Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Invisible CPU usage [Closed]


  • This topic is locked This topic is locked

#1
Aldernaft

Aldernaft

    New Member

  • Member
  • Pip
  • 9 posts
I believe that I've recently been affected by some sort of malware that sporadically causes my cpu usage to spike to 100% for short periods of time. The increased cpu usage is visible in the task manager's "performance" tab, but is not accounted for in any of the running processes. When using an application that connects to the internet, the connection will occasionally hang.

Attached are my OTL logs. The scans were conducted with the "all users" checkbox unchecked.

OTL logfile created on: 07/12/2011 4:11:33 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\James\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

5.00 Gb Total Physical Memory | 3.12 Gb Available Physical Memory | 62.48% Memory free
9.99 Gb Paging File | 7.82 Gb Available in Paging File | 78.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 136.72 Gb Total Space | 20.75 Gb Free Space | 15.18% Space Free | Partition Type: NTFS
Drive D: | 149.00 Gb Total Space | 148.90 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
Drive E: | 96.17 Gb Total Space | 95.95 Gb Free Space | 99.78% Space Free | Partition Type: NTFS
Drive F: | 624.38 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 232.88 Gb Total Space | 167.97 Gb Free Space | 72.13% Space Free | Partition Type: NTFS

Computer Name: JAMES-PC | User Name: James | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/07 15:48:42 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\James\Downloads\OTL.exe
PRC - [2011/11/22 19:41:50 | 002,659,256 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Security\pctsGui.exe
PRC - [2011/11/22 19:41:50 | 001,117,624 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
PRC - [2011/11/22 18:20:06 | 000,402,336 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
PRC - [2011/11/22 18:20:02 | 000,071,008 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe
PRC - [2011/11/14 16:06:56 | 000,546,768 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2011/08/02 02:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2011/01/17 17:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 17:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2009/12/03 09:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/12/02 23:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
PRC - [2009/06/30 20:24:36 | 000,762,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2007/04/09 11:32:32 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CtHelper.exe
PRC - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/15 00:39:54 | 000,420,920 | ---- | M] () -- C:\Users\James\AppData\Local\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll
MOD - [2011/11/15 00:39:53 | 003,702,840 | ---- | M] () -- C:\Users\James\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011/11/15 00:38:16 | 000,122,952 | ---- | M] () -- C:\Users\James\AppData\Local\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011/11/15 00:38:15 | 000,222,280 | ---- | M] () -- C:\Users\James\AppData\Local\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011/11/15 00:38:14 | 001,746,504 | ---- | M] () -- C:\Users\James\AppData\Local\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011/11/14 21:36:18 | 008,593,056 | ---- | M] () -- C:\Users\James\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
MOD - [2011/05/21 11:53:59 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/10/07 12:47:14 | 002,663,568 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2011/09/08 12:29:56 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/06/01 01:17:06 | 000,409,088 | ---- | M] (Immunet) [On_Demand | Stopped] -- C:\Program Files\Immunet Protect\tetra\scan.dll -- (scan)
SRV:64bit: - [2011/06/01 01:17:04 | 000,272,080 | ---- | M] (Immunet Corporation) [Auto | Running] -- C:\Program Files\Immunet Protect\2.0.17\agent.exe -- (ImmunetProtect)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/11/22 19:41:50 | 001,117,624 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2011/11/22 18:20:06 | 000,402,336 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2011/11/22 18:20:02 | 000,071,008 | ---- | M] (PC Tools) [On_Demand | Running] -- C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2011/11/14 16:06:56 | 000,546,768 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2011/10/04 08:22:50 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/08/15 15:18:12 | 002,329,480 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/06 11:09:16 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:64bit: - [2011/11/22 19:43:08 | 000,092,896 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pctplsg64.sys -- (pctplsg)
DRV:64bit: - [2011/11/22 19:42:46 | 000,230,952 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PCTSD64.sys -- (PCTSD)
DRV:64bit: - [2011/11/22 19:38:16 | 000,337,048 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pctgntdi64.sys -- (pctgntdi)
DRV:64bit: - [2011/11/22 18:20:04 | 000,706,776 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfSysMon.sys -- (TFSysMon)
DRV:64bit: - [2011/11/22 18:20:04 | 000,065,664 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfFsMon.sys -- (TfFsMon)
DRV:64bit: - [2011/11/22 18:20:04 | 000,041,968 | --S- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TfNetMon.sys -- (TfNetMon)
DRV:64bit: - [2011/11/14 15:12:28 | 000,367,912 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2011/10/25 22:05:10 | 010,496,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/25 20:21:58 | 000,326,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/10/07 17:52:26 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:64bit: - [2011/09/28 13:14:02 | 000,070,760 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PCTBD64.sys -- (PCTBD)
DRV:64bit: - [2011/09/07 11:01:18 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/08/25 17:31:50 | 000,036,424 | ---- | M] (wj32) [Kernel | Disabled | Running] -- C:\Program Files\Process Hacker 2\kprocesshacker.sys -- (KProcessHacker2)
DRV:64bit: - [2011/06/06 17:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/06/01 01:17:08 | 000,046,160 | ---- | M] (Windows ® Codename Longhorn DDK provider) [File_System | System | Running] -- C:\Windows\SysNative\drivers\ImmunetProtect.sys -- (ImmunetProtectDriver)
DRV:64bit: - [2011/06/01 01:17:08 | 000,029,776 | ---- | M] (Windows ® Codename Longhorn DDK provider) [File_System | System | Running] -- C:\Windows\SysNative\drivers\ImmunetSelfProtect.sys -- (ImmunetSelfProtectDriver)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/05/06 04:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/30 20:24:40 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VX1000.sys -- (VX1000)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (VST64_DPV)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (winachsf)
DRV:64bit: - [2009/06/10 16:01:11 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTBS26.SYS -- (VST64HWBS2)
DRV:64bit: - [2009/06/10 15:35:58 | 000,047,872 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fet6x64.sys -- (FETNDIS)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/06/27 06:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2007/04/12 07:10:28 | 000,151,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\COMMONFX.DLL -- (COMMONFX.DLL)
DRV:64bit: - [2007/04/10 05:07:54 | 000,580,904 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2007/04/10 03:41:54 | 000,295,208 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP17v2k.sys -- (hap17v2k)
DRV:64bit: - [2007/04/10 03:41:20 | 000,259,880 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\haP16v2k.sys -- (hap16v2k)
DRV:64bit: - [2007/04/10 03:40:24 | 001,359,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV:64bit: - [2007/04/10 03:39:48 | 000,147,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2007/04/10 03:38:40 | 000,290,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2007/04/10 03:38:10 | 000,017,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2007/04/10 03:37:36 | 000,218,408 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2007/04/10 03:35:28 | 000,863,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:64bit: - [2007/04/10 03:17:22 | 000,123,688 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV:64bit: - [2007/04/10 03:17:00 | 000,252,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CT20XUT.DLL -- (CT20XUT.DLL)
DRV:64bit: - [2007/04/10 03:16:20 | 001,571,112 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV:64bit: - [2007/04/10 03:15:44 | 000,363,304 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV:64bit: - [2007/04/10 03:15:10 | 000,190,248 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV:64bit: - [2007/04/10 03:14:28 | 000,142,120 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV:64bit: - [2007/04/10 03:13:38 | 000,321,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV:64bit: - [2007/04/10 03:13:08 | 000,219,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV:64bit: - [2007/04/10 03:12:22 | 000,681,256 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV:64bit: - [2007/04/10 03:11:46 | 000,700,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2002/10/07 19:07:38 | 000,011,376 | R--- | M] () [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\SECDRV.SYS -- (SecDrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?l...en-ca&OCID=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D9 CC C0 29 FA 09 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\James\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\James\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ [2011/12/05 13:26:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/07 12:01:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/05/03 21:58:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\James\AppData\Roaming\Mozilla\Extensions
[2011/12/02 09:16:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\lwdarutx.default\extensions
[2011/12/07 12:01:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/12/05 13:26:10 | 000,000,000 | ---D | M] (Browser Defender Toolbar) -- C:\PROGRAM FILES (X86)\PC TOOLS SECURITY\BDT\FIREFOX
() (No name found) -- C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWDARUTX.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWDARUTX.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}.XPI
() (No name found) -- C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWDARUTX.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
() (No name found) -- C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWDARUTX.DEFAULT\EXTENSIONS\[email protected]
[2011/11/20 23:21:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/20 20:23:17 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/11/20 20:09:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/20 20:23:17 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/11/20 20:23:17 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/11/20 20:23:17 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\James\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\James\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\James\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Users\James\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: DivX HiQ = C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_1\
CHR - Extension: FlashBlock = C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.31_0\
CHR - Extension: Skype Click to Call = C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_1\

O1 HOSTS File: ([2011/11/04 16:30:29 | 000,002,235 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 10 more lines...
O2 - BHO: (PC Tools Browser Defender BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Defender) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Defender) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL File not found
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AsioThk32Reg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\Windows\SysWow64\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW File not found
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Immunet Protect] C:\Program Files\Immunet Protect\2.0.17\iptray.exe (Immunet)
O4 - HKLM..\Run: [ISTray] C:\Program Files (x86)\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Process Hacker 2] C:\Program Files\Process Hacker 2\ProcessHacker.exe (wj32)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{11B209BA-623F-4F1E-A354-A8C57CB7277D}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E654D7F0-43B1-4498-AE6B-CEBBF5D96864}: NameServer = 156.154.70.22,156.154.71.22
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) -C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5f3456ad-75e3-11e0-a994-0014223dba9c}\Shell - "" = AutoRun
O33 - MountPoints2\{5f3456ad-75e3-11e0-a994-0014223dba9c}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/07 15:47:39 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\Process Hacker 2
[2011/12/07 15:31:18 | 000,060,296 | -H-- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\SysNative\drivers\PROCMON20.SYS
[2011/12/07 15:20:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
[2011/12/07 15:20:08 | 000,000,000 | ---D | C] -- C:\Program Files\Process Hacker 2
[2011/12/07 15:15:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/12/07 12:01:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/12/06 14:55:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/12/06 14:53:55 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/12/06 14:53:55 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/12/06 14:53:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/12/06 10:58:46 | 000,706,776 | --S- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfSysMon.sys
[2011/12/06 10:58:46 | 000,065,664 | --S- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfFsMon.sys
[2011/12/06 10:58:46 | 000,041,968 | --S- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfNetMon.sys
[2011/12/05 13:26:09 | 000,070,760 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTBD64.sys
[2011/12/05 13:25:37 | 000,014,776 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctBTFix64.sys
[2011/12/05 13:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011/12/05 13:23:33 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\TestApp
[2011/12/01 14:31:10 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
[2011/12/01 14:30:59 | 000,000,000 | ---D | C] -- C:\Users\James\jagexcache
[2011/11/25 21:38:30 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/11/25 21:38:29 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/11/25 21:38:29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/11/25 21:38:26 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/11/25 21:38:26 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/11/25 21:38:22 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/11/25 21:38:21 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/11/25 21:37:54 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011/11/25 21:37:54 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011/11/25 21:37:53 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011/11/25 21:37:52 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011/11/25 21:29:09 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011/11/25 21:29:08 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011/11/25 21:29:07 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011/11/25 21:29:06 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011/11/25 21:29:06 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011/11/25 21:29:03 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011/11/25 21:29:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011/11/25 21:29:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011/11/25 21:29:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011/11/25 21:29:01 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011/11/25 21:29:01 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011/11/25 21:29:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/11/25 21:29:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/11/25 21:29:00 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011/11/25 21:29:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011/11/25 21:29:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/11/25 21:29:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011/11/25 21:29:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011/11/25 21:28:59 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011/11/25 21:28:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011/11/25 21:28:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011/11/25 21:28:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011/11/25 21:28:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011/11/25 21:28:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011/11/25 21:28:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011/11/25 21:28:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011/11/25 21:28:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011/11/25 21:28:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011/11/25 21:28:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011/11/25 21:28:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011/11/25 21:28:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/11/25 21:28:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/11/25 21:28:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011/11/25 21:28:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011/11/25 21:28:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011/11/25 21:28:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011/11/25 21:28:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011/11/25 21:28:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011/11/25 21:28:54 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011/11/25 21:28:54 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011/11/25 21:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011/11/25 21:28:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011/11/25 21:28:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/11/25 21:28:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011/11/25 21:28:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011/11/25 21:28:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011/11/25 21:28:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/11/25 21:28:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/11/25 21:28:48 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011/11/25 21:28:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/11/25 21:28:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/11/25 21:28:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/11/25 21:28:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/11/25 21:28:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011/11/25 21:28:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011/11/25 21:28:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011/11/25 21:28:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011/11/25 21:28:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011/11/25 21:28:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011/11/25 21:28:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011/11/25 21:28:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011/11/25 21:28:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011/11/25 21:28:41 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011/11/25 21:28:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011/11/25 21:28:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011/11/25 21:28:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011/11/25 21:28:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011/11/25 21:28:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011/11/25 21:28:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011/11/25 21:27:53 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011/11/25 21:27:51 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/11/16 22:57:49 | 000,000,000 | ---D | C] -- C:\Users\James\Documents\Processing
[2011/11/16 22:57:48 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\Processing
[2011/11/15 23:47:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011/11/12 10:51:07 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/11/12 10:50:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011/11/12 10:50:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/11/12 10:13:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2007/04/09 11:32:58 | 000,034,816 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2007/04/09 11:19:16 | 000,010,240 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe

========== Files - Modified Within 30 Days ==========

[2011/12/07 15:49:22 | 000,014,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/07 15:49:22 | 000,014,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/07 15:33:06 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1467411274-115710773-2228511493-1001UA.job
[2011/12/07 15:31:18 | 000,060,296 | -H-- | M] (Sysinternals - www.sysinternals.com) -- C:\Windows\SysNative\drivers\PROCMON20.SYS
[2011/12/07 15:20:11 | 000,001,841 | ---- | M] () -- C:\Users\James\Desktop\Process Hacker 2.lnk
[2011/12/07 12:01:46 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/07 11:51:20 | 002,212,086 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/12/07 11:49:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/07 11:48:59 | 4024,594,432 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/07 11:47:54 | 000,034,072 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000003-00000000-00000003-00001102-00000004-20061102}.rfx
[2011/12/07 11:47:54 | 000,034,072 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000003-00000000-00000003-00001102-00000004-20061102}.rfx
[2011/12/07 11:47:54 | 000,030,528 | ---- | M] () -- C:\Windows\SysNative\BMXCtrlState-{00000003-00000000-00000003-00001102-00000004-20061102}.rfx
[2011/12/07 11:47:54 | 000,030,528 | ---- | M] () -- C:\Windows\SysNative\BMXBkpCtrlState-{00000003-00000000-00000003-00001102-00000004-20061102}.rfx
[2011/12/07 11:47:54 | 000,011,564 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000003-00000000-00000003-00001102-00000004-20061102}.rfx
[2011/12/06 22:39:21 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1467411274-115710773-2228511493-1001Core.job
[2011/12/06 21:11:23 | 000,013,541 | ---- | M] () -- C:\Users\James\Desktop\procexp - Shortcut.lnk
[2011/12/06 20:52:12 | 000,249,062 | ---- | M] () -- C:\Users\James\Desktop\bookmarks-2011-12-06.json
[2011/12/06 18:51:31 | 000,007,613 | ---- | M] () -- C:\Users\James\AppData\Local\Resmon.ResmonCfg
[2011/12/06 17:25:54 | 000,000,024 | ---- | M] () -- C:\Users\James\jagexappletviewer.preferences
[2011/12/06 15:05:25 | 000,000,040 | ---- | M] () -- C:\Users\James\jagex_cl_runescape_LIVE.dat
[2011/12/06 11:09:16 | 000,452,872 | ---- | M] (PC Tools) -- C:\Windows\SysNative\drivers\pctDS64.sys
[2011/12/05 13:25:37 | 000,002,122 | ---- | M] () -- C:\Users\Public\Desktop\PC Tools Spyware Doctor with AntiVirus.lnk
[2011/12/05 13:23:34 | 000,001,543 | ---- | M] () -- C:\Users\James\Desktop\sdasetup.exe.lnk
[2011/12/01 14:31:10 | 000,002,052 | ---- | M] () -- C:\Users\James\Desktop\RuneScape.lnk
[2011/11/28 12:46:33 | 000,000,129 | ---- | M] () -- C:\Users\James\jagex_runescape_preferences2.dat
[2011/11/28 12:43:58 | 000,000,035 | ---- | M] () -- C:\Users\James\jagex_runescape_preferences.dat
[2011/11/27 13:57:52 | 004,870,360 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/27 00:42:45 | 000,731,650 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/27 00:42:45 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/27 00:42:45 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/25 00:08:16 | 004,958,588 | ---- | M] () -- C:\Windows\{00000003-00000000-00000003-00001102-00000004-20061102}.CDF
[2011/11/25 00:08:16 | 004,958,588 | ---- | M] () -- C:\Windows\{00000003-00000000-00000003-00001102-00000004-20061102}.BAK
[2011/11/23 10:26:12 | 000,000,600 | ---- | M] () -- C:\Users\James\AppData\Roaming\winscp.rnd
[2011/11/23 10:23:45 | 000,339,968 | ---- | M] () -- C:\Users\James\Documents\Database2.accdb
[2011/11/23 10:17:17 | 000,000,167 | ---- | M] () -- C:\Windows\ODBC.INI
[2011/11/22 19:43:08 | 000,092,896 | ---- | M] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys
[2011/11/22 19:42:46 | 000,230,952 | ---- | M] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2011/11/22 19:41:28 | 000,014,776 | ---- | M] (PC Tools) -- C:\Windows\SysNative\drivers\pctBTFix64.sys
[2011/11/22 19:38:22 | 000,141,312 | ---- | M] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys
[2011/11/22 19:38:16 | 000,337,048 | ---- | M] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys
[2011/11/22 18:20:04 | 000,706,776 | --S- | M] (PC Tools) -- C:\Windows\SysNative\drivers\TfSysMon.sys
[2011/11/22 18:20:04 | 000,065,664 | --S- | M] (PC Tools) -- C:\Windows\SysNative\drivers\TfFsMon.sys
[2011/11/22 18:20:04 | 000,041,968 | --S- | M] (PC Tools) -- C:\Windows\SysNative\drivers\TfNetMon.sys
[2011/11/18 14:38:46 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/11/18 11:35:37 | 000,002,397 | ---- | M] () -- C:\Users\James\Desktop\Google Chrome.lnk
[2011/11/14 16:07:06 | 000,149,456 | ---- | M] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2011/11/14 16:07:04 | 002,246,608 | ---- | M] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2011/11/14 16:07:04 | 001,681,360 | ---- | M] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2011/11/14 16:06:54 | 000,767,952 | ---- | M] () -- C:\Windows\BDTSupport.dll
[2011/11/14 15:12:28 | 000,367,912 | ---- | M] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys

========== Files Created - No Company Name ==========

[2011/12/07 15:20:11 | 000,001,841 | ---- | C] () -- C:\Users\James\Desktop\Process Hacker 2.lnk
[2011/12/07 12:01:46 | 000,001,138 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/07 12:01:42 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/06 21:11:23 | 000,013,541 | ---- | C] () -- C:\Users\James\Desktop\procexp - Shortcut.lnk
[2011/12/06 20:52:12 | 000,249,062 | ---- | C] () -- C:\Users\James\Desktop\bookmarks-2011-12-06.json
[2011/12/05 13:25:37 | 000,002,122 | ---- | C] () -- C:\Users\Public\Desktop\PC Tools Spyware Doctor with AntiVirus.lnk
[2011/12/05 13:23:34 | 000,001,543 | ---- | C] () -- C:\Users\James\Desktop\sdasetup.exe.lnk
[2011/12/01 14:31:34 | 000,000,024 | ---- | C] () -- C:\Users\James\jagexappletviewer.preferences
[2011/12/01 14:31:10 | 000,002,082 | ---- | C] () -- C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
[2011/12/01 14:31:10 | 000,002,052 | ---- | C] () -- C:\Users\James\Desktop\RuneScape.lnk
[2011/11/23 10:23:43 | 000,339,968 | ---- | C] () -- C:\Users\James\Documents\Database2.accdb
[2011/11/04 12:48:54 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll1205.old
[2011/11/04 12:48:54 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011/10/13 11:49:37 | 000,000,167 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/10/12 14:24:14 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/10/04 07:15:28 | 000,000,600 | ---- | C] () -- C:\Users\James\AppData\Roaming\winscp.rnd
[2011/09/27 22:26:21 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2011/09/14 11:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/08/24 19:19:10 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/08/03 19:55:58 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011/06/16 20:32:57 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/06/06 22:19:25 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011/06/06 22:19:24 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011/06/06 22:19:24 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011/06/06 22:19:24 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011/06/06 22:19:24 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011/06/06 22:19:24 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011/06/06 22:19:24 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011/06/06 22:19:24 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011/06/06 22:19:24 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011/06/06 22:19:24 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011/06/06 22:19:24 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011/06/06 22:19:24 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011/06/06 22:19:24 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011/06/06 22:19:24 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011/06/06 22:19:24 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011/06/06 22:19:24 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011/06/06 22:16:46 | 000,000,079 | ---- | C] () -- C:\Windows\EWF630.ini
[2011/05/04 00:50:00 | 000,007,613 | ---- | C] () -- C:\Users\James\AppData\Local\Resmon.ResmonCfg
[2011/05/03 22:51:17 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/05/03 21:24:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/03/17 12:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/26 16:24:18 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007/04/12 07:10:28 | 000,105,728 | ---- | C] () -- C:\Windows\SysWow64\APOMgrH.dll
[2007/04/09 11:55:14 | 000,097,785 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2007/04/09 11:55:14 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2007/04/09 11:33:50 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CTBurst.dll
[2007/04/09 11:32:32 | 000,037,888 | ---- | C] () -- C:\Windows\SysWow64\psconv.exe
[2007/04/09 11:24:30 | 000,325,821 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2007/04/09 11:24:30 | 000,046,273 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2007/04/09 11:19:20 | 000,313,207 | ---- | C] () -- C:\Windows\SysWow64\ctstatic.dat
[2007/04/09 11:19:20 | 000,053,932 | ---- | C] () -- C:\Windows\SysWow64\ctdaught.dat
[2007/04/09 11:19:18 | 000,005,120 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2006/10/02 08:25:18 | 000,000,307 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2005/06/16 09:17:16 | 000,071,680 | ---- | C] () -- C:\Windows\SysWow64\ctmmactl.dll
[2002/10/07 19:07:38 | 000,011,376 | R--- | C] () -- C:\Windows\SysWow64\drivers\SECDRV.SYS

========== LOP Check ==========

[2011/05/03 20:17:56 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\AVG10
[2011/11/04 15:11:20 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/05/18 23:15:15 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\DAEMON Tools Lite
[2011/09/16 16:44:45 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Epson
[2011/06/06 22:26:35 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Leadertech
[2011/05/04 10:42:25 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\LolClient
[2011/05/21 11:56:22 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\OpenOffice.org
[2011/11/05 17:10:26 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\PCTools
[2011/10/23 21:50:27 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Pokemon Online
[2011/12/07 15:47:39 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Process Hacker 2
[2011/11/16 22:57:48 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Processing
[2011/11/03 09:44:49 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Red Kawa
[2011/12/05 13:23:33 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\TestApp
[2011/12/07 14:45:42 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\uTorrent
[2011/12/05 13:02:58 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 199 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >


OTL Extras logfile created on: 07/12/2011 4:11:33 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\James\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

5.00 Gb Total Physical Memory | 3.12 Gb Available Physical Memory | 62.48% Memory free
9.99 Gb Paging File | 7.82 Gb Available in Paging File | 78.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 136.72 Gb Total Space | 20.75 Gb Free Space | 15.18% Space Free | Partition Type: NTFS
Drive D: | 149.00 Gb Total Space | 148.90 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
Drive E: | 96.17 Gb Total Space | 95.95 Gb Free Space | 99.78% Space Free | Partition Type: NTFS
Drive F: | 624.38 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 232.88 Gb Total Space | 167.97 Gb Free Space | 72.13% Space Free | Partition Type: NTFS

Computer Name: JAMES-PC | User Name: James | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{119CFC4D-EB75-D47F-1209-032721858C32}" = ccc-utility64
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4AD57DCD-14DD-4440-BA20-AADDB9D2A6CB}" = MySQL Connector/ODBC 5.1
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{52FB2985-F3AD-DAA7-7645-4E38A5B96E17}" = AMD Catalyst Install Manager
"{55B44B84-A758-EAF7-0906-E397B384FCDF}" = ATI AVIVO64 Codecs
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A73F0084-A1CC-6E42-06DF-D088D583CC2A}" = AMD Media Foundation Decoders
"{AB79B2CD-4555-4D3F-BC37-8948598223F2}" = runtime64
"{C6C08B1E-8A45-7571-727E-E28DD15AD556}" = AMD Drag and Drop Transcoding
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"EPSON WorkForce 630 Series" = EPSON WorkForce 630 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Process_Hacker2_is1" = Process Hacker 2.25 (r4926)
"WinRAR archiver" = WinRAR 4.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{13AE7598-928A-83E7-548B-44FA68242798}" = CCC Help English
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{211D9A2A-0ECA-7AC7-ABAA-03ED3242F33E}" = Catalyst Control Center
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java™ 6 Update 29
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1" = Pokemon Online 1.0.30 Patch 1
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{31405CA2-F009-D91B-FEFF-35924343CB14}" = Catalyst Control Center InstallProxy
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3B321407-8558-4C72-86F6-C1E72AC9F8BA}" = Continuum
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D87C09F-512F-474A-A306-0FE3B89C396F}" = RuneScape Launcher 1.2
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{71B6C9B6-CDF1-516E-EDBD-F3F8EBF7A0C7}" = Adobe Support Advisor
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BBB5E4C-3F5E-4C07-BFBE-33B34600783A}" = LogMeIn Hamachi
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-00D1-0409-0000-0000000FF1CE}" = Microsoft Office Access database engine 2007 (English)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{C9D8A041-2963-4B31-8FFC-1500F3DB9293}" = EpsonNet Setup 3.3
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFC9F871-7C40-40B6-BE4A-B98A5B309716}" = Adobe Flash Professional CS5
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1845F1C-068C-F8F4-D31D-D3540D47C453}" = Adobe Download Assistant
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E937F8DA-8C7F-ADFE-7EA5-7C1CAAB23C05}" = HydraVision
"{E9A1960E-7756-2299-C700-DC7CA6EDD6E4}" = Catalyst Control Center InstallProxy
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FECCC297-24D6-F2B0-2BEC-446AC0205EEB}" = Catalyst Control Center Graphics Previews Common
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"AdobeSupportAdvisor.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Support Advisor
"Age of Mythology 1.0" = Age of Mythology
"Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion
"AnalogX NetStat Live" = AnalogX NetStat Live
"AviSynth" = AviSynth 2.5
"Browser Defender_is1" = Browser Defender 4.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup.divx.com" = DivX Setup
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"ESET Online Scanner" = ESET Online Scanner v3
"Immunet Protect" = Immunet Protect
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 8.0.1 (x86 en-GB)" = Mozilla Firefox 8.0.1 (x86 en-GB)
"Office14.SingleImage" = Microsoft Office Professional 2010
"PSP Video 9" = PSP Video 9 6
"Revo Uninstaller" = Revo Uninstaller 1.92
"Spyware Doctor" = PC Tools Spyware Doctor with AntiVirus 9.0
"uTorrent" = µTorrent
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.3.5

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"SwiftKit" = SwiftKit

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 05/12/2011 9:11:52 PM | Computer Name = James-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 06/12/2011 10:07:04 PM | Computer Name = James-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 8.0.1.4341 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1548 Start
Time: 01ccb48398c22152 Termination Time: 161 Application Path: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Report Id: 1b00be4e-2078-11e1-87e4-0014223dba9c

Error - 06/12/2011 10:18:26 PM | Computer Name = James-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Users\James\Downloads\esetsmartinstaller_enu(2).exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 06/12/2011 10:18:29 PM | Computer Name = James-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Users\James\Downloads\esetsmartinstaller_enu(2).exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 07/12/2011 12:28:39 AM | Computer Name = James-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.

Error - 07/12/2011 12:30:25 AM | Computer Name = James-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 07/12/2011 12:08:18 PM | Computer Name = James-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Users\James\Downloads\esetsmartinstaller_enu(2).exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 07/12/2011 12:19:21 PM | Computer Name = James-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Users\James\Downloads\esetsmartinstaller_enu.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 07/12/2011 4:09:35 PM | Computer Name = James-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 8.0.1.4341 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: f7c Start
Time: 01ccb51c0da6f1db Termination Time: 37 Application Path: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Report Id: 55cd8d12-210f-11e1-b22a-0014223dba9c

Error - 07/12/2011 4:27:54 PM | Computer Name = James-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 8.0.1.4341 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 17e4 Start
Time: 01ccb51e413206e7 Termination Time: 73 Application Path: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Report Id: e65f8524-2111-11e1-b22a-0014223dba9c

[ Media Center Events ]
Error - 14/07/2011 7:50:00 AM | Computer Name = James-PC | Source = MCUpdate | ID = 0
Description = 7:50:00 AM - Error connecting to the internet. 7:50:00 AM - Unable
to contact server..

[ System Events ]
Error - 06/12/2011 7:27:58 PM | Computer Name = James-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.

Error - 06/12/2011 7:33:17 PM | Computer Name = James-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.

Error - 06/12/2011 7:33:47 PM | Computer Name = James-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.

Error - 06/12/2011 7:34:17 PM | Computer Name = James-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.

Error - 06/12/2011 7:34:47 PM | Computer Name = James-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.

Error - 07/12/2011 3:26:19 AM | Computer Name = James-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 07/12/2011 12:50:32 PM | Computer Name = James-PC | Source = DCOM | ID = 10016
Description =

Error - 07/12/2011 12:50:32 PM | Computer Name = James-PC | Source = DCOM | ID = 10016
Description =

Error - 07/12/2011 12:54:07 PM | Computer Name = James-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.

Error - 07/12/2011 12:55:47 PM | Computer Name = James-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.


< End of report >

Attached Files


Edited by Render, 13 December 2011 - 11:28 AM.

  • 0

Advertisements


#2
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi and welcome to GeeksToGo! Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out :)

It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just in case you are unable to access this site.

Please note:
  • Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply.
  • Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for us to analyse and fix your PC in the long run.
  • Please subscribe to this topic if you have not already done so. Please check back just in case, as the email system can fail at times.
  • Just because your machine is running better does not mean it is completely cleaned. Please wait for the 'all clear' from me to say when we are done.
  • Please reply within 3 days to be fair to other people asking for help.
  • Please tell me if you have your original Windows CD/DVD available
  • When in doubt, please stop and ask first. There's no harm in asking questions!

If you have since resolved the original problem you were having, I would appreciate you letting me know. If not please perform the following steps below so I can have a look at the current condition of your machine.

Step 1

Please open uTorrent and open Options menu then click on Preferences.
Open General tab and deselect Start uTorrent on system startup option. Click on OK button to close Preferences window.
Exit uTorrent and don't use it until we resolve your issue. Thank you.

Step 2

Please uninstall one of the following AV programs (if present):
  • Immunet Protect
  • PC Tools Spyware Doctor with AntiVirus 9.0

How to unistall program in Windows Vista & 7:

  • Open Programs and Features by clicking the Start button Posted Image, clicking Control Panel, clicking Programs, and then clicking Programs and Features.
  • Select a program(s) listed above, and then click Uninstall. Some programs include the option to change or repair the program in addition to uninstalling it. But many simply offer the option to uninstall. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

Step 3

  • Please download aswMBR.exe to your desktop.
  • Double click the aswMBR.exe to run it.

    Posted Image
  • When asked if you want to download Avast's virus definitions please select Yes.
  • Click the Scan button to start scan.

    Posted Image
  • On completion of the scan click Save log, save it to your desktop and post in your next reply.
  • Also on Desktop there should be a file called MBR.dat after that, zip it and then attach it here

How to add an attachment to a new topic or reply
  • 0

#3
Aldernaft

Aldernaft

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
I've completed steps 1 and 2, but every time I try to scan using aswMBR.exe, I get a windows notification telling me that the program has stopped working after about an hour.
  • 0

#4
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
OK. Skip it and proceed with this:

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK button.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt".
Please copy and paste its contents on your next reply.
  • 0

#5
Aldernaft

Aldernaft

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Here's the report.

10:32:52.0041 5236 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31
10:32:53.0622 5236 ============================================================
10:32:53.0623 5236 Current date / time: 2011/12/15 10:32:53.0622
10:32:53.0623 5236 SystemInfo:
10:32:53.0623 5236
10:32:53.0623 5236 OS Version: 6.1.7601 ServicePack: 1.0
10:32:53.0623 5236 Product type: Workstation
10:32:53.0623 5236 ComputerName: JAMES-PC
10:32:53.0624 5236 UserName: James
10:32:53.0624 5236 Windows directory: C:\Windows
10:32:53.0624 5236 System windows directory: C:\Windows
10:32:53.0624 5236 Running under WOW64
10:32:53.0624 5236 Processor architecture: Intel x64
10:32:53.0624 5236 Number of processors: 2
10:32:53.0624 5236 Page size: 0x1000
10:32:53.0624 5236 Boot type: Normal boot
10:32:53.0624 5236 ============================================================
10:32:55.0702 5236 Initialize success
10:33:15.0559 3444 ============================================================
10:33:15.0559 3444 Scan started
10:33:15.0559 3444 Mode: Manual; SigCheck; TDLFS;
10:33:15.0559 3444 ============================================================
10:33:16.0194 3444 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:33:16.0330 3444 1394ohci - ok
10:33:16.0361 3444 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:33:16.0397 3444 ACPI - ok
10:33:16.0419 3444 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:33:16.0457 3444 AcpiPmi - ok
10:33:16.0518 3444 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
10:33:16.0607 3444 adfs - ok
10:33:16.0677 3444 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:33:16.0724 3444 adp94xx - ok
10:33:16.0763 3444 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:33:16.0798 3444 adpahci - ok
10:33:16.0826 3444 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:33:16.0861 3444 adpu320 - ok
10:33:16.0927 3444 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
10:33:16.0965 3444 AFD - ok
10:33:17.0007 3444 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:33:17.0036 3444 agp440 - ok
10:33:17.0081 3444 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:33:17.0109 3444 aliide - ok
10:33:17.0141 3444 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:33:17.0184 3444 amdide - ok
10:33:17.0211 3444 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:33:17.0246 3444 AmdK8 - ok
10:33:17.0470 3444 amdkmdag (0415ffe1b6a6ea141feafca57567f57f) C:\Windows\system32\DRIVERS\atikmdag.sys
10:33:17.0739 3444 amdkmdag - ok
10:33:17.0797 3444 amdkmdap (dc24d6f38f17c0d643d9aa8a6852f8d0) C:\Windows\system32\DRIVERS\atikmpag.sys
10:33:17.0838 3444 amdkmdap - ok
10:33:17.0877 3444 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:33:17.0918 3444 AmdPPM - ok
10:33:17.0964 3444 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:33:18.0000 3444 amdsata - ok
10:33:18.0033 3444 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:33:18.0083 3444 amdsbs - ok
10:33:18.0116 3444 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:33:18.0151 3444 amdxata - ok
10:33:18.0193 3444 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:33:18.0245 3444 AppID - ok
10:33:18.0306 3444 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:33:18.0358 3444 arc - ok
10:33:18.0377 3444 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:33:18.0407 3444 arcsas - ok
10:33:18.0431 3444 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:33:18.0486 3444 AsyncMac - ok
10:33:18.0522 3444 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:33:18.0550 3444 atapi - ok
10:33:18.0615 3444 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
10:33:18.0641 3444 AtiHDAudioService - ok
10:33:18.0678 3444 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
10:33:18.0727 3444 AtiHdmiService - ok
10:33:18.0780 3444 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:33:18.0831 3444 b06bdrv - ok
10:33:18.0872 3444 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:33:18.0913 3444 b57nd60a - ok
10:33:18.0947 3444 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:33:19.0013 3444 Beep - ok
10:33:19.0064 3444 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:33:19.0102 3444 blbdrive - ok
10:33:19.0133 3444 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:33:19.0179 3444 bowser - ok
10:33:19.0208 3444 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:33:19.0252 3444 BrFiltLo - ok
10:33:19.0275 3444 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:33:19.0310 3444 BrFiltUp - ok
10:33:19.0351 3444 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:33:19.0402 3444 Brserid - ok
10:33:19.0424 3444 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:33:19.0467 3444 BrSerWdm - ok
10:33:19.0500 3444 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:33:19.0554 3444 BrUsbMdm - ok
10:33:19.0578 3444 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:33:19.0613 3444 BrUsbSer - ok
10:33:19.0646 3444 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:33:19.0699 3444 BTHMODEM - ok
10:33:19.0750 3444 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:33:19.0819 3444 cdfs - ok
10:33:20.0011 3444 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
10:33:20.0057 3444 cdrom - ok
10:33:20.0109 3444 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:33:20.0143 3444 circlass - ok
10:33:20.0180 3444 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:33:20.0215 3444 CLFS - ok
10:33:20.0275 3444 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:33:20.0307 3444 CmBatt - ok
10:33:20.0439 3444 cmdGuard (f81457b43f083e0ff8eacae720f0537b) C:\Windows\system32\DRIVERS\cmdguard.sys
10:33:20.0472 3444 cmdGuard - ok
10:33:20.0494 3444 cmdHlp (0091563e864c5d750771919ea8900763) C:\Windows\system32\DRIVERS\cmdhlp.sys
10:33:20.0523 3444 cmdHlp - ok
10:33:20.0563 3444 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:33:20.0608 3444 cmdide - ok
10:33:20.0646 3444 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
10:33:20.0689 3444 CNG - ok
10:33:20.0726 3444 COMMONFX.DLL (66ac4fdad5a2d4ff4e3db41810b39de2) C:\Windows\system32\COMMONFX.DLL
10:33:20.0785 3444 COMMONFX.DLL - ok
10:33:20.0829 3444 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:33:20.0858 3444 Compbatt - ok
10:33:20.0903 3444 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:33:20.0940 3444 CompositeBus - ok
10:33:20.0982 3444 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:33:21.0010 3444 crcdisk - ok
10:33:21.0067 3444 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
10:33:21.0115 3444 CSC - ok
10:33:21.0161 3444 CT20XUT.DLL (01bbd5cb85423b12e445209d243a49a9) C:\Windows\system32\CT20XUT.DLL
10:33:21.0194 3444 CT20XUT.DLL - ok
10:33:21.0242 3444 ctac32k (b81c989c6d3b770f44316a3dc5f607b3) C:\Windows\system32\drivers\ctac32k.sys
10:33:21.0273 3444 ctac32k - ok
10:33:21.0324 3444 ctaud2k (7321bd704cc3b34b78f8574e64258f39) C:\Windows\system32\drivers\ctaud2k.sys
10:33:21.0368 3444 ctaud2k - ok
10:33:21.0398 3444 CTAUDFX.DLL (e873319f281115ebea75e519c5b4d0c4) C:\Windows\system32\CTAUDFX.DLL
10:33:21.0433 3444 CTAUDFX.DLL - ok
10:33:21.0462 3444 CTEAPSFX.DLL (06300545bedf49b6a51fdfe1861f9caf) C:\Windows\system32\CTEAPSFX.DLL
10:33:21.0493 3444 CTEAPSFX.DLL - ok
10:33:21.0531 3444 CTEDSPFX.DLL (2d902f8ec247f0ed0d458cdcaf786544) C:\Windows\system32\CTEDSPFX.DLL
10:33:21.0566 3444 CTEDSPFX.DLL - ok
10:33:21.0594 3444 CTEDSPIO.DLL (0d3f99cda2bea14e4911a698441f1a29) C:\Windows\system32\CTEDSPIO.DLL
10:33:21.0625 3444 CTEDSPIO.DLL - ok
10:33:21.0648 3444 CTEDSPSY.DLL (9d26aa450ac1caadde25f1621ba89842) C:\Windows\system32\CTEDSPSY.DLL
10:33:21.0680 3444 CTEDSPSY.DLL - ok
10:33:21.0703 3444 CTERFXFX.DLL (e5f88dad5ec69665dfa3e5e87791f800) C:\Windows\system32\CTERFXFX.DLL
10:33:21.0735 3444 CTERFXFX.DLL - ok
10:33:21.0804 3444 CTEXFIFX.DLL (fa6dca331835997d2f7c83b9aaabc4bb) C:\Windows\system32\CTEXFIFX.DLL
10:33:21.0897 3444 CTEXFIFX.DLL - ok
10:33:21.0935 3444 CTHWIUT.DLL (9e6a0a3ca3825bb568d42f5f3cb09453) C:\Windows\system32\CTHWIUT.DLL
10:33:21.0963 3444 CTHWIUT.DLL - ok
10:33:22.0011 3444 ctprxy2k (6a05134810301fa6fdd6e95583a91f35) C:\Windows\system32\drivers\ctprxy2k.sys
10:33:22.0036 3444 ctprxy2k - ok
10:33:22.0179 3444 CTSBLFX.DLL (99047fcebab495410cd58ab17284720a) C:\Windows\system32\CTSBLFX.DLL
10:33:22.0217 3444 CTSBLFX.DLL - ok
10:33:22.0242 3444 ctsfm2k (f792246cf9d8ee17f2b32e9069415cdd) C:\Windows\system32\drivers\ctsfm2k.sys
10:33:22.0273 3444 ctsfm2k - ok
10:33:22.0341 3444 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:33:22.0406 3444 DfsC - ok
10:33:22.0444 3444 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:33:22.0497 3444 discache - ok
10:33:22.0530 3444 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:33:22.0558 3444 Disk - ok
10:33:22.0619 3444 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:33:22.0654 3444 drmkaud - ok
10:33:22.0703 3444 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:33:22.0731 3444 dtsoftbus01 - ok
10:33:22.0782 3444 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:33:22.0822 3444 DXGKrnl - ok
10:33:22.0934 3444 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:33:23.0064 3444 ebdrv - ok
10:33:23.0142 3444 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:33:23.0180 3444 elxstor - ok
10:33:23.0217 3444 emupia (1e2f860d9521fb73566c85cd17d58291) C:\Windows\system32\drivers\emupia2k.sys
10:33:23.0243 3444 emupia - ok
10:33:23.0282 3444 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:33:23.0326 3444 ErrDev - ok
10:33:23.0397 3444 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:33:23.0458 3444 exfat - ok
10:33:23.0485 3444 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:33:23.0543 3444 fastfat - ok
10:33:23.0578 3444 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:33:23.0617 3444 fdc - ok
10:33:23.0672 3444 FETNDIS (ecce54654a19f6cc5e526696680c1827) C:\Windows\system32\DRIVERS\fet6x64.sys
10:33:23.0714 3444 FETNDIS - ok
10:33:23.0738 3444 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:33:23.0769 3444 FileInfo - ok
10:33:23.0789 3444 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:33:23.0864 3444 Filetrace - ok
10:33:23.0929 3444 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:33:23.0962 3444 flpydisk - ok
10:33:24.0008 3444 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:33:24.0041 3444 FltMgr - ok
10:33:24.0097 3444 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:33:24.0126 3444 FsDepends - ok
10:33:24.0147 3444 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
10:33:24.0175 3444 Fs_Rec - ok
10:33:24.0224 3444 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:33:24.0259 3444 fvevol - ok
10:33:24.0280 3444 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:33:24.0309 3444 gagp30kx - ok
10:33:24.0371 3444 ha10kx2k (b3f220ad6eeddc2546780b84a8919b7a) C:\Windows\system32\drivers\ha10kx2k.sys
10:33:24.0414 3444 ha10kx2k - ok
10:33:24.0472 3444 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
10:33:24.0497 3444 hamachi - ok
10:33:24.0553 3444 hap16v2k (5d6aec608b871cc2c724114f34cad3c8) C:\Windows\system32\drivers\hap16v2k.sys
10:33:24.0588 3444 hap16v2k - ok
10:33:24.0617 3444 hap17v2k (b95ba8d7ea73a47fac3a59cf4a3b3043) C:\Windows\system32\drivers\hap17v2k.sys
10:33:24.0647 3444 hap17v2k - ok
10:33:24.0674 3444 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:33:24.0716 3444 hcw85cir - ok
10:33:24.0766 3444 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
10:33:24.0806 3444 HdAudAddService - ok
10:33:24.0852 3444 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:33:24.0910 3444 HDAudBus - ok
10:33:24.0946 3444 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:33:24.0997 3444 HidBatt - ok
10:33:25.0137 3444 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:33:25.0247 3444 HidBth - ok
10:33:25.0344 3444 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:33:25.0395 3444 HidIr - ok
10:33:25.0449 3444 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
10:33:25.0494 3444 HidUsb - ok
10:33:25.0537 3444 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:33:25.0569 3444 HpSAMD - ok
10:33:25.0619 3444 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:33:25.0705 3444 HTTP - ok
10:33:25.0735 3444 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:33:25.0764 3444 hwpolicy - ok
10:33:25.0817 3444 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
10:33:25.0858 3444 i8042prt - ok
10:33:25.0907 3444 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:33:25.0944 3444 iaStorV - ok
10:33:25.0981 3444 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:33:26.0022 3444 iirsp - ok
10:33:26.0111 3444 inspect (db2ce341c290292f60c6bb13b7a1d84e) C:\Windows\system32\DRIVERS\inspect.sys
10:33:26.0136 3444 inspect - ok
10:33:26.0187 3444 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:33:26.0222 3444 intelide - ok
10:33:26.0265 3444 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:33:26.0300 3444 intelppm - ok
10:33:26.0358 3444 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:33:26.0414 3444 IpFilterDriver - ok
10:33:26.0454 3444 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:33:26.0502 3444 IPMIDRV - ok
10:33:26.0537 3444 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:33:26.0595 3444 IPNAT - ok
10:33:26.0627 3444 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:33:26.0674 3444 IRENUM - ok
10:33:26.0709 3444 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:33:26.0739 3444 isapnp - ok
10:33:26.0776 3444 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:33:26.0817 3444 iScsiPrt - ok
10:33:26.0855 3444 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
10:33:26.0892 3444 kbdclass - ok
10:33:26.0931 3444 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
10:33:26.0983 3444 kbdhid - ok
10:33:27.0016 3444 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
10:33:27.0047 3444 KSecDD - ok
10:33:27.0089 3444 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
10:33:27.0123 3444 KSecPkg - ok
10:33:27.0162 3444 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:33:27.0224 3444 ksthunk - ok
10:33:27.0283 3444 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:33:27.0356 3444 lltdio - ok
10:33:27.0399 3444 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:33:27.0429 3444 LSI_FC - ok
10:33:27.0455 3444 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:33:27.0485 3444 LSI_SAS - ok
10:33:27.0510 3444 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:33:27.0540 3444 LSI_SAS2 - ok
10:33:27.0570 3444 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:33:27.0603 3444 LSI_SCSI - ok
10:33:27.0638 3444 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:33:27.0693 3444 luafv - ok
10:33:27.0717 3444 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:33:27.0747 3444 megasas - ok
10:33:27.0779 3444 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:33:27.0814 3444 MegaSR - ok
10:33:27.0861 3444 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:33:27.0925 3444 Modem - ok
10:33:27.0978 3444 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:33:28.0011 3444 monitor - ok
10:33:28.0043 3444 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
10:33:28.0086 3444 mouclass - ok
10:33:28.0125 3444 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:33:28.0159 3444 mouhid - ok
10:33:28.0199 3444 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:33:28.0243 3444 mountmgr - ok
10:33:28.0286 3444 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:33:28.0328 3444 mpio - ok
10:33:28.0360 3444 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:33:28.0414 3444 mpsdrv - ok
10:33:28.0450 3444 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:33:28.0500 3444 MRxDAV - ok
10:33:28.0537 3444 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:33:28.0572 3444 mrxsmb - ok
10:33:28.0616 3444 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:33:28.0678 3444 mrxsmb10 - ok
10:33:28.0750 3444 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:33:28.0786 3444 mrxsmb20 - ok
10:33:28.0809 3444 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:33:28.0838 3444 msahci - ok
10:33:28.0874 3444 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:33:28.0919 3444 msdsm - ok
10:33:28.0988 3444 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:33:29.0040 3444 Msfs - ok
10:33:29.0066 3444 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:33:29.0140 3444 mshidkmdf - ok
10:33:29.0182 3444 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:33:29.0211 3444 msisadrv - ok
10:33:29.0263 3444 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:33:29.0324 3444 MSKSSRV - ok
10:33:29.0346 3444 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:33:29.0400 3444 MSPCLOCK - ok
10:33:29.0414 3444 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:33:29.0469 3444 MSPQM - ok
10:33:29.0508 3444 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:33:29.0542 3444 MsRPC - ok
10:33:29.0580 3444 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:33:29.0611 3444 mssmbios - ok
10:33:29.0652 3444 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:33:29.0714 3444 MSTEE - ok
10:33:29.0735 3444 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:33:29.0774 3444 MTConfig - ok
10:33:29.0800 3444 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:33:29.0829 3444 Mup - ok
10:33:29.0872 3444 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:33:29.0917 3444 NativeWifiP - ok
10:33:29.0979 3444 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:33:30.0031 3444 NDIS - ok
10:33:30.0069 3444 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:33:30.0126 3444 NdisCap - ok
10:33:30.0156 3444 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:33:30.0208 3444 NdisTapi - ok
10:33:30.0256 3444 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:33:30.0323 3444 Ndisuio - ok
10:33:30.0455 3444 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:33:30.0520 3444 NdisWan - ok
10:33:30.0552 3444 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:33:30.0612 3444 NDProxy - ok
10:33:30.0654 3444 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:33:30.0707 3444 NetBIOS - ok
10:33:30.0752 3444 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:33:30.0807 3444 NetBT - ok
10:33:30.0884 3444 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:33:30.0914 3444 nfrd960 - ok
10:33:30.0942 3444 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:33:30.0997 3444 Npfs - ok
10:33:31.0026 3444 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:33:31.0140 3444 nsiproxy - ok
10:33:31.0207 3444 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:33:31.0279 3444 Ntfs - ok
10:33:31.0307 3444 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:33:31.0360 3444 Null - ok
10:33:31.0398 3444 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
10:33:31.0447 3444 NVENETFD - ok
10:33:31.0493 3444 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:33:31.0525 3444 nvraid - ok
10:33:31.0554 3444 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:33:31.0583 3444 nvstor - ok
10:33:31.0608 3444 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:33:31.0643 3444 nv_agp - ok
10:33:31.0685 3444 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:33:31.0720 3444 ohci1394 - ok
10:33:31.0822 3444 ossrv (678cc7dcf607bbd69a9f9333d39c2f1d) C:\Windows\system32\drivers\ctoss2k.sys
10:33:31.0848 3444 ossrv - ok
10:33:31.0920 3444 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:33:31.0955 3444 Parport - ok
10:33:31.0982 3444 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
10:33:32.0011 3444 partmgr - ok
10:33:32.0055 3444 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:33:32.0086 3444 pci - ok
10:33:32.0110 3444 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:33:32.0141 3444 pciide - ok
10:33:32.0179 3444 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:33:32.0212 3444 pcmcia - ok
10:33:32.0273 3444 PCTBD (7b92f2574a45a99da507a153c7920e8a) C:\Windows\system32\Drivers\PCTBD64.sys
10:33:32.0298 3444 PCTBD - ok
10:33:32.0348 3444 PCTCore (d48bd0ff27afb97005b33c9b6d26da3f) C:\Windows\system32\drivers\PCTCore64.sys
10:33:32.0384 3444 PCTCore - ok
10:33:32.0438 3444 pctDS (00cdbcb3178668c780a0c186b958a433) C:\Windows\system32\drivers\pctDS64.sys
10:33:32.0472 3444 pctDS - ok
10:33:32.0509 3444 pctEFA (6a509ceeb76361d12f0efe28e48f2221) C:\Windows\system32\drivers\pctEFA64.sys
10:33:32.0549 3444 pctEFA - ok
10:33:32.0603 3444 pctgntdi (1557bb312e6db9b2940b2e192abcd05f) C:\Windows\System32\drivers\pctgntdi64.sys
10:33:32.0635 3444 pctgntdi - ok
10:33:32.0669 3444 pctplsg (3e74ff633c6ffc8ba578e9f0dae3f65f) C:\Windows\System32\drivers\pctplsg64.sys
10:33:32.0694 3444 pctplsg - ok
10:33:32.0720 3444 PCTSD (778fddd69020ae21e6c34062bb07a7c9) C:\Windows\system32\Drivers\PCTSD64.sys
10:33:32.0748 3444 PCTSD - ok
10:33:32.0785 3444 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:33:32.0812 3444 pcw - ok
10:33:32.0844 3444 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:33:32.0925 3444 PEAUTH - ok
10:33:33.0061 3444 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:33:33.0115 3444 PptpMiniport - ok
10:33:33.0153 3444 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:33:33.0189 3444 Processor - ok
10:33:33.0263 3444 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:33:33.0315 3444 Psched - ok
10:33:33.0382 3444 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:33:33.0457 3444 ql2300 - ok
10:33:33.0488 3444 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:33:33.0520 3444 ql40xx - ok
10:33:33.0555 3444 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:33:33.0591 3444 QWAVEdrv - ok
10:33:33.0617 3444 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:33:33.0673 3444 RasAcd - ok
10:33:33.0717 3444 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:33:33.0771 3444 RasAgileVpn - ok
10:33:33.0819 3444 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:33:33.0945 3444 Rasl2tp - ok
10:33:34.0000 3444 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:33:34.0054 3444 RasPppoe - ok
10:33:34.0088 3444 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:33:34.0142 3444 RasSstp - ok
10:33:34.0180 3444 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:33:34.0238 3444 rdbss - ok
10:33:34.0259 3444 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:33:34.0296 3444 rdpbus - ok
10:33:34.0311 3444 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:33:34.0374 3444 RDPCDD - ok
10:33:34.0414 3444 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
10:33:34.0450 3444 RDPDR - ok
10:33:34.0489 3444 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:33:34.0545 3444 RDPENCDD - ok
10:33:34.0575 3444 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:33:34.0627 3444 RDPREFMP - ok
10:33:34.0683 3444 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
10:33:34.0742 3444 RdpVideoMiniport - ok
10:33:34.0791 3444 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
10:33:34.0846 3444 RDPWD - ok
10:33:34.0895 3444 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:33:34.0931 3444 rdyboost - ok
10:33:35.0015 3444 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:33:35.0071 3444 rspndr - ok
10:33:35.0103 3444 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
10:33:35.0148 3444 s3cap - ok
10:33:35.0196 3444 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:33:35.0226 3444 sbp2port - ok
10:33:35.0273 3444 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:33:35.0335 3444 scfilter - ok
10:33:35.0439 3444 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:33:35.0472 3444 Serenum - ok
10:33:35.0496 3444 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:33:35.0532 3444 Serial - ok
10:33:35.0569 3444 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:33:35.0616 3444 sermouse - ok
10:33:35.0683 3444 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:33:35.0734 3444 sffdisk - ok
10:33:35.0754 3444 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:33:35.0793 3444 sffp_mmc - ok
10:33:35.0814 3444 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:33:35.0851 3444 sffp_sd - ok
10:33:35.0889 3444 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:33:35.0932 3444 sfloppy - ok
10:33:35.0991 3444 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:33:36.0020 3444 SiSRaid2 - ok
10:33:36.0042 3444 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:33:36.0073 3444 SiSRaid4 - ok
10:33:36.0103 3444 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:33:36.0157 3444 Smb - ok
10:33:36.0218 3444 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:33:36.0248 3444 spldr - ok
10:33:36.0312 3444 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:33:36.0359 3444 srv - ok
10:33:36.0390 3444 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:33:36.0438 3444 srv2 - ok
10:33:36.0473 3444 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:33:36.0509 3444 srvnet - ok
10:33:36.0613 3444 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:33:36.0642 3444 stexstor - ok
10:33:36.0705 3444 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
10:33:36.0733 3444 storflt - ok
10:33:36.0775 3444 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
10:33:36.0804 3444 storvsc - ok
10:33:36.0838 3444 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:33:36.0867 3444 swenum - ok
10:33:36.0933 3444 Synth3dVsc - ok
10:33:37.0064 3444 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
10:33:37.0148 3444 Tcpip - ok
10:33:37.0215 3444 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
10:33:37.0269 3444 TCPIP6 - ok
10:33:37.0332 3444 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:33:37.0382 3444 tcpipreg - ok
10:33:37.0444 3444 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:33:37.0519 3444 TDPIPE - ok
10:33:37.0559 3444 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
10:33:37.0613 3444 TDTCP - ok
10:33:37.0681 3444 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:33:37.0736 3444 tdx - ok
10:33:37.0795 3444 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:33:37.0824 3444 TermDD - ok
10:33:37.0891 3444 TfFsMon (9cd5c339754e2310790ca27dbbd31f88) C:\Windows\system32\drivers\TfFsMon.sys
10:33:37.0923 3444 TfFsMon - ok
10:33:37.0999 3444 TfNetMon (00809507fafa1be93dbbace5029f27bb) C:\Windows\system32\drivers\TfNetMon.sys
10:33:38.0023 3444 TfNetMon - ok
10:33:38.0076 3444 TFSysMon (3593a7b1264fba24fe9e097a99b3e848) C:\Windows\system32\drivers\TfSysMon.sys
10:33:38.0114 3444 TFSysMon - ok
10:33:38.0246 3444 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:33:38.0296 3444 tssecsrv - ok
10:33:38.0351 3444 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:33:38.0393 3444 TsUsbFlt - ok
10:33:38.0441 3444 tsusbhub - ok
10:33:38.0513 3444 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:33:38.0567 3444 tunnel - ok
10:33:38.0603 3444 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:33:38.0633 3444 uagp35 - ok
10:33:38.0676 3444 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:33:38.0735 3444 udfs - ok
10:33:38.0798 3444 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:33:38.0827 3444 uliagpkx - ok
10:33:38.0880 3444 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
10:33:38.0916 3444 umbus - ok
10:33:38.0947 3444 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:33:39.0002 3444 UmPass - ok
10:33:39.0073 3444 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
10:33:39.0110 3444 usbaudio - ok
10:33:39.0151 3444 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
10:33:39.0186 3444 usbccgp - ok
10:33:39.0230 3444 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:33:39.0266 3444 usbcir - ok
10:33:39.0297 3444 usbehci (df9f9afc9aaabd8ed47975d44e38169a) C:\Windows\system32\DRIVERS\usbehci.sys
10:33:39.0331 3444 usbehci - ok
10:33:39.0383 3444 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
10:33:39.0430 3444 usbhub - ok
10:33:39.0472 3444 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
10:33:39.0504 3444 usbohci - ok
10:33:39.0543 3444 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:33:39.0581 3444 usbprint - ok
10:33:39.0617 3444 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:33:39.0657 3444 USBSTOR - ok
10:33:39.0700 3444 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
10:33:39.0747 3444 usbuhci - ok
10:33:39.0818 3444 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:33:39.0854 3444 vdrvroot - ok
10:33:39.0911 3444 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:33:39.0949 3444 vga - ok
10:33:39.0973 3444 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:33:40.0034 3444 VgaSave - ok
10:33:40.0064 3444 VGPU - ok
10:33:40.0125 3444 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:33:40.0156 3444 vhdmp - ok
10:33:40.0185 3444 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:33:40.0216 3444 viaide - ok
10:33:40.0250 3444 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
10:33:40.0281 3444 vmbus - ok
10:33:40.0306 3444 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
10:33:40.0349 3444 VMBusHID - ok
10:33:40.0376 3444 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:33:40.0405 3444 volmgr - ok
10:33:40.0447 3444 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:33:40.0485 3444 volmgrx - ok
10:33:40.0669 3444 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:33:40.0756 3444 volsnap - ok
10:33:40.0797 3444 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:33:40.0829 3444 vsmraid - ok
10:33:40.0882 3444 VST64HWBS2 (93132c69394a99d992095d8cfe464801) C:\Windows\system32\DRIVERS\VSTBS26.SYS
10:33:40.0927 3444 VST64HWBS2 - ok
10:33:40.0986 3444 VST64_DPV (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
10:33:41.0064 3444 VST64_DPV - ok
10:33:41.0103 3444 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
10:33:41.0138 3444 vwifibus - ok
10:33:41.0239 3444 VX1000 (7959ea6eadc1aaf7fb40678f0bab4c0e) C:\Windows\system32\DRIVERS\VX1000.sys
10:33:41.0292 3444 VX1000 - ok
10:33:41.0354 3444 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:33:41.0388 3444 WacomPen - ok
10:33:41.0445 3444 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:33:41.0510 3444 WANARP - ok
10:33:41.0536 3444 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:33:41.0588 3444 Wanarpv6 - ok
10:33:41.0720 3444 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:33:41.0750 3444 Wd - ok
10:33:41.0803 3444 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:33:41.0843 3444 Wdf01000 - ok
10:33:41.0958 3444 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:33:42.0013 3444 WfpLwf - ok
10:33:42.0036 3444 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:33:42.0065 3444 WIMMount - ok
10:33:42.0121 3444 winachsf (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
10:33:42.0167 3444 winachsf - ok
10:33:42.0360 3444 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:33:42.0410 3444 WmiAcpi - ok
10:33:42.0520 3444 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:33:42.0574 3444 ws2ifsl - ok
10:33:42.0622 3444 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
10:33:42.0681 3444 WSDPrintDevice - ok
10:33:42.0714 3444 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys
10:33:42.0753 3444 WSDScan - ok
10:33:42.0824 3444 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:33:42.0883 3444 WudfPf - ok
10:33:42.0929 3444 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:33:42.0987 3444 WUDFRd - ok
10:33:43.0085 3444 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
10:33:43.0246 3444 \Device\Harddisk0\DR0 - ok
10:33:43.0250 3444 MBR (0x1B8) (1ac490bdbc08ebf5223bc3231a7ded9f) \Device\Harddisk1\DR1
10:33:43.0286 3444 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
10:33:43.0286 3444 \Device\Harddisk1\DR1 - detected TDSS File System (1)
10:33:43.0291 3444 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
10:33:44.0003 3444 \Device\Harddisk2\DR2 - ok
10:33:44.0013 3444 Boot (0x1200) (3715ff717a7e7b3baf139e26f5df1bcf) \Device\Harddisk0\DR0\Partition0
10:33:44.0016 3444 \Device\Harddisk0\DR0\Partition0 - ok
10:33:44.0055 3444 Boot (0x1200) (641b0da50534a3667c87fda9e3626a96) \Device\Harddisk0\DR0\Partition1
10:33:44.0056 3444 \Device\Harddisk0\DR0\Partition1 - ok
10:33:44.0061 3444 Boot (0x1200) (2c973ff2d84ee99418b5bd168b024165) \Device\Harddisk1\DR1\Partition0
10:33:44.0063 3444 \Device\Harddisk1\DR1\Partition0 - ok
10:33:44.0069 3444 Boot (0x1200) (ef8ebd188ce090f76897f9e32db93172) \Device\Harddisk2\DR2\Partition0
10:33:44.0072 3444 \Device\Harddisk2\DR2\Partition0 - ok
10:33:44.0073 3444 ============================================================
10:33:44.0073 3444 Scan finished
10:33:44.0073 3444 ============================================================
10:33:44.0101 4372 Detected object count: 1
10:33:44.0101 4372 Actual detected object count: 1
10:35:40.0182 4372 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
10:35:40.0182 4372 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip
10:35:58.0030 5304 Deinitialize success
  • 0

#6
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Please download GetPartitions from the link bellow on your desktop

getpartitions.exe

Double click to run it
It will produce C:\DiskReport.txt log please post results from that log here to me.

NOTE: After executing there will be nothing visible. Just open your Windows Explorer, navigate to root (usually C:\) on your system partition and find file DiskReport.txt. Open it in Notepad, select all and copy/paste in this topic.

  • 0

#7
Aldernaft

Aldernaft

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Microsoft DiskPart version 6.1.7601
Copyright © 1999-2008 Microsoft Corporation.
On computer: JAMES-PC

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 F Photoshop C UDF DVD-ROM 624 MB Healthy
Volume 1 C NTFS Partition 136 GB Healthy System
Volume 2 E NTFS Partition 96 GB Healthy
Volume 3 D NTFS Partition 149 GB Healthy
Volume 4 G Iomega_HDD NTFS Partition 232 GB Healthy
  • 0

#8
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Posted Image Malwarebytes' Anti-Malware

Please download Malwarebytes' Anti-Malware from Here and double click on mbam-setup.exe to install the application

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Click on Check for Updates button.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
  • 0

#9
Aldernaft

Aldernaft

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8376

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

15/12/2011 11:20:42 AM
mbam-log-2011-12-15 (11-20-42).txt

Scan type: Quick scan
Objects scanned: 181352
Time elapsed: 4 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#10
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
We should proceed with general antimalware scan which can take quite a long time so please be patient.

Download Virus Removal Tool (VRT) from Here to your desktop
(You have to enter your e-mail address and click on Submit Form button. Please download latest English version of this tool)

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
(Please be patient as this scan can take a few hours)
Posted Image

Allow VRT to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post


Now the Analysis

Rerun VRT and select the Manual Disinfection tab and press Start Gathering System Information

Posted Image

On completion click the link to locate the zip file to upload and attach to your next post

Posted Image
  • 0

Advertisements


#11
Aldernaft

Aldernaft

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Kaspersky hung while trying to save the log file of the automatic scan. I'll run it again overnight, but as far as I could tell, it came up empty.
I've attached the log of the system information. Is it possible that my issue is being caused by bloatware? I've noticed that services and .exe's associated with Spyware Doctor occasionally shoot up to 40-50% usage, taking priority over most running applications.

Attached Files


Edited by Aldernaft, 16 December 2011 - 07:09 PM.

  • 0

#12
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
I recommend you to uninstall Spyware Doctor. Then see if issue is still present.
  • 0

#13
Aldernaft

Aldernaft

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Uninstalling Spyware Doctor seems to have done the trick. Thanks for your time.
One last thing: Now that my computer is running without an antivirus program, can you recommend a free replacement that won't hog my system resources? I'd continue to use Malwarebytes, but apparently, my trial has expired.
  • 0

#14
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

  • 0

#15
Aldernaft

Aldernaft

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Results of screen317's Security Check version 0.99.29
Windows 7 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Java™ 6 Update 22
Java™ 6 Update 29
Java version out of date!
Adobe Reader X (10.1.1)
Mozilla Firefox (8.0.1)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Comodo Firewall cmdagent.exe
Comodo Firewall cfp.exe
``````````End of Log````````````
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP