Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer gone mad: system restore points blocked [Closed]


  • This topic is locked This topic is locked

#1
lizglass

lizglass

    Member

  • Member
  • PipPipPip
  • 159 posts
I've been updating my drivers using DriverMax and suddenly several bad things happened:

a) a black window with a weather forecast for Austin, TX showed up in my desktop that connects to the Accuweather website, which I cannot uninstall;
b) Skype is crashing everytime I try to use it, in spite of having downloaded the latest version.
c) the browser was changed to AVG without my consent,
d) the system restore is blocked and going into a "catastrophic error ' crash every time I try to restore it to an earlier point.

I've run all the usual safety software and nothing appears as a potential malware culprit. Can't restore the system to any previous point. I'm getting out of ideas, Thanks for your help!

Here is my OTL log:


OTL Extras logfile created on: 4/3/2012 5:47:28 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\lizglass\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3.91 Gb Total Physical Memory | 2.39 Gb Available Physical Memory | 61.10% Memory free
7.82 Gb Paging File | 5.59 Gb Available in Paging File | 71.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.42 Gb Total Space | 379.42 Gb Free Space | 65.26% Space Free | Partition Type: NTFS

Computer Name: LIZGLASS-PC | User Name: lizglass | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{18C99C4F-6BAB-84D1-261B-EC1099610C63}" = ATI AVIVO64 Codecs
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java™ 6 Update 24 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel® Wireless Display
"{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel® PROSet/Wireless WiFi Software
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{480C331C-C21E-F744-DBFF-98F8F2B0D4AC}" = ATI Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{729F2EAD-6283-7CFE-E5DB-03C653A309E0}" = ccc-utility64
"{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel® PROSet/Wireless Software for Bluetooth® Technology
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{07E10D8F-9E63-9334-4902-192A954E3B64}" = CCC Help Norwegian
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{088A077A-8028-408C-AE7B-4512AE2A65A0}" = CanoScan Toolbox Ver4.6
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D98F04D-11A1-4B64-A406-43292B9EEE90}" = Dell PhotoStage
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0FA0F736-0851-C84A-08AE-D2F39C188B83}" = PX Profile Update
"{0FA7C671-1916-41C2-8D10-FA1626004C1B}" = OpenOffice.org 3.3 Language Pack (French)
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{17422E25-DCC9-9192-6FC7-A0E8B324A7C9}" = CCC Help Finnish
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2554B5A7-330A-D672-0F4B-D960F4F4F428}" = CCC Help German
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{304A10E7-E2B7-4E24-A4D4-31A271E2ECC5}" = TimeTo
"{3222B0CE-59C5-4CA0-B545-2B88F200756B}" = Falk Navi-Manager
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{36C6F513-5800-96BF-12EA-B4C7DC7DD671}" = Catalyst Control Center InstallProxy
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3E8A1ADF-B72C-47FE-85F6-F7A73C487F6C}" = Dell MusicStage
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4058E728-84D8-45CE-8E2D-5F35BD6659A1}" = Adobe Extension Manager CS5.5
"{428C0601-9461-B6C8-D6D6-191FF8308410}" = ccc-core-static
"{46314378-EB8B-46B4-A790-4CFD0461ADA1}" = Catalyst Control Center - Branding
"{470AE5CD-6626-2D2A-6123-5D898D8813E5}" = CCC Help Japanese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5765DDB0-6A73-F8CB-006E-76168E3DE49F}" = CCC Help Danish
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5CFB494B-1A52-82E3-9EB2-8E21084390F6}" = CCC Help Swedish
"{5D2E23BC-C6A2-BB50-E738-B756F8040E65}" = CCC Help English
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68998208-3CED-2259-C735-92F0C0D57620}" = Catalyst Control Center Localization All
"{69D91A61-4328-08DD-E0FB-D011E324F610}" = Catalyst Control Center Profiles Mobile
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7CA87328-1AFA-3B5C-A279-C917D299E0CB}" = CCC Help Italian
"{7D356F08-270A-4BA4-9B54-CF0C53463E8C}" = Dell Stage
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{8328181F-5C6B-9304-DDDC-85BE47A3B917}" = CCC Help Spanish
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{878F597D-BA4C-2694-55E9-F1AE1988B144}" = CCC Help Portuguese
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BA22076-945C-F764-4D33-2AF4DFE6A3F0}" = CCC Help French
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9E1024FE-2009-2350-446F-3A6E00E5181A}" = CCC Help Russian
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.2) MUI
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B28FC637-A783-FE1C-8488-CAA05F11B690}" = CCC Help Chinese Traditional
"{B399BFBA-258C-4C01-B929-D0D0873FBC4B}" = TL-PA211 Powerline Utility
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C5EB9B5A-2964-D5A3-869A-520448200FC3}" = PowerXpressHybrid
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8065F81-3757-4580-8E70-573CCEE825D2}" = OpenOffice.org 3.3 Language Pack (Portuguese (Brazil))
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9454417-3019-FDB1-272B-A64F39202E3C}" = CCC Help Korean
"{D94A8E22-DF2B-4107-9E51-608A60A7671D}" = Personal Ancestral File 5
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Display Audio Driver
"{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel® Wireless Display
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F9C53AC8-C288-5727-1856-5B641CDFA2C1}" = CCC Help Dutch
"{FA208693-1080-4671-9503-58599DB491E0}" = Falk Navi-Manager
"{FC687ED0-69A9-67E7-0219-55CFB9B643CC}" = CCC Help Chinese Standard
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"7-Zip" = 7-Zip 9.22beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"AtelierDuLivre" = AtelierDuLivre
"avast" = avast! Free Antivirus
"BookSmart® 3.2.2 3.2.2" = BookSmart® 3.2.2 3.2.2
"CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Dell Webcam Central" = Dell Webcam Central
"DMX5_is1" = DriverMax 6
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"IObit Malware Fighter_is1" = IObit Malware Fighter
"IrfanView" = IrfanView (remove only)
"Media Player - Codec Pack" = Media Player Codec Pack 4.1.8
"Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US)
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PhotoStage" = PhotoStage Slideshow Producer
"Picasa 3" = Picasa 3
"Polipo" = Polipo 1.0.4.1
"RealPlayer 15.0" = RealPlayer
"Smart Defrag 2_is1" = Smart Defrag 2
"Tor" = Tor 0.2.1.30
"uTorrent" = µTorrent
"Vidalia" = Vidalia 0.2.12
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-999043541-2461997901-464249042-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"CNET TechTracker" = CNET TechTracker
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Edited by lizglass, 03 April 2012 - 01:56 PM.

  • 0

Advertisements


#2
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi and welcome to GeeksToGo! Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out :)

It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just in case you are unable to access this site.

Please note:
  • Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply.
  • Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for us to analyse and fix your PC in the long run.
  • Please subscribe to this topic if you have not already done so. Please check back just in case, as the email system can fail at times.
  • Just because your machine is running better does not mean it is completely cleaned. Please wait for the 'all clear' from me to say when we are done.
  • Please reply within 3 days to be fair to other people asking for help.
  • Please tell me if you have your original Windows CD/DVD available
  • When in doubt, please stop and ask first. There's no harm in asking questions!

If you have since resolved the original problem you were having, I would appreciate you letting me know. If not please perform the following steps below so I can have a look at the current condition of your machine.

Step 1

  • Please download aswMBR.exe to your desktop.
  • Double click the aswMBR.exe to run it.

    Posted Image
  • When asked if you want to download Avast's virus definitions please select Yes.
    Note: If avast! antivirus is already installed, just do the next step.
  • Click the Scan button to start scan.

    Posted Image
  • On completion of the scan click Save log, save it to your desktop and post in your next reply.
  • Also on Desktop there should be a file called MBR.dat after that, zip it and then attach it here

How to add an attachment to a new topic or reply

Step 2

Posted Image OTL Custom Scan

  • Double click on the Posted Image icon to run it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top, make sure Stadard output is selected.
  • Select Scan all users
  • Check the boxes beside LOP Check and Purity Check.
  • Under the Custom Scans/Fixes box copy and paste this in:

    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    consrv.dll
    /md5stop
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT
  • Click the Posted Image button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt in Notepad window.
  • Please copy (Edit->Select All, Edit->Copy) the content of this file and post it with your next reply.

  • 0

#3
lizglass

lizglass

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
Thanks for taking my case, Render!

Here are the logs. They seem much more complex than the HJT from ole good times at G2G University...Posted Image


First, the aswMBR.txt. The MBR.dat has been zipped and attached:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-07 17:11:21
-----------------------------
17:11:21.910 OS Version: Windows x64 6.1.7601 Service Pack 1
17:11:21.910 Number of processors: 4 586 0x2A07
17:11:21.910 ComputerName: LIZGLASS-PC UserName: lizglass
17:11:25.451 Initialize success
17:11:26.512 AVAST engine defs: 12040700
17:11:33.797 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:11:33.813 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
17:11:33.828 Disk 0 MBR read successfully
17:11:33.844 Disk 0 MBR scan
17:11:33.844 Disk 0 Windows 7 default MBR code
17:11:33.859 Disk 0 Partition 1 00 DE Dell Utility DELL 8.0 100 MB offset 2048
17:11:33.891 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
17:11:33.937 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 595378 MB offset 30926848
17:11:33.984 Disk 0 scanning C:\Windows\system32\drivers
17:11:44.483 Service scanning
17:12:06.463 Modules scanning
17:12:06.479 Disk 0 trace - called modules:
17:12:06.510 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
17:12:06.510 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80046bd060]
17:12:06.869 3 CLASSPNP.SYS[fffff88001b8943f] -> nt!IofCallDriver -> [0xfffffa800440ee40]
17:12:06.885 5 ACPI.sys[fffff88000f617a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004412050]
17:12:08.039 AVAST engine scan C:\Windows
17:12:11.284 AVAST engine scan C:\Windows\system32
17:15:18.422 AVAST engine scan C:\Windows\system32\drivers
17:15:35.348 AVAST engine scan C:\Users\lizglass
17:21:55.474 Disk 0 MBR has been saved successfully to "C:\Users\lizglass\Desktop\MBR.dat"
17:21:55.474 The log file has been saved successfully to "C:\Users\lizglass\Desktop\aswMBR.txt"

Next, the OTL log:


OTL logfile created on: 4/7/2012 6:10:10 PM - Run 4
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\lizglass\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3.91 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 51.16% Memory free
7.82 Gb Paging File | 5.31 Gb Available in Paging File | 67.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.42 Gb Total Space | 379.61 Gb Free Space | 65.29% Space Free | Partition Type: NTFS

Computer Name: LIZGLASS-PC | User Name: lizglass | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/03 17:29:03 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\lizglass\Desktop\OTL.exe
PRC - [2012/03/26 09:40:04 | 009,532,824 | ---- | M] (Innovative Solutions) -- C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
PRC - [2012/03/14 17:38:14 | 000,913,752 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2012/03/07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/03/06 18:39:50 | 000,574,296 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
PRC - [2012/01/04 14:26:46 | 001,606,488 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/12/01 22:24:20 | 002,624,512 | ---- | M] () -- C:\Users\lizglass\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
PRC - [2011/11/30 10:39:52 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/11/11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011/10/08 18:34:24 | 000,820,568 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/06 19:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/19 10:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/08/18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/12 13:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2011/08/01 19:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2011/01/13 20:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2010/11/17 19:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/11/17 17:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010/11/06 06:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/11/06 06:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/11/03 19:01:20 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2010/11/03 18:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010/11/03 18:53:06 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2010/10/06 04:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/10/06 04:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/04 03:56:41 | 000,444,400 | ---- | M] () -- C:\Users\lizglass\AppData\Local\Google\Chrome\Application\18.0.1025.151\ppgooglenaclpluginchrome.dll
MOD - [2012/04/04 03:56:39 | 003,915,248 | ---- | M] () -- C:\Users\lizglass\AppData\Local\Google\Chrome\Application\18.0.1025.151\pdf.dll
MOD - [2012/04/04 03:55:14 | 000,122,880 | ---- | M] () -- C:\Users\lizglass\AppData\Local\Google\Chrome\Application\18.0.1025.151\avutil-51.dll
MOD - [2012/04/04 03:55:12 | 000,220,672 | ---- | M] () -- C:\Users\lizglass\AppData\Local\Google\Chrome\Application\18.0.1025.151\avformat-53.dll
MOD - [2012/04/04 03:55:11 | 001,747,456 | ---- | M] () -- C:\Users\lizglass\AppData\Local\Google\Chrome\Application\18.0.1025.151\avcodec-53.dll
MOD - [2012/04/04 03:09:30 | 008,743,584 | ---- | M] () -- C:\Users\lizglass\AppData\Local\Google\Chrome\Application\18.0.1025.151\gcswf32.dll
MOD - [2012/03/19 11:26:44 | 000,008,608 | ---- | M] () -- C:\Program Files (x86)\Innovative Solutions\DriverMax\sync.dll
MOD - [2012/02/17 03:43:21 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\bc264c7dba2096c2c88080090bf42600\IAStorUtil.ni.dll
MOD - [2012/02/17 03:43:15 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll
MOD - [2012/02/17 03:37:31 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll
MOD - [2012/02/17 03:37:16 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012/02/17 03:37:06 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll
MOD - [2012/02/17 03:36:54 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012/02/17 03:36:48 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012/02/17 03:36:46 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll
MOD - [2012/02/17 03:36:33 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012/02/17 03:36:29 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/02/17 03:36:25 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/02/17 03:36:24 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2011/12/01 22:24:20 | 002,624,512 | ---- | M] () -- C:\Users\lizglass\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
MOD - [2011/11/11 14:09:20 | 000,336,408 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011/10/15 11:13:13 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6aef03034d33721bfbd588d9d7fffe60\IAStorCommon.ni.dll
MOD - [2011/10/13 05:26:34 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/08/19 16:33:28 | 000,047,960 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll
MOD - [2011/08/12 13:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2011/08/12 13:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/08/12 13:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/08/12 13:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/08/12 13:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/08/12 13:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2011/08/01 19:55:50 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
MOD - [2011/08/01 19:55:28 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
MOD - [2011/08/01 19:55:26 | 000,116,032 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
MOD - [2011/08/01 19:55:20 | 000,121,664 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
MOD - [2011/08/01 19:55:18 | 000,132,416 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
MOD - [2011/08/01 19:55:14 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
MOD - [2011/08/01 19:54:46 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
MOD - [2011/06/15 12:30:49 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/01/13 20:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2010/11/25 05:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010/11/17 17:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010/10/20 19:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/02/28 12:36:10 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\WINDOWS\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/09/08 07:42:28 | 000,305,152 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/12/17 21:41:32 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV:64bit: - [2010/12/17 21:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/12/17 21:26:50 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV:64bit: - [2010/11/29 22:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel®
SRV:64bit: - [2010/09/23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 04:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/03/14 17:38:14 | 000,913,752 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/18 08:18:22 | 000,269,312 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel®
SRV - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/08 18:34:24 | 000,820,568 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/08/19 10:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/08/18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/11/25 12:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 12:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/11/06 06:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/11/03 19:01:20 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010/11/03 18:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/10/06 04:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/10/06 04:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/08/26 03:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 20:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 17:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/07 02:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/03/07 02:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/03/07 02:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/03/07 02:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/03/07 02:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/03/07 02:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/02/28 13:18:08 | 011,160,064 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/02/28 11:37:58 | 000,338,432 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/02/23 03:18:10 | 000,402,024 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rtenic64.sys -- (RTLE8023x64) Realtek 10/100/1000 PCI-E NIC Family NDIS XP(x64)
DRV:64bit: - [2012/02/20 12:36:58 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Netwsw00.sys -- (NETwNs64) ___ Intel®
DRV:64bit: - [2012/02/09 19:54:48 | 000,021,264 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Smb_driver.sys -- (SmbDrv)
DRV:64bit: - [2012/01/18 10:54:12 | 014,658,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011/12/27 02:18:48 | 000,043,616 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btcusb.sys -- (Btcsrusb)
DRV:64bit: - [2011/12/06 03:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2011/11/10 00:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2011/10/25 09:57:38 | 000,213,504 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/10/20 11:24:06 | 000,157,696 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\MxEFUF64.sys -- (MxEFUF)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/09/08 07:42:28 | 000,535,040 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/08/19 10:27:30 | 004,869,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech HD Webcam C270(UVC)
DRV:64bit: - [2011/08/19 10:27:30 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/04/01 05:35:12 | 000,355,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/10 23:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/12/01 12:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/11/29 22:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/26 18:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/07 01:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/11/04 12:07:06 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2010/11/04 10:31:44 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2010/10/30 02:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/10/26 21:08:08 | 000,406,632 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/10/20 01:12:58 | 000,274,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2010/08/12 17:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/03/19 10:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/10/20 20:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011/10/08 18:04:08 | 000,020,336 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2011/09/20 15:27:44 | 000,021,872 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2011/09/20 15:27:38 | 000,033,184 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-999043541-2461997901-464249042-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-999043541-2461997901-464249042-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-999043541-2461997901-464249042-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-999043541-2461997901-464249042-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...sa&d=2012-03-29 12:47:07&v=10.2.0.3&sap=hp
IE - HKU\S-1-5-21-999043541-2461997901-464249042-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-999043541-2461997901-464249042-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-999043541-2461997901-464249042-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-999043541-2461997901-464249042-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-999043541-2461997901-464249042-1000\..\SearchScopes\{48F380F4-8B12-4B7D-9AC4-3160D429800E}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-999043541-2461997901-464249042-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-999043541-2461997901-464249042-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-03-29 12:47:07&v=10.2.0.3&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-999043541-2461997901-464249042-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"


FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\lizglass\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\lizglass\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/03/08 09:22:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/30 10:40:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/15 08:52:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/23 11:35:39 | 000,000,000 | ---D | M]

[2011/05/26 09:19:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lizglass\AppData\Roaming\Mozilla\Extensions
[2011/06/02 13:05:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lizglass\AppData\Roaming\Mozilla\Firefox\Profiles\meeju61s.default\extensions
[2011/06/02 13:01:46 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\lizglass\AppData\Roaming\Mozilla\Firefox\Profiles\meeju61s.default\extensions\[email protected]
[2011/06/02 13:05:52 | 000,000,000 | ---D | M] (LogMeIn, Inc. Rescue Technician Console) -- C:\Users\lizglass\AppData\Roaming\Mozilla\Firefox\Profiles\meeju61s.default\extensions\[email protected]
[2011/05/26 08:44:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lizglass\AppData\Roaming\Mozilla\Firefox\Profiles\ywckjk6f.default\extensions
[2011/05/26 08:44:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lizglass\AppData\Roaming\Mozilla\Firefox\Profiles\ywckjk6f.default\extensions\staged
[2012/04/05 08:01:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/30 10:40:10 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2012/03/13 06:39:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/02 18:24:43 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/03/29 12:47:03 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/03/13 06:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/13 06:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\lizglass\AppData\Local\Google\Chrome\Application\18.0.1025.151\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\lizglass\AppData\Local\Google\Chrome\Application\18.0.1025.151\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\lizglass\AppData\Local\Google\Chrome\Application\18.0.1025.151\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\lizglass\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Disabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - Extension: Google Translate = C:\Users\lizglass\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.3.1_0\
CHR - Extension: Angry Birds = C:\Users\lizglass\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: AT_DaleChihulyV3 = C:\Users\lizglass\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnenonhiffdmndmgiinmldkabciohign\3_0\
CHR - Extension: Search by Image (by Google) = C:\Users\lizglass\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.1.1_0\
CHR - Extension: AdBlock = C:\Users\lizglass\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.25_0\
CHR - Extension: avast! WebRep = C:\Users\lizglass\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\lizglass\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\WINDOWS\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-999043541-2461997901-464249042-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-999043541-2461997901-464249042-1000..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-999043541-2461997901-464249042-1000..\Run: [DriverMax] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKU\S-1-5-21-999043541-2461997901-464249042-1000..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKU\S-1-5-21-999043541-2461997901-464249042-1000..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\utorrent.exe" /MINIMIZED File not found
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\lizglass\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\lizglass\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeTo.lnk = C:\Program Files (x86)\TimeTo\TimeTo.exe (David Berman Developments Inc. www.davidberman.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A66FFE08-78C8-4A87-A7A4-F965C7D5B2D0}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2012/04/05 08:05:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/04/05 08:05:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/04/05 08:05:24 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/04/05 06:50:45 | 000,331,264 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2012/04/05 06:50:45 | 000,014,848 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2012/04/05 00:15:57 | 000,535,040 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2012/04/05 00:15:56 | 001,966,080 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll
[2012/04/05 00:15:56 | 000,655,872 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2012/04/05 00:15:56 | 000,446,464 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2012/04/05 00:15:55 | 000,251,392 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\st646365.dll
[2012/04/05 00:15:53 | 000,734,720 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\IMAPO32.dll
[2012/04/03 18:34:11 | 000,000,000 | ---D | C] -- C:\Users\lizglass\AppData\Roaming\Malwarebytes
[2012/04/03 18:34:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/03 18:34:02 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/03 18:34:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/04/03 18:34:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/04/03 18:33:04 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL
[2012/04/03 18:33:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2012/04/03 18:33:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2012/04/03 17:28:47 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\lizglass\Desktop\OTL.exe
[2012/04/03 01:20:44 | 011,471,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\Netwsw00.sys
[2012/04/03 01:20:43 | 003,381,008 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\Netwrw00.dll
[2012/04/03 01:20:43 | 000,885,520 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\Netwcw00.dll
[2012/04/03 01:17:48 | 000,402,024 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\SysNative\drivers\Rtenic64.sys
[2012/04/02 01:09:48 | 000,157,696 | ---- | C] (Matrox Graphics Inc.) -- C:\Windows\SysNative\drivers\MxEFUF64.sys
[2012/04/02 01:06:57 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012/03/30 23:26:57 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2012/03/30 23:26:49 | 000,021,264 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\Smb_driver.sys
[2012/03/30 14:18:52 | 000,213,504 | ---- | C] (Renesas Electronics Corporation) -- C:\Windows\SysNative\drivers\nusb3xhc.sys
[2012/03/30 14:18:52 | 000,090,472 | ---- | C] (Renesas Electronics Corporation) -- C:\Windows\SysNative\nusb3co2.dll
[2012/03/29 15:27:01 | 000,043,616 | ---- | C] (IVT Corporation.) -- C:\Windows\SysNative\drivers\btcusb.sys
[2012/03/29 15:27:01 | 000,020,192 | ---- | C] (IVT Corporation.) -- C:\Windows\SysNative\btinstall.dll
[2012/03/29 12:56:12 | 000,269,312 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2012/03/29 12:56:11 | 000,524,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2012/03/29 12:56:11 | 000,519,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2012/03/29 12:56:11 | 000,213,504 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2012/03/29 12:56:11 | 000,177,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2012/03/29 12:56:10 | 000,511,768 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2012/03/29 12:56:10 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2012/03/29 12:56:10 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2012/03/29 12:56:10 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2012/03/29 12:56:10 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2012/03/29 12:56:10 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2012/03/29 12:56:10 | 000,410,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2012/03/29 12:56:10 | 000,170,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2012/03/29 12:56:10 | 000,063,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2012/03/29 12:56:09 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2012/03/29 12:56:09 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2012/03/29 12:56:09 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2012/03/29 12:56:08 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2012/03/29 12:56:08 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2012/03/29 12:56:08 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2012/03/29 12:56:08 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2012/03/29 12:56:08 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2012/03/29 12:56:08 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2012/03/29 12:56:08 | 000,432,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2012/03/29 12:56:08 | 000,430,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2012/03/29 12:56:07 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2012/03/29 12:56:07 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2012/03/29 12:56:07 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2012/03/29 12:56:07 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2012/03/29 12:56:06 | 009,007,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2012/03/29 12:56:06 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2012/03/29 12:56:05 | 000,440,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2012/03/29 12:56:05 | 000,440,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2012/03/29 12:56:05 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2012/03/29 12:56:05 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2012/03/29 12:56:05 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2012/03/29 12:56:05 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2012/03/29 12:56:05 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2012/03/29 12:56:05 | 000,428,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2012/03/29 12:56:05 | 000,386,048 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2012/03/29 12:56:05 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2012/03/29 12:56:05 | 000,250,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2012/03/29 12:56:05 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2012/03/29 12:56:05 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2012/03/29 12:56:04 | 000,430,080 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2012/03/29 12:56:04 | 000,321,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2012/03/29 12:56:04 | 000,237,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2012/03/29 12:56:04 | 000,193,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2012/03/29 12:56:04 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2012/03/29 12:56:04 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2012/03/29 12:56:03 | 002,967,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2012/03/29 12:56:03 | 002,321,408 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2012/03/29 12:56:02 | 008,079,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2012/03/29 12:56:02 | 006,117,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2012/03/29 12:56:00 | 014,658,688 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdpmd64.sys
[2012/03/29 12:56:00 | 014,658,688 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2012/03/29 12:55:50 | 009,604,096 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2012/03/29 12:55:49 | 007,781,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2012/03/29 12:55:41 | 005,886,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2012/03/29 12:55:41 | 000,398,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2012/03/29 12:55:41 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2012/03/29 12:55:40 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2012/03/29 12:55:39 | 000,184,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2012/03/29 12:55:38 | 005,006,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2012/03/29 12:55:38 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2012/03/29 12:55:38 | 000,041,984 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2012/03/29 12:55:37 | 001,960,448 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll
[2012/03/29 12:55:36 | 006,202,880 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2012/03/29 12:55:36 | 001,053,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll
[2012/03/29 12:55:35 | 004,516,352 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2012/03/29 12:55:34 | 007,431,168 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2012/03/29 12:55:33 | 019,747,328 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2012/03/29 12:55:33 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2012/03/29 12:55:33 | 000,044,544 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2012/03/29 12:55:33 | 000,032,256 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2012/03/29 12:55:31 | 026,233,856 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2012/03/29 12:55:29 | 000,338,432 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2012/03/29 12:55:29 | 000,056,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2012/03/29 12:55:29 | 000,056,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2012/03/29 12:55:29 | 000,056,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2012/03/29 12:55:29 | 000,056,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2012/03/29 12:55:29 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2012/03/29 12:55:28 | 011,160,064 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2012/03/29 12:55:27 | 007,462,400 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2012/03/29 12:55:27 | 000,503,296 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2012/03/29 12:55:27 | 000,236,544 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2012/03/29 12:55:27 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2012/03/29 12:55:27 | 000,041,984 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2012/03/29 12:55:27 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2012/03/29 12:55:27 | 000,017,408 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2012/03/29 12:55:27 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2012/03/29 12:55:26 | 006,772,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2012/03/29 12:55:25 | 001,065,472 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2012/03/29 12:55:25 | 000,906,752 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2012/03/29 12:55:25 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2012/03/29 12:55:24 | 013,876,736 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2012/03/29 12:55:24 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2012/03/29 12:55:24 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2012/03/29 12:55:23 | 011,607,552 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2012/03/29 12:55:21 | 000,514,560 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2012/03/29 12:55:21 | 000,360,448 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2012/03/29 12:55:21 | 000,159,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2012/03/29 12:55:21 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe
[2012/03/29 12:55:21 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2012/03/29 12:55:21 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2012/03/29 12:55:21 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2012/03/29 12:55:21 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2012/03/29 12:49:24 | 000,000,000 | ---D | C] -- C:\Users\lizglass\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grey Olltwit's Software
[2012/03/29 12:49:17 | 000,000,000 | ---D | C] -- C:\Olltwit
[2012/03/29 12:46:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/03/29 12:46:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/03/29 12:44:47 | 000,000,000 | ---D | C] -- C:\Users\lizglass\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2012/03/29 12:16:43 | 000,000,000 | ---D | C] -- C:\Users\lizglass\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TimeTo
[2012/03/29 12:16:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TimeTo
[2012/03/22 21:12:12 | 004,435,968 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
[2012/03/15 23:55:23 | 000,000,000 | ---D | C] -- C:\Users\lizglass\Desktop\Art Books, Art Videos, Watercolor Books, Acrylic Books, Pastel Books - NorthLightShop.com_files
[2012/03/15 03:05:22 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/03/15 03:05:20 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/03/15 03:05:19 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/03/14 07:36:53 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/03/14 07:28:07 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/03/14 07:28:06 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/03/14 07:28:06 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/03/14 07:28:05 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/03/14 07:28:05 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/07 17:54:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-999043541-2461997901-464249042-1000UA.job
[2012/04/07 17:46:02 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/07 17:21:55 | 000,000,512 | ---- | M] () -- C:\Users\lizglass\Desktop\MBR.dat
[2012/04/07 15:52:48 | 000,020,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/07 15:52:48 | 000,020,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/07 15:45:37 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/07 15:45:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/07 15:45:02 | 659,039,857 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/04/07 15:44:56 | 3148,218,368 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/07 15:27:48 | 000,780,156 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/07 15:27:48 | 000,652,812 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/07 15:27:48 | 000,121,486 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/07 07:54:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-999043541-2461997901-464249042-1000Core.job
[2012/04/06 05:50:44 | 000,002,419 | ---- | M] () -- C:\Users\lizglass\Desktop\Google Chrome.lnk
[2012/04/05 22:16:01 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/04/05 20:53:17 | 000,001,132 | ---- | M] () -- C:\Users\lizglass\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2012/04/05 20:53:17 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2012/04/05 20:25:54 | 000,001,626 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software .lnk
[2012/04/05 08:05:28 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/04/03 18:34:03 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/03 18:33:04 | 000,001,081 | ---- | M] () -- C:\Users\lizglass\Desktop\SpywareBlaster.lnk
[2012/04/03 17:29:03 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\lizglass\Desktop\OTL.exe
[2012/04/02 12:12:00 | 000,008,282 | ---- | M] () -- C:\Users\lizglass\Documents\timedata.pak
[2012/04/02 12:10:00 | 000,008,221 | ---- | M] () -- C:\Users\lizglass\Documents\timedata.bak
[2012/04/02 12:02:00 | 000,007,639 | ---- | M] () -- C:\Users\lizglass\Documents\timedata.BackupRandom1
[2012/04/02 12:02:00 | 000,007,639 | ---- | M] () -- C:\Users\lizglass\Documents\timedata.BackupDayOfWeek2
[2012/04/02 11:56:00 | 000,007,524 | ---- | M] () -- C:\Users\lizglass\Documents\timedata.BackupRandom3
[2012/04/02 11:42:13 | 000,000,160 | ---- | M] () -- C:\Users\lizglass\Documents\Status.tbl
[2012/04/02 11:14:38 | 000,001,539 | ---- | M] () -- C:\Users\lizglass\Documents\TimeTo.ini
[2012/04/02 10:54:00 | 000,005,787 | ---- | M] () -- C:\Users\lizglass\Documents\timedata.x12
[2012/04/02 10:39:10 | 000,000,049 | ---- | M] () -- C:\Users\lizglass\Documents\recent.lst
[2012/03/30 23:26:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Smb_driver_01009.Wdf
[2012/03/30 11:58:24 | 002,346,632 | ---- | M] () -- C:\Users\lizglass\Documents\documentation-ozeo11051816-1.pdf
[2012/03/30 11:54:34 | 002,261,131 | ---- | M] () -- C:\Users\lizglass\Documents\les-solutions-vmc11051534-1.pdf
[2012/03/29 12:49:24 | 000,000,731 | ---- | M] () -- C:\Users\lizglass\Desktop\Calorie Counter.lnk
[2012/03/29 12:49:02 | 000,002,249 | ---- | M] () -- C:\Users\lizglass\Desktop\Kindle.lnk
[2012/03/29 12:47:17 | 000,001,236 | ---- | M] () -- C:\Users\lizglass\Desktop\DriverMax.lnk
[2012/03/29 12:46:34 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/03/29 12:44:47 | 000,001,892 | ---- | M] () -- C:\Users\lizglass\Desktop\IrfanView Thumbnails.lnk
[2012/03/29 12:44:47 | 000,001,000 | ---- | M] () -- C:\Users\lizglass\Desktop\IrfanView.lnk
[2012/03/29 12:44:12 | 000,001,274 | ---- | M] () -- C:\Users\Public\Desktop\Uninstaller.lnk
[2012/03/29 12:44:12 | 000,001,223 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012/03/29 12:16:43 | 000,002,215 | ---- | M] () -- C:\Users\lizglass\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeTo.lnk
[2012/03/29 12:16:43 | 000,002,169 | ---- | M] () -- C:\Users\lizglass\Desktop\TimeTo™.lnk
[2012/03/24 19:27:14 | 000,007,168 | ---- | M] () -- C:\Users\lizglass\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/22 21:12:12 | 004,435,968 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
[2012/03/15 23:55:23 | 000,038,872 | ---- | M] () -- C:\Users\lizglass\Desktop\Art Books, Art Videos, Watercolor Books, Acrylic Books, Pastel Books - NorthLightShop.com.htm
[2012/03/15 08:52:47 | 000,001,051 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/03/15 03:22:32 | 005,044,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/12 14:27:52 | 000,002,126 | ---- | M] () -- C:\Users\Public\Desktop\CanoScan Toolbox 5.0.lnk
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/07 17:21:55 | 000,000,512 | ---- | C] () -- C:\Users\lizglass\Desktop\MBR.dat
[2012/04/07 10:02:12 | 659,039,857 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/04/05 08:05:28 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/04/03 18:34:03 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/03 18:33:04 | 000,001,081 | ---- | C] () -- C:\Users\lizglass\Desktop\SpywareBlaster.lnk
[2012/04/02 12:04:00 | 000,007,639 | ---- | C] () -- C:\Users\lizglass\Documents\timedata.BackupRandom1
[2012/04/02 11:22:00 | 000,007,639 | ---- | C] () -- C:\Users\lizglass\Documents\timedata.BackupDayOfWeek2
[2012/04/02 11:22:00 | 000,007,524 | ---- | C] () -- C:\Users\lizglass\Documents\timedata.BackupRandom3
[2012/04/02 11:14:38 | 000,010,956 | ---- | C] () -- C:\Users\lizglass\Documents\TimezoneUpdate.lst
[2012/04/02 11:14:38 | 000,010,956 | ---- | C] () -- C:\Users\lizglass\Documents\TimezoneOriginal.lst
[2012/04/02 11:14:38 | 000,010,956 | ---- | C] () -- C:\Users\lizglass\Documents\Timezone.lst
[2012/04/02 11:14:38 | 000,010,650 | ---- | C] () -- C:\Users\lizglass\Documents\Timezone20070221.lst
[2012/04/02 11:14:38 | 000,008,282 | ---- | C] () -- C:\Users\lizglass\Documents\timedata.pak
[2012/04/02 11:14:38 | 000,008,221 | ---- | C] () -- C:\Users\lizglass\Documents\timedata.bak
[2012/04/02 11:14:38 | 000,005,787 | ---- | C] () -- C:\Users\lizglass\Documents\timedata.x12
[2012/04/02 11:14:38 | 000,001,539 | ---- | C] () -- C:\Users\lizglass\Documents\TimeTo.ini
[2012/04/02 11:14:38 | 000,000,160 | ---- | C] () -- C:\Users\lizglass\Documents\Status.tbl
[2012/04/02 11:14:38 | 000,000,095 | ---- | C] () -- C:\Users\lizglass\Documents\Worktool.lst
[2012/04/02 11:14:38 | 000,000,049 | ---- | C] () -- C:\Users\lizglass\Documents\recent.lst
[2012/03/30 23:26:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Smb_driver_01009.Wdf
[2012/03/30 11:58:24 | 002,346,632 | ---- | C] () -- C:\Users\lizglass\Documents\documentation-ozeo11051816-1.pdf
[2012/03/30 11:54:34 | 002,261,131 | ---- | C] () -- C:\Users\lizglass\Documents\les-solutions-vmc11051534-1.pdf
[2012/03/29 12:56:12 | 000,059,425 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2012/03/29 12:56:12 | 000,059,398 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2012/03/29 12:56:12 | 000,059,230 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2012/03/29 12:56:12 | 000,059,104 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp
[2012/03/29 12:56:12 | 000,058,796 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp
[2012/03/29 12:56:12 | 000,058,109 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp
[2012/03/29 12:56:12 | 000,018,472 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2012/03/29 12:56:12 | 000,001,074 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2012/03/29 12:56:11 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2012/03/29 12:56:10 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/03/29 12:56:10 | 000,963,912 | ---- | C] () -- C:\Windows\SysNative\igkrng600.bin
[2012/03/29 12:56:04 | 000,009,216 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2012/03/29 12:56:02 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/03/29 12:56:02 | 000,261,208 | ---- | C] () -- C:\Windows\SysNative\igfcg600m.bin
[2012/03/29 12:55:52 | 000,079,360 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2012/03/29 12:55:52 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/03/29 12:55:48 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/03/29 12:55:48 | 000,145,804 | ---- | C] () -- C:\Windows\SysNative\igcompkrng600.bin
[2012/03/29 12:55:44 | 018,115,072 | ---- | C] () -- C:\Windows\SysNative\ig4icd64.dll
[2012/03/29 12:55:42 | 013,206,016 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012/03/29 12:55:41 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2012/03/29 12:55:41 | 000,000,264 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2012/03/29 12:55:40 | 000,221,099 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2012/03/29 12:55:40 | 000,191,775 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2012/03/29 12:55:40 | 000,143,155 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2012/03/29 12:55:40 | 000,141,435 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2012/03/29 12:55:40 | 000,140,122 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2012/03/29 12:55:40 | 000,136,451 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2012/03/29 12:55:40 | 000,124,962 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2012/03/29 12:55:40 | 000,123,467 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2012/03/29 12:55:39 | 000,207,830 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2012/03/29 12:55:39 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/03/29 12:55:39 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2012/03/29 12:55:39 | 000,164,334 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2012/03/29 12:55:39 | 000,161,613 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2012/03/29 12:55:39 | 000,157,226 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2012/03/29 12:55:39 | 000,148,033 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2012/03/29 12:55:39 | 000,146,675 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2012/03/29 12:55:39 | 000,145,687 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2012/03/29 12:55:39 | 000,145,579 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2012/03/29 12:55:39 | 000,144,338 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2012/03/29 12:55:39 | 000,143,805 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2012/03/29 12:55:39 | 000,142,664 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2012/03/29 12:55:39 | 000,142,335 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2012/03/29 12:55:39 | 000,142,189 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2012/03/29 12:55:39 | 000,141,644 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2012/03/29 12:55:39 | 000,140,923 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2012/03/29 12:55:39 | 000,140,885 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2012/03/29 12:55:39 | 000,140,549 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2012/03/29 12:55:39 | 000,139,487 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2012/03/29 12:55:39 | 000,136,369 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2012/03/29 12:55:39 | 000,135,868 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2012/03/29 12:55:39 | 000,131,317 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2012/03/29 12:55:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/03/29 12:55:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2012/03/29 12:55:38 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat
[2012/03/29 12:55:38 | 000,026,936 | ---- | C] () -- C:\Windows\SysNative\ativvsnl.dat
[2012/03/29 12:55:38 | 000,000,025 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat
[2012/03/29 12:55:38 | 000,000,025 | ---- | C] () -- C:\Windows\SysNative\ativvsny.dat
[2012/03/29 12:55:37 | 002,664,704 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2012/03/29 12:55:35 | 002,631,008 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2012/03/29 12:55:33 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012/03/29 12:55:33 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2012/03/29 12:55:32 | 000,037,533 | ---- | C] () -- C:\Windows\atiogl.xml
[2012/03/29 12:55:27 | 000,601,728 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2012/03/29 12:55:21 | 000,245,888 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2012/03/29 12:55:21 | 000,245,888 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2012/03/29 12:55:21 | 000,053,248 | ---- | C] () -- C:\Windows\SysNative\amdverag.dll
[2012/03/29 12:49:24 | 000,000,731 | ---- | C] () -- C:\Users\lizglass\Desktop\Calorie Counter.lnk
[2012/03/29 12:46:34 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/03/29 12:44:47 | 000,001,892 | ---- | C] () -- C:\Users\lizglass\Desktop\IrfanView Thumbnails.lnk
[2012/03/29 12:44:47 | 000,001,000 | ---- | C] () -- C:\Users\lizglass\Desktop\IrfanView.lnk
[2012/03/29 12:44:12 | 000,001,274 | ---- | C] () -- C:\Users\Public\Desktop\Uninstaller.lnk
[2012/03/29 12:44:12 | 000,001,223 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012/03/29 12:16:43 | 000,002,215 | ---- | C] () -- C:\Users\lizglass\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeTo.lnk
[2012/03/29 12:16:43 | 000,002,169 | ---- | C] () -- C:\Users\lizglass\Desktop\TimeTo™.lnk
[2012/03/15 23:55:21 | 000,038,872 | ---- | C] () -- C:\Users\lizglass\Desktop\Art Books, Art Videos, Watercolor Books, Acrylic Books, Pastel Books - NorthLightShop.com.htm
[2012/03/09 17:54:21 | 000,001,381 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
[2012/03/09 17:54:09 | 000,000,999 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2012/02/28 02:39:54 | 004,414,976 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2012/02/26 18:47:02 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/02/26 18:46:18 | 000,260,608 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2012/02/26 18:46:00 | 000,158,720 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2012/02/26 18:46:00 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2012/02/26 18:45:58 | 001,525,248 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2012/02/26 18:45:58 | 000,146,944 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2012/02/26 18:45:56 | 000,212,480 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2012/02/26 18:45:56 | 000,115,200 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2012/02/26 18:45:54 | 000,328,704 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2012/02/26 18:45:54 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2012/02/24 16:51:06 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012/02/24 16:51:00 | 006,426,793 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll
[2012/02/24 16:51:00 | 001,136,653 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll
[2012/02/24 16:51:00 | 000,369,109 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012/02/24 16:51:00 | 000,208,659 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll
[2012/02/24 16:51:00 | 000,142,647 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-2.dll
[2011/12/07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2011/09/18 15:16:58 | 001,456,640 | ---- | C] () -- C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi
[2011/09/08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011/09/08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011/09/08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011/09/08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011/09/08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2011/09/08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011/09/08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2011/09/08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2011/09/08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011/09/08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011/08/19 10:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011/08/19 10:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2011/08/19 10:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/08/06 19:44:00 | 000,000,000 | ---- | C] () -- C:\Users\lizglass\AppData\Local\rx_image32.Cache
[2011/07/03 13:34:37 | 000,007,168 | ---- | C] () -- C:\Users\lizglass\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/30 15:42:50 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/05/26 14:57:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/05/23 09:46:30 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/05/21 00:50:35 | 000,000,096 | ---- | C] () -- C:\Windows\LaunApp.ini
[2011/05/21 00:50:31 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2011/05/21 00:50:31 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
[2011/05/21 00:50:31 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini
[2011/05/21 00:50:31 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini
[2011/05/21 00:50:31 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini
[2011/05/21 00:50:31 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2011/05/21 00:50:31 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini
[2011/05/20 22:30:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/05/20 22:27:51 | 000,017,776 | ---- | C] () -- C:\Windows\EvtMessage.dll
[2011/05/20 22:25:21 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011/05/20 22:22:51 | 000,766,068 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/20 22:20:33 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/03/03 13:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2011/03/03 13:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2011/03/03 13:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2010/08/18 21:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini

========== LOP Check ==========

[2012/04/07 15:30:12 | 000,000,000 | ---D | M] -- C:\Users\Coralie.lizglass-PC\AppData\Roaming\IObit
[2011/06/20 10:00:21 | 000,000,000 | ---D | M] -- C:\Users\Coralie.lizglass-PC\AppData\Roaming\IrfanView
[2011/09/22 16:21:55 | 000,000,000 | ---D | M] -- C:\Users\Coralie.lizglass-PC\AppData\Roaming\SoftGrid Client
[2011/12/08 03:51:12 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Fingertapps
[2011/12/08 03:58:23 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\IObit
[2012/03/12 16:17:20 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\IrfanView
[2011/12/03 02:37:14 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\OpenOffice.org
[2012/01/06 12:39:06 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Progeny
[2012/01/18 17:49:59 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\SoftGrid Client
[2011/11/30 18:35:43 | 000,000,000 | ---D | M] -- C:\Users\lizglass\AppData\Roaming\Canon
[2011/09/17 06:30:22 | 000,000,000 | ---D | M] -- C:\Users\lizglass\AppData\Roaming\CBS Interactive
[2011/12/30 04:00:39 | 000,000,000 | ---D | M] -- C:\Users\lizglass\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/12/08 08:12:25 | 000,000,000 | ---D | M] -- C:\Users\lizglass\AppData\Roaming\Fingertapps
[2011/07/02 11:11:35 | 000,000,000 | ---D | M] -- C:\Users\lizglass\AppData\Roaming\go
[2012/02/03 22:56:18 | 000,000,000 | ---D | M] -- C:\Users\lizglass\AppData\Roaming\IDT
[2011/11/17 21:25:52 | 000,000,000 | ---D | M] -- C:\Users\lizglass\AppData\Roaming\IObit
[2011/06/14 15:42:52 | 000,000,000 | ---D | M] -- C:\Users\lizglass\AppData\Roaming\IrfanView
[2012/02/07 19:23:12 | 000,000,000 | ---D | M] -- C:\Users\lizglass\AppData\Roaming\Leadertech
[2011/06/15 14:44:22 | 000,000,000 | ---D | M] -- C:\Users\lizglass\AppData\Roaming\OpenOffice.org
[2011/06/24 21:45:21 | 000,000,000 | ---D | M] -- C:\Users\lizglass\AppData\Roaming\PCDr
[2012/04/05 08:13:48 | 000,000,000 | ---D | M] -- C:\Users\lizglass\AppData\Roaming\SoftGrid Client
[2011/05/30 21:20:38 | 000,000,000 | ---D | M] -- C:\Users\lizglass\AppData\Roaming\TP
[2012/04/05 22:22:50 | 000,000,000 | ---D | M] -- C:\Users\lizglass\AppData\Roaming\uTorrent
[2012/02/20 12:43:07 | 000,032,654 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\WINDOWS\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\WINDOWS\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\WINDOWS\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\WINDOWS\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\WINDOWS\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\WINDOWS\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/03/13 06:39:39 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/03/13 06:39:39 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/03/13 06:39:39 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/03/13 06:39:04 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/03/13 06:39:04 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/03/13 06:39:04 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\lizglass\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/04/04 03:56:42 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\lizglass\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/04/04 03:56:42 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\lizglass\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/04/04 03:56:42 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\lizglass\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/04/04 03:56:42 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/10/02 06:24:13 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/10/02 06:24:13 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/10/02 06:24:13 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/10/02 06:24:13 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/10/02 06:24:13 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/03/13 06:39:39 | 000,834,712 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/03/13 06:39:39 | 000,834,712 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/03/13 06:39:39 | 000,834,712 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/03/13 06:39:04 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/03/13 06:39:04 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/03/13 06:39:04 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\USERS\LIZGLASS\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/04/04 03:56:42 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\USERS\LIZGLASS\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/04/04 03:56:42 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\USERS\LIZGLASS\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/04/04 03:56:42 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\USERS\LIZGLASS\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/04/04 03:56:42 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/10/02 06:24:13 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/10/02 06:24:13 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/10/02 06:24:13 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/10/02 06:24:13 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/10/02 06:24:13 | 000,748,336 | ---- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >


Attached Files

  • Attached File  MBR.zip   572bytes   81 downloads

  • 0

#4
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Please download ComboFix from Here or Here to your Desktop.

Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop.

  • If you are using Firefox, make sure that your download settings are as follows:
    • Tools->Options->Main tab
    • Set to "Always ask me where to Save the files".
  • During the download, rename Combofix to Combo-Fix as follows:

    Posted Image

    Posted Image
  • It is important you rename Combofix during the download, but not after.
  • Please do not rename Combofix to other names, but only to the one indicated.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection
  • Double click on combo-Fix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the "C:\Combo-Fix.txt" for further review

Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall.
  • 0

#5
lizglass

lizglass

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
OK, here is the report:

ComboFix 12-04-07.03 - lizglass 08/04/2012 5:49.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.33.1033.18.4003.2190 [GMT 2:00]
Lancé depuis: c:\users\lizglass\Desktop\Combo-Fix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\{392AB398-A0A5-44CB-9773-A2C3E36B036A}.xps
c:\users\Jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\{760E4BA7-44AE-4BE7-8F58-5036A2882102}.xps
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-03-08 au 2012-04-08 ))))))))))))))))))))))))))))))))))))
.
.
2012-04-08 03:55 . 2012-04-08 03:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-08 03:55 . 2012-04-08 03:55 -------- d-----w- c:\users\coralie\AppData\Local\temp
2012-04-08 03:55 . 2012-04-08 03:55 -------- d-----w- c:\users\Jonathan\AppData\Local\temp
2012-04-08 03:55 . 2012-04-08 03:55 -------- d-----w- c:\users\Coralie.lizglass-PC\AppData\Local\temp
2012-04-08 03:50 . 2012-04-08 03:50 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8FE3A563-3CC8-41DF-8F78-8EA919416D12}\offreg.dll
2012-04-07 16:31 . 2012-04-07 16:31 -------- d-----w- c:\program files (x86)\7-Zip
2012-04-07 13:30 . 2012-04-07 13:30 -------- d-----w- c:\users\Coralie.lizglass-PC\AppData\Roaming\IObit
2012-04-06 13:21 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8FE3A563-3CC8-41DF-8F78-8EA919416D12}\mpengine.dll
2012-04-05 06:05 . 2012-04-05 06:05 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-04-05 06:05 . 2012-04-05 06:05 -------- d-----r- c:\program files (x86)\Skype
2012-04-05 04:50 . 2011-12-06 01:23 331264 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2012-04-05 04:50 . 2011-12-06 01:22 14848 ----a-w- c:\windows\system32\IntcDAuC.dll
2012-04-04 22:15 . 2011-09-08 05:42 535040 ----a-w- c:\windows\system32\drivers\stwrt64.sys
2012-04-04 22:15 . 2011-09-08 05:42 655872 ----a-w- c:\windows\system32\stapi64.dll
2012-04-04 22:15 . 2011-09-08 05:42 446464 ----a-w- c:\windows\system32\stcplx64.dll
2012-04-04 22:15 . 2011-09-08 05:42 1966080 ----a-w- c:\windows\system32\stapo64.dll
2012-04-04 22:15 . 2011-09-08 05:42 251392 ----a-w- c:\windows\system32\st646365.dll
2012-04-04 22:15 . 2011-04-20 15:28 734720 ----a-w- c:\windows\SysWow64\IMAPO32.dll
2012-04-03 16:34 . 2012-04-03 16:34 -------- d-----w- c:\users\lizglass\AppData\Roaming\Malwarebytes
2012-04-03 16:34 . 2012-04-03 16:34 -------- d-----w- c:\programdata\Malwarebytes
2012-04-03 16:34 . 2011-12-10 13:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-03 16:34 . 2012-04-03 16:34 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-04-03 16:33 . 2010-01-10 16:40 118784 ----a-w- c:\windows\SysWow64\MSSTDFMT.DLL
2012-04-03 16:33 . 2012-04-03 16:33 -------- d-----w- c:\program files (x86)\SpywareBlaster
2012-04-02 23:20 . 2012-02-20 10:36 11471872 ----a-w- c:\windows\system32\drivers\Netwsw00.sys
2012-04-02 23:20 . 2012-02-20 10:36 885520 ----a-w- c:\windows\system32\Netwcw00.dll
2012-04-02 23:20 . 2012-02-20 10:36 3381008 ----a-w- c:\windows\system32\Netwrw00.dll
2012-04-02 23:17 . 2012-02-23 01:18 402024 ----a-w- c:\windows\system32\drivers\Rtenic64.sys
2012-04-01 23:09 . 2011-10-20 09:24 157696 ----a-w- c:\windows\system32\drivers\MxEFUF64.sys
2012-04-01 23:06 . 2011-11-09 22:04 60184 ----a-w- c:\windows\system32\drivers\HECIx64.sys
2012-04-01 06:25 . 2012-04-01 06:25 -------- d-----w- c:\users\Coralie.lizglass-PC\AppData\Local\Logitech® Webcam Software
2012-03-30 21:26 . 2012-03-30 21:26 -------- d-----w- c:\program files\Synaptics
2012-03-30 21:26 . 2012-02-09 17:54 21264 ----a-w- c:\windows\system32\drivers\Smb_driver.sys
2012-03-30 12:18 . 2011-10-26 15:48 90472 ----a-w- c:\windows\system32\nusb3co2.dll
2012-03-30 12:18 . 2011-10-25 07:57 213504 ----a-w- c:\windows\system32\drivers\nusb3xhc.sys
2012-03-29 13:27 . 2011-12-27 00:18 20192 ----a-w- c:\windows\system32\btinstall.dll
2012-03-29 13:27 . 2011-12-27 00:18 43616 ----a-w- c:\windows\system32\drivers\btcusb.sys
2012-03-29 10:55 . 2012-01-18 08:53 79360 ----a-w- c:\windows\system32\igdde64.dll
2012-03-29 10:49 . 2012-03-29 10:49 -------- d-----w- C:\Olltwit
2012-03-29 10:46 . 2012-03-29 10:46 -------- d--h--w- c:\programdata\Common Files
2012-03-29 10:16 . 2012-04-05 18:48 -------- d-----w- c:\program files (x86)\TimeTo
2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\SysWow64\GPhotos.scr
2012-03-15 06:52 . 2012-03-13 04:39 97208 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2012-03-15 06:52 . 2012-03-13 04:39 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-15 06:52 . 2012-03-13 04:39 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-15 01:05 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-15 01:05 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-15 01:05 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 05:36 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 05:36 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 05:36 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-14 05:28 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 05:28 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 05:28 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 05:28 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 05:28 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-14 05:28 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 05:28 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-08 07:47 . 2011-11-30 15:50 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-07 00:15 . 2011-06-15 15:03 41184 ----a-w- c:\windows\avastSS.scr
2012-03-07 00:15 . 2011-06-15 15:03 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-07 00:15 . 2011-06-15 15:03 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-07 00:04 . 2011-06-15 15:03 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:04 . 2011-06-15 15:03 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-07 00:02 . 2012-03-08 07:22 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-07 00:01 . 2011-06-15 15:03 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-07 00:01 . 2011-06-15 15:03 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-07 00:01 . 2011-06-15 15:03 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-02 16:24 . 2011-06-15 10:28 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-28 10:21 . 2011-05-20 22:52 64000 ----a-w- c:\windows\system32\coinst.dll
2012-02-28 00:43 . 2012-02-28 00:43 4207616 ----a-w- c:\windows\system32\ffdshow.ax
2012-02-28 00:43 . 2012-02-28 00:43 3350528 ----a-w- c:\windows\SysWow64\ffdshow.ax
2012-02-28 00:41 . 2012-02-28 00:41 4492800 ----a-w- c:\windows\system32\ffmpeg.dll
2012-02-28 00:39 . 2012-02-28 00:39 4414976 ----a-w- c:\windows\SysWow64\ffmpeg.dll
2012-02-26 16:52 . 2012-02-26 16:52 474624 ----a-w- c:\windows\system32\ff_kernelDeint.dll
2012-02-26 16:52 . 2012-02-26 16:52 92160 ----a-w- c:\windows\system32\ff_vfw.dll
2012-02-26 16:52 . 2012-02-26 16:52 114688 ----a-w- c:\windows\system32\ff_wmv9.dll
2012-02-26 16:52 . 2012-02-26 16:52 631296 ----a-w- c:\windows\system32\TomsMoComp_ff.dll
2012-02-26 16:51 . 2012-02-26 16:51 156672 ----a-w- c:\windows\system32\ff_libmad.dll
2012-02-26 16:51 . 2012-02-26 16:51 359424 ----a-w- c:\windows\system32\ff_libfaad2.dll
2012-02-26 16:51 . 2012-02-26 16:51 183808 ----a-w- c:\windows\system32\ff_unrar.dll
2012-02-26 16:51 . 2012-02-26 16:51 222720 ----a-w- c:\windows\system32\ff_libdts.dll
2012-02-26 16:51 . 2012-02-26 16:51 1532928 ----a-w- c:\windows\system32\ff_samplerate.dll
2012-02-26 16:51 . 2012-02-26 16:51 116224 ----a-w- c:\windows\system32\ff_liba52.dll
2012-02-26 16:51 . 2012-02-26 16:51 190464 ----a-w- c:\windows\system32\libmpeg2_ff.dll
2012-02-26 16:47 . 2012-02-26 16:47 79360 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2012-02-26 16:46 . 2012-02-26 16:46 260608 ----a-w- c:\windows\SysWow64\TomsMoComp_ff.dll
2012-02-26 16:46 . 2012-02-26 16:46 99840 ----a-w- c:\windows\SysWow64\ff_wmv9.dll
2012-02-26 16:46 . 2012-02-26 16:46 158720 ----a-w- c:\windows\SysWow64\ff_unrar.dll
2012-02-26 16:45 . 2012-02-26 16:45 1525248 ----a-w- c:\windows\SysWow64\ff_samplerate.dll
2012-02-26 16:45 . 2012-02-26 16:45 146944 ----a-w- c:\windows\SysWow64\ff_libmad.dll
2012-02-26 16:45 . 2012-02-26 16:45 212480 ----a-w- c:\windows\SysWow64\ff_libdts.dll
2012-02-26 16:45 . 2012-02-26 16:45 115200 ----a-w- c:\windows\SysWow64\ff_liba52.dll
2012-02-26 16:45 . 2012-02-26 16:45 328704 ----a-w- c:\windows\SysWow64\ff_libfaad2.dll
2012-02-26 16:45 . 2012-02-26 16:45 137728 ----a-w- c:\windows\SysWow64\libmpeg2_ff.dll
2012-02-24 14:53 . 2012-02-24 14:53 553984 ----a-w- c:\windows\system32\LAVSplitter.ax
2012-02-24 14:53 . 2012-02-24 14:53 733184 ----a-w- c:\windows\system32\LAVVideo.ax
2012-02-24 14:53 . 2012-02-24 14:53 246272 ----a-w- c:\windows\system32\LAVAudio.ax
2012-02-24 14:53 . 2012-02-24 14:53 202240 ----a-w- c:\windows\system32\libbluray.dll
2012-02-24 14:53 . 2012-02-24 14:53 6622418 ----a-w- c:\windows\system32\avcodec-lav-54.dll
2012-02-24 14:53 . 2012-02-24 14:53 393392 ----a-w- c:\windows\system32\swscale-lav-2.dll
2012-02-24 14:53 . 2012-02-24 14:53 214235 ----a-w- c:\windows\system32\avutil-lav-51.dll
2012-02-24 14:53 . 2012-02-24 14:53 130825 ----a-w- c:\windows\system32\avfilter-lav-2.dll
2012-02-24 14:53 . 2012-02-24 14:53 1013645 ----a-w- c:\windows\system32\avformat-lav-54.dll
2012-02-24 14:51 . 2012-02-24 14:51 461824 ----a-w- c:\windows\SysWow64\LAVSplitter.ax
2012-02-24 14:51 . 2012-02-24 14:51 575488 ----a-w- c:\windows\SysWow64\LAVVideo.ax
2012-02-24 14:51 . 2012-02-24 14:51 215040 ----a-w- c:\windows\SysWow64\LAVAudio.ax
2012-02-24 14:51 . 2012-02-24 14:51 172032 ----a-w- c:\windows\SysWow64\libbluray.dll
2012-02-24 14:51 . 2012-02-24 14:51 6426793 ----a-w- c:\windows\SysWow64\avcodec-lav-54.dll
2012-02-24 14:51 . 2012-02-24 14:51 369109 ----a-w- c:\windows\SysWow64\swscale-lav-2.dll
2012-02-24 14:51 . 2012-02-24 14:51 208659 ----a-w- c:\windows\SysWow64\avutil-lav-51.dll
2012-02-24 14:51 . 2012-02-24 14:51 142647 ----a-w- c:\windows\SysWow64\avfilter-lav-2.dll
2012-02-24 14:51 . 2012-02-24 14:51 1136653 ----a-w- c:\windows\SysWow64\avformat-lav-54.dll
2012-02-23 07:18 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-20 19:41 . 2012-02-20 19:41 181248 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll
2012-02-20 19:41 . 2012-02-20 19:41 147968 ----a-w- c:\windows\SysWow64\IntelQuickSyncDecoder.dll
2012-02-15 12:09 . 2012-02-15 12:09 1576448 ----a-w- c:\windows\system32\VSFilter.dll
2012-02-15 12:08 . 2012-02-15 12:08 1288192 ----a-w- c:\windows\SysWow64\VSFilter.dll
2012-02-07 17:23 . 2012-02-07 17:23 53248 ----a-r- c:\users\lizglass\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-01-30 22:30 . 2012-01-30 22:30 424960 ----a-w- c:\windows\system32\cdxareader.ax
2012-01-30 22:30 . 2012-01-30 22:30 500224 ----a-w- c:\windows\system32\FLVSplitter.ax
2012-01-30 22:29 . 2012-01-30 22:29 381440 ----a-w- c:\windows\SysWow64\cdxareader.ax
2012-01-30 22:29 . 2012-01-30 22:29 445440 ----a-w- c:\windows\SysWow64\FLVSplitter.ax
2012-01-14 01:30 . 2012-01-14 01:30 0 ----a-w- c:\windows\SysWow64\shoECB.tmp
2011-07-14 08:31 . 2011-09-18 13:16 1456640 ----a-w- c:\program files (x86)\Common Files\Falk Navi-Manager.msi
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"="c:\program files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-03-06 574296]
"DriverMax"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2012-03-26 9532824]
"DriverMax_RESTART"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2012-03-26 9532824]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2011-11-30 296056]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-09 559616]
.
c:\users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]
.
c:\users\lizglass\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
TimeTo.lnk - c:\program files (x86)\TimeTo\TimeTo.exe [2012-1-6 819200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-03 897088]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-05 136176]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-03 1298496]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-01-18 269312]
R3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2011-10-08 20336]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-05 136176]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2011-09-20 33184]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-09-20 21872]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\DRIVERS\MxEFUF64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-03-14 913752]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2011-10-08 820568]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 MEIx64;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\Netwsw00.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTLE8023x64;Realtek 10/100/1000 PCI-E NIC Family NDIS XP(x64) Driver;c:\windows\system32\DRIVERS\Rtenic64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2012-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-05 12:08]
.
2012-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-05 12:08]
.
2012-04-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-999043541-2461997901-464249042-1000Core.job
- c:\users\lizglass\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-26 07:20]
.
2012-04-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-999043541-2461997901-464249042-1000UA.job
- c:\users\lizglass\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-26 07:20]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-11-03 10228224]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-02-26 499608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-18 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-18 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-18 440600]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-25 525312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://isearch.avg.com/?cid={B411ECCA-29BC-4808-8FA5-BC07E1361E85}&mid=d6613771af9747d098536d3e71bd96fb-42f01cf7f2706666112717ac7f5d438f9448caee&lang=en&ds=is015&pr=sa&d=2012-03-29 12:47&v=10.2.0.3&sap=hp
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\lizglass\AppData\Roaming\Mozilla\Firefox\Profiles\meeju61s.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - user.js: general.useragent.extra.brc -
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKCU-Run-uTorrent - c:\program files (x86)\uTorrent\utorrent.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2012-04-08 05:57:47
ComboFix-quarantined-files.txt 2012-04-08 03:57
.
Avant-CF: 407 717 838 848 bytes free
Aprčs-CF: 411 481 219 072 bytes free
.
- - End Of File - - CB9A31E7603D5A56AEAA028DDE260157
  • 0

#6
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Can you manually change Firefox's home page to something else e.g. Google?

Please continue with this:

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK button.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt".
Please copy and paste its contents on your next reply.
  • 0

#7
lizglass

lizglass

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
I really appreciate you being with me on this, Render!! On an Easter Sunday, no less,,,Posted Image

The plot thickens....Posted Image

Now Firefox is crashing when I try to open it. IE and Chrome are still working OK.

I've run the TDSS rootkit removing program and three threats were found (see below). However, there was no "cure " option and when I pressed "continue", the only option offered was to scan again (no rebooting). Same results three times. Here is the log:





17:39:00.0018 8896 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
17:39:00.0220 8896 ============================================================
17:39:00.0220 8896 Current date / time: 2012/04/08 17:39:00.0220
17:39:00.0220 8896 SystemInfo:
17:39:00.0220 8896
17:39:00.0220 8896 OS Version: 6.1.7601 ServicePack: 1.0
17:39:00.0220 8896 Product type: Workstation
17:39:00.0220 8896 ComputerName: LIZGLASS-PC
17:39:00.0220 8896 UserName: lizglass
17:39:00.0220 8896 Windows directory: C:\Windows
17:39:00.0220 8896 System windows directory: C:\Windows
17:39:00.0220 8896 Running under WOW64
17:39:00.0220 8896 Processor architecture: Intel x64
17:39:00.0220 8896 Number of processors: 4
17:39:00.0220 8896 Page size: 0x1000
17:39:00.0220 8896 Boot type: Normal boot
17:39:00.0220 8896 ============================================================
17:39:00.0616 8896 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:39:00.0616 8896 \Device\Harddisk0\DR0:
17:39:00.0616 8896 MBR used
17:39:00.0616 8896 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
17:39:00.0616 8896 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
17:39:00.0647 8896 Initialize success
17:39:00.0647 8896 ============================================================
17:39:12.0551 5372 ============================================================
17:39:12.0551 5372 Scan started
17:39:12.0551 5372 Mode: Manual; SigCheck; TDLFS;
17:39:12.0551 5372 ============================================================
17:39:12.0922 5372 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:39:13.0047 5372 1394ohci - ok
17:39:13.0109 5372 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:39:13.0141 5372 ACPI - ok
17:39:13.0156 5372 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:39:13.0219 5372 AcpiPmi - ok
17:39:13.0297 5372 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:39:13.0315 5372 AdobeARMservice - ok
17:39:13.0358 5372 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:39:13.0381 5372 adp94xx - ok
17:39:13.0413 5372 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:39:13.0424 5372 adpahci - ok
17:39:13.0466 5372 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:39:13.0494 5372 adpu320 - ok
17:39:13.0612 5372 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
17:39:13.0645 5372 AdvancedSystemCareService5 - ok
17:39:13.0740 5372 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:39:13.0812 5372 AeLookupSvc - ok
17:39:13.0878 5372 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
17:39:13.0933 5372 AESTFilters - ok
17:39:14.0029 5372 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:39:14.0077 5372 AFD - ok
17:39:14.0123 5372 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:39:14.0148 5372 agp440 - ok
17:39:14.0181 5372 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:39:14.0236 5372 ALG - ok
17:39:14.0274 5372 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:39:14.0296 5372 aliide - ok
17:39:14.0331 5372 AMD External Events Utility (d36fdd313ef6c02e5a9676b91732597e) C:\Windows\system32\atiesrxx.exe
17:39:14.0393 5372 AMD External Events Utility - ok
17:39:14.0424 5372 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:39:14.0440 5372 amdide - ok
17:39:14.0471 5372 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:39:14.0518 5372 AmdK8 - ok
17:39:14.0768 5372 amdkmdag (2c03919de1c7dcfbdec1e58db9aebb11) C:\Windows\system32\DRIVERS\atikmdag.sys
17:39:14.0880 5372 amdkmdag - ok
17:39:14.0910 5372 amdkmdap (d6d865a7b99db9890da0220ad8f66e98) C:\Windows\system32\DRIVERS\atikmpag.sys
17:39:14.0961 5372 amdkmdap - ok
17:39:15.0010 5372 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
17:39:15.0061 5372 AmdPPM - ok
17:39:15.0108 5372 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:39:15.0128 5372 amdsata - ok
17:39:15.0161 5372 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:39:15.0170 5372 amdsbs - ok
17:39:15.0196 5372 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:39:15.0213 5372 amdxata - ok
17:39:15.0245 5372 ApfiltrService (6690e42ced5d067233abad42da141213) C:\Windows\system32\DRIVERS\Apfiltr.sys
17:39:15.0264 5372 ApfiltrService - ok
17:39:15.0281 5372 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:39:15.0342 5372 AppID - ok
17:39:15.0386 5372 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:39:15.0461 5372 AppIDSvc - ok
17:39:15.0494 5372 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:39:15.0570 5372 Appinfo - ok
17:39:15.0689 5372 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:39:15.0714 5372 arc - ok
17:39:15.0759 5372 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:39:15.0781 5372 arcsas - ok
17:39:15.0851 5372 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:39:15.0867 5372 aspnet_state - ok
17:39:15.0904 5372 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
17:39:15.0924 5372 aswFsBlk - ok
17:39:15.0948 5372 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
17:39:15.0961 5372 aswMonFlt - ok
17:39:16.0041 5372 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
17:39:16.0061 5372 aswRdr - ok
17:39:16.0098 5372 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
17:39:16.0135 5372 aswSnx - ok
17:39:16.0180 5372 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
17:39:16.0199 5372 aswSP - ok
17:39:16.0225 5372 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
17:39:16.0245 5372 aswTdi - ok
17:39:16.0276 5372 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:39:16.0356 5372 AsyncMac - ok
17:39:16.0386 5372 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:39:16.0393 5372 atapi - ok
17:39:16.0440 5372 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:39:16.0530 5372 AudioEndpointBuilder - ok
17:39:16.0569 5372 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:39:16.0603 5372 AudioSrv - ok
17:39:16.0634 5372 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:39:16.0641 5372 avast! Antivirus - ok
17:39:16.0663 5372 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:39:16.0733 5372 AxInstSV - ok
17:39:16.0792 5372 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:39:16.0885 5372 b06bdrv - ok
17:39:16.0917 5372 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:39:16.0965 5372 b57nd60a - ok
17:39:17.0011 5372 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:39:17.0060 5372 BDESVC - ok
17:39:17.0094 5372 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:39:17.0169 5372 Beep - ok
17:39:17.0216 5372 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:39:17.0286 5372 BFE - ok
17:39:17.0353 5372 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
17:39:17.0446 5372 BITS - ok
17:39:17.0493 5372 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:39:17.0524 5372 blbdrive - ok
17:39:17.0634 5372 Bluetooth Device Monitor (093b1b419ef25b15d3a1ca6953f41afb) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
17:39:17.0665 5372 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning
17:39:17.0665 5372 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1)
17:39:17.0680 5372 Bluetooth Media Service (03a7341e94acd92e0831336d4f3ace92) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
17:39:17.0727 5372 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning
17:39:17.0727 5372 Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1)
17:39:17.0852 5372 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:39:17.0923 5372 bowser - ok
17:39:17.0986 5372 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:39:18.0046 5372 BrFiltLo - ok
17:39:18.0080 5372 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:39:18.0113 5372 BrFiltUp - ok
17:39:18.0168 5372 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
17:39:18.0221 5372 BridgeMP - ok
17:39:18.0253 5372 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:39:18.0328 5372 Browser - ok
17:39:18.0395 5372 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:39:18.0446 5372 Brserid - ok
17:39:18.0466 5372 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:39:18.0523 5372 BrSerWdm - ok
17:39:18.0560 5372 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:39:18.0617 5372 BrUsbMdm - ok
17:39:18.0655 5372 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:39:18.0684 5372 BrUsbSer - ok
17:39:18.0746 5372 Btcsrusb (a437fbd0f3371eb16c676b6c4b501c77) C:\Windows\system32\Drivers\btcusb.sys
17:39:18.0767 5372 Btcsrusb - ok
17:39:18.0819 5372 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
17:39:18.0888 5372 BthEnum - ok
17:39:18.0908 5372 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
17:39:18.0971 5372 BTHMODEM - ok
17:39:19.0002 5372 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
17:39:19.0049 5372 BthPan - ok
17:39:19.0096 5372 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
17:39:19.0174 5372 BTHPORT - ok
17:39:19.0220 5372 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:39:19.0298 5372 bthserv - ok
17:39:19.0361 5372 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
17:39:19.0408 5372 BTHUSB - ok
17:39:19.0454 5372 btmaux (16c1bac9760c9fa85a30f3fa0fbb1b7a) C:\Windows\system32\DRIVERS\btmaux.sys
17:39:19.0486 5372 btmaux - ok
17:39:19.0529 5372 btmhsf (0c468d8da95be16bfdd380bb9de88259) C:\Windows\system32\DRIVERS\btmhsf.sys
17:39:19.0605 5372 btmhsf - ok
17:39:19.0645 5372 catchme - ok
17:39:19.0784 5372 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:39:19.0866 5372 cdfs - ok
17:39:19.0921 5372 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:39:19.0978 5372 cdrom - ok
17:39:20.0024 5372 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:39:20.0107 5372 CertPropSvc - ok
17:39:20.0166 5372 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
17:39:20.0228 5372 circlass - ok
17:39:20.0281 5372 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:39:20.0308 5372 CLFS - ok
17:39:20.0362 5372 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:39:20.0385 5372 clr_optimization_v2.0.50727_32 - ok
17:39:20.0429 5372 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:39:20.0451 5372 clr_optimization_v2.0.50727_64 - ok
17:39:20.0464 5372 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:39:20.0480 5372 clr_optimization_v4.0.30319_32 - ok
17:39:20.0511 5372 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:39:20.0542 5372 clr_optimization_v4.0.30319_64 - ok
17:39:20.0636 5372 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:39:20.0760 5372 CmBatt - ok
17:39:20.0807 5372 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:39:20.0823 5372 cmdide - ok
17:39:20.0885 5372 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:39:20.0932 5372 CNG - ok
17:39:20.0948 5372 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
17:39:20.0948 5372 Compbatt - ok
17:39:20.0963 5372 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:39:21.0027 5372 CompositeBus - ok
17:39:21.0037 5372 COMSysApp - ok
17:39:21.0104 5372 cphs (b2eae4cd1e2f338101d9d4af39f3d4f3) C:\Windows\SysWow64\IntelCpHeciSvc.exe
17:39:21.0154 5372 cphs - ok
17:39:21.0226 5372 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:39:21.0250 5372 crcdisk - ok
17:39:21.0290 5372 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
17:39:21.0366 5372 CryptSvc - ok
17:39:21.0396 5372 CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\Windows\system32\DRIVERS\CtClsFlt.sys
17:39:21.0406 5372 CtClsFlt - ok
17:39:21.0546 5372 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:39:21.0576 5372 cvhsvc - ok
17:39:21.0659 5372 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:39:21.0715 5372 DcomLaunch - ok
17:39:21.0773 5372 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:39:21.0832 5372 defragsvc - ok
17:39:21.0882 5372 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:39:21.0930 5372 DfsC - ok
17:39:21.0960 5372 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:39:22.0030 5372 Dhcp - ok
17:39:22.0066 5372 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:39:22.0143 5372 discache - ok
17:39:22.0176 5372 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:39:22.0196 5372 Disk - ok
17:39:22.0239 5372 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:39:22.0313 5372 Dnscache - ok
17:39:22.0350 5372 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:39:22.0439 5372 dot3svc - ok
17:39:22.0470 5372 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:39:22.0564 5372 DPS - ok
17:39:22.0627 5372 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:39:22.0684 5372 drmkaud - ok
17:39:22.0744 5372 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:39:22.0776 5372 DXGKrnl - ok
17:39:22.0806 5372 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:39:22.0872 5372 EapHost - ok
17:39:22.0986 5372 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:39:23.0035 5372 ebdrv - ok
17:39:23.0074 5372 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:39:23.0165 5372 EFS - ok
17:39:23.0229 5372 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:39:23.0320 5372 ehRecvr - ok
17:39:23.0340 5372 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:39:23.0391 5372 ehSched - ok
17:39:23.0478 5372 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:39:23.0516 5372 elxstor - ok
17:39:23.0533 5372 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:39:23.0595 5372 ErrDev - ok
17:39:23.0658 5372 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:39:23.0704 5372 EventSystem - ok
17:39:23.0814 5372 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:39:23.0829 5372 EvtEng - ok
17:39:23.0876 5372 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:39:23.0907 5372 exfat - ok
17:39:23.0923 5372 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:39:24.0001 5372 fastfat - ok
17:39:24.0048 5372 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:39:24.0125 5372 Fax - ok
17:39:24.0152 5372 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:39:24.0192 5372 fdc - ok
17:39:24.0235 5372 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:39:24.0310 5372 fdPHost - ok
17:39:24.0338 5372 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:39:24.0374 5372 FDResPub - ok
17:39:24.0398 5372 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:39:24.0406 5372 FileInfo - ok
17:39:24.0531 5372 FileMonitor (a5f546b29b6efb14b29b393e709ec71b) C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
17:39:24.0548 5372 FileMonitor - ok
17:39:24.0669 5372 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:39:24.0759 5372 Filetrace - ok
17:39:24.0795 5372 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:39:24.0811 5372 flpydisk - ok
17:39:24.0850 5372 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:39:24.0883 5372 FltMgr - ok
17:39:24.0946 5372 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:39:25.0046 5372 FontCache - ok
17:39:25.0102 5372 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:39:25.0133 5372 FontCache3.0.0.0 - ok
17:39:25.0211 5372 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:39:25.0227 5372 FsDepends - ok
17:39:25.0258 5372 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:39:25.0258 5372 Fs_Rec - ok
17:39:25.0289 5372 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:39:25.0305 5372 fvevol - ok
17:39:25.0320 5372 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:39:25.0336 5372 gagp30kx - ok
17:39:25.0383 5372 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:39:25.0430 5372 gpsvc - ok
17:39:25.0601 5372 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:39:25.0632 5372 gupdate - ok
17:39:25.0688 5372 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:39:25.0706 5372 gupdatem - ok
17:39:25.0759 5372 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:39:25.0785 5372 gusvc - ok
17:39:25.0933 5372 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:39:26.0006 5372 hcw85cir - ok
17:39:26.0040 5372 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:39:26.0092 5372 HdAudAddService - ok
17:39:26.0129 5372 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:39:26.0191 5372 HDAudBus - ok
17:39:26.0222 5372 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:39:26.0234 5372 HidBatt - ok
17:39:26.0247 5372 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
17:39:26.0312 5372 HidBth - ok
17:39:26.0347 5372 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:39:26.0388 5372 HidIr - ok
17:39:26.0419 5372 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
17:39:26.0494 5372 hidserv - ok
17:39:26.0506 5372 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
17:39:26.0517 5372 HidUsb - ok
17:39:26.0547 5372 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:39:26.0640 5372 hkmsvc - ok
17:39:26.0671 5372 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:39:26.0749 5372 HomeGroupListener - ok
17:39:26.0827 5372 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:39:26.0921 5372 HomeGroupProvider - ok
17:39:26.0983 5372 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:39:26.0999 5372 HpSAMD - ok
17:39:27.0046 5372 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:39:27.0124 5372 HTTP - ok
17:39:27.0155 5372 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:39:27.0186 5372 hwpolicy - ok
17:39:27.0209 5372 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:39:27.0237 5372 i8042prt - ok
17:39:27.0263 5372 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
17:39:27.0295 5372 iaStor - ok
17:39:27.0373 5372 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:39:27.0389 5372 IAStorDataMgrSvc - ok
17:39:27.0451 5372 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:39:27.0479 5372 iaStorV - ok
17:39:27.0539 5372 iBtFltCoex (fc85972037815fa7b413e790b426acb2) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
17:39:27.0591 5372 iBtFltCoex - ok
17:39:27.0705 5372 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:39:27.0770 5372 idsvc - ok
17:39:27.0934 5372 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:39:27.0955 5372 iirsp - ok
17:39:28.0050 5372 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:39:28.0172 5372 IKEEXT - ok
17:39:28.0319 5372 IMFservice (af28340ed02e762599c47422f1f9aba7) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
17:39:28.0350 5372 IMFservice - ok
17:39:28.0521 5372 IntcDAud (6c9fffeca9fed31347d211c5d1ffbd2d) C:\Windows\system32\DRIVERS\IntcDAud.sys
17:39:28.0584 5372 IntcDAud - ok
17:39:28.0646 5372 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:39:28.0662 5372 intelide - ok
17:39:29.0079 5372 intelkmd (11ba677667432a99ca261a472a2c29b8) C:\Windows\system32\DRIVERS\igdpmd64.sys
17:39:29.0457 5372 intelkmd - ok
17:39:29.0651 5372 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:39:29.0703 5372 intelppm - ok
17:39:29.0778 5372 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:39:29.0853 5372 IPBusEnum - ok
17:39:29.0955 5372 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:39:30.0009 5372 IpFilterDriver - ok
17:39:30.0100 5372 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:39:30.0207 5372 iphlpsvc - ok
17:39:30.0301 5372 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:39:30.0358 5372 IPMIDRV - ok
17:39:30.0397 5372 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:39:30.0503 5372 IPNAT - ok
17:39:30.0580 5372 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:39:30.0594 5372 IRENUM - ok
17:39:30.0612 5372 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:39:30.0619 5372 isapnp - ok
17:39:30.0645 5372 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:39:30.0657 5372 iScsiPrt - ok
17:39:30.0709 5372 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:39:30.0717 5372 kbdclass - ok
17:39:30.0740 5372 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:39:30.0767 5372 kbdhid - ok
17:39:30.0884 5372 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:39:30.0903 5372 KeyIso - ok
17:39:30.0941 5372 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:39:30.0968 5372 KSecDD - ok
17:39:30.0993 5372 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:39:31.0004 5372 KSecPkg - ok
17:39:31.0037 5372 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:39:31.0118 5372 ksthunk - ok
17:39:31.0240 5372 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:39:31.0326 5372 KtmRm - ok
17:39:31.0373 5372 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
17:39:31.0435 5372 LanmanServer - ok
17:39:31.0482 5372 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:39:31.0560 5372 LanmanWorkstation - ok
17:39:31.0622 5372 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:39:31.0716 5372 lltdio - ok
17:39:31.0763 5372 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:39:31.0841 5372 lltdsvc - ok
17:39:31.0876 5372 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:39:31.0927 5372 lmhosts - ok
17:39:32.0011 5372 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:39:32.0037 5372 LMS - ok
17:39:32.0166 5372 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:39:32.0186 5372 LSI_FC - ok
17:39:32.0219 5372 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:39:32.0244 5372 LSI_SAS - ok
17:39:32.0264 5372 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:39:32.0273 5372 LSI_SAS2 - ok
17:39:32.0287 5372 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:39:32.0296 5372 LSI_SCSI - ok
17:39:32.0327 5372 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:39:32.0404 5372 luafv - ok
17:39:32.0476 5372 LVRS64 (ef2be2f45d4f06410a3bd2a3467325b0) C:\Windows\system32\DRIVERS\lvrs64.sys
17:39:32.0510 5372 LVRS64 - ok
17:39:32.0671 5372 LVUVC64 (ac22f92c6078640fe8a70d662a2f3ad5) C:\Windows\system32\DRIVERS\lvuvc64.sys
17:39:32.0817 5372 LVUVC64 - ok
17:39:32.0973 5372 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:39:33.0020 5372 Mcx2Svc - ok
17:39:33.0098 5372 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:39:33.0129 5372 megasas - ok
17:39:33.0160 5372 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:39:33.0176 5372 MegaSR - ok
17:39:33.0207 5372 MEIx64 (6b01b7414a105b9e51652089a03027cf) C:\Windows\system32\DRIVERS\HECIx64.sys
17:39:33.0238 5372 MEIx64 - ok
17:39:33.0363 5372 Microsoft SharePoint Workspace Audit Service - ok
17:39:33.0506 5372 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:39:33.0583 5372 MMCSS - ok
17:39:33.0682 5372 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:39:33.0758 5372 Modem - ok
17:39:33.0822 5372 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:39:33.0887 5372 monitor - ok
17:39:33.0967 5372 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:39:33.0990 5372 mouclass - ok
17:39:34.0017 5372 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
17:39:34.0068 5372 mouhid - ok
17:39:34.0104 5372 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:39:34.0131 5372 mountmgr - ok
17:39:34.0158 5372 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:39:34.0168 5372 mpio - ok
17:39:34.0197 5372 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:39:34.0244 5372 mpsdrv - ok
17:39:34.0305 5372 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:39:34.0371 5372 MpsSvc - ok
17:39:34.0542 5372 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:39:34.0620 5372 MRxDAV - ok
17:39:34.0714 5372 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:39:34.0761 5372 mrxsmb - ok
17:39:34.0870 5372 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:39:34.0917 5372 mrxsmb10 - ok
17:39:34.0973 5372 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:39:35.0004 5372 mrxsmb20 - ok
17:39:35.0043 5372 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:39:35.0066 5372 msahci - ok
17:39:35.0095 5372 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:39:35.0123 5372 msdsm - ok
17:39:35.0160 5372 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:39:35.0204 5372 MSDTC - ok
17:39:35.0257 5372 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:39:35.0315 5372 Msfs - ok
17:39:35.0333 5372 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:39:35.0407 5372 mshidkmdf - ok
17:39:35.0438 5372 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:39:35.0447 5372 msisadrv - ok
17:39:35.0476 5372 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:39:35.0529 5372 MSiSCSI - ok
17:39:35.0548 5372 msiserver - ok
17:39:35.0604 5372 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:39:35.0652 5372 MSKSSRV - ok
17:39:35.0705 5372 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:39:35.0795 5372 MSPCLOCK - ok
17:39:35.0808 5372 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:39:35.0853 5372 MSPQM - ok
17:39:35.0896 5372 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:39:35.0927 5372 MsRPC - ok
17:39:35.0956 5372 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:39:35.0965 5372 mssmbios - ok
17:39:35.0989 5372 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:39:36.0066 5372 MSTEE - ok
17:39:36.0097 5372 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:39:36.0108 5372 MTConfig - ok
17:39:36.0131 5372 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:39:36.0157 5372 Mup - ok
17:39:36.0243 5372 MxEFUF (08835780cc6a5cff5275101b5a9d17a4) C:\Windows\system32\DRIVERS\MxEFUF64.sys
17:39:36.0323 5372 MxEFUF - ok
17:39:36.0444 5372 MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:39:36.0475 5372 MyWiFiDHCPDNS - ok
17:39:36.0581 5372 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:39:36.0700 5372 napagent - ok
17:39:36.0795 5372 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:39:36.0865 5372 NativeWifiP - ok
17:39:36.0932 5372 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
17:39:36.0992 5372 NDIS - ok
17:39:37.0021 5372 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:39:37.0051 5372 NdisCap - ok
17:39:37.0080 5372 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:39:37.0109 5372 NdisTapi - ok
17:39:37.0129 5372 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:39:37.0194 5372 Ndisuio - ok
17:39:37.0209 5372 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:39:37.0244 5372 NdisWan - ok
17:39:37.0277 5372 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:39:37.0327 5372 NDProxy - ok
17:39:37.0349 5372 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:39:37.0421 5372 NetBIOS - ok
17:39:37.0455 5372 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:39:37.0508 5372 NetBT - ok
17:39:37.0563 5372 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:39:37.0599 5372 Netlogon - ok
17:39:37.0650 5372 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:39:37.0744 5372 Netman - ok
17:39:37.0822 5372 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:37.0847 5372 NetMsmqActivator - ok
17:39:37.0858 5372 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:37.0865 5372 NetPipeActivator - ok
17:39:37.0989 5372 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:39:38.0102 5372 netprofm - ok
17:39:38.0166 5372 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:38.0186 5372 NetTcpActivator - ok
17:39:38.0190 5372 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:38.0197 5372 NetTcpPortSharing - ok
17:39:38.0523 5372 NETwNs64 (fad6c5610d020534401966cd72a1c306) C:\Windows\system32\DRIVERS\Netwsw00.sys
17:39:38.0812 5372 NETwNs64 - ok
17:39:38.0910 5372 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:39:38.0934 5372 nfrd960 - ok
17:39:38.0983 5372 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:39:39.0061 5372 NlaSvc - ok
17:39:39.0233 5372 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
17:39:39.0326 5372 NOBU - ok
17:39:39.0562 5372 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\drivers\npf.sys
17:39:39.0585 5372 NPF - ok
17:39:39.0656 5372 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:39:39.0703 5372 Npfs - ok
17:39:39.0776 5372 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:39:39.0872 5372 nsi - ok
17:39:39.0955 5372 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:39:40.0029 5372 nsiproxy - ok
17:39:40.0281 5372 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:39:40.0353 5372 Ntfs - ok
17:39:40.0518 5372 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:39:40.0569 5372 Null - ok
17:39:40.0632 5372 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
17:39:40.0647 5372 nusb3hub - ok
17:39:40.0741 5372 nusb3xhc (55959db860e4e484681586824d09e52c) C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:39:40.0788 5372 nusb3xhc - ok
17:39:40.0881 5372 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:39:40.0912 5372 nvraid - ok
17:39:41.0022 5372 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:39:41.0037 5372 nvstor - ok
17:39:41.0112 5372 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:39:41.0140 5372 nv_agp - ok
17:39:41.0207 5372 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:39:41.0261 5372 ohci1394 - ok
17:39:41.0375 5372 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:39:41.0396 5372 ose - ok
17:39:41.0609 5372 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:39:41.0751 5372 osppsvc - ok
17:39:41.0916 5372 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:39:42.0011 5372 p2pimsvc - ok
17:39:42.0094 5372 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:39:42.0140 5372 p2psvc - ok
17:39:42.0218 5372 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:39:42.0250 5372 Parport - ok
17:39:42.0312 5372 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:39:42.0343 5372 partmgr - ok
17:39:42.0406 5372 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:39:42.0484 5372 PcaSvc - ok
17:39:42.0530 5372 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:39:42.0562 5372 pci - ok
17:39:42.0577 5372 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:39:42.0593 5372 pciide - ok
17:39:42.0624 5372 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:39:42.0657 5372 pcmcia - ok
17:39:42.0681 5372 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:39:42.0703 5372 pcw - ok
17:39:42.0750 5372 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:39:42.0849 5372 PEAUTH - ok
17:39:42.0993 5372 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:39:43.0054 5372 PerfHost - ok
17:39:43.0266 5372 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:39:43.0366 5372 pla - ok
17:39:43.0459 5372 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:39:43.0550 5372 PlugPlay - ok
17:39:43.0618 5372 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:39:43.0668 5372 PNRPAutoReg - ok
17:39:43.0738 5372 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:39:43.0783 5372 PNRPsvc - ok
17:39:43.0861 5372 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:39:43.0955 5372 PolicyAgent - ok
17:39:44.0014 5372 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:39:44.0102 5372 Power - ok
17:39:44.0163 5372 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:39:44.0221 5372 PptpMiniport - ok
17:39:44.0258 5372 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:39:44.0303 5372 Processor - ok
17:39:44.0362 5372 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
17:39:44.0432 5372 ProfSvc - ok
17:39:44.0473 5372 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:39:44.0486 5372 ProtectedStorage - ok
17:39:44.0542 5372 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:39:44.0619 5372 Psched - ok
17:39:44.0667 5372 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
17:39:44.0688 5372 PxHlpa64 - ok
17:39:44.0758 5372 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:39:44.0828 5372 ql2300 - ok
17:39:44.0856 5372 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:39:44.0866 5372 ql40xx - ok
17:39:44.0898 5372 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:39:44.0950 5372 QWAVE - ok
17:39:44.0995 5372 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:39:45.0055 5372 QWAVEdrv - ok
17:39:45.0114 5372 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll
17:39:45.0144 5372 RapiMgr - ok
17:39:45.0195 5372 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:39:45.0273 5372 RasAcd - ok
17:39:45.0366 5372 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:39:45.0429 5372 RasAgileVpn - ok
17:39:45.0491 5372 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:39:45.0585 5372 RasAuto - ok
17:39:45.0631 5372 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:39:45.0727 5372 Rasl2tp - ok
17:39:45.0774 5372 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:39:45.0827 5372 RasMan - ok
17:39:45.0870 5372 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:39:45.0940 5372 RasPppoe - ok
17:39:45.0969 5372 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:39:46.0054 5372 RasSstp - ok
17:39:46.0095 5372 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:39:46.0175 5372 rdbss - ok
17:39:46.0206 5372 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
17:39:46.0254 5372 rdpbus - ok
17:39:46.0281 5372 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:39:46.0357 5372 RDPCDD - ok
17:39:46.0390 5372 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:39:46.0469 5372 RDPENCDD - ok
17:39:46.0500 5372 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:39:46.0529 5372 RDPREFMP - ok
17:39:46.0592 5372 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
17:39:46.0668 5372 RDPWD - ok
17:39:46.0795 5372 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:39:46.0826 5372 rdyboost - ok
17:39:46.0920 5372 RegFilter (c7de6f41b1a734ea70bd2dc67235becc) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
17:39:46.0951 5372 RegFilter - ok
17:39:47.0045 5372 RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:39:47.0107 5372 RegSrvc - ok
17:39:47.0169 5372 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:39:47.0247 5372 RemoteAccess - ok
17:39:47.0311 5372 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:39:47.0403 5372 RemoteRegistry - ok
17:39:47.0476 5372 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
17:39:47.0538 5372 RFCOMM - ok
17:39:47.0671 5372 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
17:39:47.0749 5372 RoxMediaDB12OEM - ok
17:39:47.0795 5372 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
17:39:47.0817 5372 RoxWatch12 - ok
17:39:47.0889 5372 rpcapd (a780d3eaa74582ea1deb6bd9c7a3d9c9) C:\Program Files (x86)\WinPcap\rpcapd.exe
17:39:47.0912 5372 rpcapd - ok
17:39:48.0039 5372 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:39:48.0129 5372 RpcEptMapper - ok
17:39:48.0193 5372 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:39:48.0231 5372 RpcLocator - ok
17:39:48.0288 5372 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll
17:39:48.0335 5372 RpcSs - ok
17:39:48.0429 5372 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:39:48.0491 5372 rspndr - ok
17:39:48.0538 5372 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\Windows\system32\Drivers\RtsUStor.sys
17:39:48.0569 5372 RSUSBSTOR - ok
17:39:48.0600 5372 RTL8167 (2777226ee8bf50b059d7a7c90177e99c) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:39:48.0631 5372 RTL8167 - ok
17:39:48.0709 5372 RTLE8023x64 (496043bad6fbfaaf5280c9eb41920684) C:\Windows\system32\DRIVERS\Rtenic64.sys
17:39:48.0741 5372 RTLE8023x64 - ok
17:39:48.0803 5372 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:39:48.0836 5372 SamSs - ok
17:39:48.0868 5372 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:39:48.0894 5372 sbp2port - ok
17:39:48.0940 5372 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:39:49.0001 5372 SCardSvr - ok
17:39:49.0028 5372 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:39:49.0108 5372 scfilter - ok
17:39:49.0167 5372 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:39:49.0297 5372 Schedule - ok
17:39:49.0345 5372 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:39:49.0393 5372 SCPolicySvc - ok
17:39:49.0416 5372 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:39:49.0444 5372 SDRSVC - ok
17:39:49.0476 5372 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:39:49.0566 5372 secdrv - ok
17:39:49.0608 5372 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:39:49.0680 5372 seclogon - ok
17:39:49.0701 5372 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
17:39:49.0778 5372 SENS - ok
17:39:49.0811 5372 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:39:49.0873 5372 SensrSvc - ok
17:39:49.0935 5372 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
17:39:49.0982 5372 Serenum - ok
17:39:50.0013 5372 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
17:39:50.0076 5372 Serial - ok
17:39:50.0123 5372 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:39:50.0123 5372 sermouse - ok
17:39:50.0185 5372 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:39:50.0279 5372 SessionEnv - ok
17:39:50.0310 5372 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:39:50.0378 5372 sffdisk - ok
17:39:50.0414 5372 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:39:50.0456 5372 sffp_mmc - ok
17:39:50.0468 5372 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:39:50.0509 5372 sffp_sd - ok
17:39:50.0540 5372 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:39:50.0587 5372 sfloppy - ok
17:39:50.0656 5372 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
17:39:50.0724 5372 Sftfs - ok
17:39:50.0826 5372 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:39:50.0849 5372 sftlist - ok
17:39:50.0873 5372 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:39:50.0884 5372 Sftplay - ok
17:39:50.0910 5372 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:39:50.0917 5372 Sftredir - ok
17:39:50.0993 5372 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:39:51.0019 5372 SftService - ok
17:39:51.0067 5372 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
17:39:51.0087 5372 Sftvol - ok
17:39:51.0164 5372 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:39:51.0192 5372 sftvsa - ok
17:39:51.0283 5372 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:39:51.0343 5372 SharedAccess - ok
17:39:51.0391 5372 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:39:51.0483 5372 ShellHWDetection - ok
17:39:51.0532 5372 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:39:51.0557 5372 SiSRaid2 - ok
17:39:51.0590 5372 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:39:51.0613 5372 SiSRaid4 - ok
17:39:51.0747 5372 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
17:39:51.0772 5372 SkypeUpdate - ok
17:39:51.0927 5372 SmartDefragDriver (dd0443bc6cc78a19fd399817f8c51401) C:\Windows\system32\Drivers\SmartDefragDriver.sys
17:39:51.0945 5372 SmartDefragDriver - ok
17:39:52.0018 5372 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:39:52.0090 5372 Smb - ok
17:39:52.0177 5372 SmbDrv (f4eb04f303aacb8629a3648dc532f6c2) C:\Windows\system32\DRIVERS\Smb_driver.sys
17:39:52.0196 5372 SmbDrv - ok
17:39:52.0248 5372 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:39:52.0303 5372 SNMPTRAP - ok
17:39:52.0352 5372 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:39:52.0374 5372 spldr - ok
17:39:52.0402 5372 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:39:52.0459 5372 Spooler - ok
17:39:52.0558 5372 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:39:52.0704 5372 sppsvc - ok
17:39:52.0865 5372 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:39:52.0925 5372 sppuinotify - ok
17:39:53.0002 5372 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:39:53.0055 5372 srv - ok
17:39:53.0097 5372 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:39:53.0151 5372 srv2 - ok
17:39:53.0190 5372 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:39:53.0203 5372 srvnet - ok
17:39:53.0245 5372 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:39:53.0345 5372 SSDPSRV - ok
17:39:53.0368 5372 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:39:53.0401 5372 SstpSvc - ok
17:39:53.0463 5372 STacSV (7bf818b11c1fedc3e76d233124470a30) C:\Program Files\IDT\WDM\STacSV64.exe
17:39:53.0517 5372 STacSV - ok
17:39:53.0649 5372 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:39:53.0673 5372 stexstor - ok
17:39:53.0779 5372 STHDA (ebc1a5e076a9be314d3d9e8ed19abb0a) C:\Windows\system32\DRIVERS\stwrt64.sys
17:39:53.0836 5372 STHDA - ok
17:39:53.0892 5372 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:39:53.0928 5372 stisvc - ok
17:39:53.0984 5372 stllssvr (7731f46ec0d687a931cba063e8f90ef0) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
17:39:54.0005 5372 stllssvr - ok
17:39:54.0121 5372 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:39:54.0144 5372 swenum - ok
17:39:54.0289 5372 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:39:54.0346 5372 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
17:39:54.0346 5372 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
17:39:54.0441 5372 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:39:54.0551 5372 swprv - ok
17:39:54.0629 5372 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:39:54.0769 5372 SysMain - ok
17:39:54.0831 5372 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:39:54.0863 5372 TabletInputService - ok
17:39:54.0894 5372 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:39:55.0027 5372 TapiSrv - ok
17:39:55.0070 5372 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:39:55.0143 5372 TBS - ok
17:39:55.0252 5372 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
17:39:55.0334 5372 Tcpip - ok
17:39:55.0378 5372 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
17:39:55.0425 5372 TCPIP6 - ok
17:39:55.0468 5372 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:39:55.0540 5372 tcpipreg - ok
17:39:55.0576 5372 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:39:55.0596 5372 TDPIPE - ok
17:39:55.0642 5372 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:39:55.0698 5372 TDTCP - ok
17:39:55.0746 5372 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:39:55.0807 5372 tdx - ok
17:39:55.0825 5372 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
17:39:55.0834 5372 TermDD - ok
17:39:55.0879 5372 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:39:55.0979 5372 TermService - ok
17:39:56.0011 5372 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:39:56.0026 5372 Themes - ok
17:39:56.0057 5372 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:39:56.0120 5372 THREADORDER - ok
17:39:56.0135 5372 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:39:56.0213 5372 TrkWks - ok
17:39:56.0276 5372 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:39:56.0369 5372 TrustedInstaller - ok
17:39:56.0416 5372 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:39:56.0479 5372 tssecsrv - ok
17:39:56.0512 5372 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:39:56.0562 5372 TsUsbFlt - ok
17:39:56.0589 5372 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:39:56.0600 5372 TsUsbGD - ok
17:39:56.0619 5372 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:39:56.0695 5372 tunnel - ok
17:39:56.0731 5372 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
17:39:56.0753 5372 TurboB - ok
17:39:56.0804 5372 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
17:39:56.0819 5372 TurboBoost - ok
17:39:56.0855 5372 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:39:56.0864 5372 uagp35 - ok
17:39:56.0890 5372 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:39:56.0975 5372 udfs - ok
17:39:57.0024 5372 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:39:57.0091 5372 UI0Detect - ok
17:39:57.0137 5372 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:39:57.0150 5372 uliagpkx - ok
17:39:57.0184 5372 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:39:57.0227 5372 umbus - ok
17:39:57.0262 5372 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:39:57.0314 5372 UmPass - ok
17:39:57.0403 5372 UMVPFSrv (927754abf077aeb5504be4e0f2c60c1b) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
17:39:57.0422 5372 UMVPFSrv - ok
17:39:57.0565 5372 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:39:57.0706 5372 UNS - ok
17:39:57.0830 5372 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:39:57.0924 5372 upnphost - ok
17:39:58.0049 5372 UrlFilter (82520fe7a49765e76281dcc7d90c09f6) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
17:39:58.0068 5372 UrlFilter - ok
17:39:58.0178 5372 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
17:39:58.0244 5372 usbaudio - ok
17:39:58.0302 5372 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
17:39:58.0379 5372 usbccgp - ok
17:39:58.0448 5372 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:39:58.0491 5372 usbcir - ok
17:39:58.0535 5372 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:39:58.0591 5372 usbehci - ok
17:39:58.0651 5372 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:39:58.0712 5372 usbhub - ok
17:39:58.0767 5372 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:39:58.0819 5372 usbohci - ok
17:39:58.0871 5372 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:39:58.0935 5372 usbprint - ok
17:39:58.0991 5372 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:39:59.0033 5372 usbscan - ok
17:39:59.0085 5372 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:39:59.0170 5372 USBSTOR - ok
17:39:59.0202 5372 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:39:59.0248 5372 usbuhci - ok
17:39:59.0303 5372 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
17:39:59.0338 5372 usbvideo - ok
17:39:59.0370 5372 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:39:59.0462 5372 UxSms - ok
17:39:59.0506 5372 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:39:59.0525 5372 VaultSvc - ok
17:39:59.0564 5372 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:39:59.0572 5372 vdrvroot - ok
17:39:59.0613 5372 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:39:59.0768 5372 vds - ok
17:39:59.0802 5372 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:39:59.0815 5372 vga - ok
17:39:59.0833 5372 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:39:59.0915 5372 VgaSave - ok
17:39:59.0955 5372 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:39:59.0971 5372 vhdmp - ok
17:40:00.0008 5372 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:40:00.0016 5372 viaide - ok
17:40:00.0037 5372 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:40:00.0046 5372 volmgr - ok
17:40:00.0073 5372 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:40:00.0087 5372 volmgrx - ok
17:40:00.0115 5372 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:40:00.0128 5372 volsnap - ok
17:40:00.0161 5372 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:40:00.0171 5372 vsmraid - ok
17:40:00.0238 5372 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:40:00.0367 5372 VSS - ok
17:40:00.0419 5372 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:40:00.0448 5372 vwifibus - ok
17:40:00.0469 5372 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:40:00.0515 5372 vwififlt - ok
17:40:00.0537 5372 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:40:00.0568 5372 vwifimp - ok
17:40:00.0868 5372 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:40:00.0899 5372 W32Time - ok
17:40:00.0915 5372 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:40:00.0977 5372 WacomPen - ok
17:40:01.0008 5372 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:40:01.0086 5372 WANARP - ok
17:40:01.0086 5372 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:40:01.0118 5372 Wanarpv6 - ok
17:40:01.0211 5372 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:40:01.0289 5372 WatAdminSvc - ok
17:40:01.0352 5372 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:40:01.0485 5372 wbengine - ok
17:40:01.0518 5372 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:40:01.0558 5372 WbioSrvc - ok
17:40:01.0606 5372 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll
17:40:01.0633 5372 WcesComm - ok
17:40:01.0681 5372 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:40:01.0728 5372 wcncsvc - ok
17:40:01.0775 5372 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:40:01.0795 5372 WcsPlugInService - ok
17:40:01.0832 5372 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:40:01.0841 5372 Wd - ok
17:40:01.0880 5372 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:40:01.0920 5372 Wdf01000 - ok
17:40:01.0967 5372 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:40:02.0080 5372 WdiServiceHost - ok
17:40:02.0092 5372 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:40:02.0110 5372 WdiSystemHost - ok
17:40:02.0166 5372 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\Windows\system32\DRIVERS\WDKMD.sys
17:40:02.0187 5372 wdkmd - ok
17:40:02.0229 5372 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:40:02.0305 5372 WebClient - ok
17:40:02.0348 5372 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:40:02.0440 5372 Wecsvc - ok
17:40:02.0475 5372 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:40:02.0507 5372 wercplsupport - ok
17:40:02.0525 5372 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:40:02.0577 5372 WerSvc - ok
17:40:02.0627 5372 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:40:02.0678 5372 WfpLwf - ok
17:40:02.0727 5372 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
17:40:02.0756 5372 WimFltr - ok
17:40:02.0795 5372 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:40:02.0803 5372 WIMMount - ok
17:40:02.0840 5372 WinDefend - ok
17:40:02.0877 5372 WinHttpAutoProxySvc - ok
17:40:02.0982 5372 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:40:03.0037 5372 Winmgmt - ok
17:40:03.0141 5372 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:40:03.0262 5372 WinRM - ok
17:40:03.0449 5372 WINUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.SYS
17:40:03.0490 5372 WINUSB - ok
17:40:03.0590 5372 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:40:03.0736 5372 Wlansvc - ok
17:40:03.0868 5372 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:40:03.0889 5372 wlcrasvc - ok
17:40:04.0007 5372 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:40:04.0101 5372 wlidsvc - ok
17:40:04.0194 5372 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:40:04.0257 5372 WmiAcpi - ok
17:40:04.0350 5372 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:40:04.0397 5372 wmiApSrv - ok
17:40:04.0522 5372 WMPNetworkSvc - ok
17:40:04.0644 5372 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:40:04.0679 5372 WPCSvc - ok
17:40:04.0724 5372 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:40:04.0756 5372 WPDBusEnum - ok
17:40:04.0804 5372 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:40:04.0868 5372 ws2ifsl - ok
17:40:04.0884 5372 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
17:40:04.0922 5372 wscsvc - ok
17:40:04.0933 5372 WSearch - ok
17:40:05.0035 5372 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
17:40:05.0200 5372 wuauserv - ok
17:40:05.0261 5372 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:40:05.0345 5372 WudfPf - ok
17:40:05.0384 5372 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:40:05.0436 5372 WUDFRd - ok
17:40:05.0469 5372 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:40:05.0501 5372 wudfsvc - ok
17:40:05.0528 5372 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:40:05.0579 5372 WwanSvc - ok
17:40:05.0669 5372 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:40:05.0894 5372 \Device\Harddisk0\DR0 - ok
17:40:05.0894 5372 Boot (0x1200) (b4a651ea79a9998884da67ecffb5e2e7) \Device\Harddisk0\DR0\Partition0
17:40:05.0909 5372 \Device\Harddisk0\DR0\Partition0 - ok
17:40:05.0925 5372 Boot (0x1200) (723ffebde086355ce5f5c8e20d4fdb4a) \Device\Harddisk0\DR0\Partition1
17:40:05.0940 5372 \Device\Harddisk0\DR0\Partition1 - ok
17:40:05.0940 5372 ============================================================
17:40:05.0940 5372 Scan finished
17:40:05.0940 5372 ============================================================
17:40:05.0956 5908 Detected object count: 3
17:40:05.0956 5908 Actual detected object count: 3
17:40:58.0298 5908 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:58.0298 5908 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:58.0298 5908 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:58.0298 5908 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:58.0298 5908 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:58.0298 5908 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:41:39.0306 5956 ============================================================
17:41:39.0306 5956 Scan started
17:41:39.0306 5956 Mode: Manual; SigCheck; TDLFS;
17:41:39.0306 5956 ============================================================
17:41:39.0673 5956 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:41:39.0716 5956 1394ohci - ok
17:41:39.0749 5956 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:41:39.0777 5956 ACPI - ok
17:41:39.0806 5956 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:41:39.0838 5956 AcpiPmi - ok
17:41:39.0911 5956 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:41:39.0930 5956 AdobeARMservice - ok
17:41:39.0995 5956 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:41:40.0020 5956 adp94xx - ok
17:41:40.0053 5956 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:41:40.0078 5956 adpahci - ok
17:41:40.0101 5956 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:41:40.0110 5956 adpu320 - ok
17:41:40.0216 5956 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
17:41:40.0236 5956 AdvancedSystemCareService5 - ok
17:41:40.0288 5956 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:41:40.0333 5956 AeLookupSvc - ok
17:41:40.0404 5956 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
17:41:40.0434 5956 AESTFilters - ok
17:41:40.0510 5956 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:41:40.0532 5956 AFD - ok
17:41:40.0593 5956 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:41:40.0618 5956 agp440 - ok
17:41:40.0663 5956 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:41:40.0692 5956 ALG - ok
17:41:40.0733 5956 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:41:40.0755 5956 aliide - ok
17:41:40.0830 5956 AMD External Events Utility (d36fdd313ef6c02e5a9676b91732597e) C:\Windows\system32\atiesrxx.exe
17:41:40.0861 5956 AMD External Events Utility - ok
17:41:40.0908 5956 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:41:40.0923 5956 amdide - ok
17:41:40.0970 5956 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:41:41.0001 5956 AmdK8 - ok
17:41:41.0251 5956 amdkmdag (2c03919de1c7dcfbdec1e58db9aebb11) C:\Windows\system32\DRIVERS\atikmdag.sys
17:41:41.0361 5956 amdkmdag - ok
17:41:41.0391 5956 amdkmdap (d6d865a7b99db9890da0220ad8f66e98) C:\Windows\system32\DRIVERS\atikmpag.sys
17:41:41.0422 5956 amdkmdap - ok
17:41:41.0447 5956 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
17:41:41.0462 5956 AmdPPM - ok
17:41:41.0511 5956 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:41:41.0537 5956 amdsata - ok
17:41:41.0565 5956 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:41:41.0575 5956 amdsbs - ok
17:41:41.0622 5956 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:41:41.0642 5956 amdxata - ok
17:41:41.0673 5956 ApfiltrService (6690e42ced5d067233abad42da141213) C:\Windows\system32\DRIVERS\Apfiltr.sys
17:41:41.0697 5956 ApfiltrService - ok
17:41:41.0718 5956 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:41:41.0766 5956 AppID - ok
17:41:41.0801 5956 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:41:41.0829 5956 AppIDSvc - ok
17:41:41.0842 5956 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:41:41.0870 5956 Appinfo - ok
17:41:41.0892 5956 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:41:41.0900 5956 arc - ok
17:41:41.0928 5956 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:41:41.0942 5956 arcsas - ok
17:41:42.0032 5956 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:41:42.0053 5956 aspnet_state - ok
17:41:42.0118 5956 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
17:41:42.0139 5956 aswFsBlk - ok
17:41:42.0153 5956 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
17:41:42.0161 5956 aswMonFlt - ok
17:41:42.0222 5956 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
17:41:42.0242 5956 aswRdr - ok
17:41:42.0287 5956 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
17:41:42.0338 5956 aswSnx - ok
17:41:42.0369 5956 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
17:41:42.0379 5956 aswSP - ok
17:41:42.0394 5956 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
17:41:42.0401 5956 aswTdi - ok
17:41:42.0436 5956 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:41:42.0489 5956 AsyncMac - ok
17:41:42.0512 5956 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:41:42.0519 5956 atapi - ok
17:41:42.0561 5956 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:41:42.0615 5956 AudioEndpointBuilder - ok
17:41:42.0639 5956 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:41:42.0672 5956 AudioSrv - ok
17:41:42.0716 5956 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:41:42.0735 5956 avast! Antivirus - ok
17:41:42.0754 5956 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:41:42.0769 5956 AxInstSV - ok
17:41:42.0805 5956 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:41:42.0837 5956 b06bdrv - ok
17:41:42.0866 5956 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:41:42.0896 5956 b57nd60a - ok
17:41:42.0925 5956 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:41:42.0954 5956 BDESVC - ok
17:41:42.0975 5956 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:41:43.0003 5956 Beep - ok
17:41:43.0029 5956 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:41:43.0062 5956 BFE - ok
17:41:43.0118 5956 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
17:41:43.0164 5956 BITS - ok
17:41:43.0187 5956 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:41:43.0206 5956 blbdrive - ok
17:41:43.0309 5956 Bluetooth Device Monitor (093b1b419ef25b15d3a1ca6953f41afb) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
17:41:43.0343 5956 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning
17:41:43.0343 5956 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1)
17:41:43.0374 5956 Bluetooth Media Service (03a7341e94acd92e0831336d4f3ace92) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
17:41:43.0390 5956 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning
17:41:43.0390 5956 Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1)
17:41:43.0425 5956 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:41:43.0440 5956 bowser - ok
17:41:43.0479 5956 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:41:43.0516 5956 BrFiltLo - ok
17:41:43.0539 5956 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:41:43.0551 5956 BrFiltUp - ok
17:41:43.0583 5956 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
17:41:43.0632 5956 BridgeMP - ok
17:41:43.0668 5956 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:41:43.0717 5956 Browser - ok
17:41:43.0741 5956 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:41:43.0753 5956 Brserid - ok
17:41:43.0781 5956 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:41:43.0793 5956 BrSerWdm - ok
17:41:43.0820 5956 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:41:43.0848 5956 BrUsbMdm - ok
17:41:43.0879 5956 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:41:43.0879 5956 BrUsbSer - ok
17:41:43.0926 5956 Btcsrusb (a437fbd0f3371eb16c676b6c4b501c77) C:\Windows\system32\Drivers\btcusb.sys
17:41:43.0957 5956 Btcsrusb - ok
17:41:44.0004 5956 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
17:41:44.0035 5956 BthEnum - ok
17:41:44.0051 5956 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
17:41:44.0082 5956 BTHMODEM - ok
17:41:44.0098 5956 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
17:41:44.0129 5956 BthPan - ok
17:41:44.0160 5956 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
17:41:44.0191 5956 BTHPORT - ok
17:41:44.0223 5956 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:41:44.0269 5956 bthserv - ok
17:41:44.0285 5956 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
17:41:44.0301 5956 BTHUSB - ok
17:41:44.0332 5956 btmaux (16c1bac9760c9fa85a30f3fa0fbb1b7a) C:\Windows\system32\DRIVERS\btmaux.sys
17:41:44.0332 5956 btmaux - ok
17:41:44.0363 5956 btmhsf (0c468d8da95be16bfdd380bb9de88259) C:\Windows\system32\DRIVERS\btmhsf.sys
17:41:44.0379 5956 btmhsf - ok
17:41:44.0379 5956 catchme - ok
17:41:44.0432 5956 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:41:44.0475 5956 cdfs - ok
17:41:44.0502 5956 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:41:44.0512 5956 cdrom - ok
17:41:44.0551 5956 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:41:44.0615 5956 CertPropSvc - ok
17:41:44.0637 5956 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
17:41:44.0649 5956 circlass - ok
17:41:44.0671 5956 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:41:44.0682 5956 CLFS - ok
17:41:44.0744 5956 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:41:44.0764 5956 clr_optimization_v2.0.50727_32 - ok
17:41:44.0800 5956 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:41:44.0818 5956 clr_optimization_v2.0.50727_64 - ok
17:41:44.0850 5956 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:41:44.0873 5956 clr_optimization_v4.0.30319_32 - ok
17:41:44.0919 5956 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:41:44.0940 5956 clr_optimization_v4.0.30319_64 - ok
17:41:45.0032 5956 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:41:45.0057 5956 CmBatt - ok
17:41:45.0083 5956 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:41:45.0105 5956 cmdide - ok
17:41:45.0160 5956 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:41:45.0186 5956 CNG - ok
17:41:45.0202 5956 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
17:41:45.0209 5956 Compbatt - ok
17:41:45.0226 5956 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:41:45.0237 5956 CompositeBus - ok
17:41:45.0247 5956 COMSysApp - ok
17:41:45.0297 5956 cphs (b2eae4cd1e2f338101d9d4af39f3d4f3) C:\Windows\SysWow64\IntelCpHeciSvc.exe
17:41:45.0328 5956 cphs - ok
17:41:45.0352 5956 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:41:45.0370 5956 crcdisk - ok
17:41:45.0416 5956 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
17:41:45.0445 5956 CryptSvc - ok
17:41:45.0466 5956 CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\Windows\system32\DRIVERS\CtClsFlt.sys
17:41:45.0477 5956 CtClsFlt - ok
17:41:45.0617 5956 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:41:45.0639 5956 cvhsvc - ok
17:41:45.0674 5956 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:41:45.0708 5956 DcomLaunch - ok
17:41:45.0744 5956 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:41:45.0795 5956 defragsvc - ok
17:41:45.0831 5956 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:41:45.0879 5956 DfsC - ok
17:41:45.0908 5956 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:41:45.0938 5956 Dhcp - ok
17:41:45.0959 5956 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:41:45.0988 5956 discache - ok
17:41:46.0013 5956 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:41:46.0036 5956 Disk - ok
17:41:46.0076 5956 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:41:46.0106 5956 Dnscache - ok
17:41:46.0142 5956 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:41:46.0186 5956 dot3svc - ok
17:41:46.0206 5956 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:41:46.0235 5956 DPS - ok
17:41:46.0253 5956 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:41:46.0265 5956 drmkaud - ok
17:41:46.0306 5956 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:41:46.0324 5956 DXGKrnl - ok
17:41:46.0343 5956 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:41:46.0373 5956 EapHost - ok
17:41:46.0469 5956 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:41:46.0506 5956 ebdrv - ok
17:41:46.0545 5956 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:41:46.0559 5956 EFS - ok
17:41:46.0632 5956 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:41:46.0656 5956 ehRecvr - ok
17:41:46.0666 5956 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:41:46.0677 5956 ehSched - ok
17:41:46.0738 5956 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:41:46.0769 5956 elxstor - ok
17:41:46.0796 5956 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:41:46.0824 5956 ErrDev - ok
17:41:46.0858 5956 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:41:46.0891 5956 EventSystem - ok
17:41:46.0986 5956 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:41:47.0022 5956 EvtEng - ok
17:41:47.0149 5956 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:41:47.0202 5956 exfat - ok
17:41:47.0242 5956 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:41:47.0292 5956 fastfat - ok
17:41:47.0331 5956 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:41:47.0367 5956 Fax - ok
17:41:47.0390 5956 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:41:47.0414 5956 fdc - ok
17:41:47.0439 5956 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:41:47.0474 5956 fdPHost - ok
17:41:47.0498 5956 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:41:47.0527 5956 FDResPub - ok
17:41:47.0547 5956 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:41:47.0555 5956 FileInfo - ok
17:41:47.0680 5956 FileMonitor (a5f546b29b6efb14b29b393e709ec71b) C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
17:41:47.0697 5956 FileMonitor - ok
17:41:47.0851 5956 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:41:47.0894 5956 Filetrace - ok
17:41:47.0932 5956 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:41:47.0961 5956 flpydisk - ok
17:41:47.0999 5956 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:41:48.0026 5956 FltMgr - ok
17:41:48.0084 5956 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:41:48.0118 5956 FontCache - ok
17:41:48.0186 5956 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:41:48.0204 5956 FontCache3.0.0.0 - ok
17:41:48.0318 5956 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:41:48.0342 5956 FsDepends - ok
17:41:48.0377 5956 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:41:48.0385 5956 Fs_Rec - ok
17:41:48.0419 5956 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:41:48.0448 5956 fvevol - ok
17:41:48.0463 5956 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:41:48.0479 5956 gagp30kx - ok
17:41:48.0526 5956 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:41:48.0557 5956 gpsvc - ok
17:41:48.0713 5956 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:41:48.0728 5956 gupdate - ok
17:41:48.0744 5956 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:41:48.0760 5956 gupdatem - ok
17:41:48.0806 5956 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:41:48.0822 5956 gusvc - ok
17:41:48.0962 5956 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:41:49.0001 5956 hcw85cir - ok
17:41:49.0057 5956 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:41:49.0083 5956 HdAudAddService - ok
17:41:49.0110 5956 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:41:49.0123 5956 HDAudBus - ok
17:41:49.0135 5956 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:41:49.0146 5956 HidBatt - ok
17:41:49.0174 5956 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
17:41:49.0186 5956 HidBth - ok
17:41:49.0199 5956 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:41:49.0212 5956 HidIr - ok
17:41:49.0246 5956 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
17:41:49.0296 5956 hidserv - ok
17:41:49.0308 5956 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
17:41:49.0318 5956 HidUsb - ok
17:41:49.0340 5956 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:41:49.0369 5956 hkmsvc - ok
17:41:49.0392 5956 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:41:49.0405 5956 HomeGroupListener - ok
17:41:49.0437 5956 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:41:49.0467 5956 HomeGroupProvider - ok
17:41:49.0513 5956 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:41:49.0532 5956 HpSAMD - ok
17:41:49.0578 5956 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:41:49.0634 5956 HTTP - ok
17:41:49.0691 5956 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:41:49.0710 5956 hwpolicy - ok
17:41:49.0735 5956 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:41:49.0765 5956 i8042prt - ok
17:41:49.0789 5956 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
17:41:49.0800 5956 iaStor - ok
17:41:49.0888 5956 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:41:49.0905 5956 IAStorDataMgrSvc - ok
17:41:50.0064 5956 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:41:50.0111 5956 iaStorV - ok
17:41:50.0173 5956 iBtFltCoex (fc85972037815fa7b413e790b426acb2) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
17:41:50.0204 5956 iBtFltCoex - ok
17:41:50.0298 5956 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:41:50.0345 5956 idsvc - ok
17:41:50.0454 5956 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:41:50.0469 5956 iirsp - ok
17:41:50.0564 5956 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:41:50.0621 5956 IKEEXT - ok
17:41:50.0754 5956 IMFservice (af28340ed02e762599c47422f1f9aba7) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
17:41:50.0768 5956 IMFservice - ok
17:41:50.0955 5956 IntcDAud (6c9fffeca9fed31347d211c5d1ffbd2d) C:\Windows\system32\DRIVERS\IntcDAud.sys
17:41:50.0987 5956 IntcDAud - ok
17:41:51.0034 5956 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:41:51.0054 5956 intelide - ok
17:41:51.0398 5956 intelkmd (11ba677667432a99ca261a472a2c29b8) C:\Windows\system32\DRIVERS\igdpmd64.sys
17:41:51.0536 5956 intelkmd - ok
17:41:51.0588 5956 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:41:51.0620 5956 intelppm - ok
17:41:51.0660 5956 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:41:51.0726 5956 IPBusEnum - ok
17:41:51.0748 5956 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:41:51.0775 5956 IpFilterDriver - ok
17:41:51.0815 5956 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:41:51.0860 5956 iphlpsvc - ok
17:41:51.0872 5956 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:41:51.0883 5956 IPMIDRV - ok
17:41:51.0899 5956 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:41:51.0931 5956 IPNAT - ok
17:41:51.0951 5956 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:41:51.0964 5956 IRENUM - ok
17:41:51.0994 5956 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:41:52.0002 5956 isapnp - ok
17:41:52.0038 5956 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:41:52.0063 5956 iScsiPrt - ok
17:41:52.0091 5956 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:41:52.0099 5956 kbdclass - ok
17:41:52.0122 5956 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:41:52.0154 5956 kbdhid - ok
17:41:52.0200 5956 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:41:52.0233 5956 KeyIso - ok
17:41:52.0289 5956 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:41:52.0313 5956 KSecDD - ok
17:41:52.0341 5956 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:41:52.0365 5956 KSecPkg - ok
17:41:52.0408 5956 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:41:52.0453 5956 ksthunk - ok
17:41:52.0499 5956 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:41:52.0547 5956 KtmRm - ok
17:41:52.0589 5956 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
17:41:52.0636 5956 LanmanServer - ok
17:41:52.0678 5956 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:41:52.0725 5956 LanmanWorkstation - ok
17:41:52.0765 5956 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:41:52.0812 5956 lltdio - ok
17:41:52.0849 5956 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:41:52.0880 5956 lltdsvc - ok
17:41:52.0902 5956 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:41:52.0932 5956 lmhosts - ok
17:41:53.0015 5956 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:41:53.0036 5956 LMS - ok
17:41:53.0193 5956 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:41:53.0215 5956 LSI_FC - ok
17:41:53.0244 5956 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:41:53.0270 5956 LSI_SAS - ok
17:41:53.0290 5956 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:41:53.0298 5956 LSI_SAS2 - ok
17:41:53.0312 5956 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:41:53.0320 5956 LSI_SCSI - ok
17:41:53.0342 5956 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:41:53.0371 5956 luafv - ok
17:41:53.0421 5956 LVRS64 (ef2be2f45d4f06410a3bd2a3467325b0) C:\Windows\system32\DRIVERS\lvrs64.sys
17:41:53.0450 5956 LVRS64 - ok
17:41:53.0584 5956 LVUVC64 (ac22f92c6078640fe8a70d662a2f3ad5) C:\Windows\system32\DRIVERS\lvuvc64.sys
17:41:53.0648 5956 LVUVC64 - ok
17:41:53.0689 5956 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:41:53.0716 5956 Mcx2Svc - ok
17:41:53.0768 5956 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:41:53.0786 5956 megasas - ok
17:41:53.0813 5956 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:41:53.0843 5956 MegaSR - ok
17:41:53.0893 5956 MEIx64 (6b01b7414a105b9e51652089a03027cf) C:\Windows\system32\DRIVERS\HECIx64.sys
17:41:53.0909 5956 MEIx64 - ok
17:41:54.0037 5956 Microsoft SharePoint Workspace Audit Service - ok
17:41:54.0200 5956 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:41:54.0252 5956 MMCSS - ok
17:41:54.0320 5956 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:41:54.0371 5956 Modem - ok
17:41:54.0392 5956 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:41:54.0404 5956 monitor - ok
17:41:54.0426 5956 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:41:54.0434 5956 mouclass - ok
17:41:54.0455 5956 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
17:41:54.0465 5956 mouhid - ok
17:41:54.0486 5956 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:41:54.0494 5956 mountmgr - ok
17:41:54.0508 5956 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:41:54.0517 5956 mpio - ok
17:41:54.0534 5956 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:41:54.0562 5956 mpsdrv - ok
17:41:54.0621 5956 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:41:54.0679 5956 MpsSvc - ok
17:41:54.0733 5956 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:41:54.0768 5956 MRxDAV - ok
17:41:54.0827 5956 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:41:54.0859 5956 mrxsmb - ok
17:41:54.0904 5956 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:41:54.0935 5956 mrxsmb10 - ok
17:41:54.0997 5956 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:41:55.0028 5956 mrxsmb20 - ok
17:41:55.0044 5956 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:41:55.0075 5956 msahci - ok
17:41:55.0121 5956 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:41:55.0149 5956 msdsm - ok
17:41:55.0197 5956 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:41:55.0227 5956 MSDTC - ok
17:41:55.0272 5956 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:41:55.0321 5956 Msfs - ok
17:41:55.0338 5956 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:41:55.0365 5956 mshidkmdf - ok
17:41:55.0387 5956 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:41:55.0394 5956 msisadrv - ok
17:41:55.0425 5956 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:41:55.0476 5956 MSiSCSI - ok
17:41:55.0486 5956 msiserver - ok
17:41:55.0519 5956 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:41:55.0569 5956 MSKSSRV - ok
17:41:55.0587 5956 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:41:55.0615 5956 MSPCLOCK - ok
17:41:55.0628 5956 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:41:55.0656 5956 MSPQM - ok
17:41:55.0689 5956 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:41:55.0700 5956 MsRPC - ok
17:41:55.0727 5956 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:41:55.0739 5956 mssmbios - ok
17:41:55.0760 5956 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:41:55.0790 5956 MSTEE - ok
17:41:55.0811 5956 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:41:55.0821 5956 MTConfig - ok
17:41:55.0845 5956 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:41:55.0853 5956 Mup - ok
17:41:55.0947 5956 MxEFUF (08835780cc6a5cff5275101b5a9d17a4) C:\Windows\system32\DRIVERS\MxEFUF64.sys
17:41:55.0974 5956 MxEFUF - ok
17:41:56.0070 5956 MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:41:56.0098 5956 MyWiFiDHCPDNS - ok
17:41:56.0208 5956 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:41:56.0239 5956 napagent - ok
17:41:56.0301 5956 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:41:56.0348 5956 NativeWifiP - ok
17:41:56.0410 5956 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
17:41:56.0426 5956 NDIS - ok
17:41:56.0457 5956 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:41:56.0488 5956 NdisCap - ok
17:41:56.0504 5956 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:41:56.0535 5956 NdisTapi - ok
17:41:56.0566 5956 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:41:56.0582 5956 Ndisuio - ok
17:41:56.0598 5956 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:41:56.0629 5956 NdisWan - ok
17:41:56.0715 5956 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:41:56.0769 5956 NDProxy - ok
17:41:56.0809 5956 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:41:56.0858 5956 NetBIOS - ok
17:41:56.0881 5956 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:41:56.0911 5956 NetBT - ok
17:41:56.0967 5956 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:41:56.0996 5956 Netlogon - ok
17:41:57.0121 5956 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:41:57.0169 5956 Netman - ok
17:41:57.0237 5956 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:41:57.0260 5956 NetMsmqActivator - ok
17:41:57.0267 5956 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:41:57.0274 5956 NetPipeActivator - ok
17:41:57.0338 5956 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:41:57.0382 5956 netprofm - ok
17:41:57.0389 5956 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:41:57.0397 5956 NetTcpActivator - ok
17:41:57.0401 5956 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:41:57.0409 5956 NetTcpPortSharing - ok
17:41:57.0658 5956 NETwNs64 (fad6c5610d020534401966cd72a1c306) C:\Windows\system32\DRIVERS\Netwsw00.sys
17:41:57.0766 5956 NETwNs64 - ok
17:41:57.0803 5956 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:41:57.0825 5956 nfrd960 - ok
17:41:57.0874 5956 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:41:57.0918 5956 NlaSvc - ok
17:41:58.0070 5956 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
17:41:58.0112 5956 NOBU - ok
17:41:58.0289 5956 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\drivers\npf.sys
17:41:58.0309 5956 NPF - ok
17:41:58.0361 5956 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:41:58.0418 5956 Npfs - ok
17:41:58.0459 5956 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:41:58.0509 5956 nsi - ok
17:41:58.0549 5956 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:41:58.0598 5956 nsiproxy - ok
17:41:58.0686 5956 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:41:58.0726 5956 Ntfs - ok
17:41:58.0756 5956 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:41:58.0805 5956 Null - ok
17:41:58.0839 5956 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
17:41:58.0846 5956 nusb3hub - ok
17:41:58.0895 5956 nusb3xhc (55959db860e4e484681586824d09e52c) C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:41:58.0917 5956 nusb3xhc - ok
17:41:59.0033 5956 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:41:59.0060 5956 nvraid - ok
17:41:59.0129 5956 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:41:59.0155 5956 nvstor - ok
17:41:59.0250 5956 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:41:59.0266 5956 nv_agp - ok
17:41:59.0390 5956 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:41:59.0422 5956 ohci1394 - ok
17:41:59.0484 5956 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:41:59.0500 5956 ose - ok
17:41:59.0671 5956 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:41:59.0734 5956 osppsvc - ok
17:41:59.0864 5956 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:41:59.0884 5956 p2pimsvc - ok
17:41:59.0944 5956 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:41:59.0971 5956 p2psvc - ok
17:42:00.0030 5956 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:42:00.0056 5956 Parport - ok
17:42:00.0073 5956 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:42:00.0080 5956 partmgr - ok
17:42:00.0112 5956 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:42:00.0149 5956 PcaSvc - ok
17:42:00.0172 5956 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:42:00.0181 5956 pci - ok
17:42:00.0205 5956 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:42:00.0212 5956 pciide - ok
17:42:00.0247 5956 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:42:00.0267 5956 pcmcia - ok
17:42:00.0285 5956 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:42:00.0292 5956 pcw - ok
17:42:00.0332 5956 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:42:00.0379 5956 PEAUTH - ok
17:42:00.0419 5956 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:42:00.0454 5956 PerfHost - ok
17:42:00.0542 5956 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:42:00.0597 5956 pla - ok
17:42:00.0652 5956 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:42:00.0688 5956 PlugPlay - ok
17:42:00.0710 5956 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:42:00.0721 5956 PNRPAutoReg - ok
17:42:00.0741 5956 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:42:00.0757 5956 PNRPsvc - ok
17:42:00.0819 5956 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:42:00.0850 5956 PolicyAgent - ok
17:42:00.0897 5956 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:42:00.0944 5956 Power - ok
17:42:00.0991 5956 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:42:01.0038 5956 PptpMiniport - ok
17:42:01.0069 5956 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:42:01.0069 5956 Processor - ok
17:42:01.0131 5956 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
17:42:01.0178 5956 ProfSvc - ok
17:42:01.0240 5956 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:42:01.0272 5956 ProtectedStorage - ok
17:42:01.0335 5956 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:42:01.0389 5956 Psched - ok
17:42:01.0472 5956 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
17:42:01.0492 5956 PxHlpa64 - ok
17:42:01.0562 5956 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:42:01.0603 5956 ql2300 - ok
17:42:01.0627 5956 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:42:01.0635 5956 ql40xx - ok
17:42:01.0669 5956 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:42:01.0708 5956 QWAVE - ok
17:42:01.0732 5956 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:42:01.0767 5956 QWAVEdrv - ok
17:42:01.0818 5956 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll
17:42:01.0836 5956 RapiMgr - ok
17:42:01.0856 5956 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:42:01.0886 5956 RasAcd - ok
17:42:01.0918 5956 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:42:01.0985 5956 RasAgileVpn - ok
17:42:02.0030 5956 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:42:02.0081 5956 RasAuto - ok
17:42:02.0122 5956 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:42:02.0171 5956 Rasl2tp - ok
17:42:02.0200 5956 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:42:02.0232 5956 RasMan - ok
17:42:02.0252 5956 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:42:02.0281 5956 RasPppoe - ok
17:42:02.0295 5956 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:42:02.0326 5956 RasSstp - ok
17:42:02.0357 5956 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:42:02.0404 5956 rdbss - ok
17:42:02.0435 5956 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
17:42:02.0451 5956 rdpbus - ok
17:42:02.0466 5956 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:42:02.0498 5956 RDPCDD - ok
17:42:02.0529 5956 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:42:02.0544 5956 RDPENCDD - ok
17:42:02.0576 5956 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:42:02.0607 5956 RDPREFMP - ok
17:42:02.0654 5956 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
17:42:02.0685 5956 RDPWD - ok
17:42:02.0732 5956 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:42:02.0763 5956 rdyboost - ok
17:42:02.0905 5956 RegFilter (c7de6f41b1a734ea70bd2dc67235becc) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
17:42:02.0922 5956 RegFilter - ok
17:42:03.0044 5956 RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:42:03.0066 5956 RegSrvc - ok
17:42:03.0129 5956 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:42:03.0190 5956 RemoteAccess - ok
17:42:03.0226 5956 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:42:03.0280 5956 RemoteRegistry - ok
17:42:03.0313 5956 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
17:42:03.0327 5956 RFCOMM - ok
17:42:03.0465 5956 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
17:42:03.0490 5956 RoxMediaDB12OEM - ok
17:42:03.0509 5956 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
17:42:03.0518 5956 RoxWatch12 - ok
17:42:03.0559 5956 rpcapd (a780d3eaa74582ea1deb6bd9c7a3d9c9) C:\Program Files (x86)\WinPcap\rpcapd.exe
17:42:03.0574 5956 rpcapd - ok
17:42:03.0700 5956 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:42:03.0757 5956 RpcEptMapper - ok
17:42:03.0798 5956 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:42:03.0821 5956 RpcLocator - ok
17:42:03.0849 5956 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll
17:42:03.0895 5956 RpcSs - ok
17:42:03.0942 5956 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:42:03.0989 5956 rspndr - ok
17:42:04.0020 5956 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\Windows\system32\Drivers\RtsUStor.sys
17:42:04.0036 5956 RSUSBSTOR - ok
17:42:04.0067 5956 RTL8167 (2777226ee8bf50b059d7a7c90177e99c) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:42:04.0083 5956 RTL8167 - ok
17:42:04.0129 5956 RTLE8023x64 (496043bad6fbfaaf5280c9eb41920684) C:\Windows\system32\DRIVERS\Rtenic64.sys
17:42:04.0161 5956 RTLE8023x64 - ok
17:42:04.0207 5956 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:42:04.0239 5956 SamSs - ok
17:42:04.0270 5956 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:42:04.0301 5956 sbp2port - ok
17:42:04.0348 5956 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:42:04.0395 5956 SCardSvr - ok
17:42:04.0410 5956 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:42:04.0449 5956 scfilter - ok
17:42:04.0484 5956 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:42:04.0523 5956 Schedule - ok
17:42:04.0561 5956 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:42:04.0622 5956 SCPolicySvc - ok
17:42:04.0643 5956 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:42:04.0656 5956 SDRSVC - ok
17:42:04.0691 5956 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:42:04.0720 5956 secdrv - ok
17:42:04.0735 5956 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:42:04.0765 5956 seclogon - ok
17:42:04.0783 5956 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
17:42:04.0814 5956 SENS - ok
17:42:04.0840 5956 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:42:04.0851 5956 SensrSvc - ok
17:42:04.0875 5956 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
17:42:04.0889 5956 Serenum - ok
17:42:04.0919 5956 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
17:42:04.0929 5956 Serial - ok
17:42:04.0943 5956 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:42:04.0957 5956 sermouse - ok
17:42:04.0999 5956 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:42:05.0050 5956 SessionEnv - ok
17:42:05.0063 5956 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:42:05.0075 5956 sffdisk - ok
17:42:05.0087 5956 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:42:05.0099 5956 sffp_mmc - ok
17:42:05.0113 5956 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:42:05.0125 5956 sffp_sd - ok
17:42:05.0145 5956 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:42:05.0155 5956 sfloppy - ok
17:42:05.0216 5956 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
17:42:05.0250 5956 Sftfs - ok
17:42:05.0353 5956 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:42:05.0390 5956 sftlist - ok
17:42:05.0422 5956 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:42:05.0448 5956 Sftplay - ok
17:42:05.0471 5956 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:42:05.0477 5956 Sftredir - ok
17:42:05.0578 5956 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:42:05.0604 5956 SftService - ok
17:42:05.0672 5956 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
17:42:05.0691 5956 Sftvol - ok
17:42:05.0791 5956 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:42:05.0815 5956 sftvsa - ok
17:42:05.0943 5956 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:42:05.0989 5956 SharedAccess - ok
17:42:06.0040 5956 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:42:06.0082 5956 ShellHWDetection - ok
17:42:06.0127 5956 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:42:06.0146 5956 SiSRaid2 - ok
17:42:06.0173 5956 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:42:06.0196 5956 SiSRaid4 - ok
17:42:06.0296 5956 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
17:42:06.0320 5956 SkypeUpdate - ok
17:42:06.0476 5956 SmartDefragDriver (dd0443bc6cc78a19fd399817f8c51401) C:\Windows\system32\Drivers\SmartDefragDriver.sys
17:42:06.0491 5956 SmartDefragDriver - ok
17:42:06.0522 5956 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:42:06.0569 5956 Smb - ok
17:42:06.0647 5956 SmbDrv (f4eb04f303aacb8629a3648dc532f6c2) C:\Windows\system32\DRIVERS\Smb_driver.sys
17:42:06.0663 5956 SmbDrv - ok
17:42:06.0710 5956 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:42:06.0741 5956 SNMPTRAP - ok
17:42:06.0788 5956 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:42:06.0803 5956 spldr - ok
17:42:06.0834 5956 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:42:06.0881 5956 Spooler - ok
17:42:06.0987 5956 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:42:07.0047 5956 sppsvc - ok
17:42:07.0081 5956 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:42:07.0127 5956 sppuinotify - ok
17:42:07.0196 5956 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:42:07.0228 5956 srv - ok
17:42:07.0254 5956 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:42:07.0287 5956 srv2 - ok
17:42:07.0317 5956 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:42:07.0328 5956 srvnet - ok
17:42:07.0348 5956 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:42:07.0380 5956 SSDPSRV - ok
17:42:07.0407 5956 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:42:07.0437 5956 SstpSvc - ok
17:42:07.0490 5956 STacSV (7bf818b11c1fedc3e76d233124470a30) C:\Program Files\IDT\WDM\STacSV64.exe
17:42:07.0524 5956 STacSV - ok
17:42:07.0566 5956 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:42:07.0586 5956 stexstor - ok
17:42:07.0661 5956 STHDA (ebc1a5e076a9be314d3d9e8ed19abb0a) C:\Windows\system32\DRIVERS\stwrt64.sys
17:42:07.0683 5956 STHDA - ok
17:42:07.0744 5956 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:42:07.0778 5956 stisvc - ok
17:42:07.0866 5956 stllssvr (7731f46ec0d687a931cba063e8f90ef0) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
17:42:07.0884 5956 stllssvr - ok
17:42:08.0013 5956 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:42:08.0034 5956 swenum - ok
17:42:08.0171 5956 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:42:08.0190 5956 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
17:42:08.0190 5956 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
17:42:08.0340 5956 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:42:08.0390 5956 swprv - ok
17:42:08.0467 5956 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:42:08.0508 5956 SysMain - ok
17:42:08.0531 5956 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:42:08.0557 5956 TabletInputService - ok
17:42:08.0588 5956 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:42:08.0620 5956 TapiSrv - ok
17:42:08.0653 5956 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:42:08.0683 5956 TBS - ok
17:42:08.0788 5956 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
17:42:08.0833 5956 Tcpip - ok
17:42:08.0902 5956 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
17:42:08.0933 5956 TCPIP6 - ok
17:42:08.0981 5956 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:42:09.0028 5956 tcpipreg - ok
17:42:09.0044 5956 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:42:09.0059 5956 TDPIPE - ok
17:42:09.0106 5956 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:42:09.0122 5956 TDTCP - ok
17:42:09.0153 5956 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:42:09.0200 5956 tdx - ok
17:42:09.0215 5956 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
17:42:09.0231 5956 TermDD - ok
17:42:09.0278 5956 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:42:09.0325 5956 TermService - ok
17:42:09.0340 5956 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:42:09.0356 5956 Themes - ok
17:42:09.0387 5956 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:42:09.0418 5956 THREADORDER - ok
17:42:09.0449 5956 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:42:09.0465 5956 TrkWks - ok
17:42:09.0534 5956 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:42:09.0583 5956 TrustedInstaller - ok
17:42:09.0670 5956 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:42:09.0724 5956 tssecsrv - ok
17:42:09.0761 5956 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:42:09.0770 5956 TsUsbFlt - ok
17:42:09.0793 5956 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:42:09.0803 5956 TsUsbGD - ok
17:42:09.0835 5956 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:42:09.0882 5956 tunnel - ok
17:42:09.0924 5956 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
17:42:09.0944 5956 TurboB - ok
17:42:10.0019 5956 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
17:42:10.0042 5956 TurboBoost - ok
17:42:10.0104 5956 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:42:10.0129 5956 uagp35 - ok
17:42:10.0175 5956 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:42:10.0238 5956 udfs - ok
17:42:10.0284 5956 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:42:10.0316 5956 UI0Detect - ok
17:42:10.0341 5956 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:42:10.0364 5956 uliagpkx - ok
17:42:10.0400 5956 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:42:10.0426 5956 umbus - ok
17:42:10.0456 5956 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:42:10.0471 5956 UmPass - ok
17:42:10.0574 5956 UMVPFSrv (927754abf077aeb5504be4e0f2c60c1b) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
17:42:10.0610 5956 UMVPFSrv - ok
17:42:10.0735 5956 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:42:10.0773 5956 UNS - ok
17:42:10.0915 5956 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:42:10.0968 5956 upnphost - ok
17:42:11.0099 5956 UrlFilter (82520fe7a49765e76281dcc7d90c09f6) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
17:42:11.0115 5956 UrlFilter - ok
17:42:11.0272 5956 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
17:42:11.0306 5956 usbaudio - ok
17:42:11.0363 5956 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
17:42:11.0394 5956 usbccgp - ok
17:42:11.0431 5956 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:42:11.0470 5956 usbcir - ok
17:42:11.0496 5956 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:42:11.0505 5956 usbehci - ok
17:42:11.0543 5956 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:42:11.0574 5956 usbhub - ok
17:42:11.0621 5956 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:42:11.0652 5956 usbohci - ok
17:42:11.0699 5956 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:42:11.0730 5956 usbprint - ok
17:42:11.0761 5956 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:42:11.0792 5956 usbscan - ok
17:42:11.0855 5956 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:42:11.0886 5956 USBSTOR - ok
17:42:11.0917 5956 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:42:11.0933 5956 usbuhci - ok
17:42:11.0995 5956 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
17:42:12.0026 5956 usbvideo - ok
17:42:12.0063 5956 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:42:12.0108 5956 UxSms - ok
17:42:12.0166 5956 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:42:12.0201 5956 VaultSvc - ok
17:42:12.0247 5956 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:42:12.0266 5956 vdrvroot - ok
17:42:12.0306 5956 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:42:12.0354 5956 vds - ok
17:42:12.0384 5956 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:42:12.0417 5956 vga - ok
17:42:12.0438 5956 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:42:12.0466 5956 VgaSave - ok
17:42:12.0493 5956 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:42:12.0502 5956 vhdmp - ok
17:42:12.0524 5956 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:42:12.0531 5956 viaide - ok
17:42:12.0553 5956 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:42:12.0561 5956 volmgr - ok
17:42:12.0589 5956 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:42:12.0615 5956 volmgrx - ok
17:42:12.0642 5956 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:42:12.0653 5956 volsnap - ok
17:42:12.0676 5956 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:42:12.0685 5956 vsmraid - ok
17:42:12.0757 5956 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:42:12.0811 5956 VSS - ok
17:42:12.0834 5956 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:42:12.0846 5956 vwifibus - ok
17:42:12.0874 5956 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:42:12.0887 5956 vwififlt - ok
17:42:12.0900 5956 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:42:12.0914 5956 vwifimp - ok
17:42:12.0938 5956 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:42:12.0972 5956 W32Time - ok
17:42:13.0001 5956 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:42:13.0011 5956 WacomPen - ok
17:42:13.0033 5956 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:42:13.0081 5956 WANARP - ok
17:42:13.0081 5956 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:42:13.0112 5956 Wanarpv6 - ok
17:42:13.0189 5956 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:42:13.0214 5956 WatAdminSvc - ok
17:42:13.0286 5956 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:42:13.0327 5956 wbengine - ok
17:42:13.0356 5956 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:42:13.0374 5956 WbioSrvc - ok
17:42:13.0435 5956 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll
17:42:13.0446 5956 WcesComm - ok
17:42:13.0475 5956 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:42:13.0493 5956 wcncsvc - ok
17:42:13.0513 5956 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:42:13.0525 5956 WcsPlugInService - ok
17:42:13.0571 5956 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:42:13.0587 5956 Wd - ok
17:42:13.0635 5956 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:42:13.0666 5956 Wdf01000 - ok
17:42:13.0706 5956 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:42:13.0742 5956 WdiServiceHost - ok
17:42:13.0747 5956 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:42:13.0764 5956 WdiSystemHost - ok
17:42:13.0804 5956 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\Windows\system32\DRIVERS\WDKMD.sys
17:42:13.0825 5956 wdkmd - ok
17:42:13.0855 5956 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:42:13.0887 5956 WebClient - ok
17:42:13.0919 5956 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:42:13.0968 5956 Wecsvc - ok
17:42:13.0982 5956 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:42:14.0013 5956 wercplsupport - ok
17:42:14.0041 5956 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:42:14.0071 5956 WerSvc - ok
17:42:14.0110 5956 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:42:14.0138 5956 WfpLwf - ok
17:42:14.0175 5956 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
17:42:14.0177 5956 WimFltr - ok
17:42:14.0208 5956 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:42:14.0208 5956 WIMMount - ok
17:42:14.0255 5956 WinDefend - ok
17:42:14.0301 5956 WinHttpAutoProxySvc - ok
17:42:14.0442 5956 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:42:14.0504 5956 Winmgmt - ok
17:42:14.0598 5956 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:42:14.0659 5956 WinRM - ok
17:42:14.0731 5956 WINUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.SYS
17:42:14.0758 5956 WINUSB - ok
17:42:14.0797 5956 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:42:14.0821 5956 Wlansvc - ok
17:42:14.0872 5956 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:42:14.0889 5956 wlcrasvc - ok
17:42:15.0025 5956 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:42:15.0059 5956 wlidsvc - ok
17:42:15.0146 5956 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:42:15.0174 5956 WmiAcpi - ok
17:42:15.0234 5956 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:42:15.0271 5956 wmiApSrv - ok
17:42:15.0365 5956 WMPNetworkSvc - ok
17:42:15.0515 5956 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:42:15.0539 5956 WPCSvc - ok
17:42:15.0572 5956 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:42:15.0606 5956 WPDBusEnum - ok
17:42:15.0638 5956 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:42:15.0701 5956 ws2ifsl - ok
17:42:15.0733 5956 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
17:42:15.0750 5956 wscsvc - ok
17:42:15.0761 5956 WSearch - ok
17:42:15.0853 5956 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
17:42:15.0911 5956 wuauserv - ok
17:42:15.0954 5956 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:42:16.0001 5956 WudfPf - ok
17:42:16.0033 5956 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:42:16.0062 5956 WUDFRd - ok
17:42:16.0096 5956 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:42:16.0148 5956 wudfsvc - ok
17:42:16.0177 5956 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:42:16.0195 5956 WwanSvc - ok
17:42:16.0229 5956 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:42:16.0474 5956 \Device\Harddisk0\DR0 - ok
17:42:16.0480 5956 Boot (0x1200) (b4a651ea79a9998884da67ecffb5e2e7) \Device\Harddisk0\DR0\Partition0
17:42:16.0482 5956 \Device\Harddisk0\DR0\Partition0 - ok
17:42:16.0522 5956 Boot (0x1200) (723ffebde086355ce5f5c8e20d4fdb4a) \Device\Harddisk0\DR0\Partition1
17:42:16.0524 5956 \Device\Harddisk0\DR0\Partition1 - ok
17:42:16.0525 5956 ============================================================
17:42:16.0525 5956 Scan finished
17:42:16.0525 5956 ============================================================
17:42:16.0540 7208 Detected object count: 3
17:42:16.0540 7208 Actual detected object count: 3
17:42:33.0882 7208 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:33.0882 7208 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:33.0884 7208 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:33.0884 7208 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:33.0886 7208 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:33.0887 7208 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#8
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
We should proceed with general antimalware scan which can take quite a long time so please be patient.

Download Virus Removal Tool (VRT) from Here to your desktop
(You have to enter your e-mail address and click on Submit Form button. Please download latest English version of this tool)

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
(Please be patient as this scan can take a few hours)
Posted Image

Allow VRT to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post


Now the Analysis

Rerun VRT and select the Manual Disinfection tab and press Start Gathering System Information

Posted Image

On completion click the link to locate the zip file to upload and attach to your next post

Posted Image
  • 0

#9
lizglass

lizglass

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
I ran the kaspersky tool and it found no threats, therefore there is no threats report. However, several of the files were password protected or ot locked. When I tried to paste the log to this message, Chrome also crashed and I am unable to restart it. So,the last browser standing is IE. I am attaching the log created by the manual disinfection first, and will send you the log for the automatic scan on a separate post, hoping it won't crash.

This is getting really scary...

Attached Files


  • 0

#10
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
I can't see any malware activity from your logs so far. Do you have Windows installation DVD disk?
  • 0

Advertisements


#11
lizglass

lizglass

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
Yes, I do have it, but was hoping to avoid reformatting the hard disk ...
  • 0

#12
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Clean reinstall is the last option. Let's try with this now:

From the Start menu open your Computer
You should see something like this:

Posted Image

Right click your system partition (usually C) and select Properties

Posted Image

Select Tools tab and then Check now...
The second window will popup
Ensure you have ticks in both boxes
Then click Start
Windows will schedule it for the next boot
Reboot

Once that has completed:

Go to Start > All Programs > Accessories
Right click Command Prompt and select Run as administrator
When the prompt opens type the following bolded text and press enter

sfc /scannow (Note: There is a space between sfc and /scannow)

On completion reboot

Let me know then if there is any improvement
  • 0

#13
lizglass

lizglass

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
Sorry to let you know that nothing changed after I ran all of the above. Moreover, I am still unable to restore the computer to an earlier point... and the eerlier points are disappearing fast, with all these changes we made. I have no restore point left previous to all this mess anymore. What next? And thanks for staying with me!
  • 0

#14
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
We will do so called Windows 7 in-place upgrade or repair installation.

Note: Performing a repair installation (Win 7 in-place upgrade) will not damage files and applications that are currently installed on your computer. It takes the same amount of time to do the upgrade as to reinstall the operating system. Also, some of your customized Windows settings may be lost through this process.

Note: Be sure to backup anything that you do not want to lose first to be extra safe.

Please go here and follow instructions step by step. Let me know then if there is any improvemen.
  • 0

#15
lizglass

lizglass

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
Not very good news: the repair install did not work on its first run. It was interrupted and the computer returned to its previous state.
Then I tried to run it again, and it got completely stuck; the start up got corrupted and I was unable to do anything but a clean reinstallation of the OS.

Unfortunately I don't have all the drives and it is being [bleep] to get it to connect to the internet again. Not to mention all the programs that I have to reinstall... Luckily I followed your advice and made a backup of all our personal files!
Any suggestions on the steps to get it back to full life?

Thanks!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP