll, netcfgx.dll, devrtl.DLL,
netman.dll, pcasvc.dll, AEPIC.dll, sfc.dll,
sfc_os.DLL, sysmain.dll, trkwks.dll,
ntmarta.dll, WLDAP32.dll, USERENV.dll,
GPAPI.dll, hidserv.dll, HID.DLL,
PortableDeviceApi.dll,
portabledeviceconnectapi.dll,
ipbusenum.dll, FunDisc.dll, ATL.DLL,
umb.dll, fdproxy.dll, IPBusEnumProxy.dll,
netshell.dll, nlaapi.dll, RASDLG.dll,
MPRAPI.dll, RASAPI32.dll, rasman.dll,
rtutils.dll, hnetcfg.dll, slc.dll,
wbemprox.dll, wbemcomn.dll, wbemsvc.dll,
fastprox.dll, NTDSAPI.dll, tabsvc.dll,
wpdbusenum.dll
svchost.exe 168 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
ole32.dll, GDI32.dll, USER32.dll, LPK.dll,
USP10.dll, IMM32.DLL, MSCTF.dll,
CRYPTBASE.dll, ADVAPI32.dll, gpsvc.dll,
GPAPI.dll, WLDAP32.dll, Secur32.dll,
SSPICLI.DLL, NSI.dll, SYSNTFY.dll,
nlaapi.dll, profsvc.dll, OLEAUT32.dll,
USERENV.dll, profapi.dll, SHLWAPI.dll,
ATL.DLL, themeservice.dll, RpcRtRemote.dll,
WINSTA.dll, CLBCatQ.DLL, CRYPTSP.dll,
dsrole.dll, slc.dll, rsaenh.dll, sens.dll,
WS2_32.dll, SAMLIB.dll, eapsvc.dll,
eapphost.dll, CRYPT32.dll, MSASN1.dll,
umb.dll, UxTheme.dll, shsvcs.dll,
CFGMGR32.dll, schedsvc.dll, pcwum.dll,
SHELL32.dll, NETAPI32.dll, netutils.dll,
srvcli.dll, wkscli.dll, wevtapi.dll,
AUTHZ.dll, UBPM.dll, ktmw32.dll,
XmlLite.dll, SETUPAPI.dll, DEVOBJ.dll,
credssp.dll, WINTRUST.dll, taskcomp.dll,
VERSION.dll, ntmarta.dll, mswsock.dll,
wshtcpip.dll, wship6.dll, netjoin.dll,
WTSAPI32.dll, FVEAPI.dll, tbs.dll,
FVECERTS.dll, LOGONCLI.DLL, comctl32.dll,
PROPSYS.dll, wiarpc.dll, ikeext.dll,
fwpuclnt.dll, ncrypt.dll, bcrypt.dll,
bcryptprimitives.dll, IPHLPAPI.DLL,
WINNSI.DLL, dhcpcsvc.DLL, seclogon.dll,
dhcpcsvc6.DLL, wmisvc.dll, wbemcomn.dll,
VSSAPI.DLL, VssTrace.DLL, samcli.dll,
wbemcore.dll, esscli.dll, FastProx.dll,
NTDSAPI.dll, iphlpsvc.dll, FirewallAPI.dll,
rtutils.dll, sqmapi.dll, WDSCORE.dll,
rasmans.dll, eappprxy.dll, wbemsvc.dll,
rastapi.DLL, TAPI32.dll, wmiutils.dll,
devrtl.DLL, repdrvfs.dll, hnetcfg.dll,
NCI.dll, netprofm.dll, SPINF.dll,
rasppp.dll, DNSAPI.dll, RASAPI32.dll,
rasman.dll, eappcfg.dll, vpnike.dll,
kerberos.DLL, cryptdll.dll, raschap.dll,
credui.dll, srvsvc.dll, browser.dll,
SSCORE.DLL, CLUSAPI.DLL, RESUTILS.DLL,
wmiprvsd.dll, NCObjAPI.DLL, wbemess.dll,
WLIDNSP.DLL, PSAPI.DLL, mdnsNSP.dll,
rasadhlp.dll, npmproxy.dll, ncprov.dll,
qmgr.dll, bitsperf.dll, bitsigd.dll,
upnp.dll, WINHTTP.dll, webio.dll,
SSDPAPI.dll, SXS.DLL, qmgrprxy.dll,
wuaueng.dll, ESENT.dll, WINSPOOL.DRV,
Cabinet.dll, mspatcha.dll, WMsgAPI.dll,
wer.dll, dssenh.dll, appinfo.dll,
apphelp.dll, tschannel.dll, wbemprox.dll,
netcfgx.dll, ndiscapCfg.dll, rascfg.dll,
MPRAPI.dll, tcpipcfg.dll, ES.DLL, wups.dll,
msxml3.dll, actxprxy.dll, mmcss.dll,
AVRT.dll
stacsv64.exe 656 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, ATL.DLL, USER32.dll, GDI32.dll,
LPK.dll, USP10.dll, ole32.dll,
OLEAUT32.dll, SETUPAPI.dll, CFGMGR32.dll,
DEVOBJ.dll, SHELL32.dll, SHLWAPI.dll,
DSOUND.dll, WINMM.dll, POWRPROF.dll,
IMM32.DLL, MSCTF.dll, CRYPTBASE.dll,
CLBCatQ.DLL, SspiCli.dll, AESTCO64.DLL,
stapi64.dll, MMDevApi.dll, PROPSYS.dll,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
CRYPTSP.dll, rsaenh.dll, RpcRtRemote.dll,
audioses.dll
svchost.exe 1404 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
ole32.dll, GDI32.dll, USER32.dll, LPK.dll,
USP10.dll, IMM32.DLL, MSCTF.dll,
CRYPTBASE.dll, ADVAPI32.dll, es.dll,
OLEAUT32.dll, CRYPTSP.dll, rsaenh.dll,
RpcRtRemote.dll, CLBCatQ.DLL, nsisvc.dll,
NSI.dll, SXS.DLL, sstpsvc.dll, rtutils.dll,
HTTPAPI.dll, CRYPT32.dll, MSASN1.dll,
WS2_32.dll, webio.dll, IPHLPAPI.DLL,
WINNSI.DLL, netprofm.dll, nlaapi.dll,
wdi.dll, npmproxy.dll, perftrack.dll,
wer.dll, dwmapi.dll, Secur32.dll,
SSPICLI.DLL, AEPIC.dll, sfc.dll,
sfc_os.DLL, VERSION.dll, GPAPI.dll,
fdphost.dll, fdwsd.dll, ATL.DLL,
bcrypt.dll, SHLWAPI.dll, MLANG.dll,
wsdapi.dll, webservices.dll,
FirewallAPI.dll, WINHTTP.dll, fdssdp.dll,
SSDPAPI.dll, fdproxy.dll,
bcryptprimitives.dll, dhcpcsvc.DLL,
dhcpcsvc6.DLL, mswsock.dll, wship6.dll,
wshtcpip.dll, XmlLite.dll, credssp.dll,
DNSAPI.dll, napinsp.dll, pnrpnsp.dll,
winrnr.dll, wshbth.dll, WLIDNSP.DLL,
PSAPI.DLL, mdnsNSP.dll, rasadhlp.dll,
fwpuclnt.dll
hpservice.exe 1456 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, MFC42u.dll, USER32.dll,
GDI32.dll, LPK.dll, USP10.dll, ole32.dll,
OLEAUT32.dll, ODBC32.dll,
accelerometerDLL.dll, SETUPAPI.dll,
CFGMGR32.dll, DEVOBJ.dll, WTSAPI32.dll,
IMM32.DLL, MSCTF.dll, odbcint.dll,
WINSTA.dll, WINTRUST.dll, CRYPT32.dll,
MSASN1.dll
svchost.exe 1516 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
ole32.dll, GDI32.dll, USER32.dll, LPK.dll,
USP10.dll, IMM32.DLL, MSCTF.dll,
CRYPTBASE.dll, ADVAPI32.dll, dnsrslvr.dll,
WS2_32.dll, NSI.dll, DNSAPI.dll,
WINNSI.DLL, Fwpuclnt.dll, dnsext.dll,
USERENV.dll, profapi.dll, GPAPI.dll,
mswsock.dll, RpcRtRemote.dll, wship6.dll,
iphlpapi.dll, dhcpcsvc.DLL, dhcpcsvc6.DLL,
wkssvc.dll, netutils.dll, netjoin.dll,
SspiCli.dll, cryptsvc.dll, CRYPT32.dll,
MSASN1.dll, VSSAPI.DLL, ATL.DLL,
VssTrace.DLL, OLEAUT32.dll, samcli.dll,
SAMLIB.dll, CRYPTSP.dll, rsaenh.dll,
CLBCatQ.DLL, es.dll, PROPSYS.dll,
nlasvc.dll, wevtapi.dll, ncsi.dll,
WINHTTP.dll, webio.dll, CFGMGR32.dll,
secur32.dll, credssp.dll, ssdpapi.dll,
wkscli.dll, tapisrv.dll, rtutils.dll,
unimdm.tsp, uniplat.dll, SETUPAPI.dll,
DEVOBJ.dll, WINTRUST.dll, kmddsp.tsp,
ndptsp.tsp, hidphone.tsp, HID.DLL,
WINMM.dll, WTSAPI32.dll, WINSTA.dll,
ESENT.dll, psapi.dll, SHLWAPI.dll
atieclxx.exe 1568 ntdll.dll, kernel32.dll, KERNELBASE.dll,
USER32.dll, GDI32.dll, LPK.dll, USP10.dll,
msvcrt.dll, ADVAPI32.dll, sechost.dll,
RPCRT4.dll, USERENV.dll, profapi.dll,
WTSAPI32.dll, POWRPROF.dll, SETUPAPI.dll,
CFGMGR32.dll, OLEAUT32.dll, ole32.dll,
DEVOBJ.dll, dwmapi.dll, SHLWAPI.dll,
IMM32.DLL, MSCTF.dll, atiadlxx.dll,
SHELL32.dll, PSAPI.DLL, WINTRUST.dll,
CRYPT32.dll, MSASN1.dll, WINSTA.dll,
uxtheme.dll, SspiCli.dll
oacat.exe 1628 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
wlanext.exe 1636 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, USER32.dll, GDI32.dll, LPK.dll,
USP10.dll, CRYPT32.dll, MSASN1.dll,
IMM32.DLL, MSCTF.dll, CRYPTBASE.dll,
RpcRtRemote.dll, secur32.dll, SSPICLI.DLL,
credssp.dll, bcmihvsrv64.dll, XmlLite.dll,
IPHLPAPI.DLL, NSI.dll, WINNSI.DLL,
WS2_32.dll, Wlanapi.dll, wlanutil.dll,
WTSAPI32.dll, ole32.dll, OLEAUT32.dll
conhost.exe 1644 ntdll.dll, kernel32.dll, KERNELBASE.dll,
GDI32.dll, USER32.dll, LPK.dll, USP10.dll,
msvcrt.dll, IMM32.dll, MSCTF.dll,
ole32.dll, RPCRT4.dll, OLEAUT32.dll
oasrv.exe 1724 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
spoolsv.exe 1948 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
USER32.dll, GDI32.dll, LPK.dll, USP10.dll,
POWRPROF.dll, SETUPAPI.dll, CFGMGR32.dll,
ADVAPI32.dll, OLEAUT32.dll, ole32.dll,
DEVOBJ.dll, DNSAPI.dll, WS2_32.dll,
NSI.dll, IMM32.DLL, MSCTF.dll,
CRYPTBASE.dll, slc.dll, RpcRtRemote.dll,
secur32.dll, SSPICLI.DLL, credssp.dll,
IPHLPAPI.DLL, WINNSI.DLL, mswsock.dll,
wshtcpip.dll, wship6.dll, WLIDNSP.DLL,
PSAPI.DLL, SHLWAPI.dll, mdnsNSP.dll,
rasadhlp.dll, fwpuclnt.dll, CLBCatQ.DLL,
umb.dll, ATL.DLL, WINTRUST.dll,
CRYPT32.dll, MSASN1.dll, localspl.dll,
SPOOLSS.DLL, srvcli.dll, winspool.drv,
PrintIsolationProxy.dll, FXSMON.DLL,
tcpmon.dll, snmpapi.dll, wsnmp32.dll,
msxml6.dll, usbmon.dll, wls0wndh.dll,
WSDMon.dll, wsdapi.dll, webservices.dll,
FirewallAPI.dll, VERSION.dll, FunDisc.dll,
fdPnp.dll, WSDCHNGR.DLL, winprint.dll,
USERENV.dll, profapi.dll, GPAPI.dll,
dsrole.dll, win32spl.dll, DEVRTL.dll,
SPINF.dll, inetpp.dll, cscapi.dll,
netutils.dll, CRYPTSP.dll, WINSTA.dll,
rsaenh.dll, IPBusEnumProxy.dll, WTSAPI32.dl
svchost.exe 1984 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
ole32.dll, GDI32.dll, USER32.dll, LPK.dll,
USP10.dll, IMM32.DLL, MSCTF.dll,
CRYPTBASE.dll, ADVAPI32.dll, bfe.dll,
AUTHZ.dll, slc.dll, SspiCli.dll, pcwum.dll,
RpcRtRemote.dll, mpssvc.dll,
FirewallAPI.dll, VERSION.dll, fwpuclnt.dll,
NSI.dll, CFGMGR32.dll, SHLWAPI.dll,
secur32.dll, credssp.dll, USERENV.dll,
profapi.dll, GPAPI.dll, WS2_32.dll,
IPHLPAPI.DLL, WINNSI.DLL, dhcpcsvc.DLL,
dhcpcsvc6.DLL, wfapigp.dll, ntmarta.dll,
WLDAP32.dll, dps.dll, OLEAUT32.dll,
CLBCatQ.DLL, taskschd.dll, bcrypt.dll,
wdi.dll, wdiasqmmodule.dll, netprofm.dll,
nlaapi.dll, CRYPTSP.dll, rsaenh.dll,
npmproxy.dll, radardt.dll, WTSAPI32.dll,
WINSTA.dll, SETUPAPI.dll, DEVOBJ.dll,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
pnpts.dll, diagperf.dll
SASCore64.exe 1248 ntdll.dll, kernel32.dll, KERNELBASE.dll,
VERSION.dll, msvcrt.dll, USER32.dll,
GDI32.dll, LPK.dll, USP10.dll,
ADVAPI32.dll, sechost.dll, RPCRT4.dll,
SHELL32.dll, SHLWAPI.dll, OLEAUT32.dll,
ole32.dll, IMM32.DLL, MSCTF.dll
PhotoshopElementsFileAgen 1220 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
armsvc.exe 1368 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
AESTSr64.exe 1344 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll
svchost.exe 1176 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
Fuel.Service.exe 1880 ntdll.dll, kernel32.dll, KERNELBASE.dll,
RPCRT4.dll, POWRPROF.dll, msvcrt.dll,
SETUPAPI.dll, CFGMGR32.dll, ADVAPI32.dll,
sechost.dll, GDI32.dll, USER32.dll,
LPK.dll, USP10.dll, OLEAUT32.dll,
ole32.dll, DEVOBJ.dll, VERSION.dll,
WTSAPI32.dll, SHELL32.dll, SHLWAPI.dll,
MSVCP100.dll, MSVCR100.dll, IMM32.DLL,
MSCTF.dll, profapi.dll,
Fuel.Container.Wlan.dll, Wlanapi.dll,
wlanutil.dll, MSCOREE.DLL, CRYPTBASE.dll,
CLBCatQ.DLL, msxml6.dll, wbemprox.dll,
wbemcomn.dll, WS2_32.dll, NSI.dll,
CRYPTSP.dll, rsaenh.dll, RpcRtRemote.dll,
wbemsvc.dll, fastprox.dll, NTDSAPI.dll,
secur32.dll, SSPICLI.DLL, credssp.dll,
WINSTA.dll
AppleMobileDeviceService. 1852 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
mDNSResponder.exe 1556 ntdll.dll, kernel32.dll, KERNELBASE.dll,
WS2_32.dll, msvcrt.dll, RPCRT4.dll,
NSI.dll, IPHLPAPI.DLL, WINNSI.DLL,
NETAPI32.dll, netutils.dll, srvcli.dll,
wkscli.dll, POWRPROF.dll, SETUPAPI.dll,
CFGMGR32.dll, ADVAPI32.dll, sechost.dll,
GDI32.dll, USER32.dll, LPK.dll, USP10.dll,
OLEAUT32.dll, ole32.dll, DEVOBJ.dll,
IMM32.DLL, MSCTF.dll, cryptbase.dll,
mswsock.dll, wshtcpip.dll, wship6.dll,
dhcpcsvc.DLL, dhcpcsvc6.DLL, DNSAPI.dll
btwdins.exe 2052 ntdll.dll, kernel32.dll, KERNELBASE.dll,
WS2_32.dll, msvcrt.dll, RPCRT4.dll,
NSI.dll, SETUPAPI.dll, CFGMGR32.dll,
ADVAPI32.dll, sechost.dll, GDI32.dll,
USER32.dll, LPK.dll, USP10.dll,
OLEAUT32.dll, ole32.dll, DEVOBJ.dll,
WTSAPI32.dll, USERENV.dll, profapi.dll,
bthprops.cpl, SHELL32.dll, SHLWAPI.dll,
IMM32.DLL, MSCTF.dll, comctl32.dll,
hid.dll, CRYPTBASE.dll, WINTRUST.dll,
CRYPT32.dll, MSASN1.dll
ezSharedSvcHost.exe 2116 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
HPClientServices.exe 2152 ntdll.dll, kernel32.dll, KERNELBASE.dll,
WINHTTP.dll, msvcrt.dll, webio.dll,
WININET.dll, SHLWAPI.dll, GDI32.dll,
USER32.dll, LPK.dll, USP10.dll,
ADVAPI32.dll, sechost.dll, RPCRT4.dll,
Normaliz.dll, iertutil.dll, urlmon.dll,
ole32.dll, OLEAUT32.dll, WTSAPI32.dll,
VERSION.dll, USERENV.dll, profapi.dll,
mfc90u.dll, MSVCR90.dll, COMCTL32.dll,
MSIMG32.dll, MSVCP90.dll, IMM32.DLL,
MSCTF.dll, UxTheme.dll, dwmapi.dll,
MFC90ENU.DLL, CRYPTBASE.dll, CLBCatQ.DLL,
msxml6.dll
HPWMISVC.exe 2200 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
RIconMan.exe 2236 ntdll.dll, kernel32.dll, KERNELBASE.dll,
SETUPAPI.dll, CFGMGR32.dll, msvcrt.dll,
RPCRT4.dll, ADVAPI32.dll, sechost.dll,
GDI32.dll, USER32.dll, LPK.dll, USP10.dll,
OLEAUT32.dll, ole32.dll, DEVOBJ.dll,
VERSION.dll, MSIMG32.dll, COMDLG32.dll,
SHLWAPI.dll, COMCTL32.dll, SHELL32.dll,
WINSPOOL.DRV, OLEACC.dll, gdiplus.dll,
IMM32.dll, MSCTF.dll, WINMM.dll,
UxTheme.dll, dwmapi.dll, Wtsapi32.dll,
RsCRLib.dll
sftvsa.exe 2552 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
svchost.exe 2580 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
wiaservc.dll, ADVAPI32.dll, USER32.dll,
GDI32.dll, LPK.dll, USP10.dll,
OLEAUT32.dll, ole32.dll, VERSION.dll,
IMM32.DLL, MSCTF.dll, wiatrace.dll,
CRYPTBASE.dll, RpcRtRemote.dll,
secur32.dll, SSPICLI.DLL, credssp.dll,
msv1_0.DLL, cryptdll.dll, CFGMGR32.dll,
CLBCatQ.DLL, CRYPTSP.dll, rsaenh.dll,
SETUPAPI.dll, DEVOBJ.dll, WINTRUST.dll,
CRYPT32.dll, MSASN1.dll
WLIDSVC.EXE 2644 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, OLEAUT32.dll, ole32.dll,
GDI32.dll, USER32.dll, LPK.dll, USP10.dll,
SHLWAPI.dll, CRYPT32.dll, MSASN1.dll,
SensApi.dll, PSAPI.DLL, sqmapi.dll,
NETAPI32.dll, netutils.dll, srvcli.dll,
wkscli.dll, SAMCLI.DLL, WINHTTP.dll,
webio.dll, IPHLPAPI.DLL, NSI.dll,
WINNSI.DLL, wer.dll, SHELL32.dll,
WS2_32.dll, WTSAPI32.dll, USERENV.dll,
profapi.dll, WINTRUST.dll, VERSION.dll,
WinSCard.dll, IMM32.DLL, MSCTF.dll,
CRYPTBASE.dll, CRYPTSP.dll, rsaenh.dll,
CLBCatQ.DLL, RpcRtRemote.dll, msxml3.dll,
WINSTA.dll, apphelp.dll, wbemprox.dll,
wbemcomn.dll, wbemsvc.dll, fastprox.dll,
NTDSAPI.dll, dssenh.dll
HPAuto.exe 2684 ntdll.dll, kernel32.dll, KERNELBASE.dll,
mfc90u.dll, MSVCR90.dll, USER32.dll,
GDI32.dll, LPK.dll, USP10.dll, msvcrt.dll,
SHLWAPI.dll, COMCTL32.dll, ADVAPI32.dll,
sechost.dll, RPCRT4.dll, MSIMG32.dll,
ole32.dll, OLEAUT32.dll, MSVCP90.dll,
VERSION.dll, WINHTTP.dll, webio.dll,
PSAPI.DLL, dbghelp.dll, WTSAPI32.dll,
USERENV.dll, profapi.dll, IMM32.DLL,
MSCTF.dll, UxTheme.dll, dwmapi.dll,
MFC90ENU.DLL
sftlist.exe 2736 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
WLIDSVCM.EXE 2948 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, USER32.dll, GDI32.dll, LPK.dll,
USP10.dll, PSAPI.DLL, SHELL32.dll,
SHLWAPI.dll, IMM32.DLL, MSCTF.dll
WmiPrvSE.exe 2276 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, USER32.dll, GDI32.dll, LPK.dll,
USP10.dll, wbemcomn.dll, OLEAUT32.dll,
ole32.dll, WS2_32.dll, NSI.dll,
FastProx.dll, NTDSAPI.dll, NCObjAPI.DLL,
IMM32.DLL, MSCTF.dll, CRYPTBASE.dll,
ntmarta.dll, WLDAP32.dll, CLBCatQ.DLL,
CRYPTSP.dll, rsaenh.dll, RpcRtRemote.dll,
wbemsvc.dll, wmiutils.dll, wmiprov.dll,
esscli.dll, mofd.dll, wbemprox.dll
CVHSVC.EXE 3216 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
svchost.exe 3464 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
ipsecsvc.dll, AUTHZ.dll, fwpuclnt.dll,
FirewallAPI.dll, VERSION.dll,
FwRemoteSvr.DLL, ADVAPI32.dll, ole32.dll,
GDI32.dll, USER32.dll, LPK.dll, USP10.dll,
IMM32.DLL, MSCTF.dll, CRYPTBASE.dll,
CLBCatQ.DLL, OLEAUT32.dll, secur32.dll,
SSPICLI.DLL, credssp.dll, RpcRtRemote.dll,
WS2_32.dll, NSI.dll, mswsock.dll,
wshtcpip.dll, wship6.dll, IPHLPAPI.DLL,
WINNSI.DLL, dhcpcsvc.DLL, dhcpcsvc6.DLL
svchost.exe 3908 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
ole32.dll, GDI32.dll, USER32.dll, LPK.dll,
USP10.dll, IMM32.DLL, MSCTF.dll,
CRYPTBASE.dll, ADVAPI32.dll, ssdpsrv.dll,
WS2_32.dll, NSI.dll, FirewallAPI.dll,
VERSION.dll, IPHLPAPI.DLL, WINNSI.DLL,
dhcpcsvc.DLL, dhcpcsvc6.DLL, CRYPTSP.dll,
rsaenh.dll, mswsock.dll, wship6.dll,
wshtcpip.dll, secur32.dll, SSPICLI.DLL,
credssp.dll, RpcRtRemote.dll, fntcache.dll,
ktmw32.dll, ntmarta.dll, WLDAP32.dll,
upnphost.dll, SHELL32.dll, SHLWAPI.dll,
SSDPAPI.dll, CLBCatQ.DLL, OLEAUT32.dll,
USERENV.dll, profapi.dll, msxml3.dll,
httpapi.dll, pcwum.dll
wmpnetwk.exe 216 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, USER32.dll, GDI32.dll, LPK.dll,
USP10.dll, OLEAUT32.dll, ole32.dll,
WSOCK32.dll, WS2_32.dll, NSI.dll,
IPHLPAPI.DLL, WINNSI.DLL, SHLWAPI.dll,
USERENV.dll, profapi.dll, WTSAPI32.dll,
IMM32.DLL, MSCTF.dll, CRYPTBASE.dll,
WINSTA.dll, ntmarta.dll, WLDAP32.dll,
wmdrmdev.dll, drmv2clt.dll, VERSION.dll,
MFPlat.DLL, AVRT.dll, SETUPAPI.dll,
CFGMGR32.dll, DEVOBJ.dll, SHELL32.dll,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
CLBCatQ.DLL, CRYPTSP.dll, rsaenh.dll,
RpcRtRemote.dll, upnp.dll, WINHTTP.dll,
webio.dll, SSDPAPI.dll, SXS.DLL,
dhcpcsvc.DLL, dhcpcsvc6.DLL, wmp.dll,
gdiplus.dll, dwmapi.dll, wmploc.dll,
ieproxy.dll, windowscodecs.dll,
provsvc.dll, slc.dll, SspiCli.dll,
NETAPI32.dll, netutils.dll, srvcli.dll,
wkscli.dll, wmpps.dll, wmpmde.dll,
HTTPAPI.dll, pcwum.dll, mswsock.dll,
wshtcpip.dll, wship6.dll, BlackBox.dll,
WinSATAPI.dll, dxgi.dll, msxml6.dll,
urlmon.dll, iertutil.dll, WININET.dll,
Normaliz.dll, PROPSYS.dll, msmpeg2enc.dll,
devenum.dll, WINMM.dll, msdmo.dll,
netprofm.dll, nlaapi.dll, npmproxy.dll,
upnphost.dll, wbemprox.dll, wbemcomn.dll,
wbemsvc.dll, fastprox.dll, NTDSAPI.dll,
GPAPI.dll, credssp.dll, msxml3.dll,
DNSAPI.dll, comctl32.dll, XmlLite.dll,
LINKINFO.dll, apphelp.dll,
NetworkExplorer.dll, MPR.dll, drprov.dll,
ntlanman.dll, davclnt.dll, DAVHLPR.dll,
AUTHZ.dll, dsrole.dll, SAMLIB.dll, mf.dll,
ATL.DLL, ksuser.dll, mlang.dll,
ntshrui.dll, cscapi.dll
SearchIndexer.exe 352 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, USER32.dll, GDI32.dll, LPK.dll,
USP10.dll, ole32.dll, OLEAUT32.dll,
TQUERY.DLL, SHLWAPI.dll, MSSRCH.DLL,
ESENT.dll, IMM32.dll, MSCTF.dll, psapi.dll,
SHELL32.dll, profapi.dll, CRYPTBASE.dll,
secur32.dll, SSPICLI.DLL, credssp.dll,
CLBCatQ.DLL, Msidle.dll, CRYPTSP.dll,
rsaenh.dll, RpcRtRemote.dll, propsys.dll,
tQuery.dll.mui, ntmarta.dll, WLDAP32.dll,
VSSAPI.DLL, ATL.DLL, VssTrace.DLL,
samcli.dll, SAMLIB.dll, netutils.dll,
es.dll, CFGMGR32.dll, WTSAPI32.dll,
WINSTA.dll, USERENV.dll, mssprxy.dll,
apphelp.dll, SXS.DLL, NaturalLanguage6.dll,
CRYPT32.dll, MSASN1.dll, elscore.dll,
ElsLad.dll
taskhost.exe 3116 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, ole32.dll, GDI32.dll,
USER32.dll, LPK.dll, USP10.dll, RPCRT4.dll,
OLEAUT32.dll, IMM32.DLL, MSCTF.dll,
oawatch64.dll, UxTheme.dll, WSOCK32.dll,
WS2_32.dll, NSI.dll, PSAPI.DLL,
WINSPOOL.DRV, ADVAPI32.dll, sechost.dll,
CRYPTBASE.dll, dwmapi.dll, CLBCatQ.DLL,
MsCtfMonitor.dll, MSUTB.dll, WINSTA.dll,
WTSAPI32.dll, HotStartUserAgent.dll,
PlaySndSrv.dll, slc.dll, RpcRtRemote.dll,
WINMM.dll, MMDevAPI.DLL, PROPSYS.dll,
wdmaud.drv, ksuser.dll, AVRT.dll,
SETUPAPI.dll, CFGMGR32.dll, DEVOBJ.dll,
SHLWAPI.dll, AUDIOSES.DLL, msacm32.drv,
MSACM32.dll, midimap.dll, imaadp32.acm,
msg711.acm, msgsm32.acm, msadp32.acm,
l3codeca.acm
dwm.exe 4044 ntdll.dll, kernel32.dll, KERNELBASE.dll,
GDI32.dll, USER32.dll, LPK.dll, USP10.dll,
msvcrt.dll, UxTheme.dll, IMM32.dll,
MSCTF.dll, dwmredir.dll, dwmcore.dll,
ADVAPI32.dll, sechost.dll, RPCRT4.dll,
WindowsCodecs.dll, ole32.dll, d3d10_1.dll,
d3d10_1core.dll, dxgi.dll, VERSION.dll,
dwmapi.dll, PSAPI.DLL, oawatch64.dll,
WSOCK32.dll, WS2_32.dll, NSI.dll,
WINSPOOL.DRV, WINTRUST.dll, CRYPT32.dll,
MSASN1.dll, atiuxp64.dll, aticfx64.dll,
atidxx64.dll, uDWM.dll, slc.dll,
btmmhook.dll, SHELL32.dll, SHLWAPI.dll,
OLEAUT32.dll
explorer.exe 3228 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, GDI32.dll, USER32.dll, LPK.dll,
USP10.dll, SHLWAPI.dll, SHELL32.dll,
ole32.dll, OLEAUT32.dll, EXPLORERFRAME.dll,
DUser.dll, DUI70.dll, IMM32.dll, MSCTF.dll,
UxTheme.dll, POWRPROF.dll, SETUPAPI.dll,
CFGMGR32.dll, DEVOBJ.dll, dwmapi.dll,
slc.dll, gdiplus.dll, Secur32.dll,
SSPICLI.DLL, PROPSYS.dll, oawatch64.dll,
WSOCK32.dll, WS2_32.dll, NSI.dll,
PSAPI.DLL, WINSPOOL.DRV, WINSTA.dll,
CRYPTBASE.dll, CLBCatQ.DLL, comctl32.dll,
WindowsCodecs.dll, profapi.dll,
apphelp.dll, EhStorShell.dll, ntshrui.dll,
srvcli.dll, cscapi.dll,
IconCodecService.dll, CRYPTSP.dll,
rsaenh.dll, RpcRtRemote.dll, SndVolSSO.DLL,
HID.DLL, MMDevApi.dll, timedate.cpl,
ATL.DLL, actxprxy.dll, ntmarta.dll,
WLDAP32.dll, shdocvw.dll, LINKINFO.dll,
msiltcfg.dll, VERSION.dll, msi.dll,
msutb.dll, USERENV.dll, SAMLIB.dll,
xmllite.dll, gameux.dll, CRYPT32.dll,
MSASN1.dll, wer.dll, msls31.dll,
authui.dll, CRYPTUI.dll, urlmon.dll,
iertutil.dll, WININET.dll, Normaliz.dll,
NetworkExplorer.dll, WINMM.dll, wdmaud.drv,
ksuser.dll, AVRT.dll, AUDIOSES.DLL,
netutils.dll, msacm32.drv, MSACM32.dll,
midimap.dll, imaadp32.acm, msg711.acm,
msgsm32.acm, msadp32.acm, l3codeca.acm,
UIAnimation.dll, stobject.dll,
BatMeter.dll, WTSAPI32.dll, WINTRUST.dll,
es.dll, prnfldr.dll, dxp.dll,
Actioncenter.dll, wevtapi.dll, AltTab.dll,
pnidui.dll, QUtil.dll, bthprops.cpl,
IPHLPAPI.DLL, WINNSI.DLL, dhcpcsvc.DLL,
dhcpcsvc6.DLL, credssp.dll, netshell.dll,
nlaapi.dll, npmproxy.dll, Syncreg.dll,
ehSSO.dll, wpdshserviceobj.dll,
PortableDeviceTypes.dll,
PortableDeviceApi.dll, srchadmin.dll,
btncopy.dll, mssprxy.dll, fxsst.dll,
FXSAPI.dll, FXSRESM.DLL, SyncCenter.dll,
imapi2.dll, Wlanapi.dll, wlanutil.dll,
wwanapi.dll, wwapi.dll, SearchFolder.dll,
MsftEdit.dll, QAgent.dll,
StructuredQuery.dll, hgcpl.dll,
provsvc.dll, NaturalLanguage6.dll,
wkscli.dll, NLSData0009.dll,
NLSLexicons0009.dll, SXS.DLL, btmmhook.dll,
ieproxy.dll, MPR.dll, ieframe.DLL,
OLEACC.dll, dsrole.dll, MLANG.dll,
wscinterop.dll, WSCAPI.dll, wscui.cpl,
werconcpl.dll, framedynos.dll,
wercplsupport.dll, msxml6.dll,
hcproviders.dll, DEVRTL.dll, imagehlp.dll,
ncrypt.dll, bcrypt.dll,
bcryptprimitives.dll, GPAPI.dll,
msxml3.dll, wpdshext.dll, thumbcache.dll,
EhStorAPI.dll, ndfapi.dll, wdi.dll,
sdautoplay.dll, SPP.dll, VSSAPI.DLL,
VssTrace.DLL, sdengin2.dll, credui.dll,
sysmain.dll, FunDisc.dll, fdproxy.dll,
StorageContextHandler.dll
sttray64.exe 3104 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, GDI32.dll, USER32.dll, LPK.dll,
USP10.dll, MFC42u.dll, ole32.dll,
OLEAUT32.dll, ODBC32.dll, SHLWAPI.dll,
COMCTL32.dll, VERSION.dll, SHELL32.dll,
STLang64.dll, IMM32.DLL, MSCTF.dll,
odbcint.dll, oawatch64.dll, UxTheme.dll,
WSOCK32.dll, WS2_32.dll, NSI.dll,
PSAPI.DLL, WINSPOOL.DRV, CRYPTBASE.dll,
CLBCatQ.DLL, stapi64.dll, WINMM.dll,
SETUPAPI.dll, CFGMGR32.dll, DEVOBJ.dll,
MMDevApi.dll, PROPSYS.dll, dwmapi.dll,
CRYPTSP.dll, rsaenh.dll, RpcRtRemote.dll,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll
SynTPEnh.exe 420 ntdll.dll, kernel32.dll, KERNELBASE.dll,
VERSION.dll, msvcrt.dll, WINMM.dll,
USER32.dll, GDI32.dll, LPK.dll, USP10.dll,
PSAPI.DLL, NETAPI32.dll, netutils.dll,
srvcli.dll, RPCRT4.dll, wkscli.dll,
SAMCLI.DLL, COMDLG32.dll, SHLWAPI.dll,
COMCTL32.dll, ADVAPI32.dll, sechost.dll,
SHELL32.dll, ole32.dll, OLEAUT32.dll,
IMM32.DLL, MSCTF.dll, oawatch64.dll,
UxTheme.dll, WSOCK32.dll, WS2_32.dll,
NSI.dll, WINSPOOL.DRV, CRYPTBASE.dll,
CLBCatQ.DLL, CRYPTSP.dll, rsaenh.dll,
RpcRtRemote.dll, SynCOM.dll, dwmapi.dll,
PROPSYS.dll, comctl32.dll, MMDevApi.dll,
SETUPAPI.dll, CFGMGR32.dll, DEVOBJ.dll,
AUDIOSES.DLL, SynTPAPI.dll, ntmarta.dll,
WLDAP32.dll, profapi.dll, urlmon.dll,
iertutil.dll, WININET.dll, Normaliz.dll,
WINSTA.dll, SspiCli.dll, SAMLIB.dll,
Secur32.dll, MPR.dll
msseces.exe 1040 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, WINTRUST.dll, CRYPT32.dll,
MSASN1.dll, RPCRT4.dll, WININET.dll,
SHLWAPI.dll, GDI32.dll, USER32.dll,
LPK.dll, USP10.dll, ADVAPI32.dll,
sechost.dll, Normaliz.dll, iertutil.dll,
urlmon.dll, ole32.dll, OLEAUT32.dll,
sqmapi.dll, WTSAPI32.dll, USERENV.dll,
profapi.dll, SHELL32.dll, COMDLG32.dll,
COMCTL32.dll, msi.dll, PSAPI.DLL,
gdiplus.dll, VERSION.dll, IMM32.DLL,
MSCTF.dll, oawatch64.dll, UxTheme.dll,
WSOCK32.dll, WS2_32.dll, NSI.dll,
WINSPOOL.DRV, CRYPTSP.dll, rsaenh.dll,
CRYPTBASE.dll, imagehlp.dll, ncrypt.dll,
bcrypt.dll, bcryptprimitives.dll,
GPAPI.dll, MpClient.Dll, MSFTEDIT.DLL,
WindowsCodecs.dll, EppManifest.dll,
CLBCatQ.DLL, msxml3.dll, dwmapi.dll
oaui.exe 648 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
msnmsgr.exe 1324 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
sidebar.exe 3400 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, GDI32.dll, USER32.dll, LPK.dll,
USP10.dll, ATL.DLL, ole32.dll,
OLEAUT32.dll, COMCTL32.dll, SHLWAPI.dll,
gdiplus.dll, SHELL32.dll, urlmon.dll,
iertutil.dll, WININET.dll, Normaliz.dll,
CRYPT32.dll, MSASN1.dll, sfc_os.dll,
dwmapi.dll, CRYPTUI.dll, UxTheme.dll,
IMM32.DLL, MSCTF.dll, oawatch64.dll,
WSOCK32.dll, WS2_32.dll, NSI.dll,
PSAPI.DLL, WINSPOOL.DRV, CRYPTBASE.dll,
profapi.dll, WTSAPI32.dll, WINSTA.dll,
CLBCatQ.DLL, msxml3.dll, version.dll,
mshtml.dll, Secur32.dll, SSPICLI.DLL,
ntmarta.dll, WLDAP32.dll, msimtf.dll,
PROPSYS.dll, jscript9.dll, setupapi.dll,
CFGMGR32.dll, DEVOBJ.dll, d2d1.dll,
DWrite.dll, dnsapi.DLL, iphlpapi.DLL,
WINNSI.DLL, RASAPI32.dll, rasman.dll,
rtutils.dll, sensapi.dll, dxgi.dll,
WINTRUST.dll, d3d10_1.dll, d3d10_1core.dll,
D3D10Warp.dll, windowscodecs.dll,
msls31.dll, IEFRAME.dll, OLEACC.dll,
CRYPTSP.dll, rsaenh.dll, RpcRtRemote.dll,
LocationApi.dll, SensorsApi.dll,
WDSCORE.dll, slc.dll, SXS.DLL,
PortableDeviceTypes.dll, d3d10.dll,
d3d10core.dll, vbscript.dll, MLANG.dll,
mscms.dll, USERENV.dll, Dxtrans.dll,
ddrawex.dll, DDRAW.dll, DCIMAN32.dll,
Dxtmsft.dll, DTGadget64.dll, wlsrvc.dll,
msxml6.dll, apphelp.dll, mswsock.dll,
wshtcpip.dll, wship6.dll, NLAapi.dll,
rasadhlp.dll, WLIDNSP.DLL, mdnsNSP.dll,
netprofm.dll, npmproxy.dll, MSOXMLMF.DLL,
MSVCR80.dll
DTLite.exe 528 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
StikyNot.exe 4132 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, GDI32.dll, USER32.dll, LPK.dll,
USP10.dll, SHELL32.dll, SHLWAPI.dll,
ole32.dll, OLEAUT32.dll, COMCTL32.dll,
slc.dll, dwmapi.dll, UxTheme.dll,
DUI70.dll, gdiplus.dll, WindowsCodecs.dll,
IMM32.DLL, MSCTF.dll, oawatch64.dll,
WSOCK32.dll, WS2_32.dll, NSI.dll,
PSAPI.DLL, WINSPOOL.DRV, CRYPTBASE.dll,
DUser.dll, CLBCatQ.DLL, msxml3.dll,
CRYPTSP.dll, rsaenh.dll, InkObj.dll,
ATL.DLL, RpcRtRemote.dll, MSFTEDIT.dll,
mssprxy.dll, xmllite.dll
oahlp.exe 4344 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
BTTray.exe 4460 ntdll.dll, kernel32.dll, KERNELBASE.dll,
btwapi.dll, SETUPAPI.dll, CFGMGR32.dll,
msvcrt.dll, RPCRT4.dll, ADVAPI32.dll,
sechost.dll, GDI32.dll, USER32.dll,
LPK.dll, USP10.dll, OLEAUT32.dll,
ole32.dll, DEVOBJ.dll, msi.dll,
SHLWAPI.dll, WS2_32.dll, NSI.dll,
MFC80.DLL, MSVCR80.dll, SHELL32.dll,
VERSION.dll, btosif.dll, RASAPI32.dll,
rasman.dll, WINMM.dll, btwhidcs.DLL,
MFC80U.DLL, irprops.cpl, WSOCK32.dll,
COMDLG32.dll, COMCTL32.dll, WINSPOOL.DRV,
MSVCP80.dll, BtBalloon.dll, IMM32.DLL,
MSCTF.dll, MFC80ENU.DLL, bthprops.cpl,
oawatch64.dll, UxTheme.dll, PSAPI.DLL,
btrez.dll, SspiCli.dll, WINTRUST.dll,
CRYPT32.dll, MSASN1.dll, CRYPTBASE.dll,
mswsock.dll, wshBth.dll, btkeyind.dll,
btmmhook.dll, apphelp.dll, BtwCP.DLL,
WTSAPI32.dll
rundll32.exe 4836 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
HPMSGSVC.exe 5032 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
HPOSD.exe 5088 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
SynTPHelper.exe 4428 ntdll.dll, kernel32.dll, KERNELBASE.dll,
PSAPI.DLL, USER32.dll, GDI32.dll, LPK.dll,
USP10.dll, msvcrt.dll, ADVAPI32.dll,
sechost.dll, RPCRT4.dll, IMM32.DLL,
MSCTF.dll, oawatch64.dll, UxTheme.dll,
WSOCK32.dll, WS2_32.dll, NSI.dll,
WINSPOOL.DRV, ole32.dll, cryptbase.dll
hpqWmiEx.exe 4648 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
DTShellHlp.exe 4900 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
taskeng.exe 1112 ntdll.dll, kernel32.dll, KERNELBASE.dll,
USER32.dll, GDI32.dll, LPK.dll, USP10.dll,
msvcrt.dll, ole32.dll, RPCRT4.dll,
OLEAUT32.dll, ktmw32.dll, wevtapi.dll,
IMM32.DLL, MSCTF.dll, oawatch64.dll,
UxTheme.dll, WSOCK32.dll, WS2_32.dll,
NSI.dll, PSAPI.DLL, WINSPOOL.DRV,
ADVAPI32.dll, sechost.dll, CRYPTBASE.dll,
CRYPTSP.dll, rsaenh.dll, SHLWAPI.dll,
SspiCli.dll, RpcRtRemote.dll, CLBCatQ.DLL,
tschannel.dll, XmlLite.dll, dwmapi.dll,
apphelp.dll
YCMMirage.exe 3984 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
MOM.exe 5380 ntdll.dll, MSCOREE.DLL, KERNEL32.dll,
KERNELBASE.dll, oawatch64.dll, UxTheme.dll,
msvcrt.dll, USER32.dll, GDI32.dll, LPK.dll,
USP10.dll, WSOCK32.dll, WS2_32.dll,
RPCRT4.dll, NSI.dll, PSAPI.DLL,
WINSPOOL.DRV, ADVAPI32.dll, sechost.dll,
ole32.dll, IMM32.DLL, MSCTF.dll,
mscoreei.dll, SHLWAPI.dll, mscorwks.dll,
MSVCR80.dll, shell32.dll, profapi.dll,
mscorlib.ni.dll, CRYPTBASE.dll,
CRYPTSP.dll, rsaenh.dll, mscorjit.dll,
System.ni.dll, System.Drawing.ni.dll,
System.Windows.Forms.ni.dll,
RpcRtRemote.dll, MOM.Implementation.dll,
LOG.Foundation.dll,
LOG.Foundation.Private.dll,
LOG.Foundation.Implementation.dll,
MOM.Foundation.dll, wtsapi32.dll,
WINSTA.dll, dwmapi.dll,
LOG.Foundation.Implementation.Private.dll,
System.Runtime.Remoting.ni.dll,
shfolder.dll, PROPSYS.dll, OLEAUT32.dll,
comctl32.dll, apphelp.dll, CLBCatQ.DLL,
ieframe.dll, OLEACC.dll, iertutil.dll,
urlmon.dll, WININET.dll, Normaliz.dll,
SETUPAPI.dll, CFGMGR32.dll, DEVOBJ.dll,
ntmarta.dll, WLDAP32.dll, VERSION.dll,
Secur32.dll, SSPICLI.DLL,
System.Web.ni.dll, CCC.Implementation.dll,
NEWAEM.Foundation.dll
CCC.exe 5544 ntdll.dll, MSCOREE.DLL, KERNEL32.dll,
KERNELBASE.dll, oawatch64.dll, UxTheme.dll,
msvcrt.dll, USER32.dll, GDI32.dll, LPK.dll,
USP10.dll, WSOCK32.dll, WS2_32.dll,
RPCRT4.dll, NSI.dll, PSAPI.DLL,
WINSPOOL.DRV, ADVAPI32.dll, sechost.dll,
ole32.dll, IMM32.DLL, MSCTF.dll,
mscoreei.dll, SHLWAPI.dll, mscorwks.dll,
MSVCR80.dll, shell32.dll, profapi.dll,
mscorlib.ni.dll, CRYPTBASE.dll,
CRYPTSP.dll, rsaenh.dll, mscorjit.dll,
System.ni.dll, System.Drawing.ni.dll,
System.Windows.Forms.ni.dll,
RpcRtRemote.dll, CCC.Implementation.dll,
LOG.Foundation.dll, MOM.Foundation.dll,
CLI.Foundation.dll,
LOG.Foundation.Implementation.Private.dll,
LOG.Foundation.Implementation.dll,
System.Runtime.Remoting.ni.dll,
LOG.Foundation.Private.dll, shfolder.dll,
dwmapi.dll, MOM.Implementation.dll,
CLI.Foundation.XManifest.dll,
System.Xml.ni.dll,
CLI.Component.Runtime.dll,
CLI.Component.Runtime.Shared.Private.dll,
CLI.Foundation.Private.dll,
CLI.Component.Runtime.Shared.dll,
ATICCCom.dll, ADL.Foundation.dll,
AEM.Server.dll, NEWAEM.Foundation.dll,
atiadlxx.dll, USERENV.dll, WTSAPI32.dll,
SETUPAPI.dll, CFGMGR32.dll, OLEAUT32.dll,
DEVOBJ.dll, WINTRUST.dll, CRYPT32.dll,
MSASN1.dll, AEM.Server.Shared.dll,
AEM.Plugin.Source.Kit.Server.dll,
AEM.Plugin.DPPE.Shared.dll,
AEM.Plugin.Hotkeys.Shared.dll,
AEM.Plugin.WinMessages.Shared.dll,
DEM.Graphics.I0601.dll, DEM.Foundation.dll,
DEM.Graphics.dll, gdiplus.dll,
ATIDEMGX.dll, btmmhook.dll,
DEM.Graphics.I1010.dll,
System.Configuration.ni.dll,
AEM.Plugin.REG.Shared.dll,
CLI.Caste.Graphics.Runtime.dll,
CLI.Caste.Graphics.Shared.dll,
DEM.Graphics.I0709.dll,
AEM.Plugin.GD.Shared.dll,
AEM.Actions.CCAA.Shared.dll,
ResourceManagement.Foundation.Private.dll,
DEM.Graphics.I0804.dll, WindowsBase.ni.dll,
CLI.Aspect.DisplaysColour2.Graphics.Runtime.
dll,
CLI.Aspect.DisplaysOptions.Graphics.Runtime.
dll,
CLI.Aspect.DeviceCRT.Graphics.Runtime.dll,
CLI.Combined.Graphics.Aspects2.Runtime.dll,
CLI.Caste.Graphics.Runtime.Shared.Private.dl
l,
CLI.Aspect.DisplaysColour2.Graphics.Shared.d
ll,
CLI.Aspect.DeviceLCD.Graphics.Shared.dll,
CLI.Aspect.DeviceDFP.Graphics.Runtime.dll,
CLI.Aspect.MultiVPU2.Graphics.Shared.dll,
CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dl
l,
CLI.Aspect.DeviceDFP.Graphics.Shared.dll,
CLI.Aspect.Radeon3D.Graphics.Runtime.dll,
CLI.Aspect.MMVideo.Graphics.Runtime.dll,
CLI.Aspect.PowerXpress.Graphics.Runtime.dll,
CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dl
l, CLI.Aspect.MMVideo.Graphics.Shared.dll,
CLI.Aspect.Radeon3D.Graphics.Shared.dll,
CLI.Aspect.CustomFormats.Graphics.Shared.dll
,
CLI.Aspect.PowerXpress.Graphics.Shared.dll,
CLI.Aspect.DeviceCV.Graphics.Shared.dll,
CLI.Aspect.TransCode.Graphics.Runtime.dll,
CLI.Aspect.HotkeysHandling.Graphics.Runtime.
dll,
CLI.Aspect.AMDHome.Graphics.Runtime.dll,
DEM.Graphics.I0906.dll,
CLI.Aspect.UpdateNotification.Graphics.Runti
me.dll,
CLI.Aspect.DisplaysOptions.Graphics.shared.d
ll,
CLI.Aspect.UpdateNotification.Graphics.Share
d.dll,
CLI.Aspect.HotkeysHandling.Graphics.Shared.d
ll,
CLI.Aspect.DeviceCRT.Graphics.shared.dll,
CLI.Aspect.DeviceTV.Graphics.shared.dll,
CLI.Aspect.AMDHome.Graphics.shared.dll,
CLI.Aspect.TransCode.Graphics.shared.dll,
DEM.Graphics.I0912.dll,
DEM.Graphics.I0706.dll,
DEM.Graphics.I0712.dll,
CLI.Aspect.DeviceProperty.Graphics.Shared.dl
l,
CLI.Aspect.DeviceProperty.Graphics.Runtime.d
ll, DEM.Graphics.I0812.dll,
DEM.Graphics.I0805.dll, APM.Foundation.dll,
DEM.Graphics.I1011.dll, powrprof.dll,
DEM.Graphics.I0702.dll,
DEM.Graphics.I0710.dll,
DEM.Graphics.I0901.dll, version.dll,
atixclib.dll, CLBCatQ.DLL,
CLI.Caste.HydraVision.Runtime.dll,
CLI.Caste.HydraVision.Shared.dll,
CLI.Caste.Fuel.Runtime.dll,
CLI.Caste.Fuel.Shared.dll,
Fuel.Foundation.dll,
FUEL.Implementation.dll,
Fuel.Proxy.Native.dll, MSVCP100.dll,
MSVCR100.dll, secur32.dll, SSPICLI.DLL,
credssp.dll, msv1_0.DLL, cryptdll.dll,
Localization.Foundation.Private.dll,
Localization.Foundation.Implementation.defau
lt_Localization.dll,
CLI.Combined.Fusion.Aspects.Runtime.dll,
CLI.Aspect.Fets.Fuel.Shared.dll,
CLI.Aspect.CPUPStates.Fuel.Shared.dll,
CLI.Aspect.DPPE.Fuel.Shared.dll,
CLI.Aspect.WiFi.Fuel.Shared.dll,
APM.Server.dll,
HPConnectionManager.exe 1868 ntdll.dll, MSCOREE.DLL, KERNEL32.dll,
KERNELBASE.dll, oawatch64.dll, UxTheme.dll,
msvcrt.dll, USER32.dll, GDI32.dll, LPK.dll,
USP10.dll, WSOCK32.dll, WS2_32.dll,
RPCRT4.dll, NSI.dll, PSAPI.DLL,
WINSPOOL.DRV, ADVAPI32.dll, sechost.dll,
ole32.dll, IMM32.DLL, MSCTF.dll,
mscoreei.dll, SHLWAPI.dll, mscorwks.dll,
MSVCR80.dll, shell32.dll, profapi.dll,
mscorlib.ni.dll, mscorsec.dll,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
COMCTL32.dll, CRYPTSP.dll, rsaenh.dll,
CRYPTBASE.dll, imagehlp.dll, ncrypt.dll,
bcrypt.dll, bcryptprimitives.dll,
USERENV.dll, GPAPI.dll, cryptnet.dll,
WLDAP32.dll, SensApi.dll, System.ni.dll,
WindowsBase.ni.dll,
PresentationCore.ni.dll,
PresentationFramework.ni.dll,
wpfgfx_v0300.dll, OLEAUT32.dll,
mscorjit.dll, diasymreader.dll,
RpcRtRemote.dll, HP.Mobile.dll, dwmapi.dll,
hpUIFramework.dll, System.Core.ni.dll,
HP.Mobile.Shared.dll,
HP.Mobile.Resource.dll,
System.Drawing.ni.dll,
System.Windows.Forms.ni.dll,
System.Configuration.ni.dll,
System.Xml.ni.dll, version.dll,
System.ServiceProcess.ni.dll,
Interop.hpCMSrv.dll,
HP.Mobile.Resource.resources.dll,
CLBCatQ.DLL, SXS.DLL, mswsock.dll,
wshtcpip.dll, wship6.dll,
System.Xml.Linq.ni.dll, CaslShared.dll,
hpcasl.dll, CaslWmi.dll,
Interop.HPQWMIEXLib.dll,
System.Management.ni.dll, wmiutils.dll,
wbemcomn.dll, wbemprox.dll,
wminet_utils.dll, wbemsvc.dll,
fastprox.dll, NTDSAPI.dll, CaslSmBios.dll,
wlanapi.dll, wlanutil.dll, iphlpapi.dll,
WINNSI.DLL, DNSAPI.dll, dhcpcsvc.DLL,
dhcpcsvc6.DLL, d3d9.dll, d3d8thk.dll,
aticfx64.dll, atiu9p64.dll, atiumd64.dll,
atiumd6a.dll,
PresentationFramework.Aero.ni.dll,
gdiplus.dll, HP.Mobile.Data.dll,
System.Data.Entity.ni.dll, shfolder.dll,
System.Data.ni.dll, System.Data.dll,
System.Data.SQLite.dll,
System.Transactions.ni.dll,
System.Transactions.dll, System.Web.ni.dll,
System.EnterpriseServices.ni.dll,
System.Data.SQLite.Linq.dll,
System.Runtime.Serialization.ni.dll,
System.Speech.ni.dll, PROPSYS.dll,
comctl32.dll, ntmarta.dll, urlmon.dll,
iertutil.dll, WININET.dll, Normaliz.dll,
Secur32.dll, SSPICLI.DLL, SETUPAPI.dll,
CFGMGR32.dll, DEVOBJ.dll, apphelp.dll,
rasapi32.dll, rasman.dll, rtutils.dll
hpCMSrv.exe 4024 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
PresentationFontCache.exe 4052 ntdll.dll, MSCOREE.DLL, KERNEL32.dll,
KERNELBASE.dll, ADVAPI32.dll, msvcrt.dll,
sechost.dll, RPCRT4.dll, mscoreei.dll,
SHLWAPI.dll, GDI32.dll, USER32.dll,
LPK.dll, USP10.dll, IMM32.DLL, MSCTF.dll,
mscorwks.dll, MSVCR80.dll, shell32.dll,
ole32.dll, profapi.dll, mscorlib.ni.dll,
CRYPTBASE.dll, CRYPTSP.dll, rsaenh.dll,
System.ni.dll,
System.ServiceProcess.ni.dll, mscorjit.dll,
WindowsBase.ni.dll,
PresentationCore.ni.dll, wpfgfx_v0300.dll,
OLEAUT32.dll, shfolder.dll
hpCaslNotification.exe 5192 ntdll.dll, MSCOREE.DLL, KERNEL32.dll,
KERNELBASE.dll, oawatch64.dll, UxTheme.dll,
msvcrt.dll, USER32.dll, GDI32.dll, LPK.dll,
USP10.dll, WSOCK32.dll, WS2_32.dll,
RPCRT4.dll, NSI.dll, PSAPI.DLL,
WINSPOOL.DRV, ADVAPI32.dll, sechost.dll,
ole32.dll, IMM32.DLL, MSCTF.dll,
mscoreei.dll, SHLWAPI.dll, mscorwks.dll,
MSVCR80.dll, shell32.dll, profapi.dll,
mscorlib.ni.dll, mscorsec.dll,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
COMCTL32.dll, CRYPTSP.dll, rsaenh.dll,
CRYPTBASE.dll, imagehlp.dll, ncrypt.dll,
bcrypt.dll, bcryptprimitives.dll,
USERENV.dll, GPAPI.dll, cryptnet.dll,
WLDAP32.dll, SensApi.dll, mscorjit.dll,
System.ni.dll, System.Xml.ni.dll,
System.Drawing.ni.dll,
System.Windows.Forms.ni.dll,
RpcRtRemote.dll, dwmapi.dll, gdiplus.dll,
btmmhook.dll, OLEAUT32.dll, comctl32.dll,
System.Configuration.ni.dll, shfolder.dll
audiodg.exe 2256 N/A
cmd.exe 4996 ntdll.dll, kernel32.dll, KERNELBASE.dll,
msvcrt.dll, WINBRAND.dll, USER32.dll,
GDI32.dll, LPK.dll, USP10.dll, IMM32.DLL,
MSCTF.dll, oawatch64.dll, UxTheme.dll,
WSOCK32.dll, WS2_32.dll, RPCRT4.dll,
NSI.dll, PSAPI.DLL, WINSPOOL.DRV,
ADVAPI32.dll, sechost.dll, ole32.dll,
apphelp.dll
conhost.exe 5712 ntdll.dll, kernel32.dll, KERNELBASE.dll,
GDI32.dll, USER32.dll, LPK.dll, USP10.dll,
msvcrt.dll, IMM32.dll, MSCTF.dll,
ole32.dll, RPCRT4.dll, OLEAUT32.dll,
oawatch64.dll, UxTheme.dll, WSOCK32.dll,
WS2_32.dll, NSI.dll, PSAPI.DLL,
WINSPOOL.DRV, ADVAPI32.dll, sechost.dll,
dwmapi.dll, comctl32.DLL, SHLWAPI.dll,
CRYPTBASE.dll
WUDFHost.exe 5876 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, USER32.dll, GDI32.dll, LPK.dll,
USP10.dll, ole32.dll, WUDFPlatform.dll,
SETUPAPI.dll, CFGMGR32.dll, OLEAUT32.dll,
DEVOBJ.dll, PSAPI.DLL, VERSION.dll,
wevtapi.dll, IMM32.DLL, MSCTF.dll,
CRYPTBASE.dll, WINTRUST.dll, CRYPT32.dll,
MSASN1.dll, WUDFx.dll, WpdFs.dll,
wmvcore.dll, WMASF.DLL, gdiplus.dll,
CLBCatQ.DLL,
portabledeviceclassextension.dll,
PortableDeviceTypes.dll, PROPSYS.dll
notepad.exe 5048 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, GDI32.dll, USER32.dll, LPK.dll,
USP10.dll, COMDLG32.dll, SHLWAPI.dll,
COMCTL32.dll, SHELL32.dll, WINSPOOL.DRV,
ole32.dll, OLEAUT32.dll, VERSION.dll,
IMM32.DLL, MSCTF.dll, oawatch64.dll,
UxTheme.dll, WSOCK32.dll, WS2_32.dll,
NSI.dll, PSAPI.DLL, CRYPTBASE.dll,
dwmapi.dll, btmmhook.dll
tasklist.exe 5988 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, USER32.dll, GDI32.dll, LPK.dll,
USP10.dll, ole32.dll, VERSION.dll, MPR.dll,
OLEAUT32.dll, Secur32.dll, SSPICLI.DLL,
WS2_32.dll, NSI.dll, framedynos.dll,
WTSAPI32.dll, NETAPI32.dll, netutils.dll,
srvcli.dll, wkscli.dll, dbghelp.dll,
SHLWAPI.dll, IMM32.DLL, MSCTF.dll,
oawatch64.dll, UxTheme.dll, WSOCK32.dll,
PSAPI.DLL, WINSPOOL.DRV, CRYPTBASE.dll,
CLBCatQ.DLL, wbemprox.dll, wbemcomn.dll,
Winsta.dll, CRYPTSP.dll, rsaenh.dll,
RpcRtRemote.dll, wbemsvc.dll, fastprox.dll,
NTDSAPI.dll, wmiutils.dll
WmiPrvSE.exe 5324 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, USER32.dll, GDI32.dll, LPK.dll,
USP10.dll, wbemcomn.dll, OLEAUT32.dll,
ole32.dll, WS2_32.dll, NSI.dll,
FastProx.dll, NTDSAPI.dll, NCObjAPI.DLL,
IMM32.DLL, MSCTF.dll, CRYPTBASE.dll,
ntmarta.dll, WLDAP32.dll, CLBCatQ.DLL,
wbemprox.dll, CRYPTSP.dll, rsaenh.dll,
RpcRtRemote.dll, wbemsvc.dll, wmiutils.dll,
cimwin32.dll, framedynos.dll, SspiCli.dll,
WTSAPI32.dll, WINBRAND.dll
worked this time