It was in my Spam folder. Anyway, I've done the scans as instructed. Here they are:
Malwarebytes log:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8051
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19154
10/31/2011 11:30:08 AM
mbam-log-2011-10-31 (11-30-08).txt
Scan type: Quick scan
Objects scanned: 169290
Time elapsed: 8 minute(s), 43 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Combofix log:
ComboFix 11-10-30.03 - Eleanor 10/31/2011 12:00:45.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2045.1037 [GMT -4:00]
Running from: c:\users\Eleanor\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Eleanor\g2mdlhlpx.exe
c:\windows\TEMP\IE9BC6B.tmp\IE9-support\ienrcore.exe
c:\windows\TEMP\IE9BC6B.tmp\SQMAPI.DLL
.
.
((((((((((((((((((((((((( Files Created from 2011-09-28 to 2011-10-31 )))))))))))))))))))))))))))))))
.
.
2011-10-31 16:13 . 2011-10-31 16:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-31 15:02 . 2011-10-31 15:03 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5082DAE2-4BF8-464F-9562-BAB751664188}\MpKsl6cf8fe49.sys
2011-10-31 15:01 . 2011-10-31 15:01 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5082DAE2-4BF8-464F-9562-BAB751664188}\offreg.dll
2011-10-31 15:01 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5082DAE2-4BF8-464F-9562-BAB751664188}\mpengine.dll
2011-10-31 14:47 . 2011-10-31 14:47 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2011-10-31 14:47 . 2011-10-31 14:47 7271 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2011-10-31 14:47 . 2011-10-31 14:47 23327 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2011-10-31 14:43 . 2011-10-31 14:43 -------- d-----w- C:\_OTL
2011-10-26 14:41 . 2011-08-13 04:43 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-25 14:00 . 2011-10-25 14:00 -------- d-----w- C:\found.001
2011-10-21 16:37 . 2011-10-21 16:37 -------- d-----w- C:\found.000
2011-10-12 17:32 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-12 17:32 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 17:32 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 17:32 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-10-12 02:02 . 2011-10-11 23:34 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CE4516FF-6EE3-4795-8184-A77BB1E0B584}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-07 03:48 . 2010-08-06 16:37 6668624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-08-31 21:00 . 2009-08-23 16:26 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-16 12:48 . 2011-08-25 07:11 7152464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}]
2010-06-03 22:24 2736736 ----a-w- c:\program files\Free_TV_Bar_c3\tbFree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}"= "c:\program files\Free_TV_Bar_c3\tbFree.dll" [2010-06-03 2736736]
.
[HKEY_CLASSES_ROOT\clsid\{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3EE8D0BE-F450-4EF2-97B9-AC2222D14DB3}"= "c:\program files\Free_TV_Bar_c3\tbFree.dll" [2010-06-03 2736736]
.
[HKEY_CLASSES_ROOT\clsid\{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Eleanor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Eleanor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Eleanor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-31 39408]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2007-08-30 205480]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-10-20 4615552]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-09-24 159744]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-12-03 36864]
"VolPanel"="c:\program files\Creative\SBAudigy\Volume Panel\VolPanlu.exe" [2006-11-27 180224]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2007-08-30 205480]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-11-01 189736]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-09-25 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-25 8478720]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-25 81920]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2007-09-25 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"HPUsageTracking"="c:\program files\HP\HP UT\bin\hppusg.exe" [2008-05-07 36864]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2008-01-02 405504]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
.
c:\users\Eleanor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Eleanor\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280]
Device Monitor.lnk - c:\program files\ArcSoft\MediaConverter 3\Monitor.exe [2011-10-7 139264]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2009-1-22 50688]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-09-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-02-28 23:27 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlackBerryAutoUpdate]
2009-08-31 15:25 623960 ----a-w- c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-06-07 21:51 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiSpywareOverride"=dword:00000001
.
R1 MpKsl04c6a152;MpKsl04c6a152;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E59ED9B7-38BF-4135-8952-48C1BAA7D97A}\MpKsl04c6a152.sys [x]
R1 MpKsl0c0681fc;MpKsl0c0681fc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{86BD937C-F8CF-4D3B-B45B-C3F76BF5C38B}\MpKsl0c0681fc.sys [x]
R1 MpKsl0ef13b83;MpKsl0ef13b83;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E2EB8567-184B-4CD1-8B5C-C833C3B47FE5}\MpKsl0ef13b83.sys [x]
R1 MpKsl15bec4f9;MpKsl15bec4f9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{70F65588-A87C-4C58-81E7-AA141AF26333}\MpKsl15bec4f9.sys [x]
R1 MpKsl18a3b54b;MpKsl18a3b54b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F36A164A-4712-4AA3-A7A3-F5CBFA73A132}\MpKsl18a3b54b.sys [x]
R1 MpKsl1e3bace9;MpKsl1e3bace9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0B5740D1-6430-40CF-AD9E-DA462CBE6463}\MpKsl1e3bace9.sys [x]
R1 MpKsl1ea06b0c;MpKsl1ea06b0c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A7DD23C8-70E5-4C65-A2F3-FD8EB5366FF4}\MpKsl1ea06b0c.sys [x]
R1 MpKsl20971e6c;MpKsl20971e6c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CBEECD4C-C90D-4A38-B193-8E14E3D323D7}\MpKsl20971e6c.sys [x]
R1 MpKsl22339f01;MpKsl22339f01;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D521D620-9804-47BD-BD87-D28CD743E003}\MpKsl22339f01.sys [x]
R1 MpKsl2331ca1f;MpKsl2331ca1f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A7DD23C8-70E5-4C65-A2F3-FD8EB5366FF4}\MpKsl2331ca1f.sys [x]
R1 MpKsl240abc5c;MpKsl240abc5c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ADA48E2F-9303-4C90-9D56-081983DF4FB5}\MpKsl240abc5c.sys [x]
R1 MpKsl24e0135f;MpKsl24e0135f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{35FA45C5-AB37-45C4-A83A-1254BCF3846E}\MpKsl24e0135f.sys [x]
R1 MpKsl27a47820;MpKsl27a47820;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6358CBEF-9CC2-4224-9FAC-923DCD193469}\MpKsl27a47820.sys [x]
R1 MpKsl2ec22112;MpKsl2ec22112;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B19BFC27-9807-49D3-BC8E-874CBC2DBE1A}\MpKsl2ec22112.sys [x]
R1 MpKsl31c8143b;MpKsl31c8143b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E01A0FEF-1A1D-4DA2-9A9C-5D589B09CA66}\MpKsl31c8143b.sys [x]
R1 MpKsl34b22294;MpKsl34b22294;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A87EEC05-D159-45F8-A249-F0F76AEE9F3F}\MpKsl34b22294.sys [x]
R1 MpKsl37b5235e;MpKsl37b5235e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EEB5C2D9-6C93-4B77-A08E-D62EFC7A336E}\MpKsl37b5235e.sys [x]
R1 MpKsl3bd1f685;MpKsl3bd1f685;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ADA48E2F-9303-4C90-9D56-081983DF4FB5}\MpKsl3bd1f685.sys [x]
R1 MpKsl3f4a5917;MpKsl3f4a5917;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E85D311F-B90C-4EE2-9BCE-60E80C0A8E80}\MpKsl3f4a5917.sys [x]
R1 MpKsl433f4211;MpKsl433f4211;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B19BFC27-9807-49D3-BC8E-874CBC2DBE1A}\MpKsl433f4211.sys [x]
R1 MpKsl445a2df0;MpKsl445a2df0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2A1F1A37-510F-4F5D-B5E7-DCE3BCE40553}\MpKsl445a2df0.sys [x]
R1 MpKsl448ef9f7;MpKsl448ef9f7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5EA1EB7-CD08-4166-8F74-99D65838C92E}\MpKsl448ef9f7.sys [x]
R1 MpKsl45c37355;MpKsl45c37355;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ADA48E2F-9303-4C90-9D56-081983DF4FB5}\MpKsl45c37355.sys [x]
R1 MpKsl4652afa1;MpKsl4652afa1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A7DD23C8-70E5-4C65-A2F3-FD8EB5366FF4}\MpKsl4652afa1.sys [x]
R1 MpKsl51bbbfe3;MpKsl51bbbfe3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B299AB38-70B7-4A21-BBAF-3B19E07714B8}\MpKsl51bbbfe3.sys [x]
R1 MpKsl525a68ff;MpKsl525a68ff;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ADA48E2F-9303-4C90-9D56-081983DF4FB5}\MpKsl525a68ff.sys [x]
R1 MpKsl5461fb3a;MpKsl5461fb3a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A7DD23C8-70E5-4C65-A2F3-FD8EB5366FF4}\MpKsl5461fb3a.sys [x]
R1 MpKsl5510f5cc;MpKsl5510f5cc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E392C013-0476-4CE8-880D-7020FA2EAF4F}\MpKsl5510f5cc.sys [x]
R1 MpKsl576ad885;MpKsl576ad885;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6009CB8D-7BDC-4039-80B0-70778FF4CC9E}\MpKsl576ad885.sys [x]
R1 MpKsl57eda07c;MpKsl57eda07c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ADA48E2F-9303-4C90-9D56-081983DF4FB5}\MpKsl57eda07c.sys [x]
R1 MpKsl5825dcf8;MpKsl5825dcf8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2B2F4371-CAED-45A4-93AD-779FF7EAB646}\MpKsl5825dcf8.sys [x]
R1 MpKsl5a39433f;MpKsl5a39433f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{857D1AEA-C634-4424-91F2-549428451213}\MpKsl5a39433f.sys [x]
R1 MpKsl5a4d7e2a;MpKsl5a4d7e2a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A7DD23C8-70E5-4C65-A2F3-FD8EB5366FF4}\MpKsl5a4d7e2a.sys [x]
R1 MpKsl6884d9e3;MpKsl6884d9e3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E078922F-364B-4981-89F8-B0F117A0F306}\MpKsl6884d9e3.sys [x]
R1 MpKsl68e17f44;MpKsl68e17f44;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FB21569F-1BFD-4A4F-A6BD-BF2EEA5D90D2}\MpKsl68e17f44.sys [x]
R1 MpKsl6af10afb;MpKsl6af10afb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BF95B286-2E51-41A0-9FAE-DC45FBCC445E}\MpKsl6af10afb.sys [x]
R1 MpKsl6f0e9d05;MpKsl6f0e9d05;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6504E3D6-0EBA-479D-815A-EC670B1CF898}\MpKsl6f0e9d05.sys [x]
R1 MpKsl710fcf9e;MpKsl710fcf9e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CC8F7C76-7359-40D5-AABD-154035F7CC00}\MpKsl710fcf9e.sys [x]
R1 MpKsl7e778e8a;MpKsl7e778e8a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3A50A532-2748-47D0-BD00-B78C9A793444}\MpKsl7e778e8a.sys [x]
R1 MpKsl80e8119e;MpKsl80e8119e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{41A9CD16-B380-4ADB-BC0E-9B59D03C419F}\MpKsl80e8119e.sys [x]
R1 MpKsl81aee43c;MpKsl81aee43c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A4E99E0D-2FAD-4712-A3CD-1C086C1D9C85}\MpKsl81aee43c.sys [x]
R1 MpKsl85b6ed60;MpKsl85b6ed60;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E01A0FEF-1A1D-4DA2-9A9C-5D589B09CA66}\MpKsl85b6ed60.sys [x]
R1 MpKsl87792a19;MpKsl87792a19;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ADA48E2F-9303-4C90-9D56-081983DF4FB5}\MpKsl87792a19.sys [x]
R1 MpKsl88ad2707;MpKsl88ad2707;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E392C013-0476-4CE8-880D-7020FA2EAF4F}\MpKsl88ad2707.sys [x]
R1 MpKsl88d1eb23;MpKsl88d1eb23;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A7DD23C8-70E5-4C65-A2F3-FD8EB5366FF4}\MpKsl88d1eb23.sys [x]
R1 MpKsl8aff951a;MpKsl8aff951a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ADA48E2F-9303-4C90-9D56-081983DF4FB5}\MpKsl8aff951a.sys [x]
R1 MpKsl9b23d449;MpKsl9b23d449;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{01B7B8D5-42D3-48B5-BD47-7F246A64AB4C}\MpKsl9b23d449.sys [x]
R1 MpKsla38e6eb8;MpKsla38e6eb8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{41A9CD16-B380-4ADB-BC0E-9B59D03C419F}\MpKsla38e6eb8.sys [x]
R1 MpKsla67b284d;MpKsla67b284d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A87EEC05-D159-45F8-A249-F0F76AEE9F3F}\MpKsla67b284d.sys [x]
R1 MpKslaa48ea9a;MpKslaa48ea9a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CCD0B547-AAD7-4B87-B25F-7E1E6E28F3E6}\MpKslaa48ea9a.sys [x]
R1 MpKslabb911c8;MpKslabb911c8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B299AB38-70B7-4A21-BBAF-3B19E07714B8}\MpKslabb911c8.sys [x]
R1 MpKslbfd472e8;MpKslbfd472e8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A7DD23C8-70E5-4C65-A2F3-FD8EB5366FF4}\MpKslbfd472e8.sys [x]
R1 MpKslc9acfe28;MpKslc9acfe28;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6B206152-3793-4294-AAA9-53DF3BAD4A88}\MpKslc9acfe28.sys [x]
R1 MpKslccf05567;MpKslccf05567;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A7DD23C8-70E5-4C65-A2F3-FD8EB5366FF4}\MpKslccf05567.sys [x]
R1 MpKsldae683ab;MpKsldae683ab;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E2EB8567-184B-4CD1-8B5C-C833C3B47FE5}\MpKsldae683ab.sys [x]
R1 MpKsldebb3ce2;MpKsldebb3ce2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CCD0B547-AAD7-4B87-B25F-7E1E6E28F3E6}\MpKsldebb3ce2.sys [x]
R1 MpKsle34cdf91;MpKsle34cdf91;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E3CA37F-A4A0-412A-B714-CAD405347A38}\MpKsle34cdf91.sys [x]
R1 MpKsle61c3cb8;MpKsle61c3cb8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8FBB741E-E45B-4A4A-8A98-4D26D0624A1C}\MpKsle61c3cb8.sys [x]
R1 MpKsle7a503da;MpKsle7a503da;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E59ED9B7-38BF-4135-8952-48C1BAA7D97A}\MpKsle7a503da.sys [x]
R1 MpKsle84c923d;MpKsle84c923d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{528DFDB5-BE41-42FF-8C02-769AE0B00761}\MpKsle84c923d.sys [x]
R1 MpKslecc4db06;MpKslecc4db06;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B299AB38-70B7-4A21-BBAF-3B19E07714B8}\MpKslecc4db06.sys [x]
R1 MpKslf5713a58;MpKslf5713a58;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E01A0FEF-1A1D-4DA2-9A9C-5D589B09CA66}\MpKslf5713a58.sys [x]
R1 MpKslf686bc4b;MpKslf686bc4b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A7DD23C8-70E5-4C65-A2F3-FD8EB5366FF4}\MpKslf686bc4b.sys [x]
R1 MpKslf6aed8fc;MpKslf6aed8fc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4F90068A-FBF0-4F4F-9548-55997D5F7A1A}\MpKslf6aed8fc.sys [x]
R1 MpKslf7d6b26b;MpKslf7d6b26b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{20F9D114-AA54-40D2-8DB7-F4D83C36D7C1}\MpKslf7d6b26b.sys [x]
R1 MpKslfc486db0;MpKslfc486db0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CC8F7C76-7359-40D5-AABD-154035F7CC00}\MpKslfc486db0.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\DRIVERS\PTDUBus.sys [2009-08-12 54416]
R3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\DRIVERS\PTDUMdm.sys [2009-08-12 160272]
R3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\DRIVERS\PTDUVsp.sys [2009-08-12 160272]
R3 PTDUWFLT;PTDUWWAN Filter Driver;c:\windows\system32\DRIVERS\PTDUWFLT.sys [2009-08-12 11920]
R3 PTDUWWAN;PANTECH UM175 WWAN Driver;c:\windows\system32\DRIVERS\PTDUWWAN.sys [2009-08-12 113680]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-02-28 12872]
R3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS [2009-05-25 32408]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 MpKsl6cf8fe49;MpKsl6cf8fe49;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5082DAE2-4BF8-464F-9562-BAB751664188}\MpKsl6cf8fe49.sys [2011-10-31 28752]
S1 MpKsla63e49cc;MpKsla63e49cc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D1E7F2D9-66E7-4D19-BE33-45814F341070}\MpKsla63e49cc.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-09-19 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2011-09-19 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-09-19 116608]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2008-01-02 73728]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-05-21 179712]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2009-04-23 16640]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL6CF8FE49
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-846242405-2255293798-2596077637-1000Core.job
- c:\users\Eleanor\AppData\Local\Google\Update\GoogleUpdate.exe [2009-02-14 22:54]
.
2011-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-846242405-2255293798-2596077637-1000UA.job
- c:\users\Eleanor\AppData\Local\Google\Update\GoogleUpdate.exe [2009-02-14 22:54]
.
.
------- Supplementary Scan -------
.
uStart Page =
https://mail.google....l/?shva=1#inboxuInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{42B0BD43-60C3-47FB-9C7E-292BE013B0A5}: NameServer = 66.174.95.44 69.78.96.14
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2011-10-31 12:13
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-10-31 12:18:54
ComboFix-quarantined-files.txt 2011-10-31 16:18
.
Pre-Run: 166,984,232,960 bytes free
Post-Run: 168,502,697,984 bytes free
.
- - End Of File - - 9B0B6BE2A77C3DE83BBF89EADAE73DEE
TDSSkiller Log:
12:26:23.0720 1204 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
12:26:24.0173 1204 ============================================================
12:26:24.0173 1204 Current date / time: 2011/10/31 12:26:24.0173
12:26:24.0173 1204 SystemInfo:
12:26:24.0173 1204
12:26:24.0173 1204 OS Version: 6.0.6002 ServicePack: 2.0
12:26:24.0173 1204 Product type: Workstation
12:26:24.0173 1204 ComputerName: ELEANOR-PC
12:26:24.0173 1204 UserName: Eleanor
12:26:24.0173 1204 Windows directory: C:\Windows
12:26:24.0173 1204 System windows directory: C:\Windows
12:26:24.0173 1204 Processor architecture: Intel x86
12:26:24.0173 1204 Number of processors: 2
12:26:24.0173 1204 Page size: 0x1000
12:26:24.0173 1204 Boot type: Normal boot
12:26:24.0173 1204 ============================================================
12:26:24.0984 1204 Initialize success
12:26:27.0074 6104 ============================================================
12:26:27.0074 6104 Scan started
12:26:27.0074 6104 Mode: Manual;
12:26:27.0074 6104 ============================================================
12:26:28.0010 6104 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
12:26:28.0010 6104 ACPI - ok
12:26:28.0088 6104 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
12:26:28.0104 6104 adp94xx - ok
12:26:28.0322 6104 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
12:26:28.0322 6104 adpahci - ok
12:26:28.0385 6104 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
12:26:28.0385 6104 adpu160m - ok
12:26:28.0603 6104 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
12:26:28.0603 6104 adpu320 - ok
12:26:28.0868 6104 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\Windows\system32\drivers\Afc.sys
12:26:28.0868 6104 Afc - ok
12:26:28.0931 6104 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
12:26:28.0931 6104 AFD - ok
12:26:29.0149 6104 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
12:26:29.0149 6104 agp440 - ok
12:26:29.0180 6104 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
12:26:29.0196 6104 aic78xx - ok
12:26:29.0446 6104 aliide (e32a92e1574a467f7c762922f6162d76) C:\Windows\system32\drivers\aliide.sys
12:26:29.0446 6104 aliide - ok
12:26:29.0602 6104 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
12:26:29.0602 6104 amdagp - ok
12:26:29.0726 6104 amdide (b52b576cb0099a62f87214f371031561) C:\Windows\system32\drivers\amdide.sys
12:26:29.0726 6104 amdide - ok
12:26:29.0836 6104 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
12:26:29.0836 6104 AmdK7 - ok
12:26:29.0960 6104 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
12:26:29.0960 6104 AmdK8 - ok
12:26:30.0023 6104 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\Windows\system32\DRIVERS\Apfiltr.sys
12:26:30.0023 6104 ApfiltrService - ok
12:26:30.0241 6104 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
12:26:30.0241 6104 arc - ok
12:26:30.0288 6104 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
12:26:30.0288 6104 arcsas - ok
12:26:30.0350 6104 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
12:26:30.0350 6104 AsyncMac - ok
12:26:30.0631 6104 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
12:26:30.0631 6104 atapi - ok
12:26:30.0709 6104 b57nd60x (32795e299c3aba589a5e04c83d531cdf) C:\Windows\system32\DRIVERS\b57nd60x.sys
12:26:30.0709 6104 b57nd60x - ok
12:26:30.0834 6104 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
12:26:30.0834 6104 Beep - ok
12:26:30.0928 6104 blbdrive - ok
12:26:31.0115 6104 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
12:26:31.0115 6104 bowser - ok
12:26:31.0193 6104 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
12:26:31.0193 6104 BrFiltLo - ok
12:26:31.0255 6104 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
12:26:31.0255 6104 BrFiltUp - ok
12:26:31.0364 6104 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
12:26:31.0364 6104 Brserid - ok
12:26:31.0427 6104 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
12:26:31.0442 6104 BrSerWdm - ok
12:26:31.0474 6104 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
12:26:31.0489 6104 BrUsbMdm - ok
12:26:31.0552 6104 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
12:26:31.0567 6104 BrUsbSer - ok
12:26:31.0630 6104 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
12:26:31.0630 6104 BthEnum - ok
12:26:31.0692 6104 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
12:26:31.0692 6104 BTHMODEM - ok
12:26:31.0770 6104 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
12:26:31.0770 6104 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\bthpan.sys. md5: 5904efa25f829bf84ea6fb045134a1d8
12:26:31.0770 6104 BthPan ( LockedFile.Multi.Generic ) - warning
12:26:31.0770 6104 BthPan - detected LockedFile.Multi.Generic (1)
12:26:31.0988 6104 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
12:26:32.0004 6104 BTHPORT - ok
12:26:32.0082 6104 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
12:26:32.0082 6104 BTHUSB - ok
12:26:32.0222 6104 btwaudio (4a28e7bd365377d0512b7ef8c7596d2c) C:\Windows\system32\drivers\btwaudio.sys
12:26:32.0222 6104 btwaudio - ok
12:26:32.0269 6104 btwavdt (5ffde57253d665067b0886612817eb11) C:\Windows\system32\drivers\btwavdt.sys
12:26:32.0269 6104 btwavdt - ok
12:26:32.0332 6104 btwrchid (ab07dc8b05c31a4f95fc73019be9db15) C:\Windows\system32\DRIVERS\btwrchid.sys
12:26:32.0332 6104 btwrchid - ok
12:26:32.0519 6104 catchme - ok
12:26:32.0690 6104 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
12:26:32.0690 6104 cdfs - ok
12:26:32.0753 6104 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
12:26:32.0753 6104 cdrom - ok
12:26:32.0924 6104 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
12:26:32.0924 6104 circlass - ok
12:26:33.0002 6104 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
12:26:33.0002 6104 CLFS - ok
12:26:33.0221 6104 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
12:26:33.0221 6104 CmBatt - ok
12:26:33.0283 6104 cmdide (c177dd90b5dc1dcaa96ccece752e6f0f) C:\Windows\system32\drivers\cmdide.sys
12:26:33.0283 6104 cmdide - ok
12:26:33.0502 6104 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
12:26:33.0502 6104 Compbatt - ok
12:26:33.0548 6104 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
12:26:33.0548 6104 crcdisk - ok
12:26:33.0611 6104 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
12:26:33.0611 6104 Crusoe - ok
12:26:33.0767 6104 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
12:26:33.0767 6104 DfsC - ok
12:26:33.0829 6104 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
12:26:33.0829 6104 disk - ok
12:26:34.0016 6104 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
12:26:34.0016 6104 Dot4 - ok
12:26:34.0048 6104 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:26:34.0048 6104 Dot4Print - ok
12:26:34.0063 6104 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
12:26:34.0063 6104 dot4usb - ok
12:26:34.0141 6104 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
12:26:34.0141 6104 drmkaud - ok
12:26:34.0328 6104 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
12:26:34.0344 6104 DXGKrnl - ok
12:26:34.0562 6104 e1express (7505290504c8e2d172fa378cc0497bcc) C:\Windows\system32\DRIVERS\e1e6032.sys
12:26:34.0562 6104 e1express - ok
12:26:34.0594 6104 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
12:26:34.0609 6104 E1G60 - ok
12:26:34.0750 6104 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
12:26:34.0750 6104 Ecache - ok
12:26:34.0859 6104 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
12:26:34.0859 6104 elxstor - ok
12:26:35.0046 6104 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
12:26:35.0046 6104 exfat - ok
12:26:35.0093 6104 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
12:26:35.0093 6104 fastfat - ok
12:26:35.0171 6104 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
12:26:35.0171 6104 fdc - ok
12:26:35.0296 6104 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
12:26:35.0296 6104 FileInfo - ok
12:26:35.0342 6104 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
12:26:35.0342 6104 Filetrace - ok
12:26:35.0420 6104 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
12:26:35.0420 6104 flpydisk - ok
12:26:35.0654 6104 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
12:26:35.0654 6104 FltMgr - ok
12:26:35.0842 6104 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
12:26:35.0842 6104 Fs_Rec - ok
12:26:35.0920 6104 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
12:26:35.0920 6104 gagp30kx - ok
12:26:36.0044 6104 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:26:36.0044 6104 GEARAspiWDM - ok
12:26:36.0216 6104 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:26:36.0232 6104 HDAudBus - ok
12:26:36.0310 6104 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
12:26:36.0310 6104 HidBth - ok
12:26:36.0388 6104 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
12:26:36.0388 6104 HidIr - ok
12:26:36.0497 6104 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
12:26:36.0497 6104 HidUsb - ok
12:26:36.0668 6104 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
12:26:36.0668 6104 HpCISSs - ok
12:26:36.0762 6104 HSF_DPV (99f85640054ba65190b860d878a7c9ae) C:\Windows\system32\DRIVERS\HSX_DPV.sys
12:26:36.0778 6104 HSF_DPV - ok
12:26:36.0902 6104 HSXHWAZL (cfbc2b81972e298f0e19ee68fa9e73da) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
12:26:36.0902 6104 HSXHWAZL - ok
12:26:36.0965 6104 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
12:26:36.0980 6104 HTTP - ok
12:26:37.0121 6104 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
12:26:37.0121 6104 i2omp - ok
12:26:37.0152 6104 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
12:26:37.0152 6104 i8042prt - ok
12:26:37.0199 6104 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\drivers\iastor.sys
12:26:37.0214 6104 iaStor - ok
12:26:37.0246 6104 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
12:26:37.0246 6104 iaStorV - ok
12:26:37.0402 6104 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
12:26:37.0402 6104 iirsp - ok
12:26:37.0464 6104 intelide (59b00efb24ead979becf413703bb1fac) C:\Windows\system32\DRIVERS\intelide.sys
12:26:37.0464 6104 intelide - ok
12:26:37.0495 6104 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
12:26:37.0511 6104 intelppm - ok
12:26:37.0698 6104 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:26:37.0698 6104 IpFilterDriver - ok
12:26:37.0729 6104 IpInIp - ok
12:26:37.0807 6104 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
12:26:37.0807 6104 IPMIDRV - ok
12:26:37.0932 6104 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
12:26:37.0948 6104 IPNAT - ok
12:26:38.0026 6104 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
12:26:38.0026 6104 IRENUM - ok
12:26:38.0166 6104 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
12:26:38.0166 6104 isapnp - ok
12:26:38.0228 6104 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
12:26:38.0228 6104 iScsiPrt - ok
12:26:38.0260 6104 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
12:26:38.0260 6104 iteatapi - ok
12:26:38.0447 6104 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
12:26:38.0447 6104 iteraid - ok
12:26:38.0540 6104 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
12:26:38.0540 6104 kbdclass - ok
12:26:38.0587 6104 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
12:26:38.0587 6104 kbdhid - ok
12:26:38.0806 6104 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
12:26:38.0806 6104 KSecDD - ok
12:26:38.0899 6104 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
12:26:38.0899 6104 lltdio - ok
12:26:39.0071 6104 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
12:26:39.0071 6104 LSI_FC - ok
12:26:39.0102 6104 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
12:26:39.0102 6104 LSI_SAS - ok
12:26:39.0118 6104 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
12:26:39.0118 6104 LSI_SCSI - ok
12:26:39.0180 6104 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
12:26:39.0180 6104 luafv - ok
12:26:39.0320 6104 MCSTRM - ok
12:26:39.0383 6104 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
12:26:39.0383 6104 mdmxsdk - ok
12:26:39.0539 6104 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
12:26:39.0554 6104 megasas - ok
12:26:39.0601 6104 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
12:26:39.0601 6104 Modem - ok
12:26:39.0648 6104 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
12:26:39.0648 6104 monitor - ok
12:26:39.0773 6104 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
12:26:39.0773 6104 mouclass - ok
12:26:39.0820 6104 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
12:26:39.0820 6104 mouhid - ok
12:26:39.0851 6104 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
12:26:39.0851 6104 MountMgr - ok
12:26:40.0069 6104 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
12:26:40.0085 6104 MpFilter - ok
12:26:40.0163 6104 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
12:26:40.0163 6104 mpio - ok
12:26:40.0272 6104 MpKsl04c6a152 - ok
12:26:40.0288 6104 MpKsl0c0681fc - ok
12:26:40.0334 6104 MpKsl0ef13b83 - ok
12:26:40.0366 6104 MpKsl15bec4f9 - ok
12:26:40.0381 6104 MpKsl18a3b54b - ok
12:26:40.0397 6104 MpKsl1e3bace9 - ok
12:26:40.0412 6104 MpKsl1ea06b0c - ok
12:26:40.0428 6104 MpKsl20971e6c - ok
12:26:40.0459 6104 MpKsl22339f01 - ok
12:26:40.0475 6104 MpKsl2331ca1f - ok
12:26:40.0490 6104 MpKsl240abc5c - ok
12:26:40.0506 6104 MpKsl24e0135f - ok
12:26:40.0522 6104 MpKsl27a47820 - ok
12:26:40.0537 6104 MpKsl2ec22112 - ok
12:26:40.0568 6104 MpKsl31c8143b - ok
12:26:40.0615 6104 MpKsl34b22294 - ok
12:26:40.0724 6104 MpKsl37b5235e - ok
12:26:40.0740 6104 MpKsl3bd1f685 - ok
12:26:40.0787 6104 MpKsl3f4a5917 - ok
12:26:40.0802 6104 MpKsl433f4211 - ok
12:26:40.0834 6104 MpKsl445a2df0 - ok
12:26:40.0896 6104 MpKsl448ef9f7 - ok
12:26:40.0912 6104 MpKsl45c37355 - ok
12:26:40.0927 6104 MpKsl4652afa1 - ok
12:26:40.0974 6104 MpKsl51bbbfe3 - ok
12:26:41.0052 6104 MpKsl525a68ff - ok
12:26:41.0099 6104 MpKsl5461fb3a - ok
12:26:41.0130 6104 MpKsl5510f5cc - ok
12:26:41.0161 6104 MpKsl576ad885 - ok
12:26:41.0208 6104 MpKsl57eda07c - ok
12:26:41.0239 6104 MpKsl5825dcf8 - ok
12:26:41.0364 6104 MpKsl5a39433f - ok
12:26:41.0380 6104 MpKsl5a4d7e2a - ok
12:26:41.0411 6104 MpKsl6884d9e3 - ok
12:26:41.0426 6104 MpKsl68e17f44 - ok
12:26:41.0489 6104 MpKsl6af10afb - ok
12:26:41.0582 6104 MpKsl6cf8fe49 (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5082DAE2-4BF8-464F-9562-BAB751664188}\MpKsl6cf8fe49.sys
12:26:41.0582 6104 MpKsl6cf8fe49 - ok
12:26:41.0676 6104 MpKsl6f0e9d05 - ok
12:26:41.0723 6104 MpKsl710fcf9e - ok
12:26:41.0738 6104 MpKsl7e778e8a - ok
12:26:41.0801 6104 MpKsl80e8119e - ok
12:26:41.0816 6104 MpKsl81aee43c - ok
12:26:41.0832 6104 MpKsl85b6ed60 - ok
12:26:41.0863 6104 MpKsl87792a19 - ok
12:26:41.0894 6104 MpKsl88ad2707 - ok
12:26:41.0910 6104 MpKsl88d1eb23 - ok
12:26:41.0941 6104 MpKsl8aff951a - ok
12:26:42.0050 6104 MpKsl9b23d449 - ok
12:26:42.0066 6104 MpKsla38e6eb8 - ok
12:26:42.0113 6104 MpKsla63e49cc - ok
12:26:42.0175 6104 MpKsla67b284d - ok
12:26:42.0175 6104 MpKslaa48ea9a - ok
12:26:42.0206 6104 MpKslabb911c8 - ok
12:26:42.0222 6104 MpKslbfd472e8 - ok
12:26:42.0316 6104 MpKslc9acfe28 - ok
12:26:42.0347 6104 MpKslccf05567 - ok
12:26:42.0440 6104 MpKsldae683ab - ok
12:26:42.0487 6104 MpKsldebb3ce2 - ok
12:26:42.0503 6104 MpKsle34cdf91 - ok
12:26:42.0518 6104 MpKsle61c3cb8 - ok
12:26:42.0550 6104 MpKsle7a503da - ok
12:26:42.0565 6104 MpKsle84c923d - ok
12:26:42.0581 6104 MpKslecc4db06 - ok
12:26:42.0612 6104 MpKslf5713a58 - ok
12:26:42.0643 6104 MpKslf686bc4b - ok
12:26:42.0659 6104 MpKslf6aed8fc - ok
12:26:42.0690 6104 MpKslf7d6b26b - ok
12:26:42.0706 6104 MpKslfc486db0 - ok
12:26:42.0846 6104 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
12:26:42.0846 6104 MpNWMon - ok
12:26:42.0893 6104 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
12:26:42.0908 6104 mpsdrv - ok
12:26:42.0986 6104 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
12:26:42.0986 6104 Mraid35x - ok
12:26:43.0174 6104 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
12:26:43.0174 6104 MRxDAV - ok
12:26:43.0252 6104 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:26:43.0267 6104 mrxsmb - ok
12:26:43.0408 6104 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:26:43.0408 6104 mrxsmb10 - ok
12:26:43.0548 6104 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:26:43.0548 6104 mrxsmb20 - ok
12:26:43.0688 6104 msahci (2681302b63b318cbea6c82902ac5428c) C:\Windows\system32\drivers\msahci.sys
12:26:43.0688 6104 msahci - ok
12:26:43.0720 6104 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
12:26:43.0735 6104 msdsm - ok
12:26:43.0922 6104 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
12:26:43.0922 6104 Msfs - ok
12:26:44.0016 6104 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
12:26:44.0016 6104 msisadrv - ok
12:26:44.0219 6104 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
12:26:44.0219 6104 MSKSSRV - ok
12:26:44.0375 6104 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
12:26:44.0375 6104 MSPCLOCK - ok
12:26:44.0422 6104 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
12:26:44.0422 6104 MSPQM - ok
12:26:44.0500 6104 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
12:26:44.0515 6104 MsRPC - ok
12:26:44.0593 6104 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
12:26:44.0609 6104 mssmbios - ok
12:26:44.0640 6104 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
12:26:44.0640 6104 MSTEE - ok
12:26:44.0702 6104 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
12:26:44.0702 6104 Mup - ok
12:26:44.0812 6104 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
12:26:44.0812 6104 NativeWifiP - ok
12:26:44.0952 6104 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
12:26:44.0952 6104 NDIS - ok
12:26:45.0061 6104 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
12:26:45.0061 6104 NdisTapi - ok
12:26:45.0170 6104 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
12:26:45.0170 6104 Ndisuio - ok
12:26:45.0295 6104 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
12:26:45.0311 6104 NdisWan - ok
12:26:45.0436 6104 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
12:26:45.0436 6104 NDProxy - ok
12:26:45.0592 6104 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
12:26:45.0592 6104 NetBIOS - ok
12:26:45.0763 6104 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
12:26:45.0763 6104 netbt - ok
12:26:45.0935 6104 NETw4v32 (dd194a025d1c0472f45f57de8d8388eb) C:\Windows\system32\DRIVERS\NETw4v32.sys
12:26:45.0982 6104 NETw4v32 - ok
12:26:46.0200 6104 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
12:26:46.0200 6104 nfrd960 - ok
12:26:46.0262 6104 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:26:46.0262 6104 NisDrv - ok
12:26:46.0481 6104 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
12:26:46.0481 6104 Npfs - ok
12:26:46.0543 6104 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
12:26:46.0543 6104 nsiproxy - ok
12:26:46.0621 6104 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
12:26:46.0652 6104 Ntfs - ok
12:26:46.0793 6104 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
12:26:46.0793 6104 ntrigdigi - ok
12:26:46.0871 6104 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
12:26:46.0871 6104 NuidFltr - ok
12:26:46.0918 6104 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
12:26:46.0918 6104 Null - ok
12:26:47.0308 6104 nvlddmkm (615024cafe830d0bdccafddac8a23650) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:26:47.0432 6104 nvlddmkm - ok
12:26:47.0588 6104 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
12:26:47.0588 6104 nvraid - ok
12:26:47.0635 6104 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
12:26:47.0635 6104 nvstor - ok
12:26:47.0666 6104 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
12:26:47.0666 6104 nv_agp - ok
12:26:47.0698 6104 NwlnkFlt - ok
12:26:47.0729 6104 NwlnkFwd - ok
12:26:47.0807 6104 OEM02Dev (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
12:26:47.0807 6104 OEM02Dev - ok
12:26:47.0916 6104 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
12:26:47.0916 6104 OEM02Vfx - ok
12:26:47.0947 6104 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
12:26:47.0947 6104 ohci1394 - ok
12:26:48.0072 6104 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
12:26:48.0072 6104 Parport - ok
12:26:48.0134 6104 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
12:26:48.0134 6104 partmgr - ok
12:26:48.0290 6104 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
12:26:48.0290 6104 Parvdm - ok
12:26:48.0337 6104 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
12:26:48.0353 6104 pci - ok
12:26:48.0415 6104 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
12:26:48.0431 6104 pciide - ok
12:26:48.0618 6104 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
12:26:48.0618 6104 pcmcia - ok
12:26:48.0696 6104 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
12:26:48.0712 6104 PEAUTH - ok
12:26:49.0024 6104 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
12:26:49.0039 6104 PptpMiniport - ok
12:26:49.0102 6104 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
12:26:49.0102 6104 Processor - ok
12:26:49.0226 6104 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
12:26:49.0226 6104 PSched - ok
12:26:49.0367 6104 PTDUBus (dbaf8a53d7669efb4742896b458181d0) C:\Windows\system32\DRIVERS\PTDUBus.sys
12:26:49.0367 6104 PTDUBus - ok
12:26:49.0445 6104 PTDUMdm (fa4e2a5cf478624d3154fb045fb2d076) C:\Windows\system32\DRIVERS\PTDUMdm.sys
12:26:49.0445 6104 PTDUMdm - ok
12:26:49.0554 6104 PTDUVsp (9c489b38ca13f251289004fe4f8631dd) C:\Windows\system32\DRIVERS\PTDUVsp.sys
12:26:49.0554 6104 PTDUVsp - ok
12:26:49.0648 6104 PTDUWFLT (37a75ac00d26364a5ea2050a6f85c2d0) C:\Windows\system32\DRIVERS\PTDUWFLT.sys
12:26:49.0648 6104 PTDUWFLT - ok
12:26:49.0788 6104 PTDUWWAN (f4a789a94ff74a47eb321be4465259d0) C:\Windows\system32\DRIVERS\PTDUWWAN.sys
12:26:49.0788 6104 PTDUWWAN - ok
12:26:49.0850 6104 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
12:26:49.0850 6104 PxHelp20 - ok
12:26:50.0053 6104 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
12:26:50.0069 6104 ql2300 - ok
12:26:50.0240 6104 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
12:26:50.0240 6104 ql40xx - ok
12:26:50.0303 6104 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
12:26:50.0303 6104 QWAVEdrv - ok
12:26:50.0428 6104 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
12:26:50.0459 6104 R300 - ok
12:26:50.0584 6104 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
12:26:50.0584 6104 RasAcd - ok
12:26:50.0662 6104 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:26:50.0662 6104 Rasl2tp - ok
12:26:50.0864 6104 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
12:26:50.0864 6104 RasPppoe - ok
12:26:50.0896 6104 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
12:26:50.0896 6104 RasSstp - ok
12:26:50.0958 6104 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
12:26:50.0958 6104 rdbss - ok
12:26:51.0114 6104 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:26:51.0114 6104 RDPCDD - ok
12:26:51.0223 6104 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
12:26:51.0223 6104 rdpdr - ok
12:26:51.0364 6104 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
12:26:51.0364 6104 RDPENCDD - ok
12:26:51.0488 6104 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
12:26:51.0504 6104 RDPWD - ok
12:26:51.0644 6104 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
12:26:51.0644 6104 RFCOMM - ok
12:26:51.0691 6104 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
12:26:51.0691 6104 rimmptsk - ok
12:26:51.0754 6104 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
12:26:51.0754 6104 rimsptsk - ok
12:26:51.0863 6104 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
12:26:51.0863 6104 RimUsb - ok
12:26:51.0894 6104 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
12:26:51.0894 6104 RimVSerPort - ok
12:26:51.0972 6104 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
12:26:51.0972 6104 rismxdp - ok
12:26:52.0081 6104 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
12:26:52.0081 6104 ROOTMODEM - ok
12:26:52.0190 6104 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
12:26:52.0190 6104 rspndr - ok
12:26:52.0300 6104 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
12:26:52.0300 6104 SASDIFSV - ok
12:26:52.0409 6104 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
12:26:52.0409 6104 SASENUM - ok
12:26:52.0456 6104 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
12:26:52.0456 6104 SASKUTIL - ok
12:26:52.0690 6104 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
12:26:52.0690 6104 sbp2port - ok
12:26:52.0939 6104 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
12:26:52.0939 6104 sdbus - ok
12:26:53.0033 6104 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
12:26:53.0033 6104 secdrv - ok
12:26:53.0142 6104 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
12:26:53.0142 6104 Serenum - ok
12:26:53.0236 6104 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
12:26:53.0236 6104 Serial - ok
12:26:53.0314 6104 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
12:26:53.0314 6104 sermouse - ok
12:26:53.0407 6104 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
12:26:53.0407 6104 sffdisk - ok
12:26:53.0501 6104 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
12:26:53.0501 6104 sffp_mmc - ok
12:26:53.0641 6104 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
12:26:53.0641 6104 sffp_sd - ok
12:26:53.0688 6104 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
12:26:53.0688 6104 sfloppy - ok
12:26:53.0813 6104 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
12:26:53.0813 6104 sisagp - ok
12:26:53.0938 6104 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
12:26:53.0938 6104 SiSRaid2 - ok
12:26:54.0000 6104 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
12:26:54.0000 6104 SiSRaid4 - ok
12:26:54.0140 6104 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
12:26:54.0140 6104 Smb - ok
12:26:54.0281 6104 SMSIVZAM5 (1e715247efffdda938c085913045d599) C:\PROGRA~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS
12:26:54.0281 6104 SMSIVZAM5 - ok
12:26:54.0468 6104 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
12:26:54.0468 6104 spldr - ok
12:26:54.0608 6104 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
12:26:54.0624 6104 srv - ok
12:26:54.0780 6104 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
12:26:54.0780 6104 srv2 - ok
12:26:54.0920 6104 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
12:26:54.0920 6104 srvnet - ok
12:26:55.0108 6104 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
12:26:55.0123 6104 STHDA - ok
12:26:55.0201 6104 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
12:26:55.0201 6104 swenum - ok
12:26:55.0310 6104 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
12:26:55.0310 6104 Symc8xx - ok
12:26:55.0404 6104 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
12:26:55.0404 6104 Sym_hi - ok
12:26:55.0451 6104 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
12:26:55.0451 6104 Sym_u3 - ok
12:26:55.0747 6104 Tcpip (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\drivers\tcpip.sys
12:26:55.0763 6104 Tcpip - ok
12:26:55.0934 6104 Tcpip6 (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\DRIVERS\tcpip.sys
12:26:55.0950 6104 Tcpip6 - ok
12:26:56.0168 6104 tcpipreg (36606b165d04a397bdf613096986d85d) C:\Windows\system32\drivers\tcpipreg.sys
12:26:56.0168 6104 tcpipreg - ok
12:26:56.0246 6104 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
12:26:56.0246 6104 TDPIPE - ok
12:26:56.0356 6104 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
12:26:56.0356 6104 TDTCP - ok
12:26:56.0449 6104 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
12:26:56.0449 6104 tdx - ok
12:26:56.0480 6104 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
12:26:56.0480 6104 TermDD - ok
12:26:56.0761 6104 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:26:56.0761 6104 tssecsrv - ok
12:26:56.0839 6104 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
12:26:56.0839 6104 tunmp - ok
12:26:57.0042 6104 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
12:26:57.0058 6104 tunnel - ok
12:26:57.0182 6104 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
12:26:57.0182 6104 uagp35 - ok
12:26:57.0354 6104 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
12:26:57.0354 6104 udfs - ok
12:26:57.0666 6104 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
12:26:57.0666 6104 uliagpkx - ok
12:26:57.0760 6104 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
12:26:57.0775 6104 uliahci - ok
12:26:57.0962 6104 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
12:26:57.0962 6104 UlSata - ok
12:26:58.0181 6104 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
12:26:58.0181 6104 ulsata2 - ok
12:26:58.0321 6104 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
12:26:58.0321 6104 umbus - ok
12:26:58.0540 6104 USBAAPL (60a68a5ea173a97971ee9f1ff49eb2b3) C:\Windows\system32\Drivers\usbaapl.sys
12:26:58.0540 6104 USBAAPL - ok
12:26:58.0836 6104 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
12:26:58.0836 6104 usbccgp - ok
12:26:59.0054 6104 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
12:26:59.0070 6104 usbcir - ok
12:26:59.0148 6104 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
12:26:59.0164 6104 usbehci - ok
12:26:59.0210 6104 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
12:26:59.0210 6104 usbhub - ok
12:26:59.0507 6104 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
12:26:59.0507 6104 usbohci - ok
12:26:59.0756 6104 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
12:26:59.0756 6104 usbprint - ok
12:26:59.0866 6104 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
12:26:59.0866 6104 usbscan - ok
12:26:59.0928 6104 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:26:59.0928 6104 USBSTOR - ok
12:27:00.0053 6104 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
12:27:00.0053 6104 usbuhci - ok
12:27:00.0162 6104 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
12:27:00.0178 6104 vga - ok
12:27:00.0412 6104 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
12:27:00.0412 6104 VgaSave - ok
12:27:00.0646 6104 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
12:27:00.0661 6104 viaagp - ok
12:27:00.0911 6104 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
12:27:00.0911 6104 ViaC7 - ok
12:27:01.0145 6104 viaide (689547ce911998d1e0da7a5992e025fc) C:\Windows\system32\drivers\viaide.sys
12:27:01.0145 6104 viaide - ok
12:27:01.0332 6104 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
12:27:01.0332 6104 volmgr - ok
12:27:01.0441 6104 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
12:27:01.0441 6104 volmgrx - ok
12:27:01.0660 6104 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
12:27:01.0660 6104 volsnap - ok
12:27:01.0847 6104 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
12:27:01.0862 6104 vsmraid - ok
12:27:02.0159 6104 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
12:27:02.0159 6104 WacomPen - ok
12:27:02.0315 6104 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:27:02.0315 6104 Wanarp - ok
12:27:02.0346 6104 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:27:02.0346 6104 Wanarpv6 - ok
12:27:02.0455 6104 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
12:27:02.0455 6104 Wd - ok
12:27:02.0533 6104 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
12:27:02.0549 6104 Wdf01000 - ok
12:27:02.0767 6104 winachsf (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
12:27:02.0783 6104 winachsf - ok
12:27:03.0157 6104 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
12:27:03.0157 6104 WmiAcpi - ok
12:27:03.0313 6104 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
12:27:03.0313 6104 WpdUsb - ok
12:27:03.0407 6104 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
12:27:03.0407 6104 ws2ifsl - ok
12:27:03.0454 6104 WsAudio_DeviceS(1) (a75dc063c9f0b787cce296c8ccad9c30) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
12:27:03.0454 6104 WsAudio_DeviceS(1) - ok
12:27:03.0672 6104 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:27:03.0672 6104 WUDFRd - ok
12:27:03.0734 6104 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
12:27:03.0734 6104 XAudio - ok
12:27:03.0968 6104 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
12:27:04.0000 6104 \Device\Harddisk0\DR0 - ok
12:27:04.0015 6104 Boot (0x1200) (e2ca842db32e45c8601e0108c3b58114) \Device\Harddisk0\DR0\Partition0
12:27:04.0015 6104 \Device\Harddisk0\DR0\Partition0 - ok
12:27:04.0031 6104 Boot (0x1200) (c2c3a3aff3d93d98ed7a3cee0d0a04f7) \Device\Harddisk0\DR0\Partition1
12:27:04.0031 6104 \Device\Harddisk0\DR0\Partition1 - ok
12:27:04.0031 6104 ============================================================
12:27:04.0031 6104 Scan finished
12:27:04.0031 6104 ============================================================
12:27:04.0062 1004 Detected object count: 1
12:27:04.0062 1004 Actual detected object count: 1
12:30:00.0716 1004 HKLM\SYSTEM\ControlSet001\services\BthPan - will be deleted on reboot
12:30:00.0763 1004 HKLM\SYSTEM\ControlSet002\services\BthPan - will be deleted on reboot
12:30:00.0779 1004 C:\Windows\system32\DRIVERS\bthpan.sys - will be deleted on reboot
12:30:00.0779 1004 BthPan ( LockedFile.Multi.Generic ) - User select action: Delete
12:30:04.0975 3180 Deinitialize success
aswMBR log: (I did not see the "a-vscan button" to change it to None per your instructions ??)
The fix button was NOT enabled
aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-10-31 12:59:03
-----------------------------
12:59:03.183 OS Version: Windows 6.0.6002 Service Pack 2
12:59:03.184 Number of processors: 2 586 0xF0D
12:59:03.185 ComputerName: ELEANOR-PC UserName: Eleanor
12:59:04.404 Initialize success
12:59:19.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
12:59:19.132 Disk 0 Vendor: TOSHIBA_ LB01 Size: 238475MB BusType: 3
12:59:19.155 Disk 0 MBR read successfully
12:59:19.161 Disk 0 MBR scan
12:59:19.168 Disk 0 Windows VISTA default MBR code
12:59:19.179 Disk 0 scanning sectors +488394752
12:59:19.291 Disk 0 scanning C:\Windows\system32\drivers
12:59:29.645 Service scanning
12:59:31.351 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
12:59:32.116 Modules scanning
12:59:47.744 Scan finished successfully
13:01:08.025 Disk 0 MBR has been saved successfully to "C:\Users\Eleanor\Desktop\MBR.dat"
13:01:08.045 The log file has been saved successfully to "C:\Users\Eleanor\Desktop\aswMBR.txt"
OTL logs:
OTL logfile created on: 10/31/2011 1:04:45 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Eleanor\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 0.58 Gb Available Physical Memory | 29.01% Memory free
4.23 Gb Paging File | 2.60 Gb Available in Paging File | 61.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.30 Gb Total Space | 157.22 Gb Free Space | 71.37% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 3.38 Gb Free Space | 33.78% Space Free | Partition Type: NTFS
Computer Name: ELEANOR-PC | User Name: Eleanor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/10/25 12:31:03 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Eleanor\Desktop\OTL.exe
PRC - [2011/10/20 17:02:55 | 004,615,552 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011/09/19 11:09:04 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/09/07 18:14:04 | 000,161,336 | ---- | M] (Google) -- C:\Users\Eleanor\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/05/25 16:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Eleanor\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/12/14 10:49:23 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/07/24 16:10:13 | 000,231,888 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10h_ActiveX.exe
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/12/02 13:48:22 | 000,139,264 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\ArcSoft\MediaConverter 3\Monitor.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009/01/22 19:22:20 | 000,072,704 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2008/11/13 13:17:38 | 000,439,616 | ---- | M] () -- C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/01/02 00:37:16 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2008/01/02 00:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2008/01/02 00:37:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/12/03 01:58:54 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007/11/01 17:39:28 | 000,189,736 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/09/24 05:27:38 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2007/09/24 05:27:30 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/24 05:27:28 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/09/24 05:27:28 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2006/11/27 11:14:52 | 000,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
PRC - [2006/11/03 19:55:50 | 000,703,280 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/11/03 19:55:48 | 001,583,920 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
========== Modules (No Company Name) ========== MOD - [2011/10/31 12:48:31 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/10/31 12:48:31 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011/10/23 23:25:52 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/09/19 12:37:23 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/05/18 15:20:11 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2008/05/07 22:33:46 | 000,417,792 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\AdobeXMP.dll
MOD - [2008/02/19 02:33:34 | 000,446,352 | ---- | M] () -- C:\Windows\System32\OpenQuicktimeLib.dll
MOD - [2007/11/16 17:02:18 | 000,479,232 | R--- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\ccme_base.dll
MOD - [2007/11/16 17:02:18 | 000,401,408 | R--- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\cryptocme2.dll
MOD - [2006/12/10 21:51:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2006/12/10 21:51:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [2006/11/20 15:29:10 | 000,101,376 | ---- | M] () -- C:\Windows\System32\APOMngr.dll
MOD - [2006/11/13 12:07:34 | 000,066,560 | ---- | M] () -- C:\Windows\System32\CmdRtr.dll
MOD - [2006/11/03 19:46:24 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2006/11/03 19:25:56 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (RoxLiveShare9)
SRV - [2011/09/19 11:09:04 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2009/01/22 19:22:20 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2008/11/13 13:17:38 | 000,439,616 | ---- | M] () [Auto | Running] -- C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/02 00:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2008/01/02 00:37:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
========== Driver Services (SafeList) ========== DRV - [2011/09/19 11:09:01 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/09/19 11:09:01 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/02/28 19:27:08 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/08/12 07:13:32 | 000,160,272 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUMdm.sys -- (PTDUMdm)
DRV - [2009/08/12 07:13:32 | 000,113,680 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUWWAN.sys -- (PTDUWWAN)
DRV - [2009/08/12 07:13:32 | 000,054,416 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUBus.sys -- (PTDUBus)
DRV - [2009/08/12 07:13:28 | 000,160,272 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUVsp.sys -- (PTDUVsp)
DRV - [2009/08/12 07:13:28 | 000,011,920 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUWFLT.sys -- (PTDUWFLT)
DRV - [2009/05/25 15:43:58 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMSIVZAM5.sys -- (SMSIVZAM5)
DRV - [2009/04/23 16:51:18 | 000,016,640 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2008/06/23 08:45:44 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/01/02 00:37:18 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/12/03 01:59:06 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/12/03 01:58:50 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/25 04:40:58 | 007,617,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/09/24 05:27:26 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/08/13 05:44:26 | 002,226,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2006/11/27 03:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/27 03:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/27 03:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 03:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2005/02/23 15:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\tbFree.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
https://mail.google....l/?shva=1#inboxIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Eleanor\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Eleanor\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Eleanor\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Eleanor\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Eleanor\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\paypalfirefoxplugin@orbiscom: C:\Program Files\PayPal\PayPal Plug-In [2009/07/01 20:12:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/10/28 03:06:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Users\Eleanor\AppData\Roaming\Move Networks [2010/04/15 15:48:33 | 000,000,000 | ---D | M]
[2009/03/09 23:56:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eleanor\AppData\Roaming\Mozilla\Extensions
[2009/03/09 23:56:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eleanor\AppData\Roaming\Mozilla\Extensions\
[email protected] ========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Eleanor\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Eleanor\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Eleanor\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Eleanor\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Eleanor\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Eleanor\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Eleanor\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
O1 HOSTS File: ([2011/10/31 12:13:35 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\tbFree.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (OToolbarHelper Class) - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\tbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PayPal Plug-In) - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Free TV Bar c3 Toolbar) - {3EE8D0BE-F450-4EF2-97B9-AC2222D14DB3} - C:\Program Files\Free_TV_Bar_c3\tbFree.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files\HP\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Eleanor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Eleanor\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Eleanor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}
http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42B0BD43-60C3-47FB-9C7E-292BE013B0A5}: NameServer = 66.174.95.44 69.78.96.14
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90A8B256-62D3-4693-BA2E-468926491517}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C227C1FB-8BB0-4A3E-8A16-8B1ABF41F118}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\Eleanor\Pictures\IMG00003-20100627-2039.jpg
O24 - Desktop BackupWallPaper: C:\Users\Eleanor\Pictures\IMG00003-20100627-2039.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/10/31 12:51:50 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Eleanor\Desktop\aswMBR.exe
[2011/10/31 12:35:08 | 000,000,000 | -HSD | C] -- C:\found.002
[2011/10/31 12:25:42 | 001,564,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Eleanor\Desktop\tdsskiller.exe
[2011/10/31 12:19:05 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/10/31 11:47:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/10/31 11:47:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/10/31 11:47:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/10/31 11:47:06 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/10/31 11:47:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/10/31 11:45:19 | 004,278,520 | R--- | C] (Swearware) -- C:\Users\Eleanor\Desktop\ComboFix.exe
[2011/10/31 10:43:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/10/25 12:30:47 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Eleanor\Desktop\OTL.exe
[2011/10/25 10:00:36 | 000,000,000 | ---D | C] -- C:\found.001
[2011/10/21 12:37:37 | 000,000,000 | ---D | C] -- C:\found.000
[2011/10/12 13:32:38 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/10/12 13:32:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011/10/12 13:31:59 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/10/12 13:31:59 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/10/12 13:31:59 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011/10/12 13:31:58 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/10/12 13:31:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/10/12 13:31:39 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/10/12 13:31:33 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/10/12 13:31:33 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/10/12 13:31:33 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/10/12 13:31:32 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/10/12 13:31:32 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/10/12 13:31:32 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/10/12 13:31:32 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/10/12 13:31:31 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/10/12 13:31:31 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/10/12 13:31:31 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/10/12 13:31:31 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/10/12 13:31:31 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/10/12 13:31:30 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/10/12 13:31:30 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/10/12 13:31:30 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/10/12 13:31:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/10/12 13:31:25 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/10/07 15:33:11 | 000,000,000 | ---D | C] -- C:\Users\Eleanor\Documents\MediaConverter
[2011/10/07 15:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft MediaConverter 3
[2011/10/07 12:52:15 | 000,000,000 | ---D | C] -- C:\Users\Eleanor\Desktop\desktop
========== Files - Modified Within 30 Days ========== [2011/10/31 13:01:08 | 000,000,512 | ---- | M] () -- C:\Users\Eleanor\Desktop\MBR.dat
[2011/10/31 12:51:51 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Eleanor\Desktop\aswMBR.exe
[2011/10/31 12:48:34 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/31 12:48:34 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/31 12:48:03 | 000,027,525 | ---- | M] () -- C:\Users\Eleanor\AppData\Roaming\nvModes.001
[2011/10/31 12:45:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/31 12:45:00 | 2145,431,552 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/31 12:30:45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/10/31 12:25:46 | 001,564,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Eleanor\Desktop\tdsskiller.exe
[2011/10/31 12:25:01 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-846242405-2255293798-2596077637-1000UA.job
[2011/10/31 12:25:01 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-846242405-2255293798-2596077637-1000Core.job
[2011/10/31 12:13:35 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/10/31 11:45:31 | 004,278,520 | R--- | M] (Swearware) -- C:\Users\Eleanor\Desktop\ComboFix.exe
[2011/10/31 10:23:15 | 000,298,952 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/10/27 11:07:57 | 000,002,054 | ---- | M] () -- C:\Users\Eleanor\Desktop\Google Chrome.lnk
[2011/10/27 11:07:57 | 000,002,016 | ---- | M] () -- C:\Users\Eleanor\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/10/26 12:57:21 | 307,293,375 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/10/25 12:31:03 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Eleanor\Desktop\OTL.exe
[2011/10/24 19:09:36 | 000,042,374 | ---- | M] () -- C:\Users\Eleanor\Documents\190935.jpg
[2011/10/24 19:09:02 | 000,068,486 | ---- | M] () -- C:\Users\Eleanor\Documents\190900.jpg
[2011/10/24 19:08:39 | 000,044,394 | ---- | M] () -- C:\Users\Eleanor\Documents\190837.jpg
[2011/10/24 19:08:12 | 000,032,974 | ---- | M] () -- C:\Users\Eleanor\Documents\190811.jpg
[2011/10/23 23:08:30 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/23 22:25:17 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/10/23 22:25:17 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/10/23 14:06:19 | 006,458,182 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/10/23 14:06:19 | 002,198,324 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/10/17 18:51:10 | 000,074,355 | ---- | M] () -- C:\Users\Eleanor\Desktop\Scan.PDF
[2011/10/13 11:08:09 | 000,391,808 | ---- | M] () -- C:\Users\Eleanor\Desktop\fax cover0001.pdf
[2011/10/08 14:11:14 | 000,000,829 | ---- | M] () -- C:\Users\Eleanor\Desktop\Spotify.lnk
[2011/10/07 21:06:56 | 000,000,552 | ---- | M] () -- C:\Users\Eleanor\AppData\Local\d3d8caps.dat
[2011/10/07 15:42:59 | 000,052,335 | ---- | M] () -- C:\Users\Eleanor\Desktop\IMG00121-20100905-0902.jpg
[2011/10/07 15:31:58 | 000,001,836 | ---- | M] () -- C:\Users\Public\Desktop\Media Converter 3.lnk
[2011/10/07 15:31:58 | 000,001,809 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Monitor.lnk
[2011/10/04 23:40:23 | 000,181,646 | ---- | M] () -- C:\Users\Eleanor\Documents\order_history.pdf
========== Files Created - No Company Name ========== [2011/10/31 13:01:08 | 000,000,512 | ---- | C] () -- C:\Users\Eleanor\Desktop\MBR.dat
[2011/10/31 11:47:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/10/31 11:47:17 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/10/31 11:47:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/10/31 11:47:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/10/31 11:47:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/10/25 10:16:08 | 2145,431,552 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/24 19:11:54 | 000,068,486 | ---- | C] () -- C:\Users\Eleanor\Documents\190900.jpg
[2011/10/24 19:11:54 | 000,044,394 | ---- | C] () -- C:\Users\Eleanor\Documents\190837.jpg
[2011/10/24 19:11:54 | 000,042,374 | ---- | C] () -- C:\Users\Eleanor\Documents\190935.jpg
[2011/10/24 19:11:54 | 000,032,974 | ---- | C] () -- C:\Users\Eleanor\Documents\190811.jpg
[2011/10/23 22:25:17 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/10/23 22:25:17 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/10/17 18:51:06 | 000,074,355 | ---- | C] () -- C:\Users\Eleanor\Desktop\Scan.PDF
[2011/10/13 11:07:03 | 000,391,808 | ---- | C] () -- C:\Users\Eleanor\Desktop\fax cover0001.pdf
[2011/10/08 14:11:14 | 000,000,829 | ---- | C] () -- C:\Users\Eleanor\Desktop\Spotify.lnk
[2011/10/08 14:11:14 | 000,000,815 | ---- | C] () -- C:\Users\Eleanor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2011/10/07 21:06:56 | 000,000,552 | ---- | C] () -- C:\Users\Eleanor\AppData\Local\d3d8caps.dat
[2011/10/07 15:42:59 | 000,052,335 | ---- | C] () -- C:\Users\Eleanor\Desktop\IMG00121-20100905-0902.jpg
[2011/10/07 15:31:58 | 000,001,836 | ---- | C] () -- C:\Users\Public\Desktop\Media Converter 3.lnk
[2011/10/07 15:31:58 | 000,001,809 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Monitor.lnk
[2011/10/04 23:40:21 | 000,181,646 | ---- | C] () -- C:\Users\Eleanor\Documents\order_history.pdf
[2011/05/23 07:56:31 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2010/12/16 22:08:45 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/12/16 22:08:44 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010/12/16 22:08:44 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010/12/16 22:08:44 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010/12/16 22:08:44 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010/12/16 22:08:44 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010/12/16 22:08:44 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010/12/16 22:08:44 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010/12/16 22:08:44 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010/12/16 22:08:44 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010/12/16 22:08:44 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010/12/16 22:08:44 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010/12/16 22:08:44 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010/12/16 22:08:44 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010/12/16 22:08:44 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010/12/16 22:08:44 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010/12/16 22:06:39 | 000,000,044 | ---- | C] () -- C:\Windows\EPSPR280.ini
[2010/08/08 16:45:11 | 000,016,384 | ---- | C] () -- C:\Windows\System32\FileOps.exe
[2010/08/03 19:58:19 | 000,000,004 | ---- | C] () -- C:\Users\Eleanor\AppData\Roaming\D1B35E
[2010/08/03 19:58:18 | 000,870,128 | ---- | C] () -- C:\Users\Eleanor\AppData\Roaming\mcs.rma
[2010/05/05 08:48:34 | 000,135,110 | ---- | C] () -- C:\Windows\hpwins10.dat.temp
[2010/05/05 08:48:34 | 000,001,042 | ---- | C] () -- C:\Windows\hpwmdl10.dat.temp
[2010/05/05 08:48:19 | 000,010,385 | ---- | C] () -- C:\Windows\hpwscr10.dat
[2010/05/05 08:48:19 | 000,001,042 | ---- | C] () -- C:\Windows\hpwmdl10.dat
[2009/11/09 22:31:57 | 000,148,929 | ---- | C] () -- C:\Windows\hpoins19.dat
[2009/11/09 22:31:37 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2009/11/06 15:31:15 | 000,155,648 | ---- | C] () -- C:\Windows\System32\hpsfs.dll
[2009/11/04 17:51:46 | 000,000,165 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2009/09/18 07:27:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/18 07:27:32 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/04/14 19:22:33 | 000,134,266 | ---- | C] () -- C:\Windows\hpwins10.dat
[2009/02/17 21:42:59 | 000,007,592 | ---- | C] () -- C:\Users\Eleanor\AppData\Local\d3d9caps.dat
[2009/01/31 10:16:10 | 000,027,525 | ---- | C] () -- C:\Users\Eleanor\AppData\Roaming\nvModes.001
[2009/01/31 03:40:44 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/29 22:30:14 | 000,027,525 | ---- | C] () -- C:\Users\Eleanor\AppData\Roaming\nvModes.dat
[2009/01/28 23:13:40 | 000,009,926 | ---- | C] () -- C:\Users\Eleanor\AppData\Roaming\wklnhst.dat
[2009/01/28 22:50:46 | 000,027,136 | ---- | C] () -- C:\Users\Eleanor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/23 02:55:35 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2009/01/22 19:28:52 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2009/01/22 19:22:57 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini
[2009/01/22 19:22:56 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2009/01/22 19:22:56 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2009/01/22 19:04:00 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/04/09 18:00:30 | 000,053,478 | ---- | C] () -- C:\Windows\mvtcpui.ini
[2008/02/19 02:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\System32\OpenQuicktimeLib.dll
[2008/02/07 11:05:18 | 000,163,840 | ---- | C] () -- C:\Windows\System32\hppatusg01.dll
[2007/07/25 18:40:02 | 000,999,424 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll
[2007/01/03 08:10:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/10 09:26:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/03 19:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,298,952 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 006,458,182 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 002,198,324 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/17 01:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/17 01:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
========== Alternate Data Streams ========== @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:14DAD114
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:223BB3A1
< End of report >
OTL Extras logfile created on: 10/31/2011 1:04:45 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Eleanor\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 0.58 Gb Available Physical Memory | 29.01% Memory free
4.23 Gb Paging File | 2.60 Gb Available in Paging File | 61.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.30 Gb Total Space | 157.22 Gb Free Space | 71.37% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 3.38 Gb Free Space | 33.78% Space Free | Partition Type: NTFS
Computer Name: ELEANOR-PC | User Name: Eleanor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Eleanor\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 1
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1626431B-C29D-44D8-8892-C3FA9B3077D2}" = rport=445 | protocol=6 | dir=out | app=system |
"{17C41D19-695C-41B7-95AD-120610A4B838}" = lport=137 | protocol=17 | dir=in | app=system |
"{21D6EAFE-9069-42FC-A8C8-8436768B8E3A}" = lport=445 | protocol=6 | dir=in | app=system |
"{3BC3FFC2-40F5-4279-A9B4-1DD6C36BBDF5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4998484A-4609-48BA-B78D-7692A51FFD20}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{508A8981-A768-4924-8B13-3B602DBEF005}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{52A7F22C-25BE-4120-BF34-425980CF5DD7}" = lport=139 | protocol=6 | dir=in | app=system |
"{72FC88F9-D677-4E5E-B7C7-C5F384CADF87}" = lport=6346 | protocol=6 | dir=in | name=limewire |
"{7301DDD9-808B-4832-AF84-F09789C70877}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7D8DB846-E793-4F57-BFED-40C03E3FD4E6}" = lport=138 | protocol=17 | dir=in | app=system |
"{9AAB7017-DBE2-43E5-8437-F705F1AB4922}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A424FD19-76EC-497E-91C3-70028E2878CB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CA3C4D43-9D0B-4427-B28A-AE501D4BB320}" = rport=138 | protocol=17 | dir=out | app=system |
"{CF8E6AEB-890B-4F59-B68C-55AF7A0C7AE7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{D9C0DE3F-C3E6-4485-B590-FFD661A59CBC}" = rport=139 | protocol=6 | dir=out | app=system |
"{D9D221E6-A8E3-4BEE-8460-C8B1DC570F60}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E724B61D-A5AF-459D-9233-5445358DF31C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F1977F0A-3B79-4950-ABE9-E33EAA757325}" = rport=137 | protocol=17 | dir=out | app=system |
"{F3D3F69C-D7A3-461E-8B90-752D9BBD8445}" = lport=80 | protocol=6 | dir=in | name=access |
"{F51A2D33-41FF-44C1-B0DE-6C47BBDCC79B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02651669-53C2-4D33-A537-A3067980FE5A}" = protocol=1 | dir=in |
[email protected],-28543 |
"{25759AC2-1BED-4890-A4DC-70DF27B4F9C1}" = protocol=17 | dir=in | app=c:\users\eleanor\appdata\roaming\dropbox\bin\dropbox.exe |
"{2D08BCB8-7CF3-4437-BAD5-D908325AFAB3}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{311E1CFE-3E1D-4CF2-83A9-8A62FC563D2B}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{3D36A233-63BE-43F5-90BE-791DDE284FC8}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{47954DA7-9859-40F5-995F-77B442E2ED64}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{482F25EF-38F3-456F-BB5B-220387BD73EB}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{4FB085B0-C30B-409E-8944-A01861082E48}" = protocol=1 | dir=out |
[email protected],-28544 |
"{57B91844-DD1C-44FF-A903-84E67BA86C70}" = protocol=58 | dir=in |
[email protected],-28545 |
"{5BD414D7-73ED-497D-B0BB-65819C39B6E0}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{5D2AFB6A-3B8F-47E3-B948-2437F9A79068}" = protocol=6 | dir=in | app=c:\users\eleanor\appdata\roaming\dropbox\bin\dropbox.exe |
"{623C0377-C27F-4BA2-B4EB-289E48F86928}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{75DDE584-4E16-4B2A-9957-4446142AA7F7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A797AA22-9085-40E7-9FAE-39A2E077ADA7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B10E8678-DB02-48B6-A972-E39E39B657BA}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{B670E4D7-D36C-4AEA-A85D-13E213838B8D}" = protocol=17 | dir=in | app=c:\program files\v cast music with rhapsody\rhapsody.exe |
"{B706B761-1A11-4225-95DB-5E4231FBC11A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C795B59C-E621-4A64-9628-D4B3D29167E1}" = protocol=58 | dir=out |
[email protected],-28546 |
"{CE83B08F-C110-4074-8DA7-6BBF379707EA}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{CECD69E0-8B14-402C-A20F-B0A9C33E0ADC}" = protocol=6 | dir=in | app=c:\program files\v cast music with rhapsody\rhapsody.exe |
"{D871D282-6E7B-4014-A664-5344AAB96482}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{FB934826-4A47-4AFA-BF37-D0958597EA75}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{10F3242C-8443-439E-B1F4-3CFDFCDBDC31}C:\users\eleanor\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\eleanor\appdata\roaming\spotify\spotify.exe |
"TCP Query User{408FF69A-D4C1-4F71-B725-C5748B5B01DC}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{6FBDAA08-4B9B-43CF-ACA5-8D90C24E896C}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{80CA1F32-0BD5-45D5-9990-E61EE01009E8}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{B468C04D-EC61-40B2-9BAC-9B967822F3E8}C:\users\eleanor\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\eleanor\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{028CC71A-A70F-43EC-8553-E830777CB0E5}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{21C22CCF-40C1-42AC-B4DB-130252BC6709}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{7A8BF561-2239-49E2-9E5D-575604E0ACEF}C:\users\eleanor\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\eleanor\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{822DE5B5-B549-452A-B1D3-73A5852FBA29}C:\users\eleanor\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\eleanor\appdata\roaming\spotify\spotify.exe |
"UDP Query User{FAABE8B5-49E8-4782-AF93-21CCA6E2FEB9}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{037BE7BE-5618-4EE5-9AB6-23690148921D}" = ArcSoft MediaConverter 3
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0D6D96F4-0CAF-4522-B05F-70A88EDECDFD}" = ArcSoft Print Creations
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio EasyArchive
"{13333239-0A15-4855-BEEB-0232DAA5B7EA}" = BlackBerry Desktop Software 5.0.1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java 6 Update 22
"{294EAADF-E50F-4DD8-AD8D-19587EA10512}" = Modem Diagnostic Tool
"{2B14A44F-5815-4136-9ECF-B56E928CEC0F}" = 6200
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2F4267E6-E4EE-1224-127E-C8C87656C628}" = TokBox
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{31B2D73B-4311-4D95-A131-32FB2194D1CB}" = Microsoft UI Engine
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C43EAE7-22C0-4b33-ABFB-3757ECA5FD7B}" = HP Officejet All-In-One Series
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40A594D0-1490-4979-9382-D2B764F949C6}" = BlackBerry® Media Sync
"{40BA976E-38B8-4C63-990C-50999C8C3521}" = BPD_Scan
"{41A96655-19FB-473c-AAB7-429E372527C8}" = ProductContext
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{68AB3A70-25E1-4D41-BDFF-7ED20C07D623}" = 6200Trb
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73317C31-2B6E-4B88-9865-B97C1331A39D}" = PayPal Plug-In
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7732DA71-2FB6-5C99-D0D9-58A2DB360895}" = FlipShare
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7985F97F-7363-4A1E-80B9-50C4F0E8D19E}" = 6200_Help
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{82705358-3BD6-3CD5-AA9A-B8F058BE3A29}" = Google Talk Plugin
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3100
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2CC286B-BFE9-4D1F-9EDA-AA3E8289CA12}" = BPDSoftware_Ini
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A82D052A-0806-42DF-80CD-1730A1AC0ED3}" = MrvlUsgTracking
"{AB8BDDBF-7965-4476-B9BC-ED8DFD603AA8}" = HP Officejet All-In-One Series
"{ABDC7CFA-FEB4-4743-A18A-D549571F0B2A}" = BlackBerry Device Software v5.0.0 for the BlackBerry 9530 smartphone
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C13AF9C7-8E06-4354-B629-DF6192CE4A66}" = PANTECH UM175 Driver
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C894366E-51C4-4162-BA82-ECBEFC1C2C61}" = PayPal Plug-In
"{C897FCB3-2F8B-4185-8035-79E2AF3A92A4}" = iTunes
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Premier
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}" = Quicken 2010
"{CDC85536-A0EF-4401-82A6-25D8EFC7EFAC}" = VZAccess Manager
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03E7B00-CA85-4684-9321-1888873C34BD}" = ArcSoft PhotoImpression 6
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E2B4FE1C-2CFA-47EE-A88C-A14D0FF1F0B0}" = BBSAK
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{ECAD4F6A-0BF3-4028-9C81-E5D9F9606CBA}" = BPDSoftware
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F574616C-4C15-49CE-9C98-E998CD80264A}" = BlackBerry Device Software Updater
"{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore
"{F872A4F8-4EC5-4668-A908-7C7275B0BE49}" = hppusgP2030
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}" = EPSON Print CD
"3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe SVG Viewer" = Adobe SVG Viewer 6.0
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"Aimersoft Blackberry Media Converter_is1" = Aimersoft Blackberry Media Converter(Build 1.2.0.0)
"BlackBerry_{13333239-0A15-4855-BEEB-0232DAA5B7EA}" = BlackBerry Desktop Software 5.0.1
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"EPSON Printer and Utilities" = EPSON Printer Software
"ERUNT_is1" = ERUNT 1.1j
"Free_TV_Bar_c3 Toolbar" = Free TV Bar c3 Toolbar
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP LaserJet P2030 Series" = HP LaserJet P2030 Series
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPOCR" = HP OCR Software 8.0
"LimeWire" = LimeWire 5.2.13
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"ProInst" = Intel® PROSet/Wireless Software
"Silent Package Run-Time Sample" = EPSON R280 User's Guide
"V CAST Music with Rhapsody" = V CAST Music with Rhapsody
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 5.0.0.799
"Move Media Player" = Move Media Player
"Spotify" = Spotify
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 2/20/2011 11:01:54 PM | Computer Name = Eleanor-PC | Source = LoadPerf | ID = 3011
Description =
Error - 2/22/2011 3:23:11 PM | Computer Name = Eleanor-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.19019 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1fa0 Start Time: 01cbd292e87f4480 Termination Time: 59
Error - 2/22/2011 5:13:40 PM | Computer Name = Eleanor-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19019, time stamp
0x4d0c3d4c, faulting module SHELL32.dll, version 6.0.6002.18393, time stamp 0x4d39b5c7,
exception code 0xc0000005, fault offset 0x00088db1, process id 0x1bd8, application
start time 0x01cbd2c5f5265f10.
Error - 2/24/2011 9:59:12 AM | Computer Name = Eleanor-PC | Source = LoadPerf | ID = 3012
Description =
Error - 2/24/2011 9:59:12 AM | Computer Name = Eleanor-PC | Source = LoadPerf | ID = 3011
Description =
Error - 2/24/2011 10:02:46 PM | Computer Name = Eleanor-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19019, time stamp
0x4d0c3d4c, faulting module swg.dll_unloaded, version 0.0.0.0, time stamp 0x4c645671,
exception code 0xc0000005, fault offset 0x049ea611, process id 0x5a8, application
start time 0x01cbd48fecfc2330.
Error - 2/25/2011 10:07:40 AM | Computer Name = Eleanor-PC | Source = LoadPerf | ID = 3012
Description =
Error - 2/25/2011 10:07:40 AM | Computer Name = Eleanor-PC | Source = LoadPerf | ID = 3011
Description =
Error - 2/28/2011 11:36:23 AM | Computer Name = Eleanor-PC | Source = LoadPerf | ID = 3012
Description =
Error - 2/28/2011 11:36:23 AM | Computer Name = Eleanor-PC | Source = LoadPerf | ID = 3011
Description =
[ Media Center Events ]
Error - 5/10/2009 11:35:55 PM | Computer Name = Eleanor-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 6/9/2009 12:03:25 PM | Computer Name = Eleanor-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 10/7/2009 6:48:12 PM | Computer Name = Eleanor-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >