Google Redirect Win7 64 Bit Happili and others [Solved] [Closed]
Started by
Mobilesites
, Apr 17 2012 11:18 AM
-
This topic is locked
#1
Posted 17 April 2012 - 11:18 AM
Mobilesites
-
- Member
-
- 15 posts
Member
#2
Posted 17 April 2012 - 11:23 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Hi there first I will need to look at your system
Download OTL to your Desktop
THEN
Download aswMBR.exe ( 4.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post in your next reply
Download OTL to your Desktop
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Select All Users
- Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
consrv.dll
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
>C:\commands.txt echo list vol /raw /hide /c
/wait
>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
/wait
type c:\diskreport.txt /c
/wait
erase c:\commands.txt /hide /c
/wait
erase c:\diskreport.txt /hide /c
CREATERESTOREPOINT - Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Post both logs
THEN
Download aswMBR.exe ( 4.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post in your next reply
#3
Posted 17 April 2012 - 12:13 PM
Mobilesites
- Topic Starter
-
- Member
-
- 15 posts
Member
OTL Extras logfile created on: 4/17/2012 1:40:18 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Bob\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.96 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 47.06% Memory free
7.92 Gb Paging File | 4.89 Gb Available in Paging File | 61.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 160.41 Gb Free Space | 56.60% Space Free | Partition Type: NTFS
Computer Name: BOB-DELL | User Name: Bob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0CB41726-DEBA-46E1-B48B-873F012ACAA1}" = Nitro PDF Reader
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{11E16C7E-8A1D-F4D5-10A1-C4300CE33861}" = MozyPro
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java™ 6 Update 14 (64-bit)
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}" = Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E51A1789-9C20-43FC-AF13-C7AC29FAF111}" = AVG 2012
"{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"AVG" = AVG 2012
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Lexmark_HostCD" = Lexmark Software Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Shop for HP Supplies" = Shop for HP Supplies
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinRAR archiver" = WinRAR 4.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04F3038E-4120-44CC-B330-E05F737246A5}" = Roxio Update Manager
"{08A91C9F-2BA3-4288-95DA-2FE397165981}" = Website Legal Forms Generator
"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DC325E1-4594-4B21-B3B8-CA775E75207E}_is1" = OneNote 2010 Sort Utility 0.9
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{14D45622-0D9C-4A7D-8CB9-E8943C553979}" = KeywordSetup
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{18DD0876-5D39-4112-BDB5-5353EEC9DAA4}" = Cerberus FTP Server
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1" = KompoZer 0.8b3
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java™ 6 Update 23
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2AD738DC-FC24-4342-A2DA-BB6DCCF6B048}" = Jing
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3571A4C6-E0C6-47A7-B587-845CE2A6DEB0}" = Acronis Migrate Easy
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3B24A11D-D01B-4B2A-B29A-652A848613BB}" = TimeSheet
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{420DFB63-8AE7-F7D6-E4B4-AB6D140221F4}" = FlipShare
"{42F81A7B-6042-4EEB-45B5-B5C7145E5470}" = Keyword Blaze
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52CF142B-7B0E-41E7-98F5-B834122523E7}_is1" = Programmer's Notepad 2
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AC54C83-060F-9610-CC29-9310CBDF80CB}" = Mobilizer
"{61D126A8-21C6-DCC0-2004-1EFC709879E2}" = Ad Spot Sniper
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{67635FB6-2F63-4FFB-830B-D4C01597EBA4}" = Microsoft Office Suite Activation Assistant
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6BBE73BB-8EDB-5384-812F-EBB41DD5B284}" = Local Niche Spy
"{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}" = Digital Voice Editor 3
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell" = WildTangent Games App (Dell Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7DCC96FE-B0D1-4BB6-B6D0-6498157091FC}" = Ingressor Desktop (NK2 Management)
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{81C88B61-5A05-493C-9D7A-149BC3252108}" = MySpeed v3.7.2
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E071C09-A93C-4273-A5FF-822FD8388DE1}" = CATS Outlook Plugin
"{8E125268-38C1-417E-A2F5-F8F8916D3A23}" = Google AdWords Editor
"{8F4A0E14-CF92-5B68-CAD8-ACA4DE0A4E43}" = SEORankFinderv2
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90B9134C-B36B-1051-A000-627B047C8206}" = CurationSoft
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7765932-77D6-E0B2-1B27-E2973B5E1BD5}" = TweetDeck
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B3459B16-744E-11E1-B425-984BE15F174E}" = Evernote v. 4.5.4
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C70E1F24-4831-4EE2-9CB9-755EE0B9DFBA}" = Local Marketing Titan
"{C9EA8D6E-8BC5-4D66-9BC0-E6C1B7129869}" = cBizOne
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF3AE617-FE05-4E12-A8E9-83395BB0394C}" = SWF Components
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}" = OverDrive Media Console
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D7A05212-CDE3-4EF9-B3B5-EE5CDE0B335F}" = Adweek Directories 2002
"{DB3A97C0-EEC1-43FE-AB56-E2EA972CF111}" = 1600
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF6DA606-904D-4C18-823F-A4CFC3035E53}" = eFax Messenger
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EA79DC46-98B0-4A26-A76F-448A032E5E4D}" = 1600Trb
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EBD1C6C0-35EA-4D3C-891A-E218358F82DB}" = Video Components
"{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}" = Dragon NaturallySpeaking 11
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEA5A8ED-93A1-44EE-9A7D-43103DB3F78D}" = 1600_Help
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Agama Web Buttons_is1" = Agama Web Buttons
"AI RoboForm" = RoboForm 7-7-4 (All Users)
"Anvi Smart Defender" = Anvi Smart Defender RC2
"Artisteer 2" = Artisteer 2
"Audacity_is1" = Audacity 1.2.6
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"CATS Microsoft Outlook Plug-in_is1" = CATS Microsoft Outlook Plug-in v1.95
"CATS Microsoft Word Plug-in_is1" = CATS Microsoft Word Plug-in v1.35
"ColorPic" = ColorPic
"com.blueprintcentral.keywordblaze" = Keyword Blaze
"com.nroo.adspotsniper" = Ad Spot Sniper
"com.springbox.mobilizer" = Mobilizer
"Convert PowerPoint to HTML_is1" = Convert PowerPoint to HTML V1.30
"CurationSoft" = CurationSoft
"Dell Webcam Central" = Dell Webcam Central
"DYMO Label v.8" = DYMO Label v.8
"FileZilla Client" = FileZilla Client 3.5.3
"Free Website Traffic Booster_is1" = Free Website Traffic Booster
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US)
"Niche" = Local Niche Spy
"Notepad++" = Notepad++
"Office14.SingleImage" = Microsoft Office Professional 2010
"OpenSSH" = OpenSSH for Windows (remove only)
"outlookset" = Outlook Setup Tool
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"PuTTY_is1" = PuTTY version 0.62
"SEORankFinderv2" = SEORankFinderv2
"SysTools Outlook Cached Contacts Recovery v1.0_is1" = SysTools Outlook Cached Contacts Recovery
"The 5 Bucks a Day Action Enforcer_is1" = The 5 Bucks a Day Action Enforcer
"The Logo Creator v5.2" = The Logo Creator v5.2
"TheBestSpinner" = TheBestSpinner
"Traffic Travis 4.0 Setup Wizard_is1" = Traffic Travis 4.0.0
"Traffic Travis v4_is1" = Traffic Travis 4.0.0
"Traffic Travis_is1" = Traffic Travis 3.3.12
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"XHeader" = XHeader
"Your Local Shortcut_is1" = Your Local Shortcut
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"454b0a69a8816be0" = Rockstar Power Suite
"5019907798f06351" = Auto Blog Software
"Dropbox" = Dropbox
"GoToMeeting" = GoToMeeting 5.1.0.880
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 4/16/2012 12:30:29 AM | Computer Name = Bob-Dell | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 4/16/2012 10:56:45 AM | Computer Name = Bob-Dell | Source = MsiInstaller | ID = 11706
Description =
Error - 4/16/2012 10:57:18 AM | Computer Name = Bob-Dell | Source = MsiInstaller | ID = 11706
Description =
Error - 4/16/2012 10:58:38 AM | Computer Name = Bob-Dell | Source = MsiInstaller | ID = 11706
Description =
Error - 4/16/2012 4:57:44 PM | Computer Name = Bob-Dell | Source = Application Error | ID = 1000
Description = Faulting application name: prevhost.exe, version: 6.1.7600.16762,
time stamp: 0x4d5decde Faulting module name: ntdll.dll, version: 6.1.7600.16915,
time stamp: 0x4ec49d10 Exception code: 0xc015000f Fault offset: 0x000843f9 Faulting
process id: 0x1ac8 Faulting application start time: 0x01cd1be313669401 Faulting application
path: C:\Windows\SysWOW64\prevhost.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report
Id: cffa088f-8806-11e1-97fb-002564660502
Error - 4/16/2012 7:36:15 PM | Computer Name = Bob-Dell | Source = MsiInstaller | ID = 11706
Description =
Error - 4/16/2012 7:57:12 PM | Computer Name = Bob-Dell | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 11.0.0.4454 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2e88 Start
Time: 01cd1c2c64ea2f71 Termination Time: 32 Application Path: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Report Id: d8f424f2-881f-11e1-8979-002564660502
Error - 4/17/2012 12:30:05 AM | Computer Name = Bob-Dell | Source = SideBySide | ID = 16842761
Description = Activation context generation failed for "C:\Users\Bob\AppData\Roaming\CATS
Software, Inc\CATS Outlook Plugin\adxloader.dll.Manifest".Error in manifest or
policy file "C:\Users\Bob\AppData\Roaming\CATS Software, Inc\CATS Outlook Plugin\adxloader.dll.Manifest"
on line 2. The manifest file root element must be assembly.
Error - 4/17/2012 12:30:40 AM | Computer Name = Bob-Dell | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 4/17/2012 5:42:55 AM | Computer Name = Bob-Dell | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 18.0.1025.162 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2874 Start
Time: 01cd1c2c0fa38871 Termination Time: 248 Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Report
Id: ae047740-8871-11e1-8979-002564660502
[ Dell Events ]
Error - 5/1/2011 7:37:07 PM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 5/1/2011 7:40:32 PM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 5/1/2011 7:40:32 PM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 5/5/2011 10:20:43 PM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 5/5/2011 10:20:44 PM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 5/12/2011 2:34:22 PM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 5/12/2011 2:34:22 PM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 6/5/2011 10:05:32 AM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 6/5/2011 10:05:32 AM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 6/5/2011 10:09:34 AM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
[ Media Center Events ]
Error - 1/27/2011 4:22:38 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 3:22:38 AM - Error connecting to the internet. 3:22:38 AM - Unable
to contact server..
Error - 1/27/2011 4:22:48 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 3:22:46 AM - Error connecting to the internet. 3:22:46 AM - Unable
to contact server..
Error - 1/27/2011 5:24:28 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 4:24:28 AM - Error connecting to the internet. 4:24:28 AM - Unable
to contact server..
Error - 1/27/2011 5:24:34 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 4:24:33 AM - Error connecting to the internet. 4:24:33 AM - Unable
to contact server..
Error - 1/27/2011 6:26:16 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 5:26:16 AM - Error connecting to the internet. 5:26:16 AM - Unable
to contact server..
Error - 1/27/2011 6:26:22 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 5:26:21 AM - Error connecting to the internet. 5:26:21 AM - Unable
to contact server..
Error - 1/27/2011 7:29:30 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 6:29:30 AM - Error connecting to the internet. 6:29:30 AM - Unable
to contact server..
Error - 1/27/2011 7:29:36 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 6:29:35 AM - Error connecting to the internet. 6:29:35 AM - Unable
to contact server..
Error - 2/20/2012 9:02:26 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 8:02:26 AM - Failed to retrieve MCEClientUX (Error: The underlying
connection was closed: Could not establish trust relationship for the SSL/TLS secure
channel.)
Error - 4/9/2012 4:26:44 PM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 4:26:24 PM - Error connecting to the internet. 4:26:24 PM - Unable
to contact server..
[ System Events ]
Error - 4/16/2012 6:53:10 PM | Computer Name = Bob-Dell | Source = Service Control Manager | ID = 7034
Description = The hpqcxs08 service terminated unexpectedly. It has done this 1
time(s).
Error - 4/16/2012 6:53:10 PM | Computer Name = Bob-Dell | Source = Service Control Manager | ID = 7034
Description = The HP CUE DeviceDiscovery Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 4/16/2012 7:01:30 PM | Computer Name = Bob-Dell | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 4/16/2012 7:06:03 PM | Computer Name = Bob-Dell | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 4/16/2012 7:09:25 PM | Computer Name = Bob-Dell | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the FlipShare
Service service to connect.
Error - 4/16/2012 7:09:25 PM | Computer Name = Bob-Dell | Source = Service Control Manager | ID = 7000
Description = The FlipShare Service service failed to start due to the following
error: %%1053
Error - 4/16/2012 7:09:27 PM | Computer Name = Bob-Dell | Source = Service Control Manager | ID = 7023
Description = The Windows Defender service terminated with the following error:
%%126
Error - 4/16/2012 7:09:42 PM | Computer Name = Bob-Dell | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 4/16/2012 7:09:43 PM | Computer Name = Bob-Dell | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 4/16/2012 7:16:51 PM | Computer Name = Bob-Dell | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.
< End of report >
OTL logfile created on: 4/17/2012 1:40:18 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Bob\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.96 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 47.06% Memory free
7.92 Gb Paging File | 4.89 Gb Available in Paging File | 61.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 160.41 Gb Free Space | 56.60% Space Free | Partition Type: NTFS
Computer Name: BOB-DELL | User Name: Bob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/04/17 13:35:27 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Bob\Downloads\OTL.exe
PRC - [2012/03/22 12:09:12 | 001,014,112 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2012/03/22 11:59:42 | 010,727,776 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
PRC - [2012/03/22 11:59:42 | 000,391,008 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
PRC - [2012/03/21 09:31:35 | 000,108,136 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2012/03/13 00:39:04 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/02/14 19:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/02/03 03:55:28 | 000,296,232 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
PRC - [2012/02/03 03:55:26 | 000,715,048 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/06/05 21:41:34 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2011/06/05 21:12:44 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
PRC - [2011/05/19 10:55:14 | 000,913,512 | ---- | M] (Enounce Incorporated) -- C:\Program Files (x86)\Enounce\MySpeed\MySpeed.exe
PRC - [2010/12/15 13:22:42 | 001,085,440 | ---- | M] () -- C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
PRC - [2010/08/20 16:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/07/02 14:25:48 | 000,656,896 | ---- | M] (j2 Global Communications, Inc.) -- C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe
PRC - [2009/06/24 21:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/06/04 20:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/01/08 08:36:42 | 002,521,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe
PRC - [2008/12/18 15:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2007/01/01 17:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Bob\AppData\Roaming\Google\Google Talk\googletalk.exe
========== Modules (No Company Name) ==========
MOD - [2012/04/11 04:09:07 | 000,617,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b1196f23d3ea34127c316e7e4ee4fe46\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
MOD - [2012/04/11 04:08:25 | 000,816,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\bd390319f90ce01ab8deba1289e8dbbb\Microsoft.Office.Tools.Common.v9.0.ni.dll
MOD - [2012/04/11 04:07:00 | 000,152,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\a7cebecbb32108466ba2925a6d2f9506\Microsoft.Office.Tools.v9.0.ni.dll
MOD - [2012/04/11 04:06:58 | 000,215,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\531970b65a818fc81bf606aad1a4fcb1\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
MOD - [2012/04/11 03:53:29 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d932bdb0712c33e0000c75035dbe74d1\PresentationFramework.ni.dll
MOD - [2012/04/11 03:52:59 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5c37600b4ae4ffeaeff645bb16a58137\System.Windows.Forms.ni.dll
MOD - [2012/04/11 03:52:47 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b7bec10dca3f27113cc91c24b79c8f75\System.Drawing.ni.dll
MOD - [2012/04/11 03:51:56 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\66fdd11e758f6c833fbc173338c1ff5b\PresentationCore.ni.dll
MOD - [2012/03/16 15:42:58 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2012/03/16 15:42:56 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2012/03/16 15:40:06 | 017,664,512 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libcef.dll
MOD - [2012/03/16 15:40:02 | 000,160,782 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\avformat-52.dll
MOD - [2012/03/16 15:39:42 | 001,305,102 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\avcodec-52.dll
MOD - [2012/03/16 15:39:42 | 000,096,782 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\avutil-50.dll
MOD - [2012/03/13 10:30:20 | 000,085,288 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{06849336-9cf6-4fd5-82dc-316e56d03ff7}\components\RadioWMPCoreGecko11.dll
MOD - [2012/03/13 00:39:07 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/02/16 05:00:33 | 000,161,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f1f015a3645c90929de3be8e005ce579\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll
MOD - [2012/02/16 05:00:30 | 000,337,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\5e3abe17bf44f0efc0dce053e26d5939\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll
MOD - [2012/02/16 05:00:29 | 000,650,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3514bdc0cdf9188136f0ef38b6b6f675\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
MOD - [2012/02/16 05:00:27 | 000,363,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ac16592da3971bfc1efb027346383848\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
MOD - [2012/02/16 05:00:24 | 001,300,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\8f512f0654c06ede69aa3634db4997ec\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll
MOD - [2012/02/16 04:57:00 | 000,134,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0462ab3f4db13940f68dded92927ae3b\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
MOD - [2012/02/16 04:56:57 | 000,179,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\bf01cf77677b266c813293e180b8ea9b\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll
MOD - [2012/02/16 04:56:53 | 000,133,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ad5f62d2008f0f40ca06df91ceb082a8\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
MOD - [2012/02/16 04:56:52 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\a25e06e527720656434230d3ee420427\System.Core.ni.dll
MOD - [2012/02/16 04:56:43 | 000,042,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\5fc479fc10d8b7f0c8f76cc9d52f701b\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
MOD - [2012/02/16 04:56:41 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1c0f1cc6fcadc6fdc33682a22c6aa9ac\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
MOD - [2012/02/16 04:56:40 | 000,633,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\64b7e2fa8a11164f2ae27b40e964907c\System.AddIn.ni.dll
MOD - [2012/02/16 04:44:14 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll
MOD - [2012/02/16 04:44:03 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
MOD - [2012/02/16 04:43:55 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
MOD - [2012/02/16 04:34:29 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
MOD - [2012/01/31 22:15:02 | 000,547,112 | ---- | M] () -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\sqlite3.dll
MOD - [2012/01/24 20:43:40 | 000,448,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\office\14.0.0.0__71e9bce111e9429c\office.dll
MOD - [2012/01/24 20:43:37 | 001,550,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Excel\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
MOD - [2012/01/08 09:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011/11/15 04:50:31 | 000,082,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\49c0850ff20d17128d372aec3efddba2\System.AddIn.Contract.ni.dll
MOD - [2011/11/15 04:46:29 | 000,112,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f67689a77323b6c427a752f596d76822\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll
MOD - [2011/11/15 04:46:28 | 000,035,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3d5e215ba177747fee682b21798338fe\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll
MOD - [2011/11/15 04:46:28 | 000,028,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6414133d645a6e56a4dcdf062492076a\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll
MOD - [2011/11/15 04:18:27 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011/05/19 08:01:07 | 006,271,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/03/22 11:19:55 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/02/27 13:52:56 | 000,258,048 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\sqlite.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/08/04 15:09:16 | 000,053,528 | ---- | M] (Mozy, Inc.) [Auto | Running] -- C:\Program Files\MozyPro\mozyprobackup.exe -- (mozyprobackup)
SRV:64bit: - [2010/12/03 12:09:08 | 000,341,296 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe -- (NitroReaderDriverReadSpool)
SRV:64bit: - [2009/07/16 21:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/29 00:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2008/12/18 15:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2012/02/03 03:55:28 | 000,296,232 | ---- | M] (Anvisoft) [Auto | Running] -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe -- (asdsrv)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/10 15:22:12 | 000,032,336 | ---- | M] (Sanford, L.P.) [Auto | Running] -- C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe -- (DymoPnpService)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/06/05 21:12:44 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010/12/15 13:31:20 | 000,460,144 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/12/15 13:22:42 | 001,085,440 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe -- (FlipShareServer)
SRV - [2010/10/22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/08/20 16:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/23 06:51:52 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/06/29 00:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe -- (STacSV)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2004/04/18 07:11:14 | 000,036,864 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\OpenSSH\bin\cygrunsrv.exe -- (OpenSSHd)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/03/01 02:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/09 04:26:30 | 000,024,360 | ---- | M] (Anvisoft) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\avhips.sys -- (avhips)
DRV:64bit: - [2012/01/09 04:26:30 | 000,020,264 | ---- | M] (Anvisoft) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avfsmn.sys -- (avfsmn)
DRV:64bit: - [2011/10/07 06:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/09/13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/08/04 15:09:04 | 000,066,552 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mozypro.sys -- (mozyproFilter)
DRV:64bit: - [2011/07/11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/03 15:43:39 | 000,198,944 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2009/07/16 21:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/16 21:06:18 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/09 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/29 00:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 06:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/02 23:16:56 | 007,333,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/05/19 23:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/08 04:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/02/05 07:54:10 | 000,225,328 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mybasicisp.net
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{BFE8C948-10C3-45AC-A59F-A5BA19C19A9A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {F89CA8A7-8F5E-4E94-9E14-DCB324E15A43}
IE - HKLM\..\SearchScopes\{F89CA8A7-8F5E-4E94-9E14-DCB324E15A43}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@dymo.com/DymoLabelFramework: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/27 10:11:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/02/01 09:17:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2012/03/21 09:32:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/13 23:00:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/21 09:06:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/27 10:11:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}: C:\Users\Bob\AppData\Local\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}\ [2012/03/30 20:26:22 | 000,000,000 | ---D | M]
[2011/05/17 20:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Extensions
[2011/05/17 20:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Extensions\{ea278cf8-93cd-484f-b951-57360482d33a}
[2012/04/14 07:20:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions
[2010/09/11 21:33:24 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2012/03/21 09:14:47 | 000,000,000 | ---D | M] (Mobile Marketing Resources Community Toolbar) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{06849336-9cf6-4fd5-82dc-316e56d03ff7}
[2011/05/14 09:23:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/04/11 06:44:37 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2010/07/03 20:01:03 | 000,000,000 | ---D | M] (del.icio.us) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{5a2b4e34-ce62-42e9-a658-06ba4490adf8}
[2010/07/03 20:01:03 | 000,000,000 | ---D | M] (Niche Watch Tool) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{5c1a272d-6af9-4229-b821-11703c6b5ccf}
[2012/01/19 09:32:50 | 000,000,000 | ---D | M] (MeasureIt) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}
[2010/07/03 20:01:04 | 000,000,000 | ---D | M] (CATS Toolbar) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{8ca292c6-ec28-4eec-baa5-87c950ecd07d}
[2011/05/27 09:46:58 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2011/03/22 11:34:29 | 000,000,000 | ---D | M] (Pixlr Grabber) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}
[2012/03/21 12:53:01 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2012/01/19 09:32:50 | 000,000,000 | ---D | M] (LinkedIn Companion for Firefox) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{e2337727-f9c9-411b-929e-287584341d1a}
[2012/03/21 12:53:05 | 000,000,000 | ---D | M] (Recruiter.com Community Toolbar) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{f4ae7cd3-d355-4e66-a8dc-a050070d29cf}
[2010/07/03 20:01:11 | 000,000,000 | ---D | M] ("KeywordSpyâ„¢ SEO/PPC") -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{fae5bcbc-dd73-439a-a15e-5b9ff39c0e9b}
[2012/03/21 09:14:41 | 000,000,000 | ---D | M] (CATS Toolbar) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\[email protected]
[2010/07/03 20:01:00 | 000,000,000 | ---D | M] (TimeTracker) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\[email protected]
[2010/06/28 23:57:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\hzsuutp1.default\extensions
[2010/02/06 10:22:57 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\hzsuutp1.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2012/04/13 23:00:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/29 20:27:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/03/13 00:39:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/03/13 00:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/13 00:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U23 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Screen Capture Plugin (Enabled) = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.3_0\plugin/screen_capture.dll
CHR - plugin: RoboForm Plugin for Google Chrome/Opera/etc. (Enabled) = C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\plugin/rf-chrome-plugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: DYMO Label Framework (Enabled) = C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Screen Capture (by Google) = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\
CHR - Extension: AVG Safe Search = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: Japanese Vocab Tutor = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldemblkooloonmjfiainhkhmmlelfnfb\1.3_0\
CHR - Extension: Skype Click to Call = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
O1 HOSTS File: ([2012/04/16 19:09:05 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Anvi Smart Defender] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe (Anvisoft)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001..\Run: [3xAV] C:\Program Files (x86)\Enounce\MySpeed\MySpeed.exe (Enounce Incorporated)
O4 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001..\Run: [googletalk] C:\Users\Bob\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" File not found
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2011/12/24 10:05:19 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eFax 4.4.lnk = C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe (j2 Global Communications, Inc.)
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..Trusted Domains: highrisehq.com ([careergoals] https in Trusted sites)
O15 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BEA45FA-D3ED-4EE9-80D5-FE21F8ECA9FB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8CC56B0F-565F-487F-9FFA-580F9C6808C9}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/04/17 13:11:23 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\@Read Review
[2012/04/16 20:39:03 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{53484B47-6DEF-4D50-9109-8D2EA4F56CD9}
[2012/04/16 20:38:50 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{032931A3-6E18-4E5D-8EB0-722E3C9C2DCF}
[2012/04/16 19:59:37 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/04/16 18:53:49 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/04/15 08:23:08 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/04/15 08:23:08 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/04/15 08:23:08 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/04/15 08:23:00 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/04/15 08:20:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/04/14 15:40:52 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{88C36626-9CB8-40A3-AA56-D05EF34F6850}
[2012/04/14 15:40:41 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{C7DE92E0-FA99-4563-87EE-AE1137C0647E}
[2012/04/14 15:36:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
[2012/04/13 09:05:48 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{98438F55-FFC3-4B9B-A1A3-4C91190B37E3}
[2012/04/13 09:05:37 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{58F67726-F003-4F02-B208-693296DD946B}
[2012/04/12 21:08:13 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{31B37272-024E-46D5-BFDF-C5DECDEDEBE0}
[2012/04/12 08:04:55 | 000,000,000 | ---D | C] -- C:\Users\Bob\Desktop\GooredFix Backups
[2012/04/12 04:47:40 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{78607B35-ECC1-48E1-801A-CAD833B5E797}
[2012/04/10 15:44:13 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{ED7C3B49-6486-4C57-91C7-17BB02B45BA2}
[2012/04/09 07:32:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2012/04/09 07:21:42 | 000,230,952 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2012/04/09 07:21:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2012/04/09 07:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/04/09 07:21:06 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\TestApp
[2012/04/08 13:42:16 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{0463CC8D-EAD6-4BE9-8BC2-F8B6704B8969}
[2012/04/06 09:56:45 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Malwarebytes
[2012/04/06 09:56:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/06 09:56:24 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/06 09:56:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/04/06 09:56:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/04/06 09:49:46 | 002,073,136 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Bob\Desktop\tdsskiller.exe
[2012/04/04 10:23:16 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{15C15D85-78C8-4F82-B347-CEF4E8ECBD0C}
[2012/04/03 08:37:17 | 000,024,360 | ---- | C] (Anvisoft) -- C:\Windows\SysNative\drivers\avhips.sys
[2012/04/03 08:37:17 | 000,020,264 | ---- | C] (Anvisoft) -- C:\Windows\SysNative\drivers\avfsmn.sys
[2012/04/03 08:37:17 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2012/04/03 08:37:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2012/04/03 06:18:19 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/04/02 18:34:12 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{0F873F8A-7403-445A-969B-D7526FBCAD0A}
[2012/04/02 07:53:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2012/03/31 10:11:14 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{FC852DBB-DDCA-444D-B91E-7DB27FFD0C26}
[2012/03/30 20:26:22 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}
[2012/03/29 21:14:14 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\facebook
[2012/03/29 10:42:43 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{FC9CC576-C7C6-4EF5-901F-EC812B39EBD7}
[2012/03/27 12:28:27 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{B082F103-FE44-47DD-9F59-CEEC343D442C}
[2012/03/27 12:28:13 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{B1105F89-E26A-4E93-A1A8-2EA949830C3E}
[2012/03/23 22:05:20 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\CurationSoft
[2012/03/23 22:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CurationSoft
[2012/03/20 14:04:25 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\BU
[2012/03/20 11:34:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad Spot Sniper
[2012/03/20 03:28:19 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{B1B54B1A-6B23-4B3F-A272-60ED9DF65544}
[2012/03/20 03:27:54 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{4EA0F713-27DB-4F59-9770-38E6086990C8}
[2012/03/19 22:21:34 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{E4DF19A0-D7BC-4BC3-9194-85245E6C2204}
[2012/03/19 22:20:30 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{83ED9E45-982B-4E28-9361-CD7EB6DE817B}
[1 C:\Users\Bob\Desktop\*.tmp files -> C:\Users\Bob\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/04/17 13:43:01 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/17 08:17:07 | 000,000,066 | ---- | M] () -- C:\Users\Bob\AppData\Local\CATSWord.ini
[2012/04/17 06:47:27 | 095,332,207 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/04/17 05:19:05 | 000,002,844 | ---- | M] () -- C:\Windows\mozypro.blk
[2012/04/17 05:19:05 | 000,001,410 | ---- | M] () -- C:\Windows\mozypro.flt
[2012/04/17 04:12:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/16 22:56:11 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/16 22:46:31 | 000,491,489 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/04/16 20:46:26 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/16 20:46:26 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/16 20:00:29 | 000,001,258 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2012/04/16 19:59:43 | 000,060,304 | ---- | M] () -- C:\Users\Bob\g2mdlhlpx.exe
[2012/04/16 19:09:05 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/04/16 19:07:50 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/16 18:41:12 | 000,007,588 | ---- | M] () -- C:\Users\Bob\AppData\Local\resmon.resmoncfg
[2012/04/15 12:13:05 | 000,783,310 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/15 12:13:05 | 000,663,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/15 12:13:05 | 000,122,286 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/14 15:36:36 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/13 23:01:02 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/04/13 15:45:49 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/04/12 14:01:55 | 001,802,332 | ---- | M] () -- C:\Users\Bob\Desktop\bookmarks-2012-04-12.json
[2012/04/11 05:49:37 | 000,001,097 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/04/06 09:49:48 | 002,073,136 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Bob\Desktop\tdsskiller.exe
[2012/04/06 07:05:25 | 000,000,000 | ---- | M] () -- C:\Users\Bob\defogger_reenable
[2012/04/04 19:11:20 | 000,005,333 | ---- | M] () -- C:\Users\Bob\.recently-used.xbel
[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/03 15:00:24 | 000,205,236 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/04/03 08:37:17 | 000,001,150 | ---- | M] () -- C:\Users\Bob\Desktop\Anvi Smart Defender.lnk
[2012/03/28 15:54:20 | 000,001,159 | ---- | M] () -- C:\Users\Bob\Desktop\Deck 3 8 12 - Shortcut.lnk
[2012/03/23 22:05:06 | 000,000,873 | ---- | M] () -- C:\Users\Public\Desktop\CurationSoft.lnk
[2012/03/23 22:04:01 | 001,730,710 | ---- | M] () -- C:\Users\Bob\Desktop\CurationSoft.air
[2012/03/23 14:26:28 | 000,040,426 | ---- | M] () -- C:\Users\Bob\Documents\The-Godfather-Switch-for-Recruiters-Handout.pdf
[2012/03/20 11:34:28 | 000,000,893 | ---- | M] () -- C:\Users\Public\Desktop\Ad Spot Sniper.lnk
[2012/03/20 03:08:31 | 000,777,526 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/19 11:35:51 | 017,767,424 | ---- | M] () -- C:\Users\Bob\AppData\Local\LocalMarketingTitanSetup.msi
[1 C:\Users\Bob\Desktop\*.tmp files -> C:\Users\Bob\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/04/16 19:59:43 | 000,060,304 | ---- | C] () -- C:\Users\Bob\g2mdlhlpx.exe
[2012/04/15 08:23:08 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/04/15 08:23:08 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/04/15 08:23:08 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/04/15 08:23:08 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/04/15 08:23:08 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/04/13 23:01:01 | 000,001,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/04/13 23:01:01 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/04/12 14:01:48 | 001,802,332 | ---- | C] () -- C:\Users\Bob\Desktop\bookmarks-2012-04-12.json
[2012/04/06 09:56:32 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/06 07:05:25 | 000,000,000 | ---- | C] () -- C:\Users\Bob\defogger_reenable
[2012/04/04 19:11:20 | 000,005,333 | ---- | C] () -- C:\Users\Bob\.recently-used.xbel
[2012/04/03 15:00:24 | 000,205,236 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/04/03 08:37:17 | 000,001,150 | ---- | C] () -- C:\Users\Bob\Desktop\Anvi Smart Defender.lnk
[2012/03/28 15:54:20 | 000,001,159 | ---- | C] () -- C:\Users\Bob\Desktop\Deck 3 8 12 - Shortcut.lnk
[2012/03/23 22:05:06 | 000,000,885 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CurationSoft.lnk
[2012/03/23 22:05:06 | 000,000,873 | ---- | C] () -- C:\Users\Public\Desktop\CurationSoft.lnk
[2012/03/23 22:04:09 | 001,730,710 | ---- | C] () -- C:\Users\Bob\Desktop\CurationSoft.air
[2012/03/23 14:26:27 | 000,040,426 | ---- | C] () -- C:\Users\Bob\Documents\The-Godfather-Switch-for-Recruiters-Handout.pdf
[2012/03/20 11:34:28 | 000,000,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad Spot Sniper.lnk
[2012/03/20 11:34:28 | 000,000,893 | ---- | C] () -- C:\Users\Public\Desktop\Ad Spot Sniper.lnk
[2012/01/27 10:03:39 | 000,221,302 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012/01/27 10:03:39 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012/01/26 12:20:52 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
[2012/01/14 12:19:10 | 000,003,235 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\SAS7_000.DAT
[2012/01/13 11:43:25 | 000,000,066 | ---- | C] () -- C:\Users\Bob\AppData\Local\CATSWord.ini
[2012/01/04 23:38:29 | 017,767,424 | ---- | C] () -- C:\Users\Bob\AppData\Local\LocalMarketingTitanSetup.msi
[2011/11/12 11:46:30 | 000,038,451 | ---- | C] () -- C:\Users\Bob\AppData\Local\CATSOutlookCompanies.inf
[2011/10/14 06:47:42 | 000,840,971 | ---- | C] () -- C:\Users\Bob\AppData\Local\census.cache
[2011/10/14 06:46:54 | 000,127,874 | ---- | C] () -- C:\Users\Bob\AppData\Local\ars.cache
[2011/10/14 06:36:14 | 000,000,036 | ---- | C] () -- C:\Users\Bob\AppData\Local\housecall.guid.cache
[2011/09/21 20:52:23 | 000,000,110 | ---- | C] () -- C:\Windows\Adweek.INI
[2011/09/21 11:13:49 | 000,777,526 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/24 21:13:33 | 000,009,352 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft Excel 97-2003.EML
[2011/08/20 12:05:58 | 000,011,446 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft Excel 97-2003.TSK
[2011/08/08 12:40:29 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2011/08/08 07:06:57 | 000,038,458 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2011/07/05 14:20:53 | 000,016,896 | ---- | C] () -- C:\Users\Bob\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/24 13:20:54 | 001,526,468 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll
[2011/04/24 13:20:54 | 000,312,885 | ---- | C] () -- C:\Windows\SysWow64\ssleay32.dll
[2011/04/24 13:20:54 | 000,000,320 | ---- | C] () -- C:\Users\Bob\AppData\Local\CATSOutlook.ini
[2011/04/23 22:20:19 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/04/23 22:20:19 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/03/29 17:04:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/17 10:53:18 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/01/13 11:05:11 | 000,623,642 | ---- | C] () -- C:\Windows\XHeader Uninstaller.exe
[2010/09/06 13:02:04 | 000,023,140 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/07/03 19:32:26 | 000,007,588 | ---- | C] () -- C:\Users\Bob\AppData\Local\resmon.resmoncfg
[2010/04/19 06:50:25 | 000,124,264 | R--- | C] () -- C:\Windows\SysWow64\mp3dec.dll
[2010/04/19 06:50:25 | 000,081,920 | R--- | C] () -- C:\Windows\SysWow64\dsp_trc.dll
[2010/04/19 06:50:25 | 000,010,600 | R--- | C] () -- C:\Windows\SysWow64\IcdSptSvps.dll
========== LOP Check ==========
[2010/01/27 09:47:17 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Absolute
[2010/12/29 07:53:05 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Absolute Software
[2011/05/03 11:53:08 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Affilorama
[2009/12/04 15:58:17 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Artisteer
[2011/12/03 15:51:17 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\AVG
[2011/10/14 08:00:38 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\AVG2012
[2012/02/07 10:08:02 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\CATS Software, Inc
[2011/12/20 20:30:16 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\com.blueprintcentral.keywordblaze
[2011/12/07 12:24:31 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\com.springbox.mobilizer
[2012/03/23 22:05:20 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\CurationSoft
[2012/04/16 19:11:08 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Dropbox
[2010/06/11 21:00:24 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Echo Software
[2011/12/14 11:48:40 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\eFax Messenger
[2011/05/14 21:28:11 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\EurekaLog
[2012/04/17 13:35:53 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\FileZilla
[2011/10/20 19:39:27 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Flip Video
[2012/04/04 19:11:20 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\gtk-2.0
[2011/04/20 10:23:36 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\j2 Global
[2009/12/08 09:36:12 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\KompoZer
[2011/02/19 09:38:00 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\kompozer.net
[2011/12/12 16:33:14 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Niche
[2012/04/16 16:48:11 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Nitro PDF
[2011/03/02 07:54:06 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Notepad++
[2012/01/10 19:35:39 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Nuance
[2011/03/19 11:27:44 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\OpenOffice.org
[2010/08/08 11:28:36 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\OverDrive
[2011/04/17 16:40:47 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\PrimoPDF
[2011/03/19 11:52:46 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\RoboForm
[2011/12/12 22:22:12 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\RockstarSuite
[2011/12/26 23:02:35 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\SEORankFinderv2
[2011/06/09 11:17:46 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TeamViewer
[2012/04/09 07:21:06 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TestApp
[2011/12/30 22:18:40 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TightVNC
[2011/09/19 16:17:07 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011/03/24 13:55:28 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\ViralSubmitter
[2011/03/02 13:05:30 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Windows Live Writer
[2011/12/08 12:05:25 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\YourLocalShorcut
[2011/10/28 08:03:04 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2008/10/22 19:07:00 | 000,056,912 | ---- | M] () -- C:\g2mdlhlpx.exe
< MD5 for: EXPLORER.EXE >
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache86\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\ERDNT\cache64\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\ERDNT\cache64\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< C:\Windows\assembly\tmp\U\*.* /s >
< %Temp%\smtmp\1\*.* >
< %Temp%\smtmp\2\*.* >
< %Temp%\smtmp\3\*.* >
< %Temp%\smtmp\4\*.* >
< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.1.7600
Copyright © 1999-2008 Microsoft Corporation.
On computer: BOB-DELL
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 D DVD-ROM 0 B No Media
Volume 1 RECOVERY NTFS Partition 14 GB Healthy System
Volume 2 C OS NTFS Partition 283 GB Healthy Boot
Volume 3 E Removable 0 B No Media
========== Alternate Data Streams ==========
@Alternate Data Stream - 873 bytes -> C:\Users\Bob\Documents\KPMG Connect!.eml:OECustomProperty
@Alternate Data Stream - 235 bytes -> C:\ProgramData\Temp:0FF263E8
@Alternate Data Stream - 143 bytes -> C:\Users\Bob\AppData\Roaming\Microsoft Excel 97-2003.EML:OECustomProperty
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2
< End of report >
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Bob\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.96 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 47.06% Memory free
7.92 Gb Paging File | 4.89 Gb Available in Paging File | 61.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 160.41 Gb Free Space | 56.60% Space Free | Partition Type: NTFS
Computer Name: BOB-DELL | User Name: Bob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0CB41726-DEBA-46E1-B48B-873F012ACAA1}" = Nitro PDF Reader
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{11E16C7E-8A1D-F4D5-10A1-C4300CE33861}" = MozyPro
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java™ 6 Update 14 (64-bit)
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}" = Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E51A1789-9C20-43FC-AF13-C7AC29FAF111}" = AVG 2012
"{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"AVG" = AVG 2012
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Lexmark_HostCD" = Lexmark Software Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Shop for HP Supplies" = Shop for HP Supplies
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinRAR archiver" = WinRAR 4.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04F3038E-4120-44CC-B330-E05F737246A5}" = Roxio Update Manager
"{08A91C9F-2BA3-4288-95DA-2FE397165981}" = Website Legal Forms Generator
"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DC325E1-4594-4B21-B3B8-CA775E75207E}_is1" = OneNote 2010 Sort Utility 0.9
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{14D45622-0D9C-4A7D-8CB9-E8943C553979}" = KeywordSetup
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{18DD0876-5D39-4112-BDB5-5353EEC9DAA4}" = Cerberus FTP Server
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1" = KompoZer 0.8b3
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java™ 6 Update 23
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2AD738DC-FC24-4342-A2DA-BB6DCCF6B048}" = Jing
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3571A4C6-E0C6-47A7-B587-845CE2A6DEB0}" = Acronis Migrate Easy
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3B24A11D-D01B-4B2A-B29A-652A848613BB}" = TimeSheet
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{420DFB63-8AE7-F7D6-E4B4-AB6D140221F4}" = FlipShare
"{42F81A7B-6042-4EEB-45B5-B5C7145E5470}" = Keyword Blaze
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52CF142B-7B0E-41E7-98F5-B834122523E7}_is1" = Programmer's Notepad 2
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AC54C83-060F-9610-CC29-9310CBDF80CB}" = Mobilizer
"{61D126A8-21C6-DCC0-2004-1EFC709879E2}" = Ad Spot Sniper
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{67635FB6-2F63-4FFB-830B-D4C01597EBA4}" = Microsoft Office Suite Activation Assistant
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6BBE73BB-8EDB-5384-812F-EBB41DD5B284}" = Local Niche Spy
"{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}" = Digital Voice Editor 3
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell" = WildTangent Games App (Dell Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7DCC96FE-B0D1-4BB6-B6D0-6498157091FC}" = Ingressor Desktop (NK2 Management)
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{81C88B61-5A05-493C-9D7A-149BC3252108}" = MySpeed v3.7.2
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E071C09-A93C-4273-A5FF-822FD8388DE1}" = CATS Outlook Plugin
"{8E125268-38C1-417E-A2F5-F8F8916D3A23}" = Google AdWords Editor
"{8F4A0E14-CF92-5B68-CAD8-ACA4DE0A4E43}" = SEORankFinderv2
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90B9134C-B36B-1051-A000-627B047C8206}" = CurationSoft
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7765932-77D6-E0B2-1B27-E2973B5E1BD5}" = TweetDeck
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B3459B16-744E-11E1-B425-984BE15F174E}" = Evernote v. 4.5.4
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C70E1F24-4831-4EE2-9CB9-755EE0B9DFBA}" = Local Marketing Titan
"{C9EA8D6E-8BC5-4D66-9BC0-E6C1B7129869}" = cBizOne
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF3AE617-FE05-4E12-A8E9-83395BB0394C}" = SWF Components
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}" = OverDrive Media Console
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D7A05212-CDE3-4EF9-B3B5-EE5CDE0B335F}" = Adweek Directories 2002
"{DB3A97C0-EEC1-43FE-AB56-E2EA972CF111}" = 1600
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF6DA606-904D-4C18-823F-A4CFC3035E53}" = eFax Messenger
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EA79DC46-98B0-4A26-A76F-448A032E5E4D}" = 1600Trb
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EBD1C6C0-35EA-4D3C-891A-E218358F82DB}" = Video Components
"{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}" = Dragon NaturallySpeaking 11
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEA5A8ED-93A1-44EE-9A7D-43103DB3F78D}" = 1600_Help
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Agama Web Buttons_is1" = Agama Web Buttons
"AI RoboForm" = RoboForm 7-7-4 (All Users)
"Anvi Smart Defender" = Anvi Smart Defender RC2
"Artisteer 2" = Artisteer 2
"Audacity_is1" = Audacity 1.2.6
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"CATS Microsoft Outlook Plug-in_is1" = CATS Microsoft Outlook Plug-in v1.95
"CATS Microsoft Word Plug-in_is1" = CATS Microsoft Word Plug-in v1.35
"ColorPic" = ColorPic
"com.blueprintcentral.keywordblaze" = Keyword Blaze
"com.nroo.adspotsniper" = Ad Spot Sniper
"com.springbox.mobilizer" = Mobilizer
"Convert PowerPoint to HTML_is1" = Convert PowerPoint to HTML V1.30
"CurationSoft" = CurationSoft
"Dell Webcam Central" = Dell Webcam Central
"DYMO Label v.8" = DYMO Label v.8
"FileZilla Client" = FileZilla Client 3.5.3
"Free Website Traffic Booster_is1" = Free Website Traffic Booster
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US)
"Niche" = Local Niche Spy
"Notepad++" = Notepad++
"Office14.SingleImage" = Microsoft Office Professional 2010
"OpenSSH" = OpenSSH for Windows (remove only)
"outlookset" = Outlook Setup Tool
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"PuTTY_is1" = PuTTY version 0.62
"SEORankFinderv2" = SEORankFinderv2
"SysTools Outlook Cached Contacts Recovery v1.0_is1" = SysTools Outlook Cached Contacts Recovery
"The 5 Bucks a Day Action Enforcer_is1" = The 5 Bucks a Day Action Enforcer
"The Logo Creator v5.2" = The Logo Creator v5.2
"TheBestSpinner" = TheBestSpinner
"Traffic Travis 4.0 Setup Wizard_is1" = Traffic Travis 4.0.0
"Traffic Travis v4_is1" = Traffic Travis 4.0.0
"Traffic Travis_is1" = Traffic Travis 3.3.12
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"XHeader" = XHeader
"Your Local Shortcut_is1" = Your Local Shortcut
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"454b0a69a8816be0" = Rockstar Power Suite
"5019907798f06351" = Auto Blog Software
"Dropbox" = Dropbox
"GoToMeeting" = GoToMeeting 5.1.0.880
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 4/16/2012 12:30:29 AM | Computer Name = Bob-Dell | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 4/16/2012 10:56:45 AM | Computer Name = Bob-Dell | Source = MsiInstaller | ID = 11706
Description =
Error - 4/16/2012 10:57:18 AM | Computer Name = Bob-Dell | Source = MsiInstaller | ID = 11706
Description =
Error - 4/16/2012 10:58:38 AM | Computer Name = Bob-Dell | Source = MsiInstaller | ID = 11706
Description =
Error - 4/16/2012 4:57:44 PM | Computer Name = Bob-Dell | Source = Application Error | ID = 1000
Description = Faulting application name: prevhost.exe, version: 6.1.7600.16762,
time stamp: 0x4d5decde Faulting module name: ntdll.dll, version: 6.1.7600.16915,
time stamp: 0x4ec49d10 Exception code: 0xc015000f Fault offset: 0x000843f9 Faulting
process id: 0x1ac8 Faulting application start time: 0x01cd1be313669401 Faulting application
path: C:\Windows\SysWOW64\prevhost.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report
Id: cffa088f-8806-11e1-97fb-002564660502
Error - 4/16/2012 7:36:15 PM | Computer Name = Bob-Dell | Source = MsiInstaller | ID = 11706
Description =
Error - 4/16/2012 7:57:12 PM | Computer Name = Bob-Dell | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 11.0.0.4454 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2e88 Start
Time: 01cd1c2c64ea2f71 Termination Time: 32 Application Path: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Report Id: d8f424f2-881f-11e1-8979-002564660502
Error - 4/17/2012 12:30:05 AM | Computer Name = Bob-Dell | Source = SideBySide | ID = 16842761
Description = Activation context generation failed for "C:\Users\Bob\AppData\Roaming\CATS
Software, Inc\CATS Outlook Plugin\adxloader.dll.Manifest".Error in manifest or
policy file "C:\Users\Bob\AppData\Roaming\CATS Software, Inc\CATS Outlook Plugin\adxloader.dll.Manifest"
on line 2. The manifest file root element must be assembly.
Error - 4/17/2012 12:30:40 AM | Computer Name = Bob-Dell | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 4/17/2012 5:42:55 AM | Computer Name = Bob-Dell | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 18.0.1025.162 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2874 Start
Time: 01cd1c2c0fa38871 Termination Time: 248 Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Report
Id: ae047740-8871-11e1-8979-002564660502
[ Dell Events ]
Error - 5/1/2011 7:37:07 PM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 5/1/2011 7:40:32 PM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 5/1/2011 7:40:32 PM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 5/5/2011 10:20:43 PM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 5/5/2011 10:20:44 PM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 5/12/2011 2:34:22 PM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 5/12/2011 2:34:22 PM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 6/5/2011 10:05:32 AM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 6/5/2011 10:05:32 AM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 6/5/2011 10:09:34 AM | Computer Name = Bob-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
[ Media Center Events ]
Error - 1/27/2011 4:22:38 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 3:22:38 AM - Error connecting to the internet. 3:22:38 AM - Unable
to contact server..
Error - 1/27/2011 4:22:48 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 3:22:46 AM - Error connecting to the internet. 3:22:46 AM - Unable
to contact server..
Error - 1/27/2011 5:24:28 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 4:24:28 AM - Error connecting to the internet. 4:24:28 AM - Unable
to contact server..
Error - 1/27/2011 5:24:34 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 4:24:33 AM - Error connecting to the internet. 4:24:33 AM - Unable
to contact server..
Error - 1/27/2011 6:26:16 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 5:26:16 AM - Error connecting to the internet. 5:26:16 AM - Unable
to contact server..
Error - 1/27/2011 6:26:22 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 5:26:21 AM - Error connecting to the internet. 5:26:21 AM - Unable
to contact server..
Error - 1/27/2011 7:29:30 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 6:29:30 AM - Error connecting to the internet. 6:29:30 AM - Unable
to contact server..
Error - 1/27/2011 7:29:36 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 6:29:35 AM - Error connecting to the internet. 6:29:35 AM - Unable
to contact server..
Error - 2/20/2012 9:02:26 AM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 8:02:26 AM - Failed to retrieve MCEClientUX (Error: The underlying
connection was closed: Could not establish trust relationship for the SSL/TLS secure
channel.)
Error - 4/9/2012 4:26:44 PM | Computer Name = Bob-Dell | Source = MCUpdate | ID = 0
Description = 4:26:24 PM - Error connecting to the internet. 4:26:24 PM - Unable
to contact server..
[ System Events ]
Error - 4/16/2012 6:53:10 PM | Computer Name = Bob-Dell | Source = Service Control Manager | ID = 7034
Description = The hpqcxs08 service terminated unexpectedly. It has done this 1
time(s).
Error - 4/16/2012 6:53:10 PM | Computer Name = Bob-Dell | Source = Service Control Manager | ID = 7034
Description = The HP CUE DeviceDiscovery Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 4/16/2012 7:01:30 PM | Computer Name = Bob-Dell | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 4/16/2012 7:06:03 PM | Computer Name = Bob-Dell | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 4/16/2012 7:09:25 PM | Computer Name = Bob-Dell | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the FlipShare
Service service to connect.
Error - 4/16/2012 7:09:25 PM | Computer Name = Bob-Dell | Source = Service Control Manager | ID = 7000
Description = The FlipShare Service service failed to start due to the following
error: %%1053
Error - 4/16/2012 7:09:27 PM | Computer Name = Bob-Dell | Source = Service Control Manager | ID = 7023
Description = The Windows Defender service terminated with the following error:
%%126
Error - 4/16/2012 7:09:42 PM | Computer Name = Bob-Dell | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 4/16/2012 7:09:43 PM | Computer Name = Bob-Dell | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 4/16/2012 7:16:51 PM | Computer Name = Bob-Dell | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.
< End of report >
OTL logfile created on: 4/17/2012 1:40:18 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Bob\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.96 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 47.06% Memory free
7.92 Gb Paging File | 4.89 Gb Available in Paging File | 61.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 160.41 Gb Free Space | 56.60% Space Free | Partition Type: NTFS
Computer Name: BOB-DELL | User Name: Bob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/04/17 13:35:27 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Bob\Downloads\OTL.exe
PRC - [2012/03/22 12:09:12 | 001,014,112 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2012/03/22 11:59:42 | 010,727,776 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
PRC - [2012/03/22 11:59:42 | 000,391,008 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
PRC - [2012/03/21 09:31:35 | 000,108,136 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2012/03/13 00:39:04 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/02/14 19:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/02/03 03:55:28 | 000,296,232 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
PRC - [2012/02/03 03:55:26 | 000,715,048 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/06/05 21:41:34 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2011/06/05 21:12:44 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
PRC - [2011/05/19 10:55:14 | 000,913,512 | ---- | M] (Enounce Incorporated) -- C:\Program Files (x86)\Enounce\MySpeed\MySpeed.exe
PRC - [2010/12/15 13:22:42 | 001,085,440 | ---- | M] () -- C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
PRC - [2010/08/20 16:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/07/02 14:25:48 | 000,656,896 | ---- | M] (j2 Global Communications, Inc.) -- C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe
PRC - [2009/06/24 21:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/06/04 20:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/01/08 08:36:42 | 002,521,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe
PRC - [2008/12/18 15:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2007/01/01 17:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Bob\AppData\Roaming\Google\Google Talk\googletalk.exe
========== Modules (No Company Name) ==========
MOD - [2012/04/11 04:09:07 | 000,617,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b1196f23d3ea34127c316e7e4ee4fe46\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
MOD - [2012/04/11 04:08:25 | 000,816,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\bd390319f90ce01ab8deba1289e8dbbb\Microsoft.Office.Tools.Common.v9.0.ni.dll
MOD - [2012/04/11 04:07:00 | 000,152,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\a7cebecbb32108466ba2925a6d2f9506\Microsoft.Office.Tools.v9.0.ni.dll
MOD - [2012/04/11 04:06:58 | 000,215,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\531970b65a818fc81bf606aad1a4fcb1\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
MOD - [2012/04/11 03:53:29 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d932bdb0712c33e0000c75035dbe74d1\PresentationFramework.ni.dll
MOD - [2012/04/11 03:52:59 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5c37600b4ae4ffeaeff645bb16a58137\System.Windows.Forms.ni.dll
MOD - [2012/04/11 03:52:47 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b7bec10dca3f27113cc91c24b79c8f75\System.Drawing.ni.dll
MOD - [2012/04/11 03:51:56 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\66fdd11e758f6c833fbc173338c1ff5b\PresentationCore.ni.dll
MOD - [2012/03/16 15:42:58 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2012/03/16 15:42:56 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2012/03/16 15:40:06 | 017,664,512 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libcef.dll
MOD - [2012/03/16 15:40:02 | 000,160,782 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\avformat-52.dll
MOD - [2012/03/16 15:39:42 | 001,305,102 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\avcodec-52.dll
MOD - [2012/03/16 15:39:42 | 000,096,782 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\avutil-50.dll
MOD - [2012/03/13 10:30:20 | 000,085,288 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{06849336-9cf6-4fd5-82dc-316e56d03ff7}\components\RadioWMPCoreGecko11.dll
MOD - [2012/03/13 00:39:07 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/02/16 05:00:33 | 000,161,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f1f015a3645c90929de3be8e005ce579\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll
MOD - [2012/02/16 05:00:30 | 000,337,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\5e3abe17bf44f0efc0dce053e26d5939\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll
MOD - [2012/02/16 05:00:29 | 000,650,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3514bdc0cdf9188136f0ef38b6b6f675\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
MOD - [2012/02/16 05:00:27 | 000,363,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ac16592da3971bfc1efb027346383848\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
MOD - [2012/02/16 05:00:24 | 001,300,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\8f512f0654c06ede69aa3634db4997ec\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll
MOD - [2012/02/16 04:57:00 | 000,134,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0462ab3f4db13940f68dded92927ae3b\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
MOD - [2012/02/16 04:56:57 | 000,179,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\bf01cf77677b266c813293e180b8ea9b\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll
MOD - [2012/02/16 04:56:53 | 000,133,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ad5f62d2008f0f40ca06df91ceb082a8\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
MOD - [2012/02/16 04:56:52 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\a25e06e527720656434230d3ee420427\System.Core.ni.dll
MOD - [2012/02/16 04:56:43 | 000,042,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\5fc479fc10d8b7f0c8f76cc9d52f701b\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
MOD - [2012/02/16 04:56:41 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1c0f1cc6fcadc6fdc33682a22c6aa9ac\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
MOD - [2012/02/16 04:56:40 | 000,633,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\64b7e2fa8a11164f2ae27b40e964907c\System.AddIn.ni.dll
MOD - [2012/02/16 04:44:14 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll
MOD - [2012/02/16 04:44:03 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
MOD - [2012/02/16 04:43:55 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
MOD - [2012/02/16 04:34:29 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
MOD - [2012/01/31 22:15:02 | 000,547,112 | ---- | M] () -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\sqlite3.dll
MOD - [2012/01/24 20:43:40 | 000,448,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\office\14.0.0.0__71e9bce111e9429c\office.dll
MOD - [2012/01/24 20:43:37 | 001,550,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Excel\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
MOD - [2012/01/08 09:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011/11/15 04:50:31 | 000,082,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\49c0850ff20d17128d372aec3efddba2\System.AddIn.Contract.ni.dll
MOD - [2011/11/15 04:46:29 | 000,112,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f67689a77323b6c427a752f596d76822\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll
MOD - [2011/11/15 04:46:28 | 000,035,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3d5e215ba177747fee682b21798338fe\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll
MOD - [2011/11/15 04:46:28 | 000,028,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6414133d645a6e56a4dcdf062492076a\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll
MOD - [2011/11/15 04:18:27 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011/05/19 08:01:07 | 006,271,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/03/22 11:19:55 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/02/27 13:52:56 | 000,258,048 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\sqlite.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/08/04 15:09:16 | 000,053,528 | ---- | M] (Mozy, Inc.) [Auto | Running] -- C:\Program Files\MozyPro\mozyprobackup.exe -- (mozyprobackup)
SRV:64bit: - [2010/12/03 12:09:08 | 000,341,296 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe -- (NitroReaderDriverReadSpool)
SRV:64bit: - [2009/07/16 21:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/29 00:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2008/12/18 15:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2012/02/03 03:55:28 | 000,296,232 | ---- | M] (Anvisoft) [Auto | Running] -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe -- (asdsrv)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/10 15:22:12 | 000,032,336 | ---- | M] (Sanford, L.P.) [Auto | Running] -- C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe -- (DymoPnpService)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/06/05 21:12:44 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010/12/15 13:31:20 | 000,460,144 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/12/15 13:22:42 | 001,085,440 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe -- (FlipShareServer)
SRV - [2010/10/22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/08/20 16:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/23 06:51:52 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/06/29 00:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe -- (STacSV)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2004/04/18 07:11:14 | 000,036,864 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\OpenSSH\bin\cygrunsrv.exe -- (OpenSSHd)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/03/01 02:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/09 04:26:30 | 000,024,360 | ---- | M] (Anvisoft) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\avhips.sys -- (avhips)
DRV:64bit: - [2012/01/09 04:26:30 | 000,020,264 | ---- | M] (Anvisoft) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avfsmn.sys -- (avfsmn)
DRV:64bit: - [2011/10/07 06:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/09/13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/08/04 15:09:04 | 000,066,552 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mozypro.sys -- (mozyproFilter)
DRV:64bit: - [2011/07/11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/03 15:43:39 | 000,198,944 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2009/07/16 21:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/16 21:06:18 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/09 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/29 00:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 06:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/02 23:16:56 | 007,333,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/05/19 23:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/08 04:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/02/05 07:54:10 | 000,225,328 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mybasicisp.net
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{BFE8C948-10C3-45AC-A59F-A5BA19C19A9A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {F89CA8A7-8F5E-4E94-9E14-DCB324E15A43}
IE - HKLM\..\SearchScopes\{F89CA8A7-8F5E-4E94-9E14-DCB324E15A43}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@dymo.com/DymoLabelFramework: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/27 10:11:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/02/01 09:17:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2012/03/21 09:32:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/13 23:00:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/21 09:06:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/27 10:11:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}: C:\Users\Bob\AppData\Local\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}\ [2012/03/30 20:26:22 | 000,000,000 | ---D | M]
[2011/05/17 20:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Extensions
[2011/05/17 20:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Extensions\{ea278cf8-93cd-484f-b951-57360482d33a}
[2012/04/14 07:20:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions
[2010/09/11 21:33:24 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2012/03/21 09:14:47 | 000,000,000 | ---D | M] (Mobile Marketing Resources Community Toolbar) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{06849336-9cf6-4fd5-82dc-316e56d03ff7}
[2011/05/14 09:23:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/04/11 06:44:37 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2010/07/03 20:01:03 | 000,000,000 | ---D | M] (del.icio.us) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{5a2b4e34-ce62-42e9-a658-06ba4490adf8}
[2010/07/03 20:01:03 | 000,000,000 | ---D | M] (Niche Watch Tool) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{5c1a272d-6af9-4229-b821-11703c6b5ccf}
[2012/01/19 09:32:50 | 000,000,000 | ---D | M] (MeasureIt) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}
[2010/07/03 20:01:04 | 000,000,000 | ---D | M] (CATS Toolbar) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{8ca292c6-ec28-4eec-baa5-87c950ecd07d}
[2011/05/27 09:46:58 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2011/03/22 11:34:29 | 000,000,000 | ---D | M] (Pixlr Grabber) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}
[2012/03/21 12:53:01 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2012/01/19 09:32:50 | 000,000,000 | ---D | M] (LinkedIn Companion for Firefox) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{e2337727-f9c9-411b-929e-287584341d1a}
[2012/03/21 12:53:05 | 000,000,000 | ---D | M] (Recruiter.com Community Toolbar) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{f4ae7cd3-d355-4e66-a8dc-a050070d29cf}
[2010/07/03 20:01:11 | 000,000,000 | ---D | M] ("KeywordSpyâ„¢ SEO/PPC") -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{fae5bcbc-dd73-439a-a15e-5b9ff39c0e9b}
[2012/03/21 09:14:41 | 000,000,000 | ---D | M] (CATS Toolbar) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\[email protected]
[2010/07/03 20:01:00 | 000,000,000 | ---D | M] (TimeTracker) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\[email protected]
[2010/06/28 23:57:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\hzsuutp1.default\extensions
[2010/02/06 10:22:57 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\hzsuutp1.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2012/04/13 23:00:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/29 20:27:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/03/13 00:39:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/03/13 00:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/13 00:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U23 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Screen Capture Plugin (Enabled) = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.3_0\plugin/screen_capture.dll
CHR - plugin: RoboForm Plugin for Google Chrome/Opera/etc. (Enabled) = C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\plugin/rf-chrome-plugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: DYMO Label Framework (Enabled) = C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Screen Capture (by Google) = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\
CHR - Extension: AVG Safe Search = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: Japanese Vocab Tutor = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldemblkooloonmjfiainhkhmmlelfnfb\1.3_0\
CHR - Extension: Skype Click to Call = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
O1 HOSTS File: ([2012/04/16 19:09:05 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Anvi Smart Defender] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe (Anvisoft)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001..\Run: [3xAV] C:\Program Files (x86)\Enounce\MySpeed\MySpeed.exe (Enounce Incorporated)
O4 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001..\Run: [googletalk] C:\Users\Bob\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" File not found
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2011/12/24 10:05:19 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eFax 4.4.lnk = C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe (j2 Global Communications, Inc.)
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..Trusted Domains: highrisehq.com ([careergoals] https in Trusted sites)
O15 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BEA45FA-D3ED-4EE9-80D5-FE21F8ECA9FB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8CC56B0F-565F-487F-9FFA-580F9C6808C9}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/04/17 13:11:23 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\@Read Review
[2012/04/16 20:39:03 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{53484B47-6DEF-4D50-9109-8D2EA4F56CD9}
[2012/04/16 20:38:50 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{032931A3-6E18-4E5D-8EB0-722E3C9C2DCF}
[2012/04/16 19:59:37 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/04/16 18:53:49 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/04/15 08:23:08 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/04/15 08:23:08 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/04/15 08:23:08 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/04/15 08:23:00 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/04/15 08:20:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/04/14 15:40:52 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{88C36626-9CB8-40A3-AA56-D05EF34F6850}
[2012/04/14 15:40:41 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{C7DE92E0-FA99-4563-87EE-AE1137C0647E}
[2012/04/14 15:36:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
[2012/04/13 09:05:48 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{98438F55-FFC3-4B9B-A1A3-4C91190B37E3}
[2012/04/13 09:05:37 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{58F67726-F003-4F02-B208-693296DD946B}
[2012/04/12 21:08:13 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{31B37272-024E-46D5-BFDF-C5DECDEDEBE0}
[2012/04/12 08:04:55 | 000,000,000 | ---D | C] -- C:\Users\Bob\Desktop\GooredFix Backups
[2012/04/12 04:47:40 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{78607B35-ECC1-48E1-801A-CAD833B5E797}
[2012/04/10 15:44:13 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{ED7C3B49-6486-4C57-91C7-17BB02B45BA2}
[2012/04/09 07:32:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2012/04/09 07:21:42 | 000,230,952 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2012/04/09 07:21:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2012/04/09 07:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/04/09 07:21:06 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\TestApp
[2012/04/08 13:42:16 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{0463CC8D-EAD6-4BE9-8BC2-F8B6704B8969}
[2012/04/06 09:56:45 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Malwarebytes
[2012/04/06 09:56:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/06 09:56:24 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/06 09:56:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/04/06 09:56:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/04/06 09:49:46 | 002,073,136 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Bob\Desktop\tdsskiller.exe
[2012/04/04 10:23:16 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{15C15D85-78C8-4F82-B347-CEF4E8ECBD0C}
[2012/04/03 08:37:17 | 000,024,360 | ---- | C] (Anvisoft) -- C:\Windows\SysNative\drivers\avhips.sys
[2012/04/03 08:37:17 | 000,020,264 | ---- | C] (Anvisoft) -- C:\Windows\SysNative\drivers\avfsmn.sys
[2012/04/03 08:37:17 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2012/04/03 08:37:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2012/04/03 06:18:19 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/04/02 18:34:12 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{0F873F8A-7403-445A-969B-D7526FBCAD0A}
[2012/04/02 07:53:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2012/03/31 10:11:14 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{FC852DBB-DDCA-444D-B91E-7DB27FFD0C26}
[2012/03/30 20:26:22 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}
[2012/03/29 21:14:14 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\facebook
[2012/03/29 10:42:43 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{FC9CC576-C7C6-4EF5-901F-EC812B39EBD7}
[2012/03/27 12:28:27 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{B082F103-FE44-47DD-9F59-CEEC343D442C}
[2012/03/27 12:28:13 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{B1105F89-E26A-4E93-A1A8-2EA949830C3E}
[2012/03/23 22:05:20 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\CurationSoft
[2012/03/23 22:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CurationSoft
[2012/03/20 14:04:25 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\BU
[2012/03/20 11:34:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad Spot Sniper
[2012/03/20 03:28:19 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{B1B54B1A-6B23-4B3F-A272-60ED9DF65544}
[2012/03/20 03:27:54 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{4EA0F713-27DB-4F59-9770-38E6086990C8}
[2012/03/19 22:21:34 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{E4DF19A0-D7BC-4BC3-9194-85245E6C2204}
[2012/03/19 22:20:30 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{83ED9E45-982B-4E28-9361-CD7EB6DE817B}
[1 C:\Users\Bob\Desktop\*.tmp files -> C:\Users\Bob\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/04/17 13:43:01 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/17 08:17:07 | 000,000,066 | ---- | M] () -- C:\Users\Bob\AppData\Local\CATSWord.ini
[2012/04/17 06:47:27 | 095,332,207 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/04/17 05:19:05 | 000,002,844 | ---- | M] () -- C:\Windows\mozypro.blk
[2012/04/17 05:19:05 | 000,001,410 | ---- | M] () -- C:\Windows\mozypro.flt
[2012/04/17 04:12:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/16 22:56:11 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/16 22:46:31 | 000,491,489 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/04/16 20:46:26 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/16 20:46:26 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/16 20:00:29 | 000,001,258 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2012/04/16 19:59:43 | 000,060,304 | ---- | M] () -- C:\Users\Bob\g2mdlhlpx.exe
[2012/04/16 19:09:05 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/04/16 19:07:50 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/16 18:41:12 | 000,007,588 | ---- | M] () -- C:\Users\Bob\AppData\Local\resmon.resmoncfg
[2012/04/15 12:13:05 | 000,783,310 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/15 12:13:05 | 000,663,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/15 12:13:05 | 000,122,286 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/14 15:36:36 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/13 23:01:02 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/04/13 15:45:49 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/04/12 14:01:55 | 001,802,332 | ---- | M] () -- C:\Users\Bob\Desktop\bookmarks-2012-04-12.json
[2012/04/11 05:49:37 | 000,001,097 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/04/06 09:49:48 | 002,073,136 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Bob\Desktop\tdsskiller.exe
[2012/04/06 07:05:25 | 000,000,000 | ---- | M] () -- C:\Users\Bob\defogger_reenable
[2012/04/04 19:11:20 | 000,005,333 | ---- | M] () -- C:\Users\Bob\.recently-used.xbel
[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/03 15:00:24 | 000,205,236 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/04/03 08:37:17 | 000,001,150 | ---- | M] () -- C:\Users\Bob\Desktop\Anvi Smart Defender.lnk
[2012/03/28 15:54:20 | 000,001,159 | ---- | M] () -- C:\Users\Bob\Desktop\Deck 3 8 12 - Shortcut.lnk
[2012/03/23 22:05:06 | 000,000,873 | ---- | M] () -- C:\Users\Public\Desktop\CurationSoft.lnk
[2012/03/23 22:04:01 | 001,730,710 | ---- | M] () -- C:\Users\Bob\Desktop\CurationSoft.air
[2012/03/23 14:26:28 | 000,040,426 | ---- | M] () -- C:\Users\Bob\Documents\The-Godfather-Switch-for-Recruiters-Handout.pdf
[2012/03/20 11:34:28 | 000,000,893 | ---- | M] () -- C:\Users\Public\Desktop\Ad Spot Sniper.lnk
[2012/03/20 03:08:31 | 000,777,526 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/19 11:35:51 | 017,767,424 | ---- | M] () -- C:\Users\Bob\AppData\Local\LocalMarketingTitanSetup.msi
[1 C:\Users\Bob\Desktop\*.tmp files -> C:\Users\Bob\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/04/16 19:59:43 | 000,060,304 | ---- | C] () -- C:\Users\Bob\g2mdlhlpx.exe
[2012/04/15 08:23:08 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/04/15 08:23:08 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/04/15 08:23:08 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/04/15 08:23:08 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/04/15 08:23:08 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/04/13 23:01:01 | 000,001,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/04/13 23:01:01 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/04/12 14:01:48 | 001,802,332 | ---- | C] () -- C:\Users\Bob\Desktop\bookmarks-2012-04-12.json
[2012/04/06 09:56:32 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/06 07:05:25 | 000,000,000 | ---- | C] () -- C:\Users\Bob\defogger_reenable
[2012/04/04 19:11:20 | 000,005,333 | ---- | C] () -- C:\Users\Bob\.recently-used.xbel
[2012/04/03 15:00:24 | 000,205,236 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/04/03 08:37:17 | 000,001,150 | ---- | C] () -- C:\Users\Bob\Desktop\Anvi Smart Defender.lnk
[2012/03/28 15:54:20 | 000,001,159 | ---- | C] () -- C:\Users\Bob\Desktop\Deck 3 8 12 - Shortcut.lnk
[2012/03/23 22:05:06 | 000,000,885 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CurationSoft.lnk
[2012/03/23 22:05:06 | 000,000,873 | ---- | C] () -- C:\Users\Public\Desktop\CurationSoft.lnk
[2012/03/23 22:04:09 | 001,730,710 | ---- | C] () -- C:\Users\Bob\Desktop\CurationSoft.air
[2012/03/23 14:26:27 | 000,040,426 | ---- | C] () -- C:\Users\Bob\Documents\The-Godfather-Switch-for-Recruiters-Handout.pdf
[2012/03/20 11:34:28 | 000,000,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad Spot Sniper.lnk
[2012/03/20 11:34:28 | 000,000,893 | ---- | C] () -- C:\Users\Public\Desktop\Ad Spot Sniper.lnk
[2012/01/27 10:03:39 | 000,221,302 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012/01/27 10:03:39 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012/01/26 12:20:52 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
[2012/01/14 12:19:10 | 000,003,235 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\SAS7_000.DAT
[2012/01/13 11:43:25 | 000,000,066 | ---- | C] () -- C:\Users\Bob\AppData\Local\CATSWord.ini
[2012/01/04 23:38:29 | 017,767,424 | ---- | C] () -- C:\Users\Bob\AppData\Local\LocalMarketingTitanSetup.msi
[2011/11/12 11:46:30 | 000,038,451 | ---- | C] () -- C:\Users\Bob\AppData\Local\CATSOutlookCompanies.inf
[2011/10/14 06:47:42 | 000,840,971 | ---- | C] () -- C:\Users\Bob\AppData\Local\census.cache
[2011/10/14 06:46:54 | 000,127,874 | ---- | C] () -- C:\Users\Bob\AppData\Local\ars.cache
[2011/10/14 06:36:14 | 000,000,036 | ---- | C] () -- C:\Users\Bob\AppData\Local\housecall.guid.cache
[2011/09/21 20:52:23 | 000,000,110 | ---- | C] () -- C:\Windows\Adweek.INI
[2011/09/21 11:13:49 | 000,777,526 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/24 21:13:33 | 000,009,352 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft Excel 97-2003.EML
[2011/08/20 12:05:58 | 000,011,446 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft Excel 97-2003.TSK
[2011/08/08 12:40:29 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2011/08/08 07:06:57 | 000,038,458 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2011/07/05 14:20:53 | 000,016,896 | ---- | C] () -- C:\Users\Bob\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/24 13:20:54 | 001,526,468 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll
[2011/04/24 13:20:54 | 000,312,885 | ---- | C] () -- C:\Windows\SysWow64\ssleay32.dll
[2011/04/24 13:20:54 | 000,000,320 | ---- | C] () -- C:\Users\Bob\AppData\Local\CATSOutlook.ini
[2011/04/23 22:20:19 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/04/23 22:20:19 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/03/29 17:04:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/17 10:53:18 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/01/13 11:05:11 | 000,623,642 | ---- | C] () -- C:\Windows\XHeader Uninstaller.exe
[2010/09/06 13:02:04 | 000,023,140 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/07/03 19:32:26 | 000,007,588 | ---- | C] () -- C:\Users\Bob\AppData\Local\resmon.resmoncfg
[2010/04/19 06:50:25 | 000,124,264 | R--- | C] () -- C:\Windows\SysWow64\mp3dec.dll
[2010/04/19 06:50:25 | 000,081,920 | R--- | C] () -- C:\Windows\SysWow64\dsp_trc.dll
[2010/04/19 06:50:25 | 000,010,600 | R--- | C] () -- C:\Windows\SysWow64\IcdSptSvps.dll
========== LOP Check ==========
[2010/01/27 09:47:17 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Absolute
[2010/12/29 07:53:05 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Absolute Software
[2011/05/03 11:53:08 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Affilorama
[2009/12/04 15:58:17 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Artisteer
[2011/12/03 15:51:17 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\AVG
[2011/10/14 08:00:38 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\AVG2012
[2012/02/07 10:08:02 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\CATS Software, Inc
[2011/12/20 20:30:16 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\com.blueprintcentral.keywordblaze
[2011/12/07 12:24:31 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\com.springbox.mobilizer
[2012/03/23 22:05:20 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\CurationSoft
[2012/04/16 19:11:08 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Dropbox
[2010/06/11 21:00:24 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Echo Software
[2011/12/14 11:48:40 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\eFax Messenger
[2011/05/14 21:28:11 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\EurekaLog
[2012/04/17 13:35:53 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\FileZilla
[2011/10/20 19:39:27 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Flip Video
[2012/04/04 19:11:20 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\gtk-2.0
[2011/04/20 10:23:36 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\j2 Global
[2009/12/08 09:36:12 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\KompoZer
[2011/02/19 09:38:00 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\kompozer.net
[2011/12/12 16:33:14 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Niche
[2012/04/16 16:48:11 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Nitro PDF
[2011/03/02 07:54:06 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Notepad++
[2012/01/10 19:35:39 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Nuance
[2011/03/19 11:27:44 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\OpenOffice.org
[2010/08/08 11:28:36 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\OverDrive
[2011/04/17 16:40:47 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\PrimoPDF
[2011/03/19 11:52:46 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\RoboForm
[2011/12/12 22:22:12 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\RockstarSuite
[2011/12/26 23:02:35 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\SEORankFinderv2
[2011/06/09 11:17:46 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TeamViewer
[2012/04/09 07:21:06 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TestApp
[2011/12/30 22:18:40 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TightVNC
[2011/09/19 16:17:07 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011/03/24 13:55:28 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\ViralSubmitter
[2011/03/02 13:05:30 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Windows Live Writer
[2011/12/08 12:05:25 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\YourLocalShorcut
[2011/10/28 08:03:04 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2008/10/22 19:07:00 | 000,056,912 | ---- | M] () -- C:\g2mdlhlpx.exe
< MD5 for: EXPLORER.EXE >
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache86\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\ERDNT\cache64\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\ERDNT\cache64\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< C:\Windows\assembly\tmp\U\*.* /s >
< %Temp%\smtmp\1\*.* >
< %Temp%\smtmp\2\*.* >
< %Temp%\smtmp\3\*.* >
< %Temp%\smtmp\4\*.* >
< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.1.7600
Copyright © 1999-2008 Microsoft Corporation.
On computer: BOB-DELL
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 D DVD-ROM 0 B No Media
Volume 1 RECOVERY NTFS Partition 14 GB Healthy System
Volume 2 C OS NTFS Partition 283 GB Healthy Boot
Volume 3 E Removable 0 B No Media
========== Alternate Data Streams ==========
@Alternate Data Stream - 873 bytes -> C:\Users\Bob\Documents\KPMG Connect!.eml:OECustomProperty
@Alternate Data Stream - 235 bytes -> C:\ProgramData\Temp:0FF263E8
@Alternate Data Stream - 143 bytes -> C:\Users\Bob\AppData\Roaming\Microsoft Excel 97-2003.EML:OECustomProperty
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2
< End of report >
#4
Posted 17 April 2012 - 12:35 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
As soon as the aswMBR run has completed and I have seen the log we will start.
I see you have run Combofix, could you attach that log please C:\Combofix.txt
I see you have run Combofix, could you attach that log please C:\Combofix.txt
#5
Posted 17 April 2012 - 12:52 PM
Mobilesites
- Topic Starter
-
- Member
-
- 15 posts
Member
The computer crashes while AWS is running and restarts. Happened twice, same message.
This message appears:
Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.768.3
Locale ID: 1033
Additional information about the problem:
BCCode: c5
BCP1: 00000000000AF95E
BCP2: 0000000000000002
BCP3: 0000000000000000
BCP4: FFFFF800031A30BF
OS Version: 6_1_7600
Service Pack: 0_0
Product: 768_1
Files that help describe the problem:
C:\Windows\Minidump\041712-37799-01.dmp
C:\Users\Bob\AppData\Local\Temp\WER-95597-0.sysdata.xml
Read our privacy statement online:
http://go.microsoft....88&clcid=0x0409
If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt
This message appears:
Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.768.3
Locale ID: 1033
Additional information about the problem:
BCCode: c5
BCP1: 00000000000AF95E
BCP2: 0000000000000002
BCP3: 0000000000000000
BCP4: FFFFF800031A30BF
OS Version: 6_1_7600
Service Pack: 0_0
Product: 768_1
Files that help describe the problem:
C:\Windows\Minidump\041712-37799-01.dmp
C:\Users\Bob\AppData\Local\Temp\WER-95597-0.sysdata.xml
Read our privacy statement online:
http://go.microsoft....88&clcid=0x0409
If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt
#6
Posted 17 April 2012 - 12:53 PM
Mobilesites
- Topic Starter
-
- Member
-
- 15 posts
Member
ComboFix 12-04-15.01 - Bob 04/16/2012 18:55:17.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4056.2498 [GMT -4:00]
Running from: c:\users\Bob\Downloads\ComboFix.exe
AV: AVG Anti-Virus 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Bob\AppData\Local\assembly\tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-03-16 to 2012-04-16 )))))))))))))))))))))))))))))))
.
.
2012-04-16 23:05 . 2012-04-16 23:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-14 19:36 . 2012-04-14 19:39 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE
2012-04-11 07:07 . 2012-03-06 06:43 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 07:03 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-11 07:03 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-11 07:03 . 2012-03-01 06:45 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-04-11 07:03 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-11 07:03 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-04-09 11:32 . 2012-04-13 01:04 -------- d-----w- c:\program files (x86)\PC Tools
2012-04-09 11:21 . 2012-04-13 01:04 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2012-04-09 11:21 . 2012-02-24 14:36 230952 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
2012-04-09 11:21 . 2012-04-12 15:21 -------- d-----w- c:\programdata\PC Tools
2012-04-09 11:21 . 2012-04-09 11:21 -------- d-----w- c:\users\Bob\AppData\Roaming\TestApp
2012-04-06 13:56 . 2012-04-06 13:56 -------- d-----w- c:\users\Bob\AppData\Roaming\Malwarebytes
2012-04-06 13:56 . 2012-04-06 13:56 -------- d-----w- c:\programdata\Malwarebytes
2012-04-06 13:56 . 2012-04-04 19:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-06 13:56 . 2012-04-14 19:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-04-03 12:37 . 2012-01-09 08:26 24360 ----a-w- c:\windows\system32\drivers\avhips.sys
2012-04-03 12:37 . 2012-01-09 08:26 20264 ----a-w- c:\windows\system32\drivers\avfsmn.sys
2012-04-03 12:37 . 2012-04-03 12:37 -------- d-----w- c:\program files (x86)\Anvisoft
2012-03-31 00:26 . 2012-03-31 00:26 -------- d-----w- c:\users\Bob\AppData\Local\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}
2012-03-24 02:05 . 2012-03-24 02:05 -------- d-----w- c:\users\Bob\AppData\Roaming\CurationSoft
2012-03-24 02:05 . 2012-03-24 02:05 -------- d-----w- c:\program files (x86)\CurationSoft
2012-03-20 15:34 . 2012-03-20 15:34 -------- d-----w- c:\program files (x86)\Ad Spot Sniper
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-19 15:35 . 2012-01-05 03:38 17767424 ----a-w- c:\users\Bob\AppData\Local\LocalMarketingTitanSetup.msi
2012-03-08 08:05 . 2012-03-08 08:05 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-03-08 08:05 . 2012-03-08 08:05 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-03-08 08:05 . 2012-03-08 08:05 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-03-08 08:05 . 2012-03-08 08:05 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-03-08 08:05 . 2012-03-08 08:05 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-03-08 08:05 . 2012-03-08 08:05 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-03-08 08:05 . 2012-03-08 08:05 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-03-08 08:05 . 2012-03-08 08:05 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-03-08 08:05 . 2012-03-08 08:05 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-03-08 08:05 . 2012-03-08 08:05 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-03-08 08:05 . 2012-03-08 08:05 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-03-08 08:05 . 2012-03-08 08:05 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-03-08 08:05 . 2012-03-08 08:05 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-03-08 08:05 . 2012-03-08 08:05 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-03-08 08:04 . 2012-03-08 08:04 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-03-08 08:04 . 2012-03-08 08:04 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-03-08 08:04 . 2012-03-08 08:04 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-03-08 08:04 . 2012-03-08 08:04 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-03-08 08:04 . 2012-03-08 08:04 222208 ----a-w- c:\windows\system32\msls31.dll
2012-03-08 08:04 . 2012-03-08 08:04 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-03-08 08:04 . 2012-03-08 08:04 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-03-08 08:04 . 2012-03-08 08:04 12288 ----a-w- c:\windows\system32\mshta.exe
2012-03-08 08:04 . 2012-03-08 08:04 114176 ----a-w- c:\windows\system32\admparse.dll
2012-03-08 08:04 . 2012-03-08 08:04 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-03-08 08:04 . 2012-03-08 08:04 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-03-08 08:04 . 2012-03-08 08:04 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-03-08 08:04 . 2012-03-08 08:04 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-03-08 08:04 . 2012-03-08 08:04 448512 ----a-w- c:\windows\system32\html.iec
2012-03-08 08:04 . 2012-03-08 08:04 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-03-08 08:04 . 2012-03-08 08:04 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-03-08 08:04 . 2012-03-08 08:04 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-03-08 08:04 . 2012-03-08 08:04 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-08 08:04 . 2012-03-08 08:04 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-03-08 08:04 . 2012-03-08 08:04 160256 ----a-w- c:\windows\system32\wextract.exe
2012-03-06 05:59 . 2012-04-11 07:07 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-06 05:59 . 2012-04-11 07:07 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-01 05:49 . 2012-04-11 07:03 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:40 . 2012-04-11 07:03 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 01:11 . 2012-04-11 07:08 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-20 14:03 . 2010-12-28 20:30 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-02-20 14:03 . 2010-12-28 20:29 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-02-20 13:02 . 2010-12-10 16:07 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-02-15 06:27 . 2012-03-14 05:54 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-15 05:44 . 2012-03-14 05:54 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-15 04:47 . 2012-03-14 05:54 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-15 04:46 . 2012-03-14 05:54 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-14 16:09 . 2012-02-14 16:09 1070352 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2012-02-10 06:18 . 2012-03-14 05:54 1541120 ----a-w- c:\windows\system32\DWrite.dll
2012-02-10 06:17 . 2012-03-14 05:54 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-10 06:17 . 2012-03-14 05:54 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-10 06:17 . 2012-03-14 05:54 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-02-10 06:17 . 2012-03-14 05:54 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-10 05:41 . 2012-03-14 05:54 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-02-10 05:41 . 2012-03-14 05:54 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2012-02-10 05:41 . 2012-03-14 05:54 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-02-10 05:41 . 2012-03-14 05:54 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2012-02-10 05:41 . 2012-03-14 05:54 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-02-03 04:16 . 2012-03-14 05:54 3143168 ----a-w- c:\windows\system32\win32k.sys
2012-01-25 06:27 . 2012-03-14 05:54 76288 ----a-w- c:\windows\system32\rdpwsx.dll
2012-01-25 06:27 . 2012-03-14 05:54 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-01-25 06:20 . 2012-03-14 05:54 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-15_12.58.42 )))))))))))))))))))))))))))))))))))))))))
.
- 2012-04-15 12:58 . 2012-04-15 12:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-04-16 23:08 . 2012-04-16 23:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-04-15 12:58 . 2012-04-15 12:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-04-16 23:08 . 2012-04-16 23:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:01 . 2012-04-16 23:06 447112 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-04-15 12:57 447112 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-29 14:28 . 2012-04-16 23:06 895904 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1873536395-2207681481-3875897620-1001-4096.dat
- 2012-03-29 14:28 . 2012-04-15 12:57 895904 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1873536395-2207681481-3875897620-1001-4096.dat
- 2012-01-21 18:32 . 2012-04-14 19:37 2907328 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2012-01-21 18:32 . 2012-04-16 23:06 2907328 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2012-03-29 14:28 . 2012-04-16 23:06 1544660 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1873536395-2207681481-3875897620-1001-12288.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Bob\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Bob\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Bob\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"googletalk"="c:\users\Bob\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"3xAV"="c:\program files (x86)\Enounce\MySpeed\MySpeed.exe" [2011-05-19 913512]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2011-06-06 222496]
"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2012-03-21 108136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2011-03-22 30192]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"DNS7reminder"="c:\program files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" [2010-10-27 328992]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"Anvi Smart Defender"="c:\program files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe" [2012-02-03 715048]
.
c:\users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
eFax 4.4.lnk - c:\program files (x86)\eFax Messenger 4.4\J2GTray.exe [2010-7-2 656896]
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-3-22 1014112]
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
MozyPro Status.lnk - c:\program files\MozyPro\mozyprostat.exe [2011-11-17 6102376]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-06 133104]
R2 OpenSSHd;OpenSSH Server;c:\program files (x86)\OpenSSH\bin\cygrunsrv.exe [2004-04-18 36864]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-03-22 30192]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-06 133104]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 avfsmn;avfsmn;c:\windows\system32\DRIVERS\avfsmn.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 mozyproFilter;mozyproFilter;c:\windows\system32\DRIVERS\mozypro.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 asdsrv;Anvi Smart Defender Realtime Guard Service;c:\program files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe [2012-02-03 296232]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 avhips;AntiMalware Host-based Intrusion Prevention System;c:\windows\system32\DRIVERS\avhips.sys [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [2011-06-06 296808]
S2 DymoPnpService;DYMO PnP Service;c:\program files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2011-08-10 32336]
S2 FlipShareServer;FlipShare Server;c:\program files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2010-12-15 1085440]
S2 mozyprobackup;MozyPro Backup Service;c:\program files\MozyPro\mozyprobackup.exe [2011-08-04 53528]
S2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2010-12-03 341296]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.exe [2010-08-20 689472]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-06 00:41]
.
2012-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-06 00:41]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Bob\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Bob\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Bob\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Bob\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozypro]
@="{71B8CED8-5D67-4f57-89B1-F64CE6302A1E}"
[HKEY_CLASSES_ROOT\CLSID\{71B8CED8-5D67-4f57-89B1-F64CE6302A1E}]
2011-11-17 21:02 5528936 ----a-w- c:\program files\MozyPro\mozyproshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozypro2]
@="{CBAFE103-79DA-46ca-BD9A-63CBF6282882}"
[HKEY_CLASSES_ROOT\CLSID\{CBAFE103-79DA-46ca-BD9A-63CBF6282882}]
2011-11-17 21:02 5528936 ----a-w- c:\program files\MozyPro\mozyproshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozypro3]
@="{8B99EA55-1AFF-4539-80A0-A71C6011CD84}"
[HKEY_CLASSES_ROOT\CLSID\{8B99EA55-1AFF-4539-80A0-A71C6011CD84}]
2011-11-17 21:02 5528936 ----a-w- c:\program files\MozyPro\mozyproshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-01-23 305664]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-30 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-30 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-06-30 365080]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Customize Menu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Save Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Show RoboForm Toolbar - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
Trusted Zone: highrisehq.com\careergoals
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2772978&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Boolean Bar Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.http - 71.255.89.139
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-RunOnce-c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe - c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1873536395-2207681481-3875897620-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-1873536395-2207681481-3875897620-1001)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.eml.14"
.
[HKEY_USERS\S-1-5-21-1873536395-2207681481-3875897620-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-1873536395-2207681481-3875897620-1001)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.vcf.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
.
**************************************************************************
.
Completion time: 2012-04-16 19:22:14 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-16 23:22
ComboFix2.txt 2012-04-15 13:09
.
Pre-Run: 173,690,916,864 bytes free
Post-Run: 173,171,122,176 bytes free
.
- - End Of File - - A8472684EAA6238A481ECCB8D63696FD
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4056.2498 [GMT -4:00]
Running from: c:\users\Bob\Downloads\ComboFix.exe
AV: AVG Anti-Virus 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Bob\AppData\Local\assembly\tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-03-16 to 2012-04-16 )))))))))))))))))))))))))))))))
.
.
2012-04-16 23:05 . 2012-04-16 23:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-14 19:36 . 2012-04-14 19:39 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE
2012-04-11 07:07 . 2012-03-06 06:43 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 07:03 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-11 07:03 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-11 07:03 . 2012-03-01 06:45 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-04-11 07:03 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-11 07:03 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-04-09 11:32 . 2012-04-13 01:04 -------- d-----w- c:\program files (x86)\PC Tools
2012-04-09 11:21 . 2012-04-13 01:04 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2012-04-09 11:21 . 2012-02-24 14:36 230952 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
2012-04-09 11:21 . 2012-04-12 15:21 -------- d-----w- c:\programdata\PC Tools
2012-04-09 11:21 . 2012-04-09 11:21 -------- d-----w- c:\users\Bob\AppData\Roaming\TestApp
2012-04-06 13:56 . 2012-04-06 13:56 -------- d-----w- c:\users\Bob\AppData\Roaming\Malwarebytes
2012-04-06 13:56 . 2012-04-06 13:56 -------- d-----w- c:\programdata\Malwarebytes
2012-04-06 13:56 . 2012-04-04 19:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-06 13:56 . 2012-04-14 19:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-04-03 12:37 . 2012-01-09 08:26 24360 ----a-w- c:\windows\system32\drivers\avhips.sys
2012-04-03 12:37 . 2012-01-09 08:26 20264 ----a-w- c:\windows\system32\drivers\avfsmn.sys
2012-04-03 12:37 . 2012-04-03 12:37 -------- d-----w- c:\program files (x86)\Anvisoft
2012-03-31 00:26 . 2012-03-31 00:26 -------- d-----w- c:\users\Bob\AppData\Local\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}
2012-03-24 02:05 . 2012-03-24 02:05 -------- d-----w- c:\users\Bob\AppData\Roaming\CurationSoft
2012-03-24 02:05 . 2012-03-24 02:05 -------- d-----w- c:\program files (x86)\CurationSoft
2012-03-20 15:34 . 2012-03-20 15:34 -------- d-----w- c:\program files (x86)\Ad Spot Sniper
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-19 15:35 . 2012-01-05 03:38 17767424 ----a-w- c:\users\Bob\AppData\Local\LocalMarketingTitanSetup.msi
2012-03-08 08:05 . 2012-03-08 08:05 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-03-08 08:05 . 2012-03-08 08:05 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-03-08 08:05 . 2012-03-08 08:05 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-03-08 08:05 . 2012-03-08 08:05 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-03-08 08:05 . 2012-03-08 08:05 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-03-08 08:05 . 2012-03-08 08:05 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-03-08 08:05 . 2012-03-08 08:05 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-03-08 08:05 . 2012-03-08 08:05 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-03-08 08:05 . 2012-03-08 08:05 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-03-08 08:05 . 2012-03-08 08:05 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-03-08 08:05 . 2012-03-08 08:05 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-03-08 08:05 . 2012-03-08 08:05 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-03-08 08:05 . 2012-03-08 08:05 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-03-08 08:05 . 2012-03-08 08:05 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-03-08 08:04 . 2012-03-08 08:04 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-03-08 08:04 . 2012-03-08 08:04 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-03-08 08:04 . 2012-03-08 08:04 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-03-08 08:04 . 2012-03-08 08:04 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-03-08 08:04 . 2012-03-08 08:04 222208 ----a-w- c:\windows\system32\msls31.dll
2012-03-08 08:04 . 2012-03-08 08:04 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-03-08 08:04 . 2012-03-08 08:04 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-03-08 08:04 . 2012-03-08 08:04 12288 ----a-w- c:\windows\system32\mshta.exe
2012-03-08 08:04 . 2012-03-08 08:04 114176 ----a-w- c:\windows\system32\admparse.dll
2012-03-08 08:04 . 2012-03-08 08:04 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-03-08 08:04 . 2012-03-08 08:04 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-03-08 08:04 . 2012-03-08 08:04 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-03-08 08:04 . 2012-03-08 08:04 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-03-08 08:04 . 2012-03-08 08:04 448512 ----a-w- c:\windows\system32\html.iec
2012-03-08 08:04 . 2012-03-08 08:04 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-03-08 08:04 . 2012-03-08 08:04 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-03-08 08:04 . 2012-03-08 08:04 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-03-08 08:04 . 2012-03-08 08:04 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-08 08:04 . 2012-03-08 08:04 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-03-08 08:04 . 2012-03-08 08:04 160256 ----a-w- c:\windows\system32\wextract.exe
2012-03-06 05:59 . 2012-04-11 07:07 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-06 05:59 . 2012-04-11 07:07 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-01 05:49 . 2012-04-11 07:03 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:40 . 2012-04-11 07:03 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 01:11 . 2012-04-11 07:08 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-20 14:03 . 2010-12-28 20:30 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-02-20 14:03 . 2010-12-28 20:29 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-02-20 13:02 . 2010-12-10 16:07 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-02-15 06:27 . 2012-03-14 05:54 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-15 05:44 . 2012-03-14 05:54 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-15 04:47 . 2012-03-14 05:54 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-15 04:46 . 2012-03-14 05:54 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-14 16:09 . 2012-02-14 16:09 1070352 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2012-02-10 06:18 . 2012-03-14 05:54 1541120 ----a-w- c:\windows\system32\DWrite.dll
2012-02-10 06:17 . 2012-03-14 05:54 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-10 06:17 . 2012-03-14 05:54 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-10 06:17 . 2012-03-14 05:54 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-02-10 06:17 . 2012-03-14 05:54 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-10 05:41 . 2012-03-14 05:54 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-02-10 05:41 . 2012-03-14 05:54 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2012-02-10 05:41 . 2012-03-14 05:54 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-02-10 05:41 . 2012-03-14 05:54 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2012-02-10 05:41 . 2012-03-14 05:54 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-02-03 04:16 . 2012-03-14 05:54 3143168 ----a-w- c:\windows\system32\win32k.sys
2012-01-25 06:27 . 2012-03-14 05:54 76288 ----a-w- c:\windows\system32\rdpwsx.dll
2012-01-25 06:27 . 2012-03-14 05:54 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-01-25 06:20 . 2012-03-14 05:54 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-15_12.58.42 )))))))))))))))))))))))))))))))))))))))))
.
- 2012-04-15 12:58 . 2012-04-15 12:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-04-16 23:08 . 2012-04-16 23:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-04-15 12:58 . 2012-04-15 12:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-04-16 23:08 . 2012-04-16 23:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:01 . 2012-04-16 23:06 447112 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-04-15 12:57 447112 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-29 14:28 . 2012-04-16 23:06 895904 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1873536395-2207681481-3875897620-1001-4096.dat
- 2012-03-29 14:28 . 2012-04-15 12:57 895904 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1873536395-2207681481-3875897620-1001-4096.dat
- 2012-01-21 18:32 . 2012-04-14 19:37 2907328 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2012-01-21 18:32 . 2012-04-16 23:06 2907328 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2012-03-29 14:28 . 2012-04-16 23:06 1544660 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1873536395-2207681481-3875897620-1001-12288.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Bob\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Bob\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Bob\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"googletalk"="c:\users\Bob\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"3xAV"="c:\program files (x86)\Enounce\MySpeed\MySpeed.exe" [2011-05-19 913512]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2011-06-06 222496]
"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2012-03-21 108136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2011-03-22 30192]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"DNS7reminder"="c:\program files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" [2010-10-27 328992]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"Anvi Smart Defender"="c:\program files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe" [2012-02-03 715048]
.
c:\users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
eFax 4.4.lnk - c:\program files (x86)\eFax Messenger 4.4\J2GTray.exe [2010-7-2 656896]
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-3-22 1014112]
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
MozyPro Status.lnk - c:\program files\MozyPro\mozyprostat.exe [2011-11-17 6102376]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-06 133104]
R2 OpenSSHd;OpenSSH Server;c:\program files (x86)\OpenSSH\bin\cygrunsrv.exe [2004-04-18 36864]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-03-22 30192]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-06 133104]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 avfsmn;avfsmn;c:\windows\system32\DRIVERS\avfsmn.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 mozyproFilter;mozyproFilter;c:\windows\system32\DRIVERS\mozypro.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 asdsrv;Anvi Smart Defender Realtime Guard Service;c:\program files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe [2012-02-03 296232]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 avhips;AntiMalware Host-based Intrusion Prevention System;c:\windows\system32\DRIVERS\avhips.sys [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [2011-06-06 296808]
S2 DymoPnpService;DYMO PnP Service;c:\program files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2011-08-10 32336]
S2 FlipShareServer;FlipShare Server;c:\program files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2010-12-15 1085440]
S2 mozyprobackup;MozyPro Backup Service;c:\program files\MozyPro\mozyprobackup.exe [2011-08-04 53528]
S2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2010-12-03 341296]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.exe [2010-08-20 689472]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-06 00:41]
.
2012-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-06 00:41]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Bob\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Bob\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Bob\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Bob\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozypro]
@="{71B8CED8-5D67-4f57-89B1-F64CE6302A1E}"
[HKEY_CLASSES_ROOT\CLSID\{71B8CED8-5D67-4f57-89B1-F64CE6302A1E}]
2011-11-17 21:02 5528936 ----a-w- c:\program files\MozyPro\mozyproshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozypro2]
@="{CBAFE103-79DA-46ca-BD9A-63CBF6282882}"
[HKEY_CLASSES_ROOT\CLSID\{CBAFE103-79DA-46ca-BD9A-63CBF6282882}]
2011-11-17 21:02 5528936 ----a-w- c:\program files\MozyPro\mozyproshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozypro3]
@="{8B99EA55-1AFF-4539-80A0-A71C6011CD84}"
[HKEY_CLASSES_ROOT\CLSID\{8B99EA55-1AFF-4539-80A0-A71C6011CD84}]
2011-11-17 21:02 5528936 ----a-w- c:\program files\MozyPro\mozyproshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-01-23 305664]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-30 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-30 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-06-30 365080]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Customize Menu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Save Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Show RoboForm Toolbar - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
Trusted Zone: highrisehq.com\careergoals
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2772978&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Boolean Bar Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.http - 71.255.89.139
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-RunOnce-c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe - c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1873536395-2207681481-3875897620-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-1873536395-2207681481-3875897620-1001)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.eml.14"
.
[HKEY_USERS\S-1-5-21-1873536395-2207681481-3875897620-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-1873536395-2207681481-3875897620-1001)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.vcf.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
.
**************************************************************************
.
Completion time: 2012-04-16 19:22:14 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-16 23:22
ComboFix2.txt 2012-04-15 13:09
.
Pre-Run: 173,690,916,864 bytes free
Post-Run: 173,171,122,176 bytes free
.
- - End Of File - - A8472684EAA6238A481ECCB8D63696FD
#7
Posted 17 April 2012 - 02:00 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
OK if this programme fails I will need a screenshot of your partitions... Details at the end
Download the latest version of TDSSKiller from here and save it to your Desktop.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
If this fails to run
Go start > run
Copy/Paste the following command to open disc management :
diskmgmt.msc
Ensure all partitions are showing then take a screenshot and attach to your next post
Download the latest version of TDSSKiller from here and save it to your Desktop.
- Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
- Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
- Click the Start Scan button.
- If a suspicious object is detected, the default action will be Skip, click on Continue.
- If malicious objects are found, they will show in the Scan results and offer three (3) options.
- Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
- Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
If this fails to run
Go start > run
Copy/Paste the following command to open disc management :
diskmgmt.msc
Ensure all partitions are showing then take a screenshot and attach to your next post
#8
Posted 17 April 2012 - 02:07 PM
Mobilesites
- Topic Starter
-
- Member
-
- 15 posts
Member
16:01:43.0776 6956 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
16:01:44.0151 6956 ============================================================
16:01:44.0151 6956 Current date / time: 2012/04/17 16:01:44.0151
16:01:44.0151 6956 SystemInfo:
16:01:44.0151 6956
16:01:44.0151 6956 OS Version: 6.1.7600 ServicePack: 0.0
16:01:44.0151 6956 Product type: Workstation
16:01:44.0151 6956 ComputerName: BOB-DELL
16:01:44.0151 6956 UserName: Bob
16:01:44.0151 6956 Windows directory: C:\Windows
16:01:44.0151 6956 System windows directory: C:\Windows
16:01:44.0151 6956 Running under WOW64
16:01:44.0151 6956 Processor architecture: Intel x64
16:01:44.0151 6956 Number of processors: 2
16:01:44.0151 6956 Page size: 0x1000
16:01:44.0151 6956 Boot type: Normal boot
16:01:44.0151 6956 ============================================================
16:01:44.0681 6956 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:01:44.0712 6956 \Device\Harddisk0\DR0:
16:01:44.0712 6956 MBR used
16:01:44.0712 6956 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
16:01:44.0712 6956 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CDAB0
16:01:44.0759 6956 Initialize success
16:01:44.0759 6956 ============================================================
16:02:22.0917 5640 ============================================================
16:02:22.0917 5640 Scan started
16:02:22.0917 5640 Mode: Manual; SigCheck; TDLFS;
16:02:22.0917 5640 ============================================================
16:02:23.0510 5640 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
16:02:23.0697 5640 1394ohci - ok
16:02:23.0759 5640 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
16:02:23.0790 5640 ACPI - ok
16:02:23.0837 5640 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
16:02:23.0946 5640 AcpiPmi - ok
16:02:24.0009 5640 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:02:24.0056 5640 adp94xx - ok
16:02:24.0102 5640 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:02:24.0118 5640 adpahci - ok
16:02:24.0149 5640 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:02:24.0165 5640 adpu320 - ok
16:02:24.0212 5640 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:02:24.0383 5640 AeLookupSvc - ok
16:02:24.0524 5640 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
16:02:24.0617 5640 AFD - ok
16:02:24.0680 5640 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
16:02:24.0711 5640 agp440 - ok
16:02:24.0742 5640 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:02:24.0804 5640 ALG - ok
16:02:24.0851 5640 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
16:02:24.0882 5640 aliide - ok
16:02:24.0898 5640 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
16:02:24.0914 5640 amdide - ok
16:02:24.0945 5640 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:02:25.0023 5640 AmdK8 - ok
16:02:25.0054 5640 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:02:25.0116 5640 AmdPPM - ok
16:02:25.0194 5640 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
16:02:25.0210 5640 amdsata - ok
16:02:25.0257 5640 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:02:25.0288 5640 amdsbs - ok
16:02:25.0304 5640 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
16:02:25.0335 5640 amdxata - ok
16:02:25.0397 5640 ApfiltrService (1412e9a88fe1f7e35ce6058a2ef03664) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:02:25.0444 5640 ApfiltrService - ok
16:02:25.0491 5640 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:02:25.0616 5640 AppID - ok
16:02:25.0647 5640 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:02:25.0709 5640 AppIDSvc - ok
16:02:25.0756 5640 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
16:02:25.0803 5640 Appinfo - ok
16:02:25.0943 5640 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:02:25.0974 5640 Apple Mobile Device - ok
16:02:26.0099 5640 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:02:26.0115 5640 arc - ok
16:02:26.0162 5640 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:02:26.0193 5640 arcsas - ok
16:02:26.0302 5640 asdsrv (2be4aa54c7728b7a432713961b09fa89) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
16:02:26.0318 5640 asdsrv - ok
16:02:26.0474 5640 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:02:26.0489 5640 aspnet_state - ok
16:02:26.0567 5640 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:02:26.0661 5640 AsyncMac - ok
16:02:26.0708 5640 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
16:02:26.0723 5640 atapi - ok
16:02:26.0770 5640 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:02:26.0848 5640 AudioEndpointBuilder - ok
16:02:26.0864 5640 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:02:26.0910 5640 AudioSrv - ok
16:02:26.0973 5640 avfsmn (7f5ea096d5edbaa9caeedf07dfae65da) C:\Windows\system32\DRIVERS\avfsmn.sys
16:02:27.0004 5640 avfsmn - ok
16:02:27.0191 5640 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
16:02:27.0363 5640 AVGIDSAgent - ok
16:02:27.0472 5640 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
16:02:27.0503 5640 AVGIDSDriver - ok
16:02:27.0534 5640 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
16:02:27.0534 5640 AVGIDSEH - ok
16:02:27.0550 5640 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
16:02:27.0566 5640 AVGIDSFilter - ok
16:02:27.0612 5640 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
16:02:27.0644 5640 Avgldx64 - ok
16:02:27.0675 5640 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
16:02:27.0690 5640 Avgmfx64 - ok
16:02:27.0706 5640 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
16:02:27.0722 5640 Avgrkx64 - ok
16:02:27.0737 5640 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
16:02:27.0768 5640 Avgtdia - ok
16:02:27.0862 5640 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
16:02:27.0878 5640 avgwd - ok
16:02:27.0987 5640 avhips (e0edb0f31b9755fb8f8017f3326de033) C:\Windows\system32\DRIVERS\avhips.sys
16:02:28.0002 5640 avhips - ok
16:02:28.0065 5640 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
16:02:28.0190 5640 AxInstSV - ok
16:02:28.0252 5640 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:02:28.0314 5640 b06bdrv - ok
16:02:28.0361 5640 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:02:28.0424 5640 b57nd60a - ok
16:02:28.0470 5640 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
16:02:28.0486 5640 BCM42RLY - ok
16:02:28.0580 5640 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
16:02:28.0736 5640 BCM43XX - ok
16:02:28.0829 5640 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:02:28.0892 5640 BDESVC - ok
16:02:28.0954 5640 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:02:29.0032 5640 Beep - ok
16:02:29.0110 5640 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
16:02:29.0188 5640 BFE - ok
16:02:29.0235 5640 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
16:02:29.0344 5640 BITS - ok
16:02:29.0422 5640 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:02:29.0453 5640 blbdrive - ok
16:02:29.0578 5640 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
16:02:29.0594 5640 Bonjour Service - ok
16:02:29.0734 5640 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:02:29.0796 5640 bowser - ok
16:02:29.0828 5640 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:02:29.0874 5640 BrFiltLo - ok
16:02:29.0890 5640 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:02:29.0921 5640 BrFiltUp - ok
16:02:29.0952 5640 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:02:30.0046 5640 BridgeMP - ok
16:02:30.0077 5640 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
16:02:30.0155 5640 Browser - ok
16:02:30.0186 5640 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:02:30.0233 5640 Brserid - ok
16:02:30.0264 5640 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:02:30.0311 5640 BrSerWdm - ok
16:02:30.0342 5640 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:02:30.0405 5640 BrUsbMdm - ok
16:02:30.0436 5640 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:02:30.0514 5640 BrUsbSer - ok
16:02:30.0561 5640 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:02:30.0608 5640 BTHMODEM - ok
16:02:30.0654 5640 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:02:30.0732 5640 bthserv - ok
16:02:30.0779 5640 catchme - ok
16:02:30.0842 5640 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:02:30.0920 5640 cdfs - ok
16:02:30.0966 5640 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:02:30.0998 5640 cdrom - ok
16:02:31.0044 5640 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:02:31.0107 5640 CertPropSvc - ok
16:02:31.0154 5640 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:02:31.0200 5640 circlass - ok
16:02:31.0247 5640 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:02:31.0263 5640 CLFS - ok
16:02:31.0341 5640 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:02:31.0356 5640 clr_optimization_v2.0.50727_32 - ok
16:02:31.0419 5640 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:02:31.0434 5640 clr_optimization_v2.0.50727_64 - ok
16:02:31.0528 5640 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:02:31.0544 5640 clr_optimization_v4.0.30319_32 - ok
16:02:31.0575 5640 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:02:31.0606 5640 clr_optimization_v4.0.30319_64 - ok
16:02:31.0700 5640 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:02:31.0746 5640 CmBatt - ok
16:02:31.0793 5640 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
16:02:31.0809 5640 cmdide - ok
16:02:31.0871 5640 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
16:02:31.0965 5640 CNG - ok
16:02:32.0090 5640 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:02:32.0105 5640 Compbatt - ok
16:02:32.0136 5640 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:02:32.0168 5640 CompositeBus - ok
16:02:32.0199 5640 COMSysApp - ok
16:02:32.0214 5640 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:02:32.0230 5640 crcdisk - ok
16:02:32.0277 5640 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
16:02:32.0355 5640 CryptSvc - ok
16:02:32.0448 5640 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:02:32.0511 5640 CtClsFlt - ok
16:02:32.0573 5640 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:02:32.0698 5640 DcomLaunch - ok
16:02:32.0776 5640 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:02:32.0870 5640 defragsvc - ok
16:02:32.0932 5640 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:02:33.0010 5640 DfsC - ok
16:02:33.0057 5640 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
16:02:33.0182 5640 Dhcp - ok
16:02:33.0244 5640 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:02:33.0338 5640 discache - ok
16:02:33.0384 5640 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:02:33.0400 5640 Disk - ok
16:02:33.0462 5640 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
16:02:33.0478 5640 Dnscache - ok
16:02:33.0572 5640 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
16:02:33.0587 5640 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
16:02:33.0587 5640 DockLoginService - detected UnsignedFile.Multi.Generic (1)
16:02:33.0650 5640 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
16:02:33.0790 5640 dot3svc - ok
16:02:33.0899 5640 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:02:33.0946 5640 Dot4 - ok
16:02:34.0024 5640 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:02:34.0102 5640 Dot4Print - ok
16:02:34.0149 5640 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:02:34.0196 5640 dot4usb - ok
16:02:34.0242 5640 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
16:02:34.0320 5640 DPS - ok
16:02:34.0445 5640 DragonSvc (d5761dd586c54bf710174e992fa83eaa) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
16:02:34.0461 5640 DragonSvc - ok
16:02:34.0570 5640 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:02:34.0617 5640 drmkaud - ok
16:02:34.0710 5640 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
16:02:34.0773 5640 DXGKrnl - ok
16:02:34.0898 5640 DymoPnpService (16801152c1c1ba0857972c28d35bce33) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
16:02:34.0913 5640 DymoPnpService - ok
16:02:35.0022 5640 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:02:35.0100 5640 EapHost - ok
16:02:35.0241 5640 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:02:35.0412 5640 ebdrv - ok
16:02:35.0522 5640 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
16:02:35.0568 5640 EFS - ok
16:02:35.0662 5640 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
16:02:35.0709 5640 ehRecvr - ok
16:02:35.0756 5640 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:02:35.0787 5640 ehSched - ok
16:02:35.0865 5640 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:02:35.0912 5640 elxstor - ok
16:02:35.0927 5640 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
16:02:35.0959 5640 ErrDev - ok
16:02:36.0021 5640 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:02:36.0115 5640 EventSystem - ok
16:02:36.0146 5640 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:02:36.0208 5640 exfat - ok
16:02:36.0255 5640 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:02:36.0286 5640 fastfat - ok
16:02:36.0349 5640 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
16:02:36.0427 5640 Fax - ok
16:02:36.0442 5640 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:02:36.0505 5640 fdc - ok
16:02:36.0520 5640 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:02:36.0567 5640 fdPHost - ok
16:02:36.0583 5640 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:02:36.0676 5640 FDResPub - ok
16:02:36.0723 5640 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:02:36.0739 5640 FileInfo - ok
16:02:36.0754 5640 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:02:36.0832 5640 Filetrace - ok
16:02:36.0973 5640 FlipShare Service (869bde240b7fe9c7b25bd80df85641c8) C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
16:02:36.0988 5640 FlipShare Service - ok
16:02:37.0051 5640 FlipShareServer (9c330b7ddee9492373041e75da01f80c) C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
16:02:37.0097 5640 FlipShareServer ( UnsignedFile.Multi.Generic ) - warning
16:02:37.0097 5640 FlipShareServer - detected UnsignedFile.Multi.Generic (1)
16:02:37.0207 5640 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:02:37.0253 5640 flpydisk - ok
16:02:37.0316 5640 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:02:37.0347 5640 FltMgr - ok
16:02:37.0425 5640 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
16:02:37.0519 5640 FontCache - ok
16:02:37.0597 5640 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:02:37.0612 5640 FontCache3.0.0.0 - ok
16:02:37.0706 5640 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:02:37.0737 5640 FsDepends - ok
16:02:37.0784 5640 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
16:02:37.0799 5640 fssfltr - ok
16:02:37.0909 5640 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:02:37.0987 5640 fsssvc - ok
16:02:38.0080 5640 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
16:02:38.0096 5640 Fs_Rec - ok
16:02:38.0174 5640 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:02:38.0205 5640 fvevol - ok
16:02:38.0252 5640 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:02:38.0283 5640 gagp30kx - ok
16:02:38.0361 5640 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:02:38.0377 5640 GamesAppService - ok
16:02:38.0439 5640 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:02:38.0470 5640 GEARAspiWDM - ok
16:02:38.0595 5640 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
16:02:38.0611 5640 GoogleDesktopManager-051210-111108 - ok
16:02:38.0673 5640 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
16:02:38.0689 5640 GoToAssist - ok
16:02:38.0798 5640 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
16:02:38.0876 5640 gpsvc - ok
16:02:39.0032 5640 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:02:39.0047 5640 gupdate - ok
16:02:39.0125 5640 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:02:39.0141 5640 gupdatem - ok
16:02:39.0235 5640 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:02:39.0281 5640 hcw85cir - ok
16:02:39.0344 5640 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:02:39.0406 5640 HDAudBus - ok
16:02:39.0437 5640 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:02:39.0469 5640 HidBatt - ok
16:02:39.0500 5640 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:02:39.0547 5640 HidBth - ok
16:02:39.0593 5640 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:02:39.0640 5640 HidIr - ok
16:02:39.0687 5640 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
16:02:39.0749 5640 hidserv - ok
16:02:39.0812 5640 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:02:39.0843 5640 HidUsb - ok
16:02:39.0859 5640 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
16:02:39.0952 5640 hkmsvc - ok
16:02:39.0983 5640 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
16:02:40.0030 5640 HomeGroupListener - ok
16:02:40.0077 5640 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
16:02:40.0124 5640 HomeGroupProvider - ok
16:02:40.0311 5640 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:02:40.0342 5640 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:02:40.0342 5640 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:02:40.0373 5640 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:02:40.0405 5640 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:02:40.0405 5640 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:02:40.0545 5640 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:02:40.0561 5640 HpSAMD - ok
16:02:40.0763 5640 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:02:40.0873 5640 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:02:40.0873 5640 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:02:40.0982 5640 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:02:41.0091 5640 HTTP - ok
16:02:41.0169 5640 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:02:41.0200 5640 hwpolicy - ok
16:02:41.0247 5640 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:02:41.0278 5640 i8042prt - ok
16:02:41.0356 5640 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:02:41.0387 5640 IAANTMON - ok
16:02:41.0450 5640 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
16:02:41.0481 5640 iaStor - ok
16:02:41.0559 5640 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
16:02:41.0590 5640 iaStorV - ok
16:02:41.0684 5640 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:02:41.0746 5640 idsvc - ok
16:02:42.0027 5640 igfx (babd5f9b2bcc82ce556a0baf1ae208a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:02:42.0308 5640 igfx - ok
16:02:42.0401 5640 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:02:42.0433 5640 iirsp - ok
16:02:42.0495 5640 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
16:02:42.0620 5640 IKEEXT - ok
16:02:42.0667 5640 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
16:02:42.0682 5640 intelide - ok
16:02:42.0729 5640 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:02:42.0776 5640 intelppm - ok
16:02:42.0823 5640 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:02:42.0885 5640 IPBusEnum - ok
16:02:42.0932 5640 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:02:42.0979 5640 IpFilterDriver - ok
16:02:43.0010 5640 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
16:02:43.0103 5640 iphlpsvc - ok
16:02:43.0119 5640 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:02:43.0166 5640 IPMIDRV - ok
16:02:43.0197 5640 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:02:43.0275 5640 IPNAT - ok
16:02:43.0384 5640 iPod Service (a3bda1a8a016b5e5a525bcf684894ebe) C:\Program Files\iPod\bin\iPodService.exe
16:02:43.0415 5640 iPod Service - ok
16:02:43.0493 5640 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:02:43.0525 5640 IRENUM - ok
16:02:43.0556 5640 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
16:02:43.0571 5640 isapnp - ok
16:02:43.0618 5640 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
16:02:43.0634 5640 iScsiPrt - ok
16:02:43.0665 5640 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:02:43.0681 5640 kbdclass - ok
16:02:43.0696 5640 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
16:02:43.0759 5640 kbdhid - ok
16:02:43.0805 5640 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:02:43.0837 5640 KeyIso - ok
16:02:43.0852 5640 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
16:02:43.0868 5640 KSecDD - ok
16:02:43.0899 5640 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
16:02:43.0915 5640 KSecPkg - ok
16:02:43.0946 5640 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:02:44.0008 5640 ksthunk - ok
16:02:44.0071 5640 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:02:44.0149 5640 KtmRm - ok
16:02:44.0227 5640 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
16:02:44.0289 5640 LanmanServer - ok
16:02:44.0351 5640 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
16:02:44.0429 5640 LanmanWorkstation - ok
16:02:44.0476 5640 Lavasoft Kernexplorer - ok
16:02:44.0601 5640 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:02:44.0648 5640 lltdio - ok
16:02:44.0726 5640 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:02:44.0788 5640 lltdsvc - ok
16:02:44.0819 5640 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:02:44.0866 5640 lmhosts - ok
16:02:44.0929 5640 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:02:44.0944 5640 LSI_FC - ok
16:02:44.0975 5640 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:02:44.0991 5640 LSI_SAS - ok
16:02:45.0022 5640 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:02:45.0038 5640 LSI_SAS2 - ok
16:02:45.0053 5640 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:02:45.0085 5640 LSI_SCSI - ok
16:02:45.0116 5640 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:02:45.0178 5640 luafv - ok
16:02:45.0225 5640 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
16:02:45.0241 5640 Mcx2Svc - ok
16:02:45.0272 5640 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:02:45.0287 5640 megasas - ok
16:02:45.0319 5640 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:02:45.0334 5640 MegaSR - ok
16:02:45.0381 5640 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:02:45.0443 5640 MMCSS - ok
16:02:45.0537 5640 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:02:45.0646 5640 Modem - ok
16:02:45.0693 5640 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:02:45.0740 5640 monitor - ok
16:02:45.0771 5640 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:02:45.0787 5640 mouclass - ok
16:02:45.0818 5640 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:02:45.0865 5640 mouhid - ok
16:02:45.0896 5640 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:02:45.0911 5640 mountmgr - ok
16:02:45.0989 5640 mozyprobackup (8d0e9ef43647fbf6c7e0c15ecb0a3a08) C:\Program Files\MozyPro\mozyprobackup.exe
16:02:46.0021 5640 mozyprobackup - ok
16:02:46.0067 5640 mozyproFilter (a5c8838b68eddd5c738308b3a50cb350) C:\Windows\system32\DRIVERS\mozypro.sys
16:02:46.0099 5640 mozyproFilter - ok
16:02:46.0114 5640 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
16:02:46.0145 5640 mpio - ok
16:02:46.0161 5640 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:02:46.0223 5640 mpsdrv - ok
16:02:46.0270 5640 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
16:02:46.0379 5640 MpsSvc - ok
16:02:46.0411 5640 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:02:46.0473 5640 MRxDAV - ok
16:02:46.0520 5640 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:02:46.0582 5640 mrxsmb - ok
16:02:46.0613 5640 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:02:46.0660 5640 mrxsmb10 - ok
16:02:46.0707 5640 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:02:46.0723 5640 mrxsmb20 - ok
16:02:46.0769 5640 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
16:02:46.0785 5640 msahci - ok
16:02:46.0816 5640 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
16:02:46.0847 5640 msdsm - ok
16:02:46.0879 5640 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:02:46.0925 5640 MSDTC - ok
16:02:46.0972 5640 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:02:47.0035 5640 Msfs - ok
16:02:47.0050 5640 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:02:47.0113 5640 mshidkmdf - ok
16:02:47.0144 5640 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
16:02:47.0159 5640 msisadrv - ok
16:02:47.0222 5640 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:02:47.0284 5640 MSiSCSI - ok
16:02:47.0300 5640 msiserver - ok
16:02:47.0347 5640 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:02:47.0409 5640 MSKSSRV - ok
16:02:47.0440 5640 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:02:47.0518 5640 MSPCLOCK - ok
16:02:47.0565 5640 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:02:47.0612 5640 MSPQM - ok
16:02:47.0643 5640 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:02:47.0674 5640 MsRPC - ok
16:02:47.0705 5640 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:02:47.0721 5640 mssmbios - ok
16:02:47.0752 5640 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:02:47.0815 5640 MSTEE - ok
16:02:47.0830 5640 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:02:47.0893 5640 MTConfig - ok
16:02:47.0939 5640 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:02:47.0971 5640 Mup - ok
16:02:48.0017 5640 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
16:02:48.0095 5640 napagent - ok
16:02:48.0173 5640 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:02:48.0236 5640 NativeWifiP - ok
16:02:48.0267 5640 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:02:48.0361 5640 NDIS - ok
16:02:48.0392 5640 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:02:48.0423 5640 NdisCap - ok
16:02:48.0470 5640 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:02:48.0532 5640 NdisTapi - ok
16:02:48.0548 5640 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:02:48.0626 5640 Ndisuio - ok
16:02:48.0657 5640 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:02:48.0719 5640 NdisWan - ok
16:02:48.0735 5640 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:02:48.0829 5640 NDProxy - ok
16:02:48.0891 5640 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
16:02:48.0907 5640 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:02:48.0907 5640 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:02:48.0969 5640 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:02:49.0031 5640 NetBIOS - ok
16:02:49.0078 5640 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:02:49.0172 5640 NetBT - ok
16:02:49.0219 5640 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:02:49.0234 5640 Netlogon - ok
16:02:49.0281 5640 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:02:49.0375 5640 Netman - ok
16:02:49.0515 5640 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:02:49.0531 5640 NetMsmqActivator - ok
16:02:49.0546 5640 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:02:49.0546 5640 NetPipeActivator - ok
16:02:49.0593 5640 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:02:49.0687 5640 netprofm - ok
16:02:49.0718 5640 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:02:49.0749 5640 NetTcpActivator - ok
16:02:49.0749 5640 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:02:49.0765 5640 NetTcpPortSharing - ok
16:02:49.0843 5640 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:02:49.0874 5640 nfrd960 - ok
16:02:49.0967 5640 NitroReaderDriverReadSpool (b9665d7e8e0f8242482eb960ce97d4f2) C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
16:02:49.0999 5640 NitroReaderDriverReadSpool - ok
16:02:50.0092 5640 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
16:02:50.0186 5640 NlaSvc - ok
16:02:50.0248 5640 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:02:50.0326 5640 Npfs - ok
16:02:50.0342 5640 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:02:50.0420 5640 nsi - ok
16:02:50.0451 5640 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:02:50.0529 5640 nsiproxy - ok
16:02:50.0607 5640 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
16:02:50.0701 5640 Ntfs - ok
16:02:50.0732 5640 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:02:50.0825 5640 Null - ok
16:02:50.0888 5640 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
16:02:50.0919 5640 nvraid - ok
16:02:50.0966 5640 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
16:02:50.0981 5640 nvstor - ok
16:02:51.0044 5640 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
16:02:51.0059 5640 nv_agp - ok
16:02:51.0091 5640 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
16:02:51.0153 5640 ohci1394 - ok
16:02:51.0293 5640 OpenSSHd (3d70b0630342132ebc1ff5cff483e6c0) C:\Program Files (x86)\OpenSSH\bin\cygrunsrv.exe
16:02:51.0309 5640 OpenSSHd ( UnsignedFile.Multi.Generic ) - warning
16:02:51.0309 5640 OpenSSHd - detected UnsignedFile.Multi.Generic (1)
16:02:51.0371 5640 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:02:51.0403 5640 ose - ok
16:02:51.0668 5640 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:02:51.0871 5640 osppsvc - ok
16:02:51.0964 5640 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:02:52.0011 5640 p2pimsvc - ok
16:02:52.0058 5640 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:02:52.0105 5640 p2psvc - ok
16:02:52.0151 5640 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:02:52.0183 5640 Parport - ok
16:02:52.0198 5640 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:02:52.0214 5640 partmgr - ok
16:02:52.0245 5640 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:02:52.0292 5640 PcaSvc - ok
16:02:52.0307 5640 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
16:02:52.0339 5640 pci - ok
16:02:52.0354 5640 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:02:52.0370 5640 pciide - ok
16:02:52.0401 5640 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:02:52.0448 5640 pcmcia - ok
16:02:52.0479 5640 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:02:52.0495 5640 pcw - ok
16:02:52.0541 5640 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:02:52.0604 5640 PEAUTH - ok
16:02:52.0666 5640 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:02:52.0713 5640 PerfHost - ok
16:02:52.0822 5640 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
16:02:52.0947 5640 pla - ok
16:02:53.0041 5640 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
16:02:53.0087 5640 PlugPlay - ok
16:02:53.0119 5640 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
16:02:53.0165 5640 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:02:53.0165 5640 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:02:53.0197 5640 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:02:53.0259 5640 PNRPAutoReg - ok
16:02:53.0306 5640 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:02:53.0321 5640 PNRPsvc - ok
16:02:53.0368 5640 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
16:02:53.0446 5640 PolicyAgent - ok
16:02:53.0493 5640 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:02:53.0571 5640 Power - ok
16:02:53.0618 5640 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:02:53.0696 5640 PptpMiniport - ok
16:02:53.0727 5640 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:02:53.0789 5640 Processor - ok
16:02:53.0836 5640 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
16:02:53.0914 5640 ProfSvc - ok
16:02:53.0961 5640 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:02:53.0992 5640 ProtectedStorage - ok
16:02:54.0039 5640 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:02:54.0101 5640 Psched - ok
16:02:54.0133 5640 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:02:54.0164 5640 PxHlpa64 - ok
16:02:54.0226 5640 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:02:54.0304 5640 ql2300 - ok
16:02:54.0335 5640 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:02:54.0351 5640 ql40xx - ok
16:02:54.0382 5640 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:02:54.0429 5640 QWAVE - ok
16:02:54.0445 5640 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:02:54.0507 5640 QWAVEdrv - ok
16:02:54.0538 5640 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:02:54.0616 5640 RasAcd - ok
16:02:54.0679 5640 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:02:54.0741 5640 RasAgileVpn - ok
16:02:54.0772 5640 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:02:54.0850 5640 RasAuto - ok
16:02:54.0897 5640 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:02:54.0959 5640 Rasl2tp - ok
16:02:55.0006 5640 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
16:02:55.0100 5640 RasMan - ok
16:02:55.0162 5640 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:02:55.0240 5640 RasPppoe - ok
16:02:55.0271 5640 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:02:55.0334 5640 RasSstp - ok
16:02:55.0381 5640 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:02:55.0443 5640 rdbss - ok
16:02:55.0474 5640 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:02:55.0552 5640 rdpbus - ok
16:02:55.0599 5640 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:02:55.0646 5640 RDPCDD - ok
16:02:55.0677 5640 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:02:55.0739 5640 RDPENCDD - ok
16:02:55.0786 5640 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:02:55.0864 5640 RDPREFMP - ok
16:02:55.0911 5640 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
16:02:55.0942 5640 RDPWD - ok
16:02:55.0989 5640 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:02:56.0020 5640 rdyboost - ok
16:02:56.0051 5640 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:02:56.0114 5640 RemoteAccess - ok
16:02:56.0161 5640 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:02:56.0239 5640 RemoteRegistry - ok
16:02:56.0285 5640 RimUsb - ok
16:02:56.0348 5640 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
16:02:56.0395 5640 RimVSerPort - ok
16:02:56.0441 5640 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
16:02:56.0519 5640 ROOTMODEM - ok
16:02:56.0566 5640 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:02:56.0629 5640 RpcEptMapper - ok
16:02:56.0660 5640 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:02:56.0722 5640 RpcLocator - ok
16:02:56.0769 5640 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:02:56.0816 5640 RpcSs - ok
16:02:56.0878 5640 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:02:56.0956 5640 rspndr - ok
16:02:57.0003 5640 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys
16:02:57.0034 5640 RSUSBSTOR - ok
16:02:57.0097 5640 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:02:57.0112 5640 SamSs - ok
16:02:57.0143 5640 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
16:02:57.0175 5640 sbp2port - ok
16:02:57.0206 5640 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:02:57.0284 5640 SCardSvr - ok
16:02:57.0315 5640 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:02:57.0377 5640 scfilter - ok
16:02:57.0424 5640 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
16:02:57.0518 5640 Schedule - ok
16:02:57.0565 5640 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:02:57.0611 5640 SCPolicySvc - ok
16:02:57.0643 5640 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
16:02:57.0689 5640 SDRSVC - ok
16:02:57.0752 5640 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:02:57.0830 5640 secdrv - ok
16:02:57.0861 5640 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
16:02:57.0908 5640 seclogon - ok
16:02:57.0939 5640 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
16:02:58.0001 5640 SENS - ok
16:02:58.0017 5640 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:02:58.0033 5640 SensrSvc - ok
16:02:58.0095 5640 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:02:58.0142 5640 Serenum - ok
16:02:58.0204 5640 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:02:58.0220 5640 Serial - ok
16:02:58.0267 5640 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:02:58.0313 5640 sermouse - ok
16:02:58.0360 5640 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
16:02:58.0423 5640 SessionEnv - ok
16:02:58.0438 5640 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:02:58.0501 5640 sffdisk - ok
16:02:58.0532 5640 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:02:58.0579 5640 sffp_mmc - ok
16:02:58.0610 5640 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:02:58.0625 5640 sffp_sd - ok
16:02:58.0657 5640 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:02:58.0688 5640 sfloppy - ok
16:02:58.0766 5640 SftService (e1974a92ac0914a3859359a0a8c82c68) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe
16:02:58.0797 5640 SftService - ok
16:02:58.0875 5640 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:02:58.0937 5640 SharedAccess - ok
16:02:58.0984 5640 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
16:02:59.0047 5640 ShellHWDetection - ok
16:02:59.0125 5640 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:02:59.0156 5640 SiSRaid2 - ok
16:02:59.0171 5640 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:02:59.0187 5640 SiSRaid4 - ok
16:02:59.0234 5640 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:02:59.0281 5640 Smb - ok
16:02:59.0359 5640 snapman (b84440e7554fc85e900eef0a7aaba228) C:\Windows\system32\DRIVERS\snapman.sys
16:02:59.0390 5640 snapman - ok
16:02:59.0421 5640 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:02:59.0468 5640 SNMPTRAP - ok
16:02:59.0515 5640 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:02:59.0530 5640 spldr - ok
16:02:59.0593 5640 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
16:02:59.0639 5640 Spooler - ok
16:02:59.0764 5640 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
16:02:59.0905 5640 sppsvc - ok
16:02:59.0951 5640 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:02:59.0998 5640 sppuinotify - ok
16:03:00.0092 5640 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
16:03:00.0107 5640 sprtsvc_DellSupportCenter - ok
16:03:00.0185 5640 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:03:00.0279 5640 srv - ok
16:03:00.0310 5640 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:03:00.0373 5640 srv2 - ok
16:03:00.0419 5640 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:03:00.0482 5640 srvnet - ok
16:03:00.0529 5640 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:03:00.0607 5640 SSDPSRV - ok
16:03:00.0622 5640 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:03:00.0716 5640 SstpSvc - ok
16:03:00.0809 5640 STacSV (444109453a2b87e6c16bcda5953e81a9) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
16:03:00.0887 5640 STacSV - ok
16:03:00.0965 5640 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:03:00.0997 5640 stexstor - ok
16:03:01.0043 5640 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
16:03:01.0090 5640 STHDA - ok
16:03:01.0153 5640 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
16:03:01.0215 5640 stisvc - ok
16:03:01.0277 5640 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:03:01.0293 5640 swenum - ok
16:03:01.0324 5640 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:03:01.0418 5640 swprv - ok
16:03:01.0511 5640 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
16:03:01.0621 5640 SysMain - ok
16:03:01.0652 5640 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
16:03:01.0699 5640 TabletInputService - ok
16:03:01.0730 5640 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
16:03:01.0808 5640 TapiSrv - ok
16:03:01.0839 5640 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:03:01.0901 5640 TBS - ok
16:03:02.0011 5640 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
16:03:02.0104 5640 Tcpip - ok
16:03:02.0167 5640 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
16:03:02.0213 5640 TCPIP6 - ok
16:03:02.0260 5640 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:03:02.0307 5640 tcpipreg - ok
16:03:02.0338 5640 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:03:02.0369 5640 TDPIPE - ok
16:03:02.0432 5640 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
16:03:02.0463 5640 TDTCP - ok
16:03:02.0494 5640 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:03:02.0572 5640 tdx - ok
16:03:02.0603 5640 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
16:03:02.0635 5640 TermDD - ok
16:03:02.0666 5640 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
16:03:02.0759 5640 TermService - ok
16:03:02.0791 5640 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:03:02.0822 5640 Themes - ok
16:03:02.0869 5640 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:03:02.0931 5640 THREADORDER - ok
16:03:02.0947 5640 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:03:03.0025 5640 TrkWks - ok
16:03:03.0087 5640 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
16:03:03.0118 5640 TrustedInstaller - ok
16:03:03.0165 5640 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:03:03.0227 5640 tssecsrv - ok
16:03:03.0274 5640 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:03:03.0337 5640 tunnel - ok
16:03:03.0368 5640 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:03:03.0383 5640 uagp35 - ok
16:03:03.0415 5640 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
16:03:03.0493 5640 udfs - ok
16:03:03.0539 5640 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:03:03.0571 5640 UI0Detect - ok
16:03:03.0602 5640 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:03:03.0617 5640 uliagpkx - ok
16:03:03.0649 5640 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:03:03.0680 5640 umbus - ok
16:03:03.0711 5640 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:03:03.0758 5640 UmPass - ok
16:03:03.0805 5640 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:03:03.0867 5640 upnphost - ok
16:03:03.0945 5640 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
16:03:03.0992 5640 USBAAPL64 - ok
16:03:04.0070 5640 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
16:03:04.0085 5640 usbaudio - ok
16:03:04.0132 5640 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
16:03:04.0179 5640 usbccgp - ok
16:03:04.0226 5640 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
16:03:04.0288 5640 usbcir - ok
16:03:04.0304 5640 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
16:03:04.0335 5640 usbehci - ok
16:03:04.0397 5640 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
16:03:04.0444 5640 usbhub - ok
16:03:04.0491 5640 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
16:03:04.0538 5640 usbohci - ok
16:03:04.0585 5640 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:03:04.0631 5640 usbprint - ok
16:03:04.0694 5640 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:03:04.0741 5640 usbscan - ok
16:03:04.0787 5640 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:03:04.0834 5640 USBSTOR - ok
16:03:04.0881 5640 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
16:03:04.0912 5640 usbuhci - ok
16:03:04.0975 5640 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
16:03:05.0037 5640 usbvideo - ok
16:03:05.0068 5640 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:03:05.0131 5640 UxSms - ok
16:03:05.0177 5640 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:03:05.0193 5640 VaultSvc - ok
16:03:05.0271 5640 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:03:05.0287 5640 vdrvroot - ok
16:03:05.0318 5640 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
16:03:05.0365 5640 vds - ok
16:03:05.0411 5640 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:03:05.0443 5640 vga - ok
16:03:05.0474 5640 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:03:05.0536 5640 VgaSave - ok
16:03:05.0567 5640 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
16:03:05.0599 5640 vhdmp - ok
16:03:05.0614 5640 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
16:03:05.0630 5640 viaide - ok
16:03:05.0645 5640 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
16:03:05.0677 5640 volmgr - ok
16:03:05.0692 5640 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:03:05.0739 5640 volmgrx - ok
16:03:05.0770 5640 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
16:03:05.0801 5640 volsnap - ok
16:03:05.0833 5640 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:03:05.0864 5640 vsmraid - ok
16:03:05.0957 5640 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
16:03:06.0020 5640 VSS - ok
16:03:06.0051 5640 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:03:06.0098 5640 vwifibus - ok
16:03:06.0145 5640 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:03:06.0191 5640 vwififlt - ok
16:03:06.0238 5640 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:03:06.0269 5640 vwifimp - ok
16:03:06.0316 5640 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:03:06.0379 5640 W32Time - ok
16:03:06.0410 5640 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:03:06.0441 5640 WacomPen - ok
16:03:06.0488 5640 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:03:06.0550 5640 WANARP - ok
16:03:06.0597 5640 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:03:06.0644 5640 Wanarpv6 - ok
16:03:06.0737 5640 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:03:06.0831 5640 WatAdminSvc - ok
16:03:06.0893 5640 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
16:03:07.0003 5640 wbengine - ok
16:03:07.0034 5640 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:03:07.0065 5640 WbioSrvc - ok
16:03:07.0127 5640 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
16:03:07.0174 5640 wcncsvc - ok
16:03:07.0205 5640 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:03:07.0237 5640 WcsPlugInService - ok
16:03:07.0283 5640 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:03:07.0299 5640 Wd - ok
16:03:07.0346 5640 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:03:07.0393 5640 Wdf01000 - ok
16:03:07.0408 5640 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:03:07.0455 5640 WdiServiceHost - ok
16:03:07.0455 5640 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:03:07.0486 5640 WdiSystemHost - ok
16:03:07.0533 5640 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
16:03:07.0564 5640 WebClient - ok
16:03:07.0580 5640 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:03:07.0673 5640 Wecsvc - ok
16:03:07.0689 5640 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:03:07.0736 5640 wercplsupport - ok
16:03:07.0767 5640 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:03:07.0845 5640 WerSvc - ok
16:03:07.0907 5640 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:03:07.0970 5640 WfpLwf - ok
16:03:08.0032 5640 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
16:03:08.0063 5640 WimFltr - ok
16:03:08.0079 5640 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:03:08.0095 5640 WIMMount - ok
16:03:08.0157 5640 WinDefend - ok
16:03:08.0173 5640 WinHttpAutoProxySvc - ok
16:03:08.0219 5640 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:03:08.0297 5640 Winmgmt - ok
16:03:08.0391 5640 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
16:03:08.0516 5640 WinRM - ok
16:03:08.0656 5640 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:03:08.0703 5640 WinUsb - ok
16:03:08.0781 5640 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:03:08.0875 5640 Wlansvc - ok
16:03:09.0031 5640 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:03:09.0093 5640 wlidsvc - ok
16:03:09.0109 5640 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
16:03:09.0140 5640 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
16:03:09.0140 5640 wltrysvc - detected UnsignedFile.Multi.Generic (1)
16:03:09.0249 5640 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:03:09.0280 5640 WmiAcpi - ok
16:03:09.0358 5640 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:03:09.0405 5640 wmiApSrv - ok
16:03:09.0436 5640 WMPNetworkSvc - ok
16:03:09.0483 5640 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:03:09.0499 5640 WPCSvc - ok
16:03:09.0514 5640 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
16:03:09.0545 5640 WPDBusEnum - ok
16:03:09.0608 5640 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:03:09.0655 5640 ws2ifsl - ok
16:03:09.0701 5640 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
16:03:09.0748 5640 wscsvc - ok
16:03:09.0748 5640 WSearch - ok
16:03:09.0857 5640 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
16:03:10.0013 5640 wuauserv - ok
16:03:10.0076 5640 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:03:10.0154 5640 WudfPf - ok
16:03:10.0201 5640 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:03:10.0247 5640 WUDFRd - ok
16:03:10.0294 5640 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
16:03:10.0357 5640 wudfsvc - ok
16:03:10.0403 5640 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:03:10.0435 5640 WwanSvc - ok
16:03:10.0497 5640 yukonw7 (79d9ce9614c955dd31aa2556b4014662) C:\Windows\system32\DRIVERS\yk62x64.sys
16:03:10.0622 5640 yukonw7 - ok
16:03:10.0684 5640 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
16:03:10.0840 5640 \Device\Harddisk0\DR0 - ok
16:03:10.0840 5640 Boot (0x1200) (a5a47f88a08d4a60ab8861a5e6c4609c) \Device\Harddisk0\DR0\Partition0
16:03:10.0840 5640 \Device\Harddisk0\DR0\Partition0 - ok
16:03:10.0871 5640 Boot (0x1200) (30a308e372fca4a38327b709891fcdf3) \Device\Harddisk0\DR0\Partition1
16:03:10.0871 5640 \Device\Harddisk0\DR0\Partition1 - ok
16:03:10.0871 5640 ============================================================
16:03:10.0871 5640 Scan finished
16:03:10.0871 5640 ============================================================
16:03:10.0887 6908 Detected object count: 9
16:03:10.0887 6908 Actual detected object count: 9
16:04:14.0083 6908 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0083 6908 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:14.0083 6908 FlipShareServer ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0083 6908 FlipShareServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:14.0083 6908 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0083 6908 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:14.0083 6908 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0083 6908 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:14.0098 6908 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0098 6908 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:14.0098 6908 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0098 6908 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:14.0098 6908 OpenSSHd ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0098 6908 OpenSSHd ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:14.0098 6908 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0098 6908 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:14.0098 6908 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0098 6908 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:33.0988 2340 ============================================================
16:04:33.0988 2340 Scan started
16:04:33.0988 2340 Mode: Manual; SigCheck; TDLFS;
16:04:33.0988 2340 ============================================================
16:04:34.0363 2340 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
16:04:34.0394 2340 1394ohci - ok
16:04:34.0472 2340 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
16:04:34.0503 2340 ACPI - ok
16:04:34.0534 2340 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
16:04:34.0550 2340 AcpiPmi - ok
16:04:34.0597 2340 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:04:34.0612 2340 adp94xx - ok
16:04:34.0644 2340 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:04:34.0675 2340 adpahci - ok
16:04:34.0690 2340 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:04:34.0706 2340 adpu320 - ok
16:04:34.0753 2340 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:04:34.0784 2340 AeLookupSvc - ok
16:04:34.0846 2340 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
16:04:34.0893 2340 AFD - ok
16:04:34.0909 2340 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
16:04:34.0924 2340 agp440 - ok
16:04:34.0956 2340 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:04:34.0971 2340 ALG - ok
16:04:34.0987 2340 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
16:04:35.0002 2340 aliide - ok
16:04:35.0049 2340 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
16:04:35.0065 2340 amdide - ok
16:04:35.0080 2340 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:04:35.0112 2340 AmdK8 - ok
16:04:35.0127 2340 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:04:35.0143 2340 AmdPPM - ok
16:04:35.0190 2340 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
16:04:35.0221 2340 amdsata - ok
16:04:35.0252 2340 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:04:35.0268 2340 amdsbs - ok
16:04:35.0283 2340 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
16:04:35.0299 2340 amdxata - ok
16:04:35.0330 2340 ApfiltrService (1412e9a88fe1f7e35ce6058a2ef03664) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:04:35.0361 2340 ApfiltrService - ok
16:04:35.0392 2340 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:04:35.0408 2340 AppID - ok
16:04:35.0439 2340 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:04:35.0486 2340 AppIDSvc - ok
16:04:35.0502 2340 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
16:04:35.0517 2340 Appinfo - ok
16:04:35.0658 2340 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:04:35.0689 2340 Apple Mobile Device - ok
16:04:35.0736 2340 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:04:35.0767 2340 arc - ok
16:04:35.0798 2340 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:04:35.0814 2340 arcsas - ok
16:04:35.0892 2340 asdsrv (2be4aa54c7728b7a432713961b09fa89) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
16:04:35.0923 2340 asdsrv - ok
16:04:36.0032 2340 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:04:36.0048 2340 aspnet_state - ok
16:04:36.0126 2340 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:04:36.0172 2340 AsyncMac - ok
16:04:36.0219 2340 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
16:04:36.0250 2340 atapi - ok
16:04:36.0297 2340 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:04:36.0344 2340 AudioEndpointBuilder - ok
16:04:36.0360 2340 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:04:36.0406 2340 AudioSrv - ok
16:04:36.0469 2340 avfsmn (7f5ea096d5edbaa9caeedf07dfae65da) C:\Windows\system32\DRIVERS\avfsmn.sys
16:04:36.0484 2340 avfsmn - ok
16:04:36.0672 2340 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
16:04:36.0765 2340 AVGIDSAgent - ok
16:04:36.0796 2340 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
16:04:36.0812 2340 AVGIDSDriver - ok
16:04:36.0828 2340 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
16:04:36.0843 2340 AVGIDSEH - ok
16:04:36.0859 2340 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
16:04:36.0874 2340 AVGIDSFilter - ok
16:04:36.0890 2340 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
16:04:36.0906 2340 Avgldx64 - ok
16:04:36.0937 2340 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
16:04:36.0952 2340 Avgmfx64 - ok
16:04:36.0968 2340 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
16:04:36.0984 2340 Avgrkx64 - ok
16:04:37.0015 2340 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
16:04:37.0030 2340 Avgtdia - ok
16:04:37.0124 2340 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
16:04:37.0140 2340 avgwd - ok
16:04:37.0202 2340 avhips (e0edb0f31b9755fb8f8017f3326de033) C:\Windows\system32\DRIVERS\avhips.sys
16:04:37.0218 2340 avhips - ok
16:04:37.0264 2340 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
16:04:37.0296 2340 AxInstSV - ok
16:04:37.0327 2340 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:04:37.0358 2340 b06bdrv - ok
16:04:37.0389 2340 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:04:37.0405 2340 b57nd60a - ok
16:04:37.0436 2340 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
16:04:37.0467 2340 BCM42RLY - ok
16:04:37.0576 2340 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
16:04:37.0639 2340 BCM43XX - ok
16:04:37.0686 2340 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:04:37.0717 2340 BDESVC - ok
16:04:37.0748 2340 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:04:37.0779 2340 Beep - ok
16:04:37.0826 2340 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
16:04:37.0873 2340 BFE - ok
16:04:37.0920 2340 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
16:04:37.0982 2340 BITS - ok
16:04:38.0044 2340 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:04:38.0060 2340 blbdrive - ok
16:04:38.0138 2340 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
16:04:38.0169 2340 Bonjour Service - ok
16:04:38.0216 2340 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:04:38.0247 2340 bowser - ok
16:04:38.0278 2340 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:04:38.0310 2340 BrFiltLo - ok
16:04:38.0325 2340 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:04:38.0341 2340 BrFiltUp - ok
16:04:38.0372 2340 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:04:38.0403 2340 BridgeMP - ok
16:04:38.0450 2340 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
16:04:38.0497 2340 Browser - ok
16:04:38.0528 2340 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:04:38.0544 2340 Brserid - ok
16:04:38.0559 2340 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:04:38.0590 2340 BrSerWdm - ok
16:04:38.0606 2340 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:04:38.0637 2340 BrUsbMdm - ok
16:04:38.0653 2340 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:04:38.0668 2340 BrUsbSer - ok
16:04:38.0700 2340 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:04:38.0715 2340 BTHMODEM - ok
16:04:38.0746 2340 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:04:38.0793 2340 bthserv - ok
16:04:38.0809 2340 catchme - ok
16:04:38.0840 2340 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:04:38.0887 2340 cdfs - ok
16:04:38.0918 2340 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:04:38.0934 2340 cdrom - ok
16:04:38.0949 2340 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:04:39.0012 2340 CertPropSvc - ok
16:04:39.0027 2340 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:04:39.0043 2340 circlass - ok
16:04:39.0074 2340 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:04:39.0121 2340 CLFS - ok
16:04:39.0183 2340 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:04:39.0199 2340 clr_optimization_v2.0.50727_32 - ok
16:04:39.0261 2340 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:04:39.0292 2340 clr_optimization_v2.0.50727_64 - ok
16:04:39.0370 2340 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:04:39.0386 2340 clr_optimization_v4.0.30319_32 - ok
16:04:39.0433 2340 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:04:39.0448 2340 clr_optimization_v4.0.30319_64 - ok
16:04:39.0526 2340 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:04:39.0542 2340 CmBatt - ok
16:04:39.0589 2340 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
16:04:39.0620 2340 cmdide - ok
16:04:39.0682 2340 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
16:04:39.0729 2340 CNG - ok
16:04:39.0760 2340 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:04:39.0776 2340 Compbatt - ok
16:04:39.0792 2340 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:04:39.0807 2340 CompositeBus - ok
16:04:39.0823 2340 COMSysApp - ok
16:04:39.0870 2340 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:04:39.0885 2340 crcdisk - ok
16:04:39.0932 2340 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
16:04:39.0979 2340 CryptSvc - ok
16:04:40.0026 2340 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:04:40.0057 2340 CtClsFlt - ok
16:04:40.0088 2340 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:04:40.0135 2340 DcomLaunch - ok
16:04:40.0166 2340 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:04:40.0213 2340 defragsvc - ok
16:04:40.0260 2340 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:04:40.0291 2340 DfsC - ok
16:04:40.0306 2340 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
16:04:40.0338 2340 Dhcp - ok
16:04:40.0369 2340 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:04:40.0416 2340 discache - ok
16:04:40.0431 2340 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:04:40.0447 2340 Disk - ok
16:04:40.0509 2340 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
16:04:40.0540 2340 Dnscache - ok
16:04:40.0603 2340 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
16:04:40.0603 2340 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
16:04:40.0603 2340 DockLoginService - detected UnsignedFile.Multi.Generic (1)
16:04:40.0650 2340 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
16:04:40.0696 2340 dot3svc - ok
16:04:40.0759 2340 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:04:40.0790 2340 Dot4 - ok
16:04:40.0837 2340 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:04:40.0868 2340 Dot4Print - ok
16:04:40.0930 2340 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:04:40.0962 2340 dot4usb - ok
16:04:40.0977 2340 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
16:04:41.0040 2340 DPS - ok
16:04:41.0118 2340 DragonSvc (d5761dd586c54bf710174e992fa83eaa) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
16:04:41.0133 2340 DragonSvc - ok
16:04:41.0196 2340 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:04:41.0227 2340 drmkaud - ok
16:04:41.0305 2340 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
16:04:41.0352 2340 DXGKrnl - ok
16:04:41.0445 2340 DymoPnpService (16801152c1c1ba0857972c28d35bce33) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
16:04:41.0461 2340 DymoPnpService - ok
16:04:41.0508 2340 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:04:41.0586 2340 EapHost - ok
16:04:41.0710 2340 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:04:41.0773 2340 ebdrv - ok
16:04:41.0820 2340 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
16:04:41.0866 2340 EFS - ok
16:04:41.0944 2340 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
16:04:41.0976 2340 ehRecvr - ok
16:04:42.0007 2340 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:04:42.0022 2340 ehSched - ok
16:04:42.0100 2340 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:04:42.0132 2340 elxstor - ok
16:04:42.0147 2340 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
16:04:42.0178 2340 ErrDev - ok
16:04:42.0210 2340 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:04:42.0256 2340 EventSystem - ok
16:04:42.0288 2340 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:04:42.0350 2340 exfat - ok
16:04:42.0381 2340 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:04:42.0412 2340 fastfat - ok
16:04:42.0459 2340 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
16:04:42.0490 2340 Fax - ok
16:04:42.0522 2340 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:04:42.0537 2340 fdc - ok
16:04:42.0568 2340 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:04:42.0615 2340 fdPHost - ok
16:04:42.0631 2340 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:04:42.0678 2340 FDResPub - ok
16:04:42.0693 2340 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:04:42.0709 2340 FileInfo - ok
16:04:42.0740 2340 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:04:42.0787 2340 Filetrace - ok
16:04:42.0880 2340 FlipShare Service (869bde240b7fe9c7b25bd80df85641c8) C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
16:04:42.0912 2340 FlipShare Service - ok
16:04:42.0958 2340 FlipShareServer (9c330b7ddee9492373041e75da01f80c) C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
16:04:42.0990 2340 FlipShareServer ( UnsignedFile.Multi.Generic ) - warning
16:04:42.0990 2340 FlipShareServer - detected UnsignedFile.Multi.Generic (1)
16:04:43.0021 2340 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:04:43.0036 2340 flpydisk - ok
16:04:43.0068 2340 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:04:43.0083 2340 FltMgr - ok
16:04:43.0161 2340 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
16:04:43.0192 2340 FontCache - ok
16:04:43.0270 2340 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:04:43.0286 2340 FontCache3.0.0.0 - ok
16:04:43.0348 2340 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:04:43.0364 2340 FsDepends - ok
16:04:43.0411 2340 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
16:04:43.0426 2340 fssfltr - ok
16:04:43.0551 2340 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:04:43.0582 2340 fsssvc - ok
16:04:43.0645 2340 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
16:04:43.0660 2340 Fs_Rec - ok
16:04:43.0692 2340 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:04:43.0723 2340 fvevol - ok
16:04:43.0754 2340 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:04:43.0770 2340 gagp30kx - ok
16:04:43.0832 2340 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:04:43.0848 2340 GamesAppService - ok
16:04:43.0910 2340 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:04:43.0926 2340 GEARAspiWDM - ok
16:04:44.0035 2340 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
16:04:44.0050 2340 GoogleDesktopManager-051210-111108 - ok
16:04:44.0097 2340 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
16:04:44.0113 2340 GoToAssist - ok
16:04:44.0191 2340 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
16:04:44.0238 2340 gpsvc - ok
16:04:44.0316 2340 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:04:44.0331 2340 gupdate - ok
16:04:44.0362 2340 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:04:44.0378 2340 gupdatem - ok
16:04:44.0425 2340 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:04:44.0440 2340 hcw85cir - ok
16:04:44.0472 2340 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:04:44.0487 2340 HDAudBus - ok
16:04:44.0518 2340 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:04:44.0534 2340 HidBatt - ok
16:04:44.0565 2340 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:04:44.0581 2340 HidBth - ok
16:04:44.0612 2340 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:04:44.0628 2340 HidIr - ok
16:04:44.0659 2340 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
16:04:44.0706 2340 hidserv - ok
16:04:44.0721 2340 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:04:44.0752 2340 HidUsb - ok
16:04:44.0784 2340 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
16:04:44.0846 2340 hkmsvc - ok
16:04:44.0862 2340 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
16:04:44.0893 2340 HomeGroupListener - ok
16:04:44.0940 2340 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
16:04:44.0971 2340 HomeGroupProvider - ok
16:04:45.0111 2340 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:04:45.0127 2340 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:04:45.0127 2340 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:04:45.0189 2340 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:04:45.0189 2340 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:04:45.0189 2340 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:04:45.0236 2340 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:04:45.0267 2340 HpSAMD - ok
16:04:45.0330 2340 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:04:45.0361 2340 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:04:45.0361 2340 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:04:45.0408 2340 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:04:45.0454 2340 HTTP - ok
16:04:45.0470 2340 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:04:45.0486 2340 hwpolicy - ok
16:04:45.0548 2340 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:04:45.0579 2340 i8042prt - ok
16:04:45.0657 2340 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:04:45.0688 2340 IAANTMON - ok
16:04:45.0766 2340 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
16:04:45.0782 2340 iaStor - ok
16:04:45.0860 2340 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
16:04:45.0907 2340 iaStorV - ok
16:04:46.0016 2340 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:04:46.0047 2340 idsvc - ok
16:04:46.0250 2340 igfx (babd5f9b2bcc82ce556a0baf1ae208a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:04:46.0359 2340 igfx - ok
16:04:46.0468 2340 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:04:46.0484 2340 iirsp - ok
16:04:46.0531 2340 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
16:04:46.0593 2340 IKEEXT - ok
16:04:46.0624 2340 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
16:04:46.0640 2340 intelide - ok
16:04:46.0656 2340 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:04:46.0687 2340 intelppm - ok
16:04:46.0702 2340 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:04:46.0749 2340 IPBusEnum - ok
16:04:46.0780 2340 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:04:46.0827 2340 IpFilterDriver - ok
16:04:46.0874 2340 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
16:04:46.0936 2340 iphlpsvc - ok
16:04:46.0952 2340 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:04:46.0968 2340 IPMIDRV - ok
16:04:46.0999 2340 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:04:47.0046 2340 IPNAT - ok
16:04:47.0155 2340 iPod Service (a3bda1a8a016b5e5a525bcf684894ebe) C:\Program Files\iPod\bin\iPodService.exe
16:04:47.0186 2340 iPod Service - ok
16:04:47.0217 2340 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:04:47.0248 2340 IRENUM - ok
16:04:47.0264 2340 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
16:04:47.0280 2340 isapnp - ok
16:04:47.0311 2340 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
16:04:47.0326 2340 iScsiPrt - ok
16:04:47.0358 2340 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:04:47.0373 2340 kbdclass - ok
16:04:47.0389 2340 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
16:04:47.0420 2340 kbdhid - ok
16:04:47.0467 2340 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:04:47.0482 2340 KeyIso - ok
16:04:47.0514 2340 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
16:04:47.0529 2340 KSecDD - ok
16:04:47.0576 2340 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
16:04:47.0607 2340 KSecPkg - ok
16:04:47.0623 2340 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:04:47.0670 2340 ksthunk - ok
16:04:47.0732 2340 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:04:47.0779 2340 KtmRm - ok
16:04:47.0841 2340 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
16:04:47.0872 2340 LanmanServer - ok
16:04:47.0919 2340 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
16:04:47.0982 2340 LanmanWorkstation - ok
16:04:48.0013 2340 Lavasoft Kernexplorer - ok
16:04:48.0060 2340 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:04:48.0106 2340 lltdio - ok
16:04:48.0153 2340 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:04:48.0216 2340 lltdsvc - ok
16:04:48.0231 2340 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:04:48.0278 2340 lmhosts - ok
16:04:48.0309 2340 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:04:48.0325 2340 LSI_FC - ok
16:04:48.0356 2340 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:04:48.0372 2340 LSI_SAS - ok
16:04:48.0403 2340 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:04:48.0418 2340 LSI_SAS2 - ok
16:04:48.0434 2340 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:04:48.0450 2340 LSI_SCSI - ok
16:04:48.0481 2340 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:04:48.0528 2340 luafv - ok
16:04:48.0559 2340 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
16:04:48.0590 2340 Mcx2Svc - ok
16:04:48.0621 2340 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:04:48.0637 2340 megasas - ok
16:04:48.0684 2340 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:04:48.0699 2340 MegaSR - ok
16:04:48.0746 2340 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:04:48.0808 2340 MMCSS - ok
16:04:48.0824 2340 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:04:48.0871 2340 Modem - ok
16:04:48.0886 2340 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:04:48.0918 2340 monitor - ok
16:04:48.0933 2340 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:04:48.0949 2340 mouclass - ok
16:04:48.0964 2340 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:04:48.0980 2340 mouhid - ok
16:04:49.0011 2340 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:04:49.0042 2340 mountmgr - ok
16:04:49.0120 2340 mozyprobackup (8d0e9ef43647fbf6c7e0c15ecb0a3a08) C:\Program Files\MozyPro\mozyprobackup.exe
16:04:49.0136 2340 mozyprobackup - ok
16:04:49.0198 2340 mozyproFilter (a5c8838b68eddd5c738308b3a50cb350) C:\Windows\system32\DRIVERS\mozypro.sys
16:04:49.0214 2340 mozyproFilter - ok
16:04:49.0261 2340 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
16:04:49.0276 2340 mpio - ok
16:04:49.0308 2340 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:04:49.0339 2340 mpsdrv - ok
16:04:49.0401 2340 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
16:04:49.0464 2340 MpsSvc - ok
16:04:49.0495 2340 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:04:49.0510 2340 MRxDAV - ok
16:04:49.0557 2340 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:04:49.0588 2340 mrxsmb - ok
16:04:49.0635 2340 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:04:49.0651 2340 mrxsmb10 - ok
16:04:49.0682 2340 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:04:49.0698 2340 mrxsmb20 - ok
16:04:49.0729 2340 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
16:04:49.0744 2340 msahci - ok
16:04:49.0760 2340 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
16:04:49.0791 2340 msdsm - ok
16:04:49.0822 2340 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:04:49.0854 2340 MSDTC - ok
16:04:49.0885 2340 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:04:49.0932 2340 Msfs - ok
16:04:49.0947 2340 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:04:49.0994 2340 mshidkmdf - ok
16:04:50.0010 2340 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
16:04:50.0025 2340 msisadrv - ok
16:04:50.0072 2340 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:04:50.0119 2340 MSiSCSI - ok
16:04:50.0134 2340 msiserver - ok
16:04:50.0181 2340 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:04:50.0228 2340 MSKSSRV - ok
16:04:50.0244 2340 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:04:50.0290 2340 MSPCLOCK - ok
16:04:50.0306 2340 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:04:50.0353 2340 MSPQM - ok
16:04:50.0368 2340 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:04:50.0400 2340 MsRPC - ok
16:04:50.0415 2340 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:04:50.0431 2340 mssmbios - ok
16:04:50.0462 2340 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:04:50.0509 2340 MSTEE - ok
16:04:50.0524 2340 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:04:50.0540 2340 MTConfig - ok
16:04:50.0571 2340 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:04:50.0587 2340 Mup - ok
16:04:50.0634 2340 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
16:04:50.0680 2340 napagent - ok
16:04:50.0712 2340 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:04:50.0727 2340 NativeWifiP - ok
16:04:50.0774 2340 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:04:50.0805 2340 NDIS - ok
16:04:50.0836 2340 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:04:50.0868 2340 NdisCap - ok
16:04:50.0899 2340 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:04:50.0930 2340 NdisTapi - ok
16:04:50.0961 2340 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:04:50.0992 2340 Ndisuio - ok
16:04:51.0024 2340 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:04:51.0070 2340 NdisWan - ok
16:04:51.0086 2340 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:04:51.0133 2340 NDProxy - ok
16:04:51.0164 2340 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
16:04:51.0180 2340 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:04:51.0180 2340 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:04:51.0211 2340 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:04:51.0273 2340 NetBIOS - ok
16:04:51.0304 2340 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:04:51.0351 2340 NetBT - ok
16:04:51.0398 2340 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:04:51.0429 2340 Netlogon - ok
16:04:51.0476 2340 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:04:51.0523 2340 Netman - ok
16:04:51.0632 2340 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:04:51.0663 2340 NetMsmqActivator - ok
16:04:51.0663 2340 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:04:51.0679 2340 NetPipeActivator - ok
16:04:51.0726 2340 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:04:51.0788 2340 netprofm - ok
16:04:51.0788 2340 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:04:51.0804 2340 NetTcpActivator - ok
16:04:51.0819 2340 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:04:51.0835 2340 NetTcpPortSharing - ok
16:04:51.0882 2340 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:04:51.0913 2340 nfrd960 - ok
16:04:51.0991 2340 NitroReaderDriverReadSpool (b9665d7e8e0f8242482eb960ce97d4f2) C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
16:04:52.0022 2340 NitroReaderDriverReadSpool - ok
16:04:52.0069 2340 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
16:04:52.0116 2340 NlaSvc - ok
16:04:52.0162 2340 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:04:52.0209 2340 Npfs - ok
16:04:52.0225 2340 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:04:52.0272 2340 nsi - ok
16:04:52.0287 2340 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:04:52.0334 2340 nsiproxy - ok
16:04:52.0428 2340 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
16:04:52.0490 2340 Ntfs - ok
16:04:52.0506 2340 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:04:52.0552 2340 Null - ok
16:04:52.0599 2340 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
16:04:52.0630 2340 nvraid - ok
16:04:52.0677 2340 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
16:04:52.0708 2340 nvstor - ok
16:04:52.0740 2340 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
16:04:52.0755 2340 nv_agp - ok
16:04:52.0771 2340 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
16:04:52.0802 2340 ohci1394 - ok
16:04:52.0911 2340 OpenSSHd (3d70b0630342132ebc1ff5cff483e6c0) C:\Program Files (x86)\OpenSSH\bin\cygrunsrv.exe
16:04:52.0911 2340 OpenSSHd ( UnsignedFile.Multi.Generic ) - warning
16:04:52.0911 2340 OpenSSHd - detected UnsignedFile.Multi.Generic (1)
16:04:52.0974 2340 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:04:52.0989 2340 ose - ok
16:04:53.0192 2340 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:04:53.0286 2340 osppsvc - ok
16:04:53.0442 2340 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:04:53.0457 2340 p2pimsvc - ok
16:04:53.0504 2340 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:04:53.0520 2340 p2psvc - ok
16:04:53.0566 2340 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:04:53.0598 2340 Parport - ok
16:04:53.0629 2340 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:04:53.0660 2340 partmgr - ok
16:04:53.0676 2340 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:04:53.0707 2340 PcaSvc - ok
16:04:53.0722 2340 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
16:04:53.0738 2340 pci - ok
16:04:53.0769 2340 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:04:53.0785 2340 pciide - ok
16:04:53.0816 2340 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:04:53.0832 2340 pcmcia - ok
16:04:53.0863 2340 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:04:53.0878 2340 pcw - ok
16:04:53.0910 2340 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:04:53.0972 2340 PEAUTH - ok
16:04:54.0019 2340 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:04:54.0050 2340 PerfHost - ok
16:04:54.0128 2340 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
16:04:54.0206 2340 pla - ok
16:04:54.0253 2340 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
16:04:54.0284 2340 PlugPlay - ok
16:04:54.0315 2340 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
16:04:54.0315 2340 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:04:54.0315 2340 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:04:54.0331 2340 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:04:54.0346 2340 PNRPAutoReg - ok
16:04:54.0378 2340 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:04:54.0393 2340 PNRPsvc - ok
16:04:54.0456 2340 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
16:04:54.0534 2340 PolicyAgent - ok
16:04:54.0565 2340 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:04:54.0627 2340 Power - ok
16:04:54.0690 2340 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:04:54.0736 2340 PptpMiniport - ok
16:04:54.0768 2340 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:04:54.0783 2340 Processor - ok
16:04:54.0830 2340 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
16:04:54.0877 2340 ProfSvc - ok
16:04:54.0924 2340 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:04:54.0955 2340 ProtectedStorage - ok
16:04:54.0986 2340 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:04:55.0017 2340 Psched - ok
16:04:55.0064 2340 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:04:55.0080 2340 PxHlpa64 - ok
16:04:55.0158 2340 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:04:55.0220 2340 ql2300 - ok
16:04:55.0251 2340 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:04:55.0267 2340 ql40xx - ok
16:04:55.0314 2340 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:04:55.0329 2340 QWAVE - ok
16:04:55.0360 2340 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:04:55.0376 2340 QWAVEdrv - ok
16:04:55.0407 2340 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:04:55.0454 2340 RasAcd - ok
16:04:55.0485 2340 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:04:55.0548 2340 RasAgileVpn - ok
16:04:55.0579 2340 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:04:55.0626 2340 RasAuto - ok
16:04:55.0657 2340 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:04:55.0704 2340 Rasl2tp - ok
16:04:55.0735 2340 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
16:04:55.0782 2340 RasMan - ok
16:04:55.0813 2340 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:04:55.0844 2340 RasPppoe - ok
16:04:55.0875 2340 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:04:55.0938 2340 RasSstp - ok
16:04:55.0969 2340 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:04:56.0016 2340 rdbss - ok
16:04:56.0031 2340 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:04:56.0047 2340 rdpbus - ok
16:04:56.0078 2340 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:04:56.0125 2340 RDPCDD - ok
16:04:56.0140 2340 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:04:56.0187 2340 RDPENCDD - ok
16:04:56.0203 2340 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:04:56.0250 2340 RDPREFMP - ok
16:04:56.0296 2340 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
16:04:56.0312 2340 RDPWD - ok
16:04:56.0343 2340 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:04:56.0359 2340 rdyboost - ok
16:04:56.0406 2340 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:04:56.0468 2340 RemoteAccess - ok
16:04:56.0515 2340 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:04:56.0577 2340 RemoteRegistry - ok
16:04:56.0577 2340 RimUsb - ok
16:04:56.0624 2340 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
16:04:56.0655 2340 RimVSerPort - ok
16:04:56.0702 2340 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
16:04:56.0749 2340 ROOTMODEM - ok
16:04:56.0764 2340 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:04:56.0827 2340 RpcEptMapper - ok
16:04:56.0858 2340 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:04:56.0889 2340 RpcLocator - ok
16:04:56.0920 2340 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:04:56.0967 2340 RpcSs - ok
16:04:56.0998 2340 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:04:57.0045 2340 rspndr - ok
16:04:57.0092 2340 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys
16:04:57.0123 2340 RSUSBSTOR - ok
16:04:57.0186 2340 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:04:57.0201 2340 SamSs - ok
16:04:57.0232 2340 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
16:04:57.0248 2340 sbp2port - ok
16:04:57.0295 2340 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:04:57.0357 2340 SCardSvr - ok
16:04:57.0388 2340 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:04:57.0435 2340 scfilter - ok
16:04:57.0498 2340 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
16:04:57.0529 2340 Schedule - ok
16:04:57.0560 2340 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:04:57.0622 2340 SCPolicySvc - ok
16:04:57.0669 2340 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
16:04:57.0700 2340 SDRSVC - ok
16:04:57.0747 2340 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:04:57.0810 2340 secdrv - ok
16:04:57.0825 2340 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
16:04:57.0872 2340 seclogon - ok
16:04:57.0888 2340 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
16:04:57.0934 2340 SENS - ok
16:04:57.0934 2340 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:04:57.0950 2340 SensrSvc - ok
16:04:57.0981 2340 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:04:57.0997 2340 Serenum - ok
16:04:58.0028 2340 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:04:58.0044 2340 Serial - ok
16:04:58.0075 2340 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:04:58.0090 2340 sermouse - ok
16:04:58.0137 2340 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
16:04:58.0168 2340 SessionEnv - ok
16:04:58.0200 2340 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:04:58.0231 2340 sffdisk - ok
16:04:58.0246 2340 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:04:58.0262 2340 sffp_mmc - ok
16:04:58.0278 2340 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:04:58.0309 2340 sffp_sd - ok
16:04:58.0324 2340 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:04:58.0340 2340 sfloppy - ok
16:04:58.0418 2340 SftService (e1974a92ac0914a3859359a0a8c82c68) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe
16:04:58.0449 2340 SftService - ok
16:04:58.0496 2340 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:04:58.0543 2340 SharedAccess - ok
16:04:58.0574 2340 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
16:04:58.0621 2340 ShellHWDetection - ok
16:04:58.0668 2340 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:04:58.0683 2340 SiSRaid2 - ok
16:04:58.0714 2340 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:04:58.0730 2340 SiSRaid4 - ok
16:04:58.0761 2340 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:04:58.0792 2340 Smb - ok
16:04:58.0855 2340 snapman (b84440e7554fc85e900eef0a7aaba228) C:\Windows\system32\DRIVERS\snapman.sys
16:04:58.0870 2340 snapman - ok
16:04:58.0902 2340 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:04:58.0948 2340 SNMPTRAP - ok
16:04:58.0964 2340 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:04:58.0980 2340 spldr - ok
16:04:59.0026 2340 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
16:04:59.0058 2340 Spooler - ok
16:04:59.0167 2340 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
16:04:59.0229 2340 sppsvc - ok
16:04:59.0260 2340 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:04:59.0307 2340 sppuinotify - ok
16:04:59.0370 2340 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
16:04:59.0401 2340 sprtsvc_DellSupportCenter - ok
16:04:59.0448 2340 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:04:59.0494 2340 srv - ok
16:04:59.0510 2340 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:04:59.0541 2340 srv2 - ok
16:04:59.0588 2340 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:04:59.0619 2340 srvnet - ok
16:04:59.0650 2340 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:04:59.0697 2340 SSDPSRV - ok
16:04:59.0713 2340 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:04:59.0775 2340 SstpSvc - ok
16:04:59.0853 2340 STacSV (444109453a2b87e6c16bcda5953e81a9) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
16:04:59.0884 2340 STacSV - ok
16:04:59.0931 2340 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:04:59.0947 2340 stexstor - ok
16:05:00.0009 2340 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
16:05:00.0040 2340 STHDA - ok
16:05:00.0087 2340 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
16:05:00.0118 2340 stisvc - ok
16:05:00.0134 2340 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:05:00.0150 2340 swenum - ok
16:05:00.0196 2340 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:05:00.0243 2340 swprv - ok
16:05:00.0321 2340 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
16:05:00.0368 2340 SysMain - ok
16:05:00.0384 2340 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
16:05:00.0399 2340 TabletInputService - ok
16:05:00.0430 2340 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
16:05:00.0477 2340 TapiSrv - ok
16:05:00.0493 2340 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:05:00.0540 2340 TBS - ok
16:05:00.0649 2340 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
16:05:00.0696 2340 Tcpip - ok
16:05:00.0758 2340 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
16:05:00.0836 2340 TCPIP6 - ok
16:05:00.0867 2340 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:05:00.0898 2340 tcpipreg - ok
16:05:00.0930 2340 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:05:00.0945 2340 TDPIPE - ok
16:05:01.0008 2340 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
16:05:01.0023 2340 TDTCP - ok
16:05:01.0086 2340 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:05:01.0132 2340 tdx - ok
16:05:01.0164 2340 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
16:05:01.0179 2340 TermDD - ok
16:05:01.0242 2340 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
16:05:01.0304 2340 TermService - ok
16:05:01.0320 2340 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:05:01.0351 2340 Themes - ok
16:05:01.0382 2340 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:05:01.0429 2340 THREADORDER - ok
16:05:01.0444 2340 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:05:01.0491 2340 TrkWks - ok
16:05:01.0522 2340 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
16:05:01.0554 2340 TrustedInstaller - ok
16:05:01.0616 2340 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:05:01.0647 2340 tssecsrv - ok
16:05:01.0678 2340 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:05:01.0725 2340 tunnel - ok
16:05:01.0756 2340 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:05:01.0772 2340 uagp35 - ok
16:05:01.0788 2340 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
16:05:01.0834 2340 udfs - ok
16:05:01.0897 2340 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:05:01.0928 2340 UI0Detect - ok
16:05:01.0944 2340 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:05:01.0975 2340 uliagpkx - ok
16:05:01.0990 2340 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:05:02.0022 2340 umbus - ok
16:05:02.0037 2340 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:05:02.0068 2340 UmPass - ok
16:05:02.0100 2340 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:05:02.0146 2340 upnphost - ok
16:05:02.0193 2340 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
16:05:02.0209 2340 USBAAPL64 - ok
16:05:02.0256 2340 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
16:05:02.0271 2340 usbaudio - ok
16:05:02.0318 2340 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
16:05:02.0349 2340 usbccgp - ok
16:05:02.0380 2340 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
16:05:02.0412 2340 usbcir - ok
16:05:02.0443 2340 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
16:05:02.0458 2340 usbehci - ok
16:05:02.0505 2340 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
16:05:02.0521 2340 usbhub - ok
16:05:02.0583 2340 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
16:05:02.0614 2340 usbohci - ok
16:05:02.0646 2340 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:05:02.0661 2340 usbprint - ok
16:05:02.0724 2340 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:05:02.0739 2340 usbscan - ok
16:05:02.0786 2340 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:05:02.0817 2340 USBSTOR - ok
16:05:02.0864 2340 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
16:05:02.0895 2340 usbuhci - ok
16:05:02.0958 2340 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
16:05:02.0973 2340 usbvideo - ok
16:05:03.0004 2340 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:05:03.0051 2340 UxSms - ok
16:05:03.0098 2340 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:05:03.0129 2340 VaultSvc - ok
16:05:03.0192 2340 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:05:03.0207 2340 vdrvroot - ok
16:05:03.0238 2340 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
16:05:03.0270 2340 vds - ok
16:05:03.0285 2340 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:05:03.0316 2340 vga - ok
16:05:03.0348 2340 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:05:03.0379 2340 VgaSave - ok
16:05:03.0410 2340 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
16:05:03.0426 2340 vhdmp - ok
16:05:03.0457 2340 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
16:05:03.0472 2340 viaide - ok
16:05:03.0504 2340 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
16:05:03.0519 2340 volmgr - ok
16:05:03.0550 2340 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:05:03.0582 2340 volmgrx - ok
16:05:03.0613 2340 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
16:05:03.0628 2340 volsnap - ok
16:05:03.0660 2340 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:05:03.0675 2340 vsmraid - ok
16:05:03.0753 2340 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
16:05:03.0800 2340 VSS - ok
16:05:03.0816 2340 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:05:03.0831 2340 vwifibus - ok
16:05:03.0862 2340 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:05:03.0878 2340 vwififlt - ok
16:05:03.0909 2340 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:05:03.0925 2340 vwifimp - ok
16:05:03.0972 2340 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:05:04.0018 2340 W32Time - ok
16:05:04.0034 2340 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:05:04.0050 2340 WacomPen - ok
16:05:04.0096 2340 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:05:04.0128 2340 WANARP - ok
16:05:04.0143 2340 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:05:04.0190 2340 Wanarpv6 - ok
16:05:04.0284 2340 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:05:04.0330 2340 WatAdminSvc - ok
16:05:04.0408 2340 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
16:05:04.0440 2340 wbengine - ok
16:05:04.0471 2340 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:05:04.0486 2340 WbioSrvc - ok
16:05:04.0564 2340 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
16:05:04.0596 2340 wcncsvc - ok
16:05:04.0611 2340 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:05:04.0627 2340 WcsPlugInService - ok
16:05:04.0674 2340 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:05:04.0705 2340 Wd - ok
16:05:04.0736 2340 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:05:04.0783 2340 Wdf01000 - ok
16:05:04.0814 2340 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:05:04.0845 2340 WdiServiceHost - ok
16:05:04.0845 2340 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:05:04.0876 2340 WdiSystemHost - ok
16:05:04.0939 2340 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
16:05:04.0970 2340 WebClient - ok
16:05:05.0001 2340 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:05:05.0048 2340 Wecsvc - ok
16:05:05.0064 2340 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:05:05.0110 2340 wercplsupport - ok
16:05:05.0142 2340 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:05:05.0173 2340 WerSvc - ok
16:05:05.0220 2340 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:05:05.0266 2340 WfpLwf - ok
16:05:05.0313 2340 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
16:05:05.0344 2340 WimFltr - ok
16:05:05.0376 2340 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:05:05.0391 2340 WIMMount - ok
16:05:05.0422 2340 WinDefend - ok
16:05:05.0454 2340 WinHttpAutoProxySvc - ok
16:05:05.0516 2340 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:05:05.0563 2340 Winmgmt - ok
16:05:05.0641 2340 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
16:05:05.0719 2340 WinRM - ok
16:05:05.0766 2340 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:05:05.0797 2340 WinUsb - ok
16:05:05.0844 2340 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:05:05.0890 2340 Wlansvc - ok
16:05:06.0046 2340 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:05:06.0109 2340 wlidsvc - ok
16:05:06.0140 2340 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
16:05:06.0140 2340 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
16:05:06.0140 2340 wltrysvc - detected UnsignedFile.Multi.Generic (1)
16:05:06.0249 2340 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:05:06.0280 2340 WmiAcpi - ok
16:05:06.0358 2340 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:05:06.0390 2340 wmiApSrv - ok
16:05:06.0421 2340 WMPNetworkSvc - ok
16:05:06.0468 2340 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:05:06.0483 2340 WPCSvc - ok
16:05:06.0530 2340 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
16:05:06.0561 2340 WPDBusEnum - ok
16:05:06.0608 2340 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:05:06.0655 2340 ws2ifsl - ok
16:05:06.0717 2340 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
16:05:06.0733 2340 wscsvc - ok
16:05:06.0748 2340 WSearch - ok
16:05:06.0842 2340 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
16:05:06.0904 2340 wuauserv - ok
16:05:06.0936 2340 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:05:06.0982 2340 WudfPf - ok
16:05:07.0014 2340 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:05:07.0060 2340 WUDFRd - ok
16:05:07.0076 2340 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
16:05:07.0123 2340 wudfsvc - ok
16:05:07.0154 2340 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:05:07.0170 2340 WwanSvc - ok
16:05:07.0216 2340 yukonw7 (79d9ce9614c955dd31aa2556b4014662) C:\Windows\system32\DRIVERS\yk62x64.sys
16:05:07.0263 2340 yukonw7 - ok
16:05:07.0294 2340 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
16:05:07.0450 2340 \Device\Harddisk0\DR0 - ok
16:05:07.0450 2340 Boot (0x1200) (a5a47f88a08d4a60ab8861a5e6c4609c) \Device\Harddisk0\DR0\Partition0
16:05:07.0450 2340 \Device\Harddisk0\DR0\Partition0 - ok
16:05:07.0482 2340 Boot (0x1200) (30a308e372fca4a38327b709891fcdf3) \Device\Harddisk0\DR0\Partition1
16:05:07.0482 2340 \Device\Harddisk0\DR0\Partition1 - ok
16:05:07.0482 2340 ============================================================
16:05:07.0482 2340 Scan finished
16:05:07.0482 2340 ============================================================
16:05:07.0497 3048 Detected object count: 9
16:05:07.0497 3048 Actual detected object count: 9
16:05:18.0776 3048 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0776 3048 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:18.0776 3048 FlipShareServer ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0776 3048 FlipShareServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:18.0776 3048 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0776 3048 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:18.0792 3048 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0792 3048 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:18.0792 3048 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0792 3048 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:18.0792 3048 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0792 3048 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:18.0792 3048 OpenSSHd ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0792 3048 OpenSSHd ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:18.0792 3048 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0792 3048 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:18.0792 3048 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0792 3048 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:39.0384 6656 Deinitialize success
16:01:44.0151 6956 ============================================================
16:01:44.0151 6956 Current date / time: 2012/04/17 16:01:44.0151
16:01:44.0151 6956 SystemInfo:
16:01:44.0151 6956
16:01:44.0151 6956 OS Version: 6.1.7600 ServicePack: 0.0
16:01:44.0151 6956 Product type: Workstation
16:01:44.0151 6956 ComputerName: BOB-DELL
16:01:44.0151 6956 UserName: Bob
16:01:44.0151 6956 Windows directory: C:\Windows
16:01:44.0151 6956 System windows directory: C:\Windows
16:01:44.0151 6956 Running under WOW64
16:01:44.0151 6956 Processor architecture: Intel x64
16:01:44.0151 6956 Number of processors: 2
16:01:44.0151 6956 Page size: 0x1000
16:01:44.0151 6956 Boot type: Normal boot
16:01:44.0151 6956 ============================================================
16:01:44.0681 6956 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:01:44.0712 6956 \Device\Harddisk0\DR0:
16:01:44.0712 6956 MBR used
16:01:44.0712 6956 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
16:01:44.0712 6956 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CDAB0
16:01:44.0759 6956 Initialize success
16:01:44.0759 6956 ============================================================
16:02:22.0917 5640 ============================================================
16:02:22.0917 5640 Scan started
16:02:22.0917 5640 Mode: Manual; SigCheck; TDLFS;
16:02:22.0917 5640 ============================================================
16:02:23.0510 5640 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
16:02:23.0697 5640 1394ohci - ok
16:02:23.0759 5640 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
16:02:23.0790 5640 ACPI - ok
16:02:23.0837 5640 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
16:02:23.0946 5640 AcpiPmi - ok
16:02:24.0009 5640 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:02:24.0056 5640 adp94xx - ok
16:02:24.0102 5640 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:02:24.0118 5640 adpahci - ok
16:02:24.0149 5640 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:02:24.0165 5640 adpu320 - ok
16:02:24.0212 5640 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:02:24.0383 5640 AeLookupSvc - ok
16:02:24.0524 5640 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
16:02:24.0617 5640 AFD - ok
16:02:24.0680 5640 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
16:02:24.0711 5640 agp440 - ok
16:02:24.0742 5640 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:02:24.0804 5640 ALG - ok
16:02:24.0851 5640 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
16:02:24.0882 5640 aliide - ok
16:02:24.0898 5640 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
16:02:24.0914 5640 amdide - ok
16:02:24.0945 5640 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:02:25.0023 5640 AmdK8 - ok
16:02:25.0054 5640 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:02:25.0116 5640 AmdPPM - ok
16:02:25.0194 5640 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
16:02:25.0210 5640 amdsata - ok
16:02:25.0257 5640 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:02:25.0288 5640 amdsbs - ok
16:02:25.0304 5640 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
16:02:25.0335 5640 amdxata - ok
16:02:25.0397 5640 ApfiltrService (1412e9a88fe1f7e35ce6058a2ef03664) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:02:25.0444 5640 ApfiltrService - ok
16:02:25.0491 5640 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:02:25.0616 5640 AppID - ok
16:02:25.0647 5640 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:02:25.0709 5640 AppIDSvc - ok
16:02:25.0756 5640 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
16:02:25.0803 5640 Appinfo - ok
16:02:25.0943 5640 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:02:25.0974 5640 Apple Mobile Device - ok
16:02:26.0099 5640 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:02:26.0115 5640 arc - ok
16:02:26.0162 5640 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:02:26.0193 5640 arcsas - ok
16:02:26.0302 5640 asdsrv (2be4aa54c7728b7a432713961b09fa89) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
16:02:26.0318 5640 asdsrv - ok
16:02:26.0474 5640 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:02:26.0489 5640 aspnet_state - ok
16:02:26.0567 5640 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:02:26.0661 5640 AsyncMac - ok
16:02:26.0708 5640 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
16:02:26.0723 5640 atapi - ok
16:02:26.0770 5640 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:02:26.0848 5640 AudioEndpointBuilder - ok
16:02:26.0864 5640 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:02:26.0910 5640 AudioSrv - ok
16:02:26.0973 5640 avfsmn (7f5ea096d5edbaa9caeedf07dfae65da) C:\Windows\system32\DRIVERS\avfsmn.sys
16:02:27.0004 5640 avfsmn - ok
16:02:27.0191 5640 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
16:02:27.0363 5640 AVGIDSAgent - ok
16:02:27.0472 5640 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
16:02:27.0503 5640 AVGIDSDriver - ok
16:02:27.0534 5640 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
16:02:27.0534 5640 AVGIDSEH - ok
16:02:27.0550 5640 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
16:02:27.0566 5640 AVGIDSFilter - ok
16:02:27.0612 5640 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
16:02:27.0644 5640 Avgldx64 - ok
16:02:27.0675 5640 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
16:02:27.0690 5640 Avgmfx64 - ok
16:02:27.0706 5640 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
16:02:27.0722 5640 Avgrkx64 - ok
16:02:27.0737 5640 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
16:02:27.0768 5640 Avgtdia - ok
16:02:27.0862 5640 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
16:02:27.0878 5640 avgwd - ok
16:02:27.0987 5640 avhips (e0edb0f31b9755fb8f8017f3326de033) C:\Windows\system32\DRIVERS\avhips.sys
16:02:28.0002 5640 avhips - ok
16:02:28.0065 5640 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
16:02:28.0190 5640 AxInstSV - ok
16:02:28.0252 5640 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:02:28.0314 5640 b06bdrv - ok
16:02:28.0361 5640 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:02:28.0424 5640 b57nd60a - ok
16:02:28.0470 5640 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
16:02:28.0486 5640 BCM42RLY - ok
16:02:28.0580 5640 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
16:02:28.0736 5640 BCM43XX - ok
16:02:28.0829 5640 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:02:28.0892 5640 BDESVC - ok
16:02:28.0954 5640 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:02:29.0032 5640 Beep - ok
16:02:29.0110 5640 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
16:02:29.0188 5640 BFE - ok
16:02:29.0235 5640 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
16:02:29.0344 5640 BITS - ok
16:02:29.0422 5640 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:02:29.0453 5640 blbdrive - ok
16:02:29.0578 5640 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
16:02:29.0594 5640 Bonjour Service - ok
16:02:29.0734 5640 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:02:29.0796 5640 bowser - ok
16:02:29.0828 5640 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:02:29.0874 5640 BrFiltLo - ok
16:02:29.0890 5640 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:02:29.0921 5640 BrFiltUp - ok
16:02:29.0952 5640 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:02:30.0046 5640 BridgeMP - ok
16:02:30.0077 5640 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
16:02:30.0155 5640 Browser - ok
16:02:30.0186 5640 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:02:30.0233 5640 Brserid - ok
16:02:30.0264 5640 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:02:30.0311 5640 BrSerWdm - ok
16:02:30.0342 5640 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:02:30.0405 5640 BrUsbMdm - ok
16:02:30.0436 5640 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:02:30.0514 5640 BrUsbSer - ok
16:02:30.0561 5640 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:02:30.0608 5640 BTHMODEM - ok
16:02:30.0654 5640 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:02:30.0732 5640 bthserv - ok
16:02:30.0779 5640 catchme - ok
16:02:30.0842 5640 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:02:30.0920 5640 cdfs - ok
16:02:30.0966 5640 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:02:30.0998 5640 cdrom - ok
16:02:31.0044 5640 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:02:31.0107 5640 CertPropSvc - ok
16:02:31.0154 5640 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:02:31.0200 5640 circlass - ok
16:02:31.0247 5640 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:02:31.0263 5640 CLFS - ok
16:02:31.0341 5640 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:02:31.0356 5640 clr_optimization_v2.0.50727_32 - ok
16:02:31.0419 5640 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:02:31.0434 5640 clr_optimization_v2.0.50727_64 - ok
16:02:31.0528 5640 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:02:31.0544 5640 clr_optimization_v4.0.30319_32 - ok
16:02:31.0575 5640 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:02:31.0606 5640 clr_optimization_v4.0.30319_64 - ok
16:02:31.0700 5640 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:02:31.0746 5640 CmBatt - ok
16:02:31.0793 5640 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
16:02:31.0809 5640 cmdide - ok
16:02:31.0871 5640 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
16:02:31.0965 5640 CNG - ok
16:02:32.0090 5640 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:02:32.0105 5640 Compbatt - ok
16:02:32.0136 5640 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:02:32.0168 5640 CompositeBus - ok
16:02:32.0199 5640 COMSysApp - ok
16:02:32.0214 5640 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:02:32.0230 5640 crcdisk - ok
16:02:32.0277 5640 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
16:02:32.0355 5640 CryptSvc - ok
16:02:32.0448 5640 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:02:32.0511 5640 CtClsFlt - ok
16:02:32.0573 5640 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:02:32.0698 5640 DcomLaunch - ok
16:02:32.0776 5640 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:02:32.0870 5640 defragsvc - ok
16:02:32.0932 5640 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:02:33.0010 5640 DfsC - ok
16:02:33.0057 5640 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
16:02:33.0182 5640 Dhcp - ok
16:02:33.0244 5640 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:02:33.0338 5640 discache - ok
16:02:33.0384 5640 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:02:33.0400 5640 Disk - ok
16:02:33.0462 5640 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
16:02:33.0478 5640 Dnscache - ok
16:02:33.0572 5640 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
16:02:33.0587 5640 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
16:02:33.0587 5640 DockLoginService - detected UnsignedFile.Multi.Generic (1)
16:02:33.0650 5640 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
16:02:33.0790 5640 dot3svc - ok
16:02:33.0899 5640 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:02:33.0946 5640 Dot4 - ok
16:02:34.0024 5640 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:02:34.0102 5640 Dot4Print - ok
16:02:34.0149 5640 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:02:34.0196 5640 dot4usb - ok
16:02:34.0242 5640 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
16:02:34.0320 5640 DPS - ok
16:02:34.0445 5640 DragonSvc (d5761dd586c54bf710174e992fa83eaa) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
16:02:34.0461 5640 DragonSvc - ok
16:02:34.0570 5640 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:02:34.0617 5640 drmkaud - ok
16:02:34.0710 5640 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
16:02:34.0773 5640 DXGKrnl - ok
16:02:34.0898 5640 DymoPnpService (16801152c1c1ba0857972c28d35bce33) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
16:02:34.0913 5640 DymoPnpService - ok
16:02:35.0022 5640 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:02:35.0100 5640 EapHost - ok
16:02:35.0241 5640 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:02:35.0412 5640 ebdrv - ok
16:02:35.0522 5640 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
16:02:35.0568 5640 EFS - ok
16:02:35.0662 5640 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
16:02:35.0709 5640 ehRecvr - ok
16:02:35.0756 5640 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:02:35.0787 5640 ehSched - ok
16:02:35.0865 5640 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:02:35.0912 5640 elxstor - ok
16:02:35.0927 5640 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
16:02:35.0959 5640 ErrDev - ok
16:02:36.0021 5640 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:02:36.0115 5640 EventSystem - ok
16:02:36.0146 5640 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:02:36.0208 5640 exfat - ok
16:02:36.0255 5640 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:02:36.0286 5640 fastfat - ok
16:02:36.0349 5640 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
16:02:36.0427 5640 Fax - ok
16:02:36.0442 5640 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:02:36.0505 5640 fdc - ok
16:02:36.0520 5640 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:02:36.0567 5640 fdPHost - ok
16:02:36.0583 5640 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:02:36.0676 5640 FDResPub - ok
16:02:36.0723 5640 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:02:36.0739 5640 FileInfo - ok
16:02:36.0754 5640 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:02:36.0832 5640 Filetrace - ok
16:02:36.0973 5640 FlipShare Service (869bde240b7fe9c7b25bd80df85641c8) C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
16:02:36.0988 5640 FlipShare Service - ok
16:02:37.0051 5640 FlipShareServer (9c330b7ddee9492373041e75da01f80c) C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
16:02:37.0097 5640 FlipShareServer ( UnsignedFile.Multi.Generic ) - warning
16:02:37.0097 5640 FlipShareServer - detected UnsignedFile.Multi.Generic (1)
16:02:37.0207 5640 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:02:37.0253 5640 flpydisk - ok
16:02:37.0316 5640 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:02:37.0347 5640 FltMgr - ok
16:02:37.0425 5640 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
16:02:37.0519 5640 FontCache - ok
16:02:37.0597 5640 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:02:37.0612 5640 FontCache3.0.0.0 - ok
16:02:37.0706 5640 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:02:37.0737 5640 FsDepends - ok
16:02:37.0784 5640 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
16:02:37.0799 5640 fssfltr - ok
16:02:37.0909 5640 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:02:37.0987 5640 fsssvc - ok
16:02:38.0080 5640 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
16:02:38.0096 5640 Fs_Rec - ok
16:02:38.0174 5640 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:02:38.0205 5640 fvevol - ok
16:02:38.0252 5640 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:02:38.0283 5640 gagp30kx - ok
16:02:38.0361 5640 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:02:38.0377 5640 GamesAppService - ok
16:02:38.0439 5640 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:02:38.0470 5640 GEARAspiWDM - ok
16:02:38.0595 5640 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
16:02:38.0611 5640 GoogleDesktopManager-051210-111108 - ok
16:02:38.0673 5640 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
16:02:38.0689 5640 GoToAssist - ok
16:02:38.0798 5640 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
16:02:38.0876 5640 gpsvc - ok
16:02:39.0032 5640 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:02:39.0047 5640 gupdate - ok
16:02:39.0125 5640 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:02:39.0141 5640 gupdatem - ok
16:02:39.0235 5640 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:02:39.0281 5640 hcw85cir - ok
16:02:39.0344 5640 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:02:39.0406 5640 HDAudBus - ok
16:02:39.0437 5640 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:02:39.0469 5640 HidBatt - ok
16:02:39.0500 5640 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:02:39.0547 5640 HidBth - ok
16:02:39.0593 5640 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:02:39.0640 5640 HidIr - ok
16:02:39.0687 5640 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
16:02:39.0749 5640 hidserv - ok
16:02:39.0812 5640 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:02:39.0843 5640 HidUsb - ok
16:02:39.0859 5640 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
16:02:39.0952 5640 hkmsvc - ok
16:02:39.0983 5640 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
16:02:40.0030 5640 HomeGroupListener - ok
16:02:40.0077 5640 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
16:02:40.0124 5640 HomeGroupProvider - ok
16:02:40.0311 5640 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:02:40.0342 5640 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:02:40.0342 5640 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:02:40.0373 5640 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:02:40.0405 5640 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:02:40.0405 5640 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:02:40.0545 5640 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:02:40.0561 5640 HpSAMD - ok
16:02:40.0763 5640 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:02:40.0873 5640 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:02:40.0873 5640 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:02:40.0982 5640 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:02:41.0091 5640 HTTP - ok
16:02:41.0169 5640 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:02:41.0200 5640 hwpolicy - ok
16:02:41.0247 5640 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:02:41.0278 5640 i8042prt - ok
16:02:41.0356 5640 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:02:41.0387 5640 IAANTMON - ok
16:02:41.0450 5640 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
16:02:41.0481 5640 iaStor - ok
16:02:41.0559 5640 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
16:02:41.0590 5640 iaStorV - ok
16:02:41.0684 5640 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:02:41.0746 5640 idsvc - ok
16:02:42.0027 5640 igfx (babd5f9b2bcc82ce556a0baf1ae208a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:02:42.0308 5640 igfx - ok
16:02:42.0401 5640 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:02:42.0433 5640 iirsp - ok
16:02:42.0495 5640 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
16:02:42.0620 5640 IKEEXT - ok
16:02:42.0667 5640 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
16:02:42.0682 5640 intelide - ok
16:02:42.0729 5640 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:02:42.0776 5640 intelppm - ok
16:02:42.0823 5640 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:02:42.0885 5640 IPBusEnum - ok
16:02:42.0932 5640 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:02:42.0979 5640 IpFilterDriver - ok
16:02:43.0010 5640 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
16:02:43.0103 5640 iphlpsvc - ok
16:02:43.0119 5640 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:02:43.0166 5640 IPMIDRV - ok
16:02:43.0197 5640 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:02:43.0275 5640 IPNAT - ok
16:02:43.0384 5640 iPod Service (a3bda1a8a016b5e5a525bcf684894ebe) C:\Program Files\iPod\bin\iPodService.exe
16:02:43.0415 5640 iPod Service - ok
16:02:43.0493 5640 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:02:43.0525 5640 IRENUM - ok
16:02:43.0556 5640 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
16:02:43.0571 5640 isapnp - ok
16:02:43.0618 5640 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
16:02:43.0634 5640 iScsiPrt - ok
16:02:43.0665 5640 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:02:43.0681 5640 kbdclass - ok
16:02:43.0696 5640 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
16:02:43.0759 5640 kbdhid - ok
16:02:43.0805 5640 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:02:43.0837 5640 KeyIso - ok
16:02:43.0852 5640 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
16:02:43.0868 5640 KSecDD - ok
16:02:43.0899 5640 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
16:02:43.0915 5640 KSecPkg - ok
16:02:43.0946 5640 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:02:44.0008 5640 ksthunk - ok
16:02:44.0071 5640 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:02:44.0149 5640 KtmRm - ok
16:02:44.0227 5640 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
16:02:44.0289 5640 LanmanServer - ok
16:02:44.0351 5640 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
16:02:44.0429 5640 LanmanWorkstation - ok
16:02:44.0476 5640 Lavasoft Kernexplorer - ok
16:02:44.0601 5640 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:02:44.0648 5640 lltdio - ok
16:02:44.0726 5640 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:02:44.0788 5640 lltdsvc - ok
16:02:44.0819 5640 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:02:44.0866 5640 lmhosts - ok
16:02:44.0929 5640 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:02:44.0944 5640 LSI_FC - ok
16:02:44.0975 5640 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:02:44.0991 5640 LSI_SAS - ok
16:02:45.0022 5640 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:02:45.0038 5640 LSI_SAS2 - ok
16:02:45.0053 5640 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:02:45.0085 5640 LSI_SCSI - ok
16:02:45.0116 5640 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:02:45.0178 5640 luafv - ok
16:02:45.0225 5640 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
16:02:45.0241 5640 Mcx2Svc - ok
16:02:45.0272 5640 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:02:45.0287 5640 megasas - ok
16:02:45.0319 5640 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:02:45.0334 5640 MegaSR - ok
16:02:45.0381 5640 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:02:45.0443 5640 MMCSS - ok
16:02:45.0537 5640 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:02:45.0646 5640 Modem - ok
16:02:45.0693 5640 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:02:45.0740 5640 monitor - ok
16:02:45.0771 5640 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:02:45.0787 5640 mouclass - ok
16:02:45.0818 5640 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:02:45.0865 5640 mouhid - ok
16:02:45.0896 5640 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:02:45.0911 5640 mountmgr - ok
16:02:45.0989 5640 mozyprobackup (8d0e9ef43647fbf6c7e0c15ecb0a3a08) C:\Program Files\MozyPro\mozyprobackup.exe
16:02:46.0021 5640 mozyprobackup - ok
16:02:46.0067 5640 mozyproFilter (a5c8838b68eddd5c738308b3a50cb350) C:\Windows\system32\DRIVERS\mozypro.sys
16:02:46.0099 5640 mozyproFilter - ok
16:02:46.0114 5640 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
16:02:46.0145 5640 mpio - ok
16:02:46.0161 5640 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:02:46.0223 5640 mpsdrv - ok
16:02:46.0270 5640 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
16:02:46.0379 5640 MpsSvc - ok
16:02:46.0411 5640 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:02:46.0473 5640 MRxDAV - ok
16:02:46.0520 5640 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:02:46.0582 5640 mrxsmb - ok
16:02:46.0613 5640 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:02:46.0660 5640 mrxsmb10 - ok
16:02:46.0707 5640 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:02:46.0723 5640 mrxsmb20 - ok
16:02:46.0769 5640 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
16:02:46.0785 5640 msahci - ok
16:02:46.0816 5640 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
16:02:46.0847 5640 msdsm - ok
16:02:46.0879 5640 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:02:46.0925 5640 MSDTC - ok
16:02:46.0972 5640 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:02:47.0035 5640 Msfs - ok
16:02:47.0050 5640 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:02:47.0113 5640 mshidkmdf - ok
16:02:47.0144 5640 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
16:02:47.0159 5640 msisadrv - ok
16:02:47.0222 5640 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:02:47.0284 5640 MSiSCSI - ok
16:02:47.0300 5640 msiserver - ok
16:02:47.0347 5640 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:02:47.0409 5640 MSKSSRV - ok
16:02:47.0440 5640 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:02:47.0518 5640 MSPCLOCK - ok
16:02:47.0565 5640 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:02:47.0612 5640 MSPQM - ok
16:02:47.0643 5640 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:02:47.0674 5640 MsRPC - ok
16:02:47.0705 5640 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:02:47.0721 5640 mssmbios - ok
16:02:47.0752 5640 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:02:47.0815 5640 MSTEE - ok
16:02:47.0830 5640 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:02:47.0893 5640 MTConfig - ok
16:02:47.0939 5640 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:02:47.0971 5640 Mup - ok
16:02:48.0017 5640 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
16:02:48.0095 5640 napagent - ok
16:02:48.0173 5640 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:02:48.0236 5640 NativeWifiP - ok
16:02:48.0267 5640 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:02:48.0361 5640 NDIS - ok
16:02:48.0392 5640 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:02:48.0423 5640 NdisCap - ok
16:02:48.0470 5640 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:02:48.0532 5640 NdisTapi - ok
16:02:48.0548 5640 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:02:48.0626 5640 Ndisuio - ok
16:02:48.0657 5640 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:02:48.0719 5640 NdisWan - ok
16:02:48.0735 5640 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:02:48.0829 5640 NDProxy - ok
16:02:48.0891 5640 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
16:02:48.0907 5640 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:02:48.0907 5640 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:02:48.0969 5640 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:02:49.0031 5640 NetBIOS - ok
16:02:49.0078 5640 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:02:49.0172 5640 NetBT - ok
16:02:49.0219 5640 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:02:49.0234 5640 Netlogon - ok
16:02:49.0281 5640 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:02:49.0375 5640 Netman - ok
16:02:49.0515 5640 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:02:49.0531 5640 NetMsmqActivator - ok
16:02:49.0546 5640 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:02:49.0546 5640 NetPipeActivator - ok
16:02:49.0593 5640 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:02:49.0687 5640 netprofm - ok
16:02:49.0718 5640 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:02:49.0749 5640 NetTcpActivator - ok
16:02:49.0749 5640 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:02:49.0765 5640 NetTcpPortSharing - ok
16:02:49.0843 5640 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:02:49.0874 5640 nfrd960 - ok
16:02:49.0967 5640 NitroReaderDriverReadSpool (b9665d7e8e0f8242482eb960ce97d4f2) C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
16:02:49.0999 5640 NitroReaderDriverReadSpool - ok
16:02:50.0092 5640 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
16:02:50.0186 5640 NlaSvc - ok
16:02:50.0248 5640 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:02:50.0326 5640 Npfs - ok
16:02:50.0342 5640 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:02:50.0420 5640 nsi - ok
16:02:50.0451 5640 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:02:50.0529 5640 nsiproxy - ok
16:02:50.0607 5640 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
16:02:50.0701 5640 Ntfs - ok
16:02:50.0732 5640 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:02:50.0825 5640 Null - ok
16:02:50.0888 5640 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
16:02:50.0919 5640 nvraid - ok
16:02:50.0966 5640 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
16:02:50.0981 5640 nvstor - ok
16:02:51.0044 5640 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
16:02:51.0059 5640 nv_agp - ok
16:02:51.0091 5640 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
16:02:51.0153 5640 ohci1394 - ok
16:02:51.0293 5640 OpenSSHd (3d70b0630342132ebc1ff5cff483e6c0) C:\Program Files (x86)\OpenSSH\bin\cygrunsrv.exe
16:02:51.0309 5640 OpenSSHd ( UnsignedFile.Multi.Generic ) - warning
16:02:51.0309 5640 OpenSSHd - detected UnsignedFile.Multi.Generic (1)
16:02:51.0371 5640 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:02:51.0403 5640 ose - ok
16:02:51.0668 5640 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:02:51.0871 5640 osppsvc - ok
16:02:51.0964 5640 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:02:52.0011 5640 p2pimsvc - ok
16:02:52.0058 5640 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:02:52.0105 5640 p2psvc - ok
16:02:52.0151 5640 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:02:52.0183 5640 Parport - ok
16:02:52.0198 5640 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:02:52.0214 5640 partmgr - ok
16:02:52.0245 5640 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:02:52.0292 5640 PcaSvc - ok
16:02:52.0307 5640 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
16:02:52.0339 5640 pci - ok
16:02:52.0354 5640 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:02:52.0370 5640 pciide - ok
16:02:52.0401 5640 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:02:52.0448 5640 pcmcia - ok
16:02:52.0479 5640 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:02:52.0495 5640 pcw - ok
16:02:52.0541 5640 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:02:52.0604 5640 PEAUTH - ok
16:02:52.0666 5640 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:02:52.0713 5640 PerfHost - ok
16:02:52.0822 5640 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
16:02:52.0947 5640 pla - ok
16:02:53.0041 5640 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
16:02:53.0087 5640 PlugPlay - ok
16:02:53.0119 5640 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
16:02:53.0165 5640 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:02:53.0165 5640 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:02:53.0197 5640 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:02:53.0259 5640 PNRPAutoReg - ok
16:02:53.0306 5640 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:02:53.0321 5640 PNRPsvc - ok
16:02:53.0368 5640 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
16:02:53.0446 5640 PolicyAgent - ok
16:02:53.0493 5640 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:02:53.0571 5640 Power - ok
16:02:53.0618 5640 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:02:53.0696 5640 PptpMiniport - ok
16:02:53.0727 5640 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:02:53.0789 5640 Processor - ok
16:02:53.0836 5640 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
16:02:53.0914 5640 ProfSvc - ok
16:02:53.0961 5640 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:02:53.0992 5640 ProtectedStorage - ok
16:02:54.0039 5640 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:02:54.0101 5640 Psched - ok
16:02:54.0133 5640 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:02:54.0164 5640 PxHlpa64 - ok
16:02:54.0226 5640 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:02:54.0304 5640 ql2300 - ok
16:02:54.0335 5640 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:02:54.0351 5640 ql40xx - ok
16:02:54.0382 5640 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:02:54.0429 5640 QWAVE - ok
16:02:54.0445 5640 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:02:54.0507 5640 QWAVEdrv - ok
16:02:54.0538 5640 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:02:54.0616 5640 RasAcd - ok
16:02:54.0679 5640 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:02:54.0741 5640 RasAgileVpn - ok
16:02:54.0772 5640 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:02:54.0850 5640 RasAuto - ok
16:02:54.0897 5640 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:02:54.0959 5640 Rasl2tp - ok
16:02:55.0006 5640 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
16:02:55.0100 5640 RasMan - ok
16:02:55.0162 5640 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:02:55.0240 5640 RasPppoe - ok
16:02:55.0271 5640 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:02:55.0334 5640 RasSstp - ok
16:02:55.0381 5640 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:02:55.0443 5640 rdbss - ok
16:02:55.0474 5640 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:02:55.0552 5640 rdpbus - ok
16:02:55.0599 5640 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:02:55.0646 5640 RDPCDD - ok
16:02:55.0677 5640 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:02:55.0739 5640 RDPENCDD - ok
16:02:55.0786 5640 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:02:55.0864 5640 RDPREFMP - ok
16:02:55.0911 5640 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
16:02:55.0942 5640 RDPWD - ok
16:02:55.0989 5640 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:02:56.0020 5640 rdyboost - ok
16:02:56.0051 5640 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:02:56.0114 5640 RemoteAccess - ok
16:02:56.0161 5640 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:02:56.0239 5640 RemoteRegistry - ok
16:02:56.0285 5640 RimUsb - ok
16:02:56.0348 5640 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
16:02:56.0395 5640 RimVSerPort - ok
16:02:56.0441 5640 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
16:02:56.0519 5640 ROOTMODEM - ok
16:02:56.0566 5640 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:02:56.0629 5640 RpcEptMapper - ok
16:02:56.0660 5640 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:02:56.0722 5640 RpcLocator - ok
16:02:56.0769 5640 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:02:56.0816 5640 RpcSs - ok
16:02:56.0878 5640 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:02:56.0956 5640 rspndr - ok
16:02:57.0003 5640 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys
16:02:57.0034 5640 RSUSBSTOR - ok
16:02:57.0097 5640 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:02:57.0112 5640 SamSs - ok
16:02:57.0143 5640 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
16:02:57.0175 5640 sbp2port - ok
16:02:57.0206 5640 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:02:57.0284 5640 SCardSvr - ok
16:02:57.0315 5640 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:02:57.0377 5640 scfilter - ok
16:02:57.0424 5640 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
16:02:57.0518 5640 Schedule - ok
16:02:57.0565 5640 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:02:57.0611 5640 SCPolicySvc - ok
16:02:57.0643 5640 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
16:02:57.0689 5640 SDRSVC - ok
16:02:57.0752 5640 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:02:57.0830 5640 secdrv - ok
16:02:57.0861 5640 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
16:02:57.0908 5640 seclogon - ok
16:02:57.0939 5640 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
16:02:58.0001 5640 SENS - ok
16:02:58.0017 5640 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:02:58.0033 5640 SensrSvc - ok
16:02:58.0095 5640 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:02:58.0142 5640 Serenum - ok
16:02:58.0204 5640 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:02:58.0220 5640 Serial - ok
16:02:58.0267 5640 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:02:58.0313 5640 sermouse - ok
16:02:58.0360 5640 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
16:02:58.0423 5640 SessionEnv - ok
16:02:58.0438 5640 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:02:58.0501 5640 sffdisk - ok
16:02:58.0532 5640 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:02:58.0579 5640 sffp_mmc - ok
16:02:58.0610 5640 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:02:58.0625 5640 sffp_sd - ok
16:02:58.0657 5640 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:02:58.0688 5640 sfloppy - ok
16:02:58.0766 5640 SftService (e1974a92ac0914a3859359a0a8c82c68) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe
16:02:58.0797 5640 SftService - ok
16:02:58.0875 5640 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:02:58.0937 5640 SharedAccess - ok
16:02:58.0984 5640 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
16:02:59.0047 5640 ShellHWDetection - ok
16:02:59.0125 5640 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:02:59.0156 5640 SiSRaid2 - ok
16:02:59.0171 5640 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:02:59.0187 5640 SiSRaid4 - ok
16:02:59.0234 5640 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:02:59.0281 5640 Smb - ok
16:02:59.0359 5640 snapman (b84440e7554fc85e900eef0a7aaba228) C:\Windows\system32\DRIVERS\snapman.sys
16:02:59.0390 5640 snapman - ok
16:02:59.0421 5640 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:02:59.0468 5640 SNMPTRAP - ok
16:02:59.0515 5640 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:02:59.0530 5640 spldr - ok
16:02:59.0593 5640 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
16:02:59.0639 5640 Spooler - ok
16:02:59.0764 5640 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
16:02:59.0905 5640 sppsvc - ok
16:02:59.0951 5640 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:02:59.0998 5640 sppuinotify - ok
16:03:00.0092 5640 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
16:03:00.0107 5640 sprtsvc_DellSupportCenter - ok
16:03:00.0185 5640 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:03:00.0279 5640 srv - ok
16:03:00.0310 5640 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:03:00.0373 5640 srv2 - ok
16:03:00.0419 5640 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:03:00.0482 5640 srvnet - ok
16:03:00.0529 5640 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:03:00.0607 5640 SSDPSRV - ok
16:03:00.0622 5640 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:03:00.0716 5640 SstpSvc - ok
16:03:00.0809 5640 STacSV (444109453a2b87e6c16bcda5953e81a9) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
16:03:00.0887 5640 STacSV - ok
16:03:00.0965 5640 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:03:00.0997 5640 stexstor - ok
16:03:01.0043 5640 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
16:03:01.0090 5640 STHDA - ok
16:03:01.0153 5640 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
16:03:01.0215 5640 stisvc - ok
16:03:01.0277 5640 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:03:01.0293 5640 swenum - ok
16:03:01.0324 5640 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:03:01.0418 5640 swprv - ok
16:03:01.0511 5640 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
16:03:01.0621 5640 SysMain - ok
16:03:01.0652 5640 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
16:03:01.0699 5640 TabletInputService - ok
16:03:01.0730 5640 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
16:03:01.0808 5640 TapiSrv - ok
16:03:01.0839 5640 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:03:01.0901 5640 TBS - ok
16:03:02.0011 5640 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
16:03:02.0104 5640 Tcpip - ok
16:03:02.0167 5640 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
16:03:02.0213 5640 TCPIP6 - ok
16:03:02.0260 5640 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:03:02.0307 5640 tcpipreg - ok
16:03:02.0338 5640 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:03:02.0369 5640 TDPIPE - ok
16:03:02.0432 5640 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
16:03:02.0463 5640 TDTCP - ok
16:03:02.0494 5640 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:03:02.0572 5640 tdx - ok
16:03:02.0603 5640 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
16:03:02.0635 5640 TermDD - ok
16:03:02.0666 5640 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
16:03:02.0759 5640 TermService - ok
16:03:02.0791 5640 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:03:02.0822 5640 Themes - ok
16:03:02.0869 5640 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:03:02.0931 5640 THREADORDER - ok
16:03:02.0947 5640 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:03:03.0025 5640 TrkWks - ok
16:03:03.0087 5640 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
16:03:03.0118 5640 TrustedInstaller - ok
16:03:03.0165 5640 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:03:03.0227 5640 tssecsrv - ok
16:03:03.0274 5640 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:03:03.0337 5640 tunnel - ok
16:03:03.0368 5640 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:03:03.0383 5640 uagp35 - ok
16:03:03.0415 5640 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
16:03:03.0493 5640 udfs - ok
16:03:03.0539 5640 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:03:03.0571 5640 UI0Detect - ok
16:03:03.0602 5640 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:03:03.0617 5640 uliagpkx - ok
16:03:03.0649 5640 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:03:03.0680 5640 umbus - ok
16:03:03.0711 5640 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:03:03.0758 5640 UmPass - ok
16:03:03.0805 5640 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:03:03.0867 5640 upnphost - ok
16:03:03.0945 5640 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
16:03:03.0992 5640 USBAAPL64 - ok
16:03:04.0070 5640 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
16:03:04.0085 5640 usbaudio - ok
16:03:04.0132 5640 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
16:03:04.0179 5640 usbccgp - ok
16:03:04.0226 5640 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
16:03:04.0288 5640 usbcir - ok
16:03:04.0304 5640 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
16:03:04.0335 5640 usbehci - ok
16:03:04.0397 5640 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
16:03:04.0444 5640 usbhub - ok
16:03:04.0491 5640 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
16:03:04.0538 5640 usbohci - ok
16:03:04.0585 5640 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:03:04.0631 5640 usbprint - ok
16:03:04.0694 5640 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:03:04.0741 5640 usbscan - ok
16:03:04.0787 5640 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:03:04.0834 5640 USBSTOR - ok
16:03:04.0881 5640 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
16:03:04.0912 5640 usbuhci - ok
16:03:04.0975 5640 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
16:03:05.0037 5640 usbvideo - ok
16:03:05.0068 5640 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:03:05.0131 5640 UxSms - ok
16:03:05.0177 5640 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:03:05.0193 5640 VaultSvc - ok
16:03:05.0271 5640 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:03:05.0287 5640 vdrvroot - ok
16:03:05.0318 5640 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
16:03:05.0365 5640 vds - ok
16:03:05.0411 5640 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:03:05.0443 5640 vga - ok
16:03:05.0474 5640 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:03:05.0536 5640 VgaSave - ok
16:03:05.0567 5640 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
16:03:05.0599 5640 vhdmp - ok
16:03:05.0614 5640 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
16:03:05.0630 5640 viaide - ok
16:03:05.0645 5640 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
16:03:05.0677 5640 volmgr - ok
16:03:05.0692 5640 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:03:05.0739 5640 volmgrx - ok
16:03:05.0770 5640 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
16:03:05.0801 5640 volsnap - ok
16:03:05.0833 5640 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:03:05.0864 5640 vsmraid - ok
16:03:05.0957 5640 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
16:03:06.0020 5640 VSS - ok
16:03:06.0051 5640 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:03:06.0098 5640 vwifibus - ok
16:03:06.0145 5640 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:03:06.0191 5640 vwififlt - ok
16:03:06.0238 5640 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:03:06.0269 5640 vwifimp - ok
16:03:06.0316 5640 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:03:06.0379 5640 W32Time - ok
16:03:06.0410 5640 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:03:06.0441 5640 WacomPen - ok
16:03:06.0488 5640 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:03:06.0550 5640 WANARP - ok
16:03:06.0597 5640 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:03:06.0644 5640 Wanarpv6 - ok
16:03:06.0737 5640 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:03:06.0831 5640 WatAdminSvc - ok
16:03:06.0893 5640 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
16:03:07.0003 5640 wbengine - ok
16:03:07.0034 5640 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:03:07.0065 5640 WbioSrvc - ok
16:03:07.0127 5640 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
16:03:07.0174 5640 wcncsvc - ok
16:03:07.0205 5640 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:03:07.0237 5640 WcsPlugInService - ok
16:03:07.0283 5640 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:03:07.0299 5640 Wd - ok
16:03:07.0346 5640 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:03:07.0393 5640 Wdf01000 - ok
16:03:07.0408 5640 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:03:07.0455 5640 WdiServiceHost - ok
16:03:07.0455 5640 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:03:07.0486 5640 WdiSystemHost - ok
16:03:07.0533 5640 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
16:03:07.0564 5640 WebClient - ok
16:03:07.0580 5640 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:03:07.0673 5640 Wecsvc - ok
16:03:07.0689 5640 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:03:07.0736 5640 wercplsupport - ok
16:03:07.0767 5640 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:03:07.0845 5640 WerSvc - ok
16:03:07.0907 5640 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:03:07.0970 5640 WfpLwf - ok
16:03:08.0032 5640 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
16:03:08.0063 5640 WimFltr - ok
16:03:08.0079 5640 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:03:08.0095 5640 WIMMount - ok
16:03:08.0157 5640 WinDefend - ok
16:03:08.0173 5640 WinHttpAutoProxySvc - ok
16:03:08.0219 5640 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:03:08.0297 5640 Winmgmt - ok
16:03:08.0391 5640 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
16:03:08.0516 5640 WinRM - ok
16:03:08.0656 5640 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:03:08.0703 5640 WinUsb - ok
16:03:08.0781 5640 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:03:08.0875 5640 Wlansvc - ok
16:03:09.0031 5640 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:03:09.0093 5640 wlidsvc - ok
16:03:09.0109 5640 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
16:03:09.0140 5640 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
16:03:09.0140 5640 wltrysvc - detected UnsignedFile.Multi.Generic (1)
16:03:09.0249 5640 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:03:09.0280 5640 WmiAcpi - ok
16:03:09.0358 5640 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:03:09.0405 5640 wmiApSrv - ok
16:03:09.0436 5640 WMPNetworkSvc - ok
16:03:09.0483 5640 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:03:09.0499 5640 WPCSvc - ok
16:03:09.0514 5640 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
16:03:09.0545 5640 WPDBusEnum - ok
16:03:09.0608 5640 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:03:09.0655 5640 ws2ifsl - ok
16:03:09.0701 5640 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
16:03:09.0748 5640 wscsvc - ok
16:03:09.0748 5640 WSearch - ok
16:03:09.0857 5640 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
16:03:10.0013 5640 wuauserv - ok
16:03:10.0076 5640 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:03:10.0154 5640 WudfPf - ok
16:03:10.0201 5640 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:03:10.0247 5640 WUDFRd - ok
16:03:10.0294 5640 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
16:03:10.0357 5640 wudfsvc - ok
16:03:10.0403 5640 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:03:10.0435 5640 WwanSvc - ok
16:03:10.0497 5640 yukonw7 (79d9ce9614c955dd31aa2556b4014662) C:\Windows\system32\DRIVERS\yk62x64.sys
16:03:10.0622 5640 yukonw7 - ok
16:03:10.0684 5640 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
16:03:10.0840 5640 \Device\Harddisk0\DR0 - ok
16:03:10.0840 5640 Boot (0x1200) (a5a47f88a08d4a60ab8861a5e6c4609c) \Device\Harddisk0\DR0\Partition0
16:03:10.0840 5640 \Device\Harddisk0\DR0\Partition0 - ok
16:03:10.0871 5640 Boot (0x1200) (30a308e372fca4a38327b709891fcdf3) \Device\Harddisk0\DR0\Partition1
16:03:10.0871 5640 \Device\Harddisk0\DR0\Partition1 - ok
16:03:10.0871 5640 ============================================================
16:03:10.0871 5640 Scan finished
16:03:10.0871 5640 ============================================================
16:03:10.0887 6908 Detected object count: 9
16:03:10.0887 6908 Actual detected object count: 9
16:04:14.0083 6908 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0083 6908 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:14.0083 6908 FlipShareServer ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0083 6908 FlipShareServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:14.0083 6908 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0083 6908 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:14.0083 6908 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0083 6908 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:14.0098 6908 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0098 6908 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:14.0098 6908 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0098 6908 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:14.0098 6908 OpenSSHd ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0098 6908 OpenSSHd ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:14.0098 6908 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0098 6908 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:14.0098 6908 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:14.0098 6908 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:33.0988 2340 ============================================================
16:04:33.0988 2340 Scan started
16:04:33.0988 2340 Mode: Manual; SigCheck; TDLFS;
16:04:33.0988 2340 ============================================================
16:04:34.0363 2340 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
16:04:34.0394 2340 1394ohci - ok
16:04:34.0472 2340 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
16:04:34.0503 2340 ACPI - ok
16:04:34.0534 2340 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
16:04:34.0550 2340 AcpiPmi - ok
16:04:34.0597 2340 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:04:34.0612 2340 adp94xx - ok
16:04:34.0644 2340 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:04:34.0675 2340 adpahci - ok
16:04:34.0690 2340 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:04:34.0706 2340 adpu320 - ok
16:04:34.0753 2340 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:04:34.0784 2340 AeLookupSvc - ok
16:04:34.0846 2340 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
16:04:34.0893 2340 AFD - ok
16:04:34.0909 2340 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
16:04:34.0924 2340 agp440 - ok
16:04:34.0956 2340 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:04:34.0971 2340 ALG - ok
16:04:34.0987 2340 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
16:04:35.0002 2340 aliide - ok
16:04:35.0049 2340 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
16:04:35.0065 2340 amdide - ok
16:04:35.0080 2340 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:04:35.0112 2340 AmdK8 - ok
16:04:35.0127 2340 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:04:35.0143 2340 AmdPPM - ok
16:04:35.0190 2340 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
16:04:35.0221 2340 amdsata - ok
16:04:35.0252 2340 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:04:35.0268 2340 amdsbs - ok
16:04:35.0283 2340 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
16:04:35.0299 2340 amdxata - ok
16:04:35.0330 2340 ApfiltrService (1412e9a88fe1f7e35ce6058a2ef03664) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:04:35.0361 2340 ApfiltrService - ok
16:04:35.0392 2340 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:04:35.0408 2340 AppID - ok
16:04:35.0439 2340 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:04:35.0486 2340 AppIDSvc - ok
16:04:35.0502 2340 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
16:04:35.0517 2340 Appinfo - ok
16:04:35.0658 2340 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:04:35.0689 2340 Apple Mobile Device - ok
16:04:35.0736 2340 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:04:35.0767 2340 arc - ok
16:04:35.0798 2340 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:04:35.0814 2340 arcsas - ok
16:04:35.0892 2340 asdsrv (2be4aa54c7728b7a432713961b09fa89) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
16:04:35.0923 2340 asdsrv - ok
16:04:36.0032 2340 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:04:36.0048 2340 aspnet_state - ok
16:04:36.0126 2340 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:04:36.0172 2340 AsyncMac - ok
16:04:36.0219 2340 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
16:04:36.0250 2340 atapi - ok
16:04:36.0297 2340 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:04:36.0344 2340 AudioEndpointBuilder - ok
16:04:36.0360 2340 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:04:36.0406 2340 AudioSrv - ok
16:04:36.0469 2340 avfsmn (7f5ea096d5edbaa9caeedf07dfae65da) C:\Windows\system32\DRIVERS\avfsmn.sys
16:04:36.0484 2340 avfsmn - ok
16:04:36.0672 2340 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
16:04:36.0765 2340 AVGIDSAgent - ok
16:04:36.0796 2340 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
16:04:36.0812 2340 AVGIDSDriver - ok
16:04:36.0828 2340 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
16:04:36.0843 2340 AVGIDSEH - ok
16:04:36.0859 2340 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
16:04:36.0874 2340 AVGIDSFilter - ok
16:04:36.0890 2340 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
16:04:36.0906 2340 Avgldx64 - ok
16:04:36.0937 2340 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
16:04:36.0952 2340 Avgmfx64 - ok
16:04:36.0968 2340 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
16:04:36.0984 2340 Avgrkx64 - ok
16:04:37.0015 2340 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
16:04:37.0030 2340 Avgtdia - ok
16:04:37.0124 2340 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
16:04:37.0140 2340 avgwd - ok
16:04:37.0202 2340 avhips (e0edb0f31b9755fb8f8017f3326de033) C:\Windows\system32\DRIVERS\avhips.sys
16:04:37.0218 2340 avhips - ok
16:04:37.0264 2340 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
16:04:37.0296 2340 AxInstSV - ok
16:04:37.0327 2340 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:04:37.0358 2340 b06bdrv - ok
16:04:37.0389 2340 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:04:37.0405 2340 b57nd60a - ok
16:04:37.0436 2340 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
16:04:37.0467 2340 BCM42RLY - ok
16:04:37.0576 2340 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
16:04:37.0639 2340 BCM43XX - ok
16:04:37.0686 2340 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:04:37.0717 2340 BDESVC - ok
16:04:37.0748 2340 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:04:37.0779 2340 Beep - ok
16:04:37.0826 2340 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
16:04:37.0873 2340 BFE - ok
16:04:37.0920 2340 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
16:04:37.0982 2340 BITS - ok
16:04:38.0044 2340 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:04:38.0060 2340 blbdrive - ok
16:04:38.0138 2340 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
16:04:38.0169 2340 Bonjour Service - ok
16:04:38.0216 2340 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:04:38.0247 2340 bowser - ok
16:04:38.0278 2340 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:04:38.0310 2340 BrFiltLo - ok
16:04:38.0325 2340 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:04:38.0341 2340 BrFiltUp - ok
16:04:38.0372 2340 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:04:38.0403 2340 BridgeMP - ok
16:04:38.0450 2340 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
16:04:38.0497 2340 Browser - ok
16:04:38.0528 2340 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:04:38.0544 2340 Brserid - ok
16:04:38.0559 2340 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:04:38.0590 2340 BrSerWdm - ok
16:04:38.0606 2340 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:04:38.0637 2340 BrUsbMdm - ok
16:04:38.0653 2340 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:04:38.0668 2340 BrUsbSer - ok
16:04:38.0700 2340 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:04:38.0715 2340 BTHMODEM - ok
16:04:38.0746 2340 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:04:38.0793 2340 bthserv - ok
16:04:38.0809 2340 catchme - ok
16:04:38.0840 2340 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:04:38.0887 2340 cdfs - ok
16:04:38.0918 2340 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:04:38.0934 2340 cdrom - ok
16:04:38.0949 2340 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:04:39.0012 2340 CertPropSvc - ok
16:04:39.0027 2340 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:04:39.0043 2340 circlass - ok
16:04:39.0074 2340 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:04:39.0121 2340 CLFS - ok
16:04:39.0183 2340 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:04:39.0199 2340 clr_optimization_v2.0.50727_32 - ok
16:04:39.0261 2340 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:04:39.0292 2340 clr_optimization_v2.0.50727_64 - ok
16:04:39.0370 2340 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:04:39.0386 2340 clr_optimization_v4.0.30319_32 - ok
16:04:39.0433 2340 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:04:39.0448 2340 clr_optimization_v4.0.30319_64 - ok
16:04:39.0526 2340 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:04:39.0542 2340 CmBatt - ok
16:04:39.0589 2340 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
16:04:39.0620 2340 cmdide - ok
16:04:39.0682 2340 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
16:04:39.0729 2340 CNG - ok
16:04:39.0760 2340 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:04:39.0776 2340 Compbatt - ok
16:04:39.0792 2340 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:04:39.0807 2340 CompositeBus - ok
16:04:39.0823 2340 COMSysApp - ok
16:04:39.0870 2340 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:04:39.0885 2340 crcdisk - ok
16:04:39.0932 2340 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
16:04:39.0979 2340 CryptSvc - ok
16:04:40.0026 2340 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:04:40.0057 2340 CtClsFlt - ok
16:04:40.0088 2340 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:04:40.0135 2340 DcomLaunch - ok
16:04:40.0166 2340 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:04:40.0213 2340 defragsvc - ok
16:04:40.0260 2340 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:04:40.0291 2340 DfsC - ok
16:04:40.0306 2340 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
16:04:40.0338 2340 Dhcp - ok
16:04:40.0369 2340 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:04:40.0416 2340 discache - ok
16:04:40.0431 2340 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:04:40.0447 2340 Disk - ok
16:04:40.0509 2340 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
16:04:40.0540 2340 Dnscache - ok
16:04:40.0603 2340 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
16:04:40.0603 2340 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
16:04:40.0603 2340 DockLoginService - detected UnsignedFile.Multi.Generic (1)
16:04:40.0650 2340 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
16:04:40.0696 2340 dot3svc - ok
16:04:40.0759 2340 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:04:40.0790 2340 Dot4 - ok
16:04:40.0837 2340 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:04:40.0868 2340 Dot4Print - ok
16:04:40.0930 2340 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:04:40.0962 2340 dot4usb - ok
16:04:40.0977 2340 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
16:04:41.0040 2340 DPS - ok
16:04:41.0118 2340 DragonSvc (d5761dd586c54bf710174e992fa83eaa) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
16:04:41.0133 2340 DragonSvc - ok
16:04:41.0196 2340 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:04:41.0227 2340 drmkaud - ok
16:04:41.0305 2340 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
16:04:41.0352 2340 DXGKrnl - ok
16:04:41.0445 2340 DymoPnpService (16801152c1c1ba0857972c28d35bce33) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
16:04:41.0461 2340 DymoPnpService - ok
16:04:41.0508 2340 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:04:41.0586 2340 EapHost - ok
16:04:41.0710 2340 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:04:41.0773 2340 ebdrv - ok
16:04:41.0820 2340 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
16:04:41.0866 2340 EFS - ok
16:04:41.0944 2340 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
16:04:41.0976 2340 ehRecvr - ok
16:04:42.0007 2340 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:04:42.0022 2340 ehSched - ok
16:04:42.0100 2340 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:04:42.0132 2340 elxstor - ok
16:04:42.0147 2340 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
16:04:42.0178 2340 ErrDev - ok
16:04:42.0210 2340 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:04:42.0256 2340 EventSystem - ok
16:04:42.0288 2340 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:04:42.0350 2340 exfat - ok
16:04:42.0381 2340 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:04:42.0412 2340 fastfat - ok
16:04:42.0459 2340 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
16:04:42.0490 2340 Fax - ok
16:04:42.0522 2340 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:04:42.0537 2340 fdc - ok
16:04:42.0568 2340 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:04:42.0615 2340 fdPHost - ok
16:04:42.0631 2340 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:04:42.0678 2340 FDResPub - ok
16:04:42.0693 2340 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:04:42.0709 2340 FileInfo - ok
16:04:42.0740 2340 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:04:42.0787 2340 Filetrace - ok
16:04:42.0880 2340 FlipShare Service (869bde240b7fe9c7b25bd80df85641c8) C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
16:04:42.0912 2340 FlipShare Service - ok
16:04:42.0958 2340 FlipShareServer (9c330b7ddee9492373041e75da01f80c) C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
16:04:42.0990 2340 FlipShareServer ( UnsignedFile.Multi.Generic ) - warning
16:04:42.0990 2340 FlipShareServer - detected UnsignedFile.Multi.Generic (1)
16:04:43.0021 2340 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:04:43.0036 2340 flpydisk - ok
16:04:43.0068 2340 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:04:43.0083 2340 FltMgr - ok
16:04:43.0161 2340 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
16:04:43.0192 2340 FontCache - ok
16:04:43.0270 2340 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:04:43.0286 2340 FontCache3.0.0.0 - ok
16:04:43.0348 2340 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:04:43.0364 2340 FsDepends - ok
16:04:43.0411 2340 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
16:04:43.0426 2340 fssfltr - ok
16:04:43.0551 2340 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:04:43.0582 2340 fsssvc - ok
16:04:43.0645 2340 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
16:04:43.0660 2340 Fs_Rec - ok
16:04:43.0692 2340 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:04:43.0723 2340 fvevol - ok
16:04:43.0754 2340 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:04:43.0770 2340 gagp30kx - ok
16:04:43.0832 2340 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:04:43.0848 2340 GamesAppService - ok
16:04:43.0910 2340 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:04:43.0926 2340 GEARAspiWDM - ok
16:04:44.0035 2340 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
16:04:44.0050 2340 GoogleDesktopManager-051210-111108 - ok
16:04:44.0097 2340 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
16:04:44.0113 2340 GoToAssist - ok
16:04:44.0191 2340 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
16:04:44.0238 2340 gpsvc - ok
16:04:44.0316 2340 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:04:44.0331 2340 gupdate - ok
16:04:44.0362 2340 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:04:44.0378 2340 gupdatem - ok
16:04:44.0425 2340 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:04:44.0440 2340 hcw85cir - ok
16:04:44.0472 2340 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:04:44.0487 2340 HDAudBus - ok
16:04:44.0518 2340 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:04:44.0534 2340 HidBatt - ok
16:04:44.0565 2340 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:04:44.0581 2340 HidBth - ok
16:04:44.0612 2340 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:04:44.0628 2340 HidIr - ok
16:04:44.0659 2340 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
16:04:44.0706 2340 hidserv - ok
16:04:44.0721 2340 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:04:44.0752 2340 HidUsb - ok
16:04:44.0784 2340 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
16:04:44.0846 2340 hkmsvc - ok
16:04:44.0862 2340 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
16:04:44.0893 2340 HomeGroupListener - ok
16:04:44.0940 2340 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
16:04:44.0971 2340 HomeGroupProvider - ok
16:04:45.0111 2340 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:04:45.0127 2340 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:04:45.0127 2340 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:04:45.0189 2340 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:04:45.0189 2340 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:04:45.0189 2340 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:04:45.0236 2340 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:04:45.0267 2340 HpSAMD - ok
16:04:45.0330 2340 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:04:45.0361 2340 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:04:45.0361 2340 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:04:45.0408 2340 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:04:45.0454 2340 HTTP - ok
16:04:45.0470 2340 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:04:45.0486 2340 hwpolicy - ok
16:04:45.0548 2340 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:04:45.0579 2340 i8042prt - ok
16:04:45.0657 2340 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:04:45.0688 2340 IAANTMON - ok
16:04:45.0766 2340 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
16:04:45.0782 2340 iaStor - ok
16:04:45.0860 2340 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
16:04:45.0907 2340 iaStorV - ok
16:04:46.0016 2340 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:04:46.0047 2340 idsvc - ok
16:04:46.0250 2340 igfx (babd5f9b2bcc82ce556a0baf1ae208a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:04:46.0359 2340 igfx - ok
16:04:46.0468 2340 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:04:46.0484 2340 iirsp - ok
16:04:46.0531 2340 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
16:04:46.0593 2340 IKEEXT - ok
16:04:46.0624 2340 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
16:04:46.0640 2340 intelide - ok
16:04:46.0656 2340 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:04:46.0687 2340 intelppm - ok
16:04:46.0702 2340 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:04:46.0749 2340 IPBusEnum - ok
16:04:46.0780 2340 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:04:46.0827 2340 IpFilterDriver - ok
16:04:46.0874 2340 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
16:04:46.0936 2340 iphlpsvc - ok
16:04:46.0952 2340 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:04:46.0968 2340 IPMIDRV - ok
16:04:46.0999 2340 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:04:47.0046 2340 IPNAT - ok
16:04:47.0155 2340 iPod Service (a3bda1a8a016b5e5a525bcf684894ebe) C:\Program Files\iPod\bin\iPodService.exe
16:04:47.0186 2340 iPod Service - ok
16:04:47.0217 2340 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:04:47.0248 2340 IRENUM - ok
16:04:47.0264 2340 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
16:04:47.0280 2340 isapnp - ok
16:04:47.0311 2340 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
16:04:47.0326 2340 iScsiPrt - ok
16:04:47.0358 2340 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:04:47.0373 2340 kbdclass - ok
16:04:47.0389 2340 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
16:04:47.0420 2340 kbdhid - ok
16:04:47.0467 2340 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:04:47.0482 2340 KeyIso - ok
16:04:47.0514 2340 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
16:04:47.0529 2340 KSecDD - ok
16:04:47.0576 2340 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
16:04:47.0607 2340 KSecPkg - ok
16:04:47.0623 2340 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:04:47.0670 2340 ksthunk - ok
16:04:47.0732 2340 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:04:47.0779 2340 KtmRm - ok
16:04:47.0841 2340 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
16:04:47.0872 2340 LanmanServer - ok
16:04:47.0919 2340 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
16:04:47.0982 2340 LanmanWorkstation - ok
16:04:48.0013 2340 Lavasoft Kernexplorer - ok
16:04:48.0060 2340 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:04:48.0106 2340 lltdio - ok
16:04:48.0153 2340 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:04:48.0216 2340 lltdsvc - ok
16:04:48.0231 2340 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:04:48.0278 2340 lmhosts - ok
16:04:48.0309 2340 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:04:48.0325 2340 LSI_FC - ok
16:04:48.0356 2340 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:04:48.0372 2340 LSI_SAS - ok
16:04:48.0403 2340 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:04:48.0418 2340 LSI_SAS2 - ok
16:04:48.0434 2340 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:04:48.0450 2340 LSI_SCSI - ok
16:04:48.0481 2340 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:04:48.0528 2340 luafv - ok
16:04:48.0559 2340 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
16:04:48.0590 2340 Mcx2Svc - ok
16:04:48.0621 2340 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:04:48.0637 2340 megasas - ok
16:04:48.0684 2340 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:04:48.0699 2340 MegaSR - ok
16:04:48.0746 2340 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:04:48.0808 2340 MMCSS - ok
16:04:48.0824 2340 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:04:48.0871 2340 Modem - ok
16:04:48.0886 2340 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:04:48.0918 2340 monitor - ok
16:04:48.0933 2340 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:04:48.0949 2340 mouclass - ok
16:04:48.0964 2340 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:04:48.0980 2340 mouhid - ok
16:04:49.0011 2340 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:04:49.0042 2340 mountmgr - ok
16:04:49.0120 2340 mozyprobackup (8d0e9ef43647fbf6c7e0c15ecb0a3a08) C:\Program Files\MozyPro\mozyprobackup.exe
16:04:49.0136 2340 mozyprobackup - ok
16:04:49.0198 2340 mozyproFilter (a5c8838b68eddd5c738308b3a50cb350) C:\Windows\system32\DRIVERS\mozypro.sys
16:04:49.0214 2340 mozyproFilter - ok
16:04:49.0261 2340 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
16:04:49.0276 2340 mpio - ok
16:04:49.0308 2340 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:04:49.0339 2340 mpsdrv - ok
16:04:49.0401 2340 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
16:04:49.0464 2340 MpsSvc - ok
16:04:49.0495 2340 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:04:49.0510 2340 MRxDAV - ok
16:04:49.0557 2340 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:04:49.0588 2340 mrxsmb - ok
16:04:49.0635 2340 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:04:49.0651 2340 mrxsmb10 - ok
16:04:49.0682 2340 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:04:49.0698 2340 mrxsmb20 - ok
16:04:49.0729 2340 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
16:04:49.0744 2340 msahci - ok
16:04:49.0760 2340 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
16:04:49.0791 2340 msdsm - ok
16:04:49.0822 2340 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:04:49.0854 2340 MSDTC - ok
16:04:49.0885 2340 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:04:49.0932 2340 Msfs - ok
16:04:49.0947 2340 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:04:49.0994 2340 mshidkmdf - ok
16:04:50.0010 2340 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
16:04:50.0025 2340 msisadrv - ok
16:04:50.0072 2340 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:04:50.0119 2340 MSiSCSI - ok
16:04:50.0134 2340 msiserver - ok
16:04:50.0181 2340 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:04:50.0228 2340 MSKSSRV - ok
16:04:50.0244 2340 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:04:50.0290 2340 MSPCLOCK - ok
16:04:50.0306 2340 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:04:50.0353 2340 MSPQM - ok
16:04:50.0368 2340 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:04:50.0400 2340 MsRPC - ok
16:04:50.0415 2340 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:04:50.0431 2340 mssmbios - ok
16:04:50.0462 2340 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:04:50.0509 2340 MSTEE - ok
16:04:50.0524 2340 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:04:50.0540 2340 MTConfig - ok
16:04:50.0571 2340 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:04:50.0587 2340 Mup - ok
16:04:50.0634 2340 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
16:04:50.0680 2340 napagent - ok
16:04:50.0712 2340 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:04:50.0727 2340 NativeWifiP - ok
16:04:50.0774 2340 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:04:50.0805 2340 NDIS - ok
16:04:50.0836 2340 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:04:50.0868 2340 NdisCap - ok
16:04:50.0899 2340 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:04:50.0930 2340 NdisTapi - ok
16:04:50.0961 2340 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:04:50.0992 2340 Ndisuio - ok
16:04:51.0024 2340 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:04:51.0070 2340 NdisWan - ok
16:04:51.0086 2340 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:04:51.0133 2340 NDProxy - ok
16:04:51.0164 2340 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
16:04:51.0180 2340 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:04:51.0180 2340 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:04:51.0211 2340 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:04:51.0273 2340 NetBIOS - ok
16:04:51.0304 2340 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:04:51.0351 2340 NetBT - ok
16:04:51.0398 2340 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:04:51.0429 2340 Netlogon - ok
16:04:51.0476 2340 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:04:51.0523 2340 Netman - ok
16:04:51.0632 2340 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:04:51.0663 2340 NetMsmqActivator - ok
16:04:51.0663 2340 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:04:51.0679 2340 NetPipeActivator - ok
16:04:51.0726 2340 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:04:51.0788 2340 netprofm - ok
16:04:51.0788 2340 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:04:51.0804 2340 NetTcpActivator - ok
16:04:51.0819 2340 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:04:51.0835 2340 NetTcpPortSharing - ok
16:04:51.0882 2340 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:04:51.0913 2340 nfrd960 - ok
16:04:51.0991 2340 NitroReaderDriverReadSpool (b9665d7e8e0f8242482eb960ce97d4f2) C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
16:04:52.0022 2340 NitroReaderDriverReadSpool - ok
16:04:52.0069 2340 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
16:04:52.0116 2340 NlaSvc - ok
16:04:52.0162 2340 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:04:52.0209 2340 Npfs - ok
16:04:52.0225 2340 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:04:52.0272 2340 nsi - ok
16:04:52.0287 2340 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:04:52.0334 2340 nsiproxy - ok
16:04:52.0428 2340 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
16:04:52.0490 2340 Ntfs - ok
16:04:52.0506 2340 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:04:52.0552 2340 Null - ok
16:04:52.0599 2340 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
16:04:52.0630 2340 nvraid - ok
16:04:52.0677 2340 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
16:04:52.0708 2340 nvstor - ok
16:04:52.0740 2340 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
16:04:52.0755 2340 nv_agp - ok
16:04:52.0771 2340 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
16:04:52.0802 2340 ohci1394 - ok
16:04:52.0911 2340 OpenSSHd (3d70b0630342132ebc1ff5cff483e6c0) C:\Program Files (x86)\OpenSSH\bin\cygrunsrv.exe
16:04:52.0911 2340 OpenSSHd ( UnsignedFile.Multi.Generic ) - warning
16:04:52.0911 2340 OpenSSHd - detected UnsignedFile.Multi.Generic (1)
16:04:52.0974 2340 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:04:52.0989 2340 ose - ok
16:04:53.0192 2340 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:04:53.0286 2340 osppsvc - ok
16:04:53.0442 2340 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:04:53.0457 2340 p2pimsvc - ok
16:04:53.0504 2340 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:04:53.0520 2340 p2psvc - ok
16:04:53.0566 2340 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:04:53.0598 2340 Parport - ok
16:04:53.0629 2340 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:04:53.0660 2340 partmgr - ok
16:04:53.0676 2340 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:04:53.0707 2340 PcaSvc - ok
16:04:53.0722 2340 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
16:04:53.0738 2340 pci - ok
16:04:53.0769 2340 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:04:53.0785 2340 pciide - ok
16:04:53.0816 2340 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:04:53.0832 2340 pcmcia - ok
16:04:53.0863 2340 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:04:53.0878 2340 pcw - ok
16:04:53.0910 2340 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:04:53.0972 2340 PEAUTH - ok
16:04:54.0019 2340 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:04:54.0050 2340 PerfHost - ok
16:04:54.0128 2340 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
16:04:54.0206 2340 pla - ok
16:04:54.0253 2340 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
16:04:54.0284 2340 PlugPlay - ok
16:04:54.0315 2340 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
16:04:54.0315 2340 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:04:54.0315 2340 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:04:54.0331 2340 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:04:54.0346 2340 PNRPAutoReg - ok
16:04:54.0378 2340 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:04:54.0393 2340 PNRPsvc - ok
16:04:54.0456 2340 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
16:04:54.0534 2340 PolicyAgent - ok
16:04:54.0565 2340 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:04:54.0627 2340 Power - ok
16:04:54.0690 2340 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:04:54.0736 2340 PptpMiniport - ok
16:04:54.0768 2340 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:04:54.0783 2340 Processor - ok
16:04:54.0830 2340 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
16:04:54.0877 2340 ProfSvc - ok
16:04:54.0924 2340 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:04:54.0955 2340 ProtectedStorage - ok
16:04:54.0986 2340 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:04:55.0017 2340 Psched - ok
16:04:55.0064 2340 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:04:55.0080 2340 PxHlpa64 - ok
16:04:55.0158 2340 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:04:55.0220 2340 ql2300 - ok
16:04:55.0251 2340 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:04:55.0267 2340 ql40xx - ok
16:04:55.0314 2340 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:04:55.0329 2340 QWAVE - ok
16:04:55.0360 2340 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:04:55.0376 2340 QWAVEdrv - ok
16:04:55.0407 2340 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:04:55.0454 2340 RasAcd - ok
16:04:55.0485 2340 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:04:55.0548 2340 RasAgileVpn - ok
16:04:55.0579 2340 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:04:55.0626 2340 RasAuto - ok
16:04:55.0657 2340 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:04:55.0704 2340 Rasl2tp - ok
16:04:55.0735 2340 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
16:04:55.0782 2340 RasMan - ok
16:04:55.0813 2340 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:04:55.0844 2340 RasPppoe - ok
16:04:55.0875 2340 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:04:55.0938 2340 RasSstp - ok
16:04:55.0969 2340 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:04:56.0016 2340 rdbss - ok
16:04:56.0031 2340 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:04:56.0047 2340 rdpbus - ok
16:04:56.0078 2340 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:04:56.0125 2340 RDPCDD - ok
16:04:56.0140 2340 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:04:56.0187 2340 RDPENCDD - ok
16:04:56.0203 2340 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:04:56.0250 2340 RDPREFMP - ok
16:04:56.0296 2340 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
16:04:56.0312 2340 RDPWD - ok
16:04:56.0343 2340 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:04:56.0359 2340 rdyboost - ok
16:04:56.0406 2340 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:04:56.0468 2340 RemoteAccess - ok
16:04:56.0515 2340 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:04:56.0577 2340 RemoteRegistry - ok
16:04:56.0577 2340 RimUsb - ok
16:04:56.0624 2340 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
16:04:56.0655 2340 RimVSerPort - ok
16:04:56.0702 2340 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
16:04:56.0749 2340 ROOTMODEM - ok
16:04:56.0764 2340 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:04:56.0827 2340 RpcEptMapper - ok
16:04:56.0858 2340 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:04:56.0889 2340 RpcLocator - ok
16:04:56.0920 2340 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:04:56.0967 2340 RpcSs - ok
16:04:56.0998 2340 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:04:57.0045 2340 rspndr - ok
16:04:57.0092 2340 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys
16:04:57.0123 2340 RSUSBSTOR - ok
16:04:57.0186 2340 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:04:57.0201 2340 SamSs - ok
16:04:57.0232 2340 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
16:04:57.0248 2340 sbp2port - ok
16:04:57.0295 2340 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:04:57.0357 2340 SCardSvr - ok
16:04:57.0388 2340 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:04:57.0435 2340 scfilter - ok
16:04:57.0498 2340 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
16:04:57.0529 2340 Schedule - ok
16:04:57.0560 2340 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:04:57.0622 2340 SCPolicySvc - ok
16:04:57.0669 2340 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
16:04:57.0700 2340 SDRSVC - ok
16:04:57.0747 2340 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:04:57.0810 2340 secdrv - ok
16:04:57.0825 2340 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
16:04:57.0872 2340 seclogon - ok
16:04:57.0888 2340 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
16:04:57.0934 2340 SENS - ok
16:04:57.0934 2340 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:04:57.0950 2340 SensrSvc - ok
16:04:57.0981 2340 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:04:57.0997 2340 Serenum - ok
16:04:58.0028 2340 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:04:58.0044 2340 Serial - ok
16:04:58.0075 2340 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:04:58.0090 2340 sermouse - ok
16:04:58.0137 2340 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
16:04:58.0168 2340 SessionEnv - ok
16:04:58.0200 2340 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:04:58.0231 2340 sffdisk - ok
16:04:58.0246 2340 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:04:58.0262 2340 sffp_mmc - ok
16:04:58.0278 2340 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:04:58.0309 2340 sffp_sd - ok
16:04:58.0324 2340 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:04:58.0340 2340 sfloppy - ok
16:04:58.0418 2340 SftService (e1974a92ac0914a3859359a0a8c82c68) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe
16:04:58.0449 2340 SftService - ok
16:04:58.0496 2340 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:04:58.0543 2340 SharedAccess - ok
16:04:58.0574 2340 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
16:04:58.0621 2340 ShellHWDetection - ok
16:04:58.0668 2340 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:04:58.0683 2340 SiSRaid2 - ok
16:04:58.0714 2340 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:04:58.0730 2340 SiSRaid4 - ok
16:04:58.0761 2340 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:04:58.0792 2340 Smb - ok
16:04:58.0855 2340 snapman (b84440e7554fc85e900eef0a7aaba228) C:\Windows\system32\DRIVERS\snapman.sys
16:04:58.0870 2340 snapman - ok
16:04:58.0902 2340 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:04:58.0948 2340 SNMPTRAP - ok
16:04:58.0964 2340 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:04:58.0980 2340 spldr - ok
16:04:59.0026 2340 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
16:04:59.0058 2340 Spooler - ok
16:04:59.0167 2340 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
16:04:59.0229 2340 sppsvc - ok
16:04:59.0260 2340 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:04:59.0307 2340 sppuinotify - ok
16:04:59.0370 2340 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
16:04:59.0401 2340 sprtsvc_DellSupportCenter - ok
16:04:59.0448 2340 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:04:59.0494 2340 srv - ok
16:04:59.0510 2340 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:04:59.0541 2340 srv2 - ok
16:04:59.0588 2340 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:04:59.0619 2340 srvnet - ok
16:04:59.0650 2340 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:04:59.0697 2340 SSDPSRV - ok
16:04:59.0713 2340 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:04:59.0775 2340 SstpSvc - ok
16:04:59.0853 2340 STacSV (444109453a2b87e6c16bcda5953e81a9) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
16:04:59.0884 2340 STacSV - ok
16:04:59.0931 2340 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:04:59.0947 2340 stexstor - ok
16:05:00.0009 2340 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
16:05:00.0040 2340 STHDA - ok
16:05:00.0087 2340 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
16:05:00.0118 2340 stisvc - ok
16:05:00.0134 2340 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:05:00.0150 2340 swenum - ok
16:05:00.0196 2340 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:05:00.0243 2340 swprv - ok
16:05:00.0321 2340 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
16:05:00.0368 2340 SysMain - ok
16:05:00.0384 2340 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
16:05:00.0399 2340 TabletInputService - ok
16:05:00.0430 2340 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
16:05:00.0477 2340 TapiSrv - ok
16:05:00.0493 2340 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:05:00.0540 2340 TBS - ok
16:05:00.0649 2340 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
16:05:00.0696 2340 Tcpip - ok
16:05:00.0758 2340 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
16:05:00.0836 2340 TCPIP6 - ok
16:05:00.0867 2340 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:05:00.0898 2340 tcpipreg - ok
16:05:00.0930 2340 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:05:00.0945 2340 TDPIPE - ok
16:05:01.0008 2340 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
16:05:01.0023 2340 TDTCP - ok
16:05:01.0086 2340 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:05:01.0132 2340 tdx - ok
16:05:01.0164 2340 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
16:05:01.0179 2340 TermDD - ok
16:05:01.0242 2340 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
16:05:01.0304 2340 TermService - ok
16:05:01.0320 2340 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:05:01.0351 2340 Themes - ok
16:05:01.0382 2340 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:05:01.0429 2340 THREADORDER - ok
16:05:01.0444 2340 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:05:01.0491 2340 TrkWks - ok
16:05:01.0522 2340 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
16:05:01.0554 2340 TrustedInstaller - ok
16:05:01.0616 2340 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:05:01.0647 2340 tssecsrv - ok
16:05:01.0678 2340 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:05:01.0725 2340 tunnel - ok
16:05:01.0756 2340 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:05:01.0772 2340 uagp35 - ok
16:05:01.0788 2340 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
16:05:01.0834 2340 udfs - ok
16:05:01.0897 2340 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:05:01.0928 2340 UI0Detect - ok
16:05:01.0944 2340 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:05:01.0975 2340 uliagpkx - ok
16:05:01.0990 2340 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:05:02.0022 2340 umbus - ok
16:05:02.0037 2340 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:05:02.0068 2340 UmPass - ok
16:05:02.0100 2340 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:05:02.0146 2340 upnphost - ok
16:05:02.0193 2340 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
16:05:02.0209 2340 USBAAPL64 - ok
16:05:02.0256 2340 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
16:05:02.0271 2340 usbaudio - ok
16:05:02.0318 2340 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
16:05:02.0349 2340 usbccgp - ok
16:05:02.0380 2340 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
16:05:02.0412 2340 usbcir - ok
16:05:02.0443 2340 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
16:05:02.0458 2340 usbehci - ok
16:05:02.0505 2340 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
16:05:02.0521 2340 usbhub - ok
16:05:02.0583 2340 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
16:05:02.0614 2340 usbohci - ok
16:05:02.0646 2340 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:05:02.0661 2340 usbprint - ok
16:05:02.0724 2340 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:05:02.0739 2340 usbscan - ok
16:05:02.0786 2340 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:05:02.0817 2340 USBSTOR - ok
16:05:02.0864 2340 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
16:05:02.0895 2340 usbuhci - ok
16:05:02.0958 2340 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
16:05:02.0973 2340 usbvideo - ok
16:05:03.0004 2340 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:05:03.0051 2340 UxSms - ok
16:05:03.0098 2340 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:05:03.0129 2340 VaultSvc - ok
16:05:03.0192 2340 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:05:03.0207 2340 vdrvroot - ok
16:05:03.0238 2340 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
16:05:03.0270 2340 vds - ok
16:05:03.0285 2340 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:05:03.0316 2340 vga - ok
16:05:03.0348 2340 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:05:03.0379 2340 VgaSave - ok
16:05:03.0410 2340 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
16:05:03.0426 2340 vhdmp - ok
16:05:03.0457 2340 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
16:05:03.0472 2340 viaide - ok
16:05:03.0504 2340 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
16:05:03.0519 2340 volmgr - ok
16:05:03.0550 2340 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:05:03.0582 2340 volmgrx - ok
16:05:03.0613 2340 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
16:05:03.0628 2340 volsnap - ok
16:05:03.0660 2340 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:05:03.0675 2340 vsmraid - ok
16:05:03.0753 2340 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
16:05:03.0800 2340 VSS - ok
16:05:03.0816 2340 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:05:03.0831 2340 vwifibus - ok
16:05:03.0862 2340 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:05:03.0878 2340 vwififlt - ok
16:05:03.0909 2340 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:05:03.0925 2340 vwifimp - ok
16:05:03.0972 2340 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:05:04.0018 2340 W32Time - ok
16:05:04.0034 2340 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:05:04.0050 2340 WacomPen - ok
16:05:04.0096 2340 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:05:04.0128 2340 WANARP - ok
16:05:04.0143 2340 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:05:04.0190 2340 Wanarpv6 - ok
16:05:04.0284 2340 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:05:04.0330 2340 WatAdminSvc - ok
16:05:04.0408 2340 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
16:05:04.0440 2340 wbengine - ok
16:05:04.0471 2340 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:05:04.0486 2340 WbioSrvc - ok
16:05:04.0564 2340 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
16:05:04.0596 2340 wcncsvc - ok
16:05:04.0611 2340 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:05:04.0627 2340 WcsPlugInService - ok
16:05:04.0674 2340 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:05:04.0705 2340 Wd - ok
16:05:04.0736 2340 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:05:04.0783 2340 Wdf01000 - ok
16:05:04.0814 2340 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:05:04.0845 2340 WdiServiceHost - ok
16:05:04.0845 2340 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:05:04.0876 2340 WdiSystemHost - ok
16:05:04.0939 2340 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
16:05:04.0970 2340 WebClient - ok
16:05:05.0001 2340 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:05:05.0048 2340 Wecsvc - ok
16:05:05.0064 2340 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:05:05.0110 2340 wercplsupport - ok
16:05:05.0142 2340 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:05:05.0173 2340 WerSvc - ok
16:05:05.0220 2340 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:05:05.0266 2340 WfpLwf - ok
16:05:05.0313 2340 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
16:05:05.0344 2340 WimFltr - ok
16:05:05.0376 2340 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:05:05.0391 2340 WIMMount - ok
16:05:05.0422 2340 WinDefend - ok
16:05:05.0454 2340 WinHttpAutoProxySvc - ok
16:05:05.0516 2340 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:05:05.0563 2340 Winmgmt - ok
16:05:05.0641 2340 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
16:05:05.0719 2340 WinRM - ok
16:05:05.0766 2340 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:05:05.0797 2340 WinUsb - ok
16:05:05.0844 2340 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:05:05.0890 2340 Wlansvc - ok
16:05:06.0046 2340 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:05:06.0109 2340 wlidsvc - ok
16:05:06.0140 2340 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
16:05:06.0140 2340 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
16:05:06.0140 2340 wltrysvc - detected UnsignedFile.Multi.Generic (1)
16:05:06.0249 2340 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:05:06.0280 2340 WmiAcpi - ok
16:05:06.0358 2340 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:05:06.0390 2340 wmiApSrv - ok
16:05:06.0421 2340 WMPNetworkSvc - ok
16:05:06.0468 2340 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:05:06.0483 2340 WPCSvc - ok
16:05:06.0530 2340 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
16:05:06.0561 2340 WPDBusEnum - ok
16:05:06.0608 2340 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:05:06.0655 2340 ws2ifsl - ok
16:05:06.0717 2340 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
16:05:06.0733 2340 wscsvc - ok
16:05:06.0748 2340 WSearch - ok
16:05:06.0842 2340 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
16:05:06.0904 2340 wuauserv - ok
16:05:06.0936 2340 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:05:06.0982 2340 WudfPf - ok
16:05:07.0014 2340 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:05:07.0060 2340 WUDFRd - ok
16:05:07.0076 2340 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
16:05:07.0123 2340 wudfsvc - ok
16:05:07.0154 2340 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:05:07.0170 2340 WwanSvc - ok
16:05:07.0216 2340 yukonw7 (79d9ce9614c955dd31aa2556b4014662) C:\Windows\system32\DRIVERS\yk62x64.sys
16:05:07.0263 2340 yukonw7 - ok
16:05:07.0294 2340 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
16:05:07.0450 2340 \Device\Harddisk0\DR0 - ok
16:05:07.0450 2340 Boot (0x1200) (a5a47f88a08d4a60ab8861a5e6c4609c) \Device\Harddisk0\DR0\Partition0
16:05:07.0450 2340 \Device\Harddisk0\DR0\Partition0 - ok
16:05:07.0482 2340 Boot (0x1200) (30a308e372fca4a38327b709891fcdf3) \Device\Harddisk0\DR0\Partition1
16:05:07.0482 2340 \Device\Harddisk0\DR0\Partition1 - ok
16:05:07.0482 2340 ============================================================
16:05:07.0482 2340 Scan finished
16:05:07.0482 2340 ============================================================
16:05:07.0497 3048 Detected object count: 9
16:05:07.0497 3048 Actual detected object count: 9
16:05:18.0776 3048 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0776 3048 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:18.0776 3048 FlipShareServer ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0776 3048 FlipShareServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:18.0776 3048 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0776 3048 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:18.0792 3048 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0792 3048 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:18.0792 3048 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0792 3048 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:18.0792 3048 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0792 3048 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:18.0792 3048 OpenSSHd ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0792 3048 OpenSSHd ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:18.0792 3048 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0792 3048 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:18.0792 3048 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:18.0792 3048 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:39.0384 6656 Deinitialize success
#9
Posted 17 April 2012 - 02:38 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
On completion of this could you let me know if the redirects still occur
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL
Run OTL
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
:Files
ipconfig /flushdns /c
:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot] - Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
#10
Posted 18 April 2012 - 04:43 AM
Mobilesites
- Topic Starter
-
- Member
-
- 15 posts
Member
OPL seemed to still be active establishing a restore point after being on all night. But the computer was very slow, so I did a hard restart.
This appeared after restart:
Files\Folders moved on Reboot...
C:\Users\Bob\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
I am still getting redirects, but not to happili site, yet. Firefox seems to run very slowly.
The redirects to Turbotax do keep occurring when the search term in google contains "tax schedules".
Also, I tried some terms where someone can make money with affiliate programs and I am being redirected -
(business opportunity, for example). But not as frequently as before.
This appeared after restart:
Files\Folders moved on Reboot...
C:\Users\Bob\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
I am still getting redirects, but not to happili site, yet. Firefox seems to run very slowly.
The redirects to Turbotax do keep occurring when the search term in google contains "tax schedules".
Also, I tried some terms where someone can make money with affiliate programs and I am being redirected -
(business opportunity, for example). But not as frequently as before.
#11
Posted 18 April 2012 - 06:27 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Are the redirects in both Firefox and IE or just one of them ?
#12
Posted 18 April 2012 - 06:46 AM
Mobilesites
- Topic Starter
-
- Member
-
- 15 posts
Member
Always Firefox. Does not happen with Chrome. I don't use IE, but just tried it and there were no redirects.
#13
Posted 18 April 2012 - 06:49 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Good that does narrow it down as to a Firefox infection rather than a system one, in addition to the gored logs could you run a furhter OTL quick scan with all users selected
Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
- Ensure all Firefox windows are closed.
- To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
- When prompted to run the scan, click Yes.
- GooredFix will check for infections, and then a log will appear.
Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).
#14
Posted 18 April 2012 - 07:37 AM
Mobilesites
- Topic Starter
-
- Member
-
- 15 posts
Member
GooredFix by jpshortstuff (03.07.10.1)
Log created at 09:21 on 18/04/2012 (Bob)
Firefox version 11.0 (en-US)
========== GooredScan ==========
========== GooredLog ==========
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [00:27 30/11/2011]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [03:00 14/04/2012]
C:\Users\Bob\Application Data\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\
[email protected] [13:14 21/03/2012]
[email protected] [11:12 16/07/2009]
{02450954-cdd9-410f-b1da-db804e18c671} [01:33 12/09/2010]
{06849336-9cf6-4fd5-82dc-316e56d03ff7} [13:14 21/03/2012]
{20a82645-c095-46ed-80e3-08825760534b} [13:23 14/05/2011]
{317B5128-0B0B-49b2-B2DB-1E7560E16C74} [10:44 11/04/2012]
{5a2b4e34-ce62-42e9-a658-06ba4490adf8} [13:59 05/04/2008]
{5c1a272d-6af9-4229-b821-11703c6b5ccf} [14:41 16/11/2009]
{75CEEE46-9B64-46f8-94BF-54012DE155F0} [13:32 19/01/2012]
{8ca292c6-ec28-4eec-baa5-87c950ecd07d} [19:50 06/12/2008]
{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [13:46 27/05/2011]
{d47a9f51-8281-43fa-f450-f28ef8735e9a} [15:34 22/03/2011]
{E0B8C461-F8FB-49b4-8373-FE32E9252800} [16:52 21/03/2012]
{e2337727-f9c9-411b-929e-287584341d1a} [13:32 19/01/2012]
{f4ae7cd3-d355-4e66-a8dc-a050070d29cf} [16:53 21/03/2012]
{fae5bcbc-dd73-439a-a15e-5b9ff39c0e9b} [13:34 11/04/2010]
C:\Users\Bob\Application Data\Mozilla\Firefox\Profiles\hzsuutp1.default\extensions\
{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [14:22 06/02/2010]
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [14:11 27/01/2012]
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"="C:\Program Files (x86)\AVG\AVG2012\Firefox4\" [11:58 14/10/2011]
"{22119944-ED35-4ab1-910B-E619EA06A115}"="C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox" [15:34 19/03/2011]
---------- Old Logs ----------
GooredFix[12.05.08_12-04-2012].txt
GooredFix[13.19.58_18-04-2012].txt
-=E.O.F=-
OTL logfile created on: 4/18/2012 9:32:07 AM - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Bob\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.96 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 39.51% Memory free
7.92 Gb Paging File | 5.24 Gb Available in Paging File | 66.10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 160.86 Gb Free Space | 56.76% Space Free | Partition Type: NTFS
Computer Name: BOB-DELL | User Name: Bob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/04/17 13:35:27 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Bob\Downloads\OTL.exe
PRC - [2012/03/22 12:09:12 | 001,014,112 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2012/03/21 09:31:35 | 000,243,304 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\identities.exe
PRC - [2012/03/21 09:31:35 | 000,108,136 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2012/03/13 00:39:04 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/02/14 19:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/02/03 03:55:26 | 000,715,048 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/08/15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/06/05 21:41:34 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2011/06/05 21:12:44 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
PRC - [2011/05/19 10:55:14 | 000,913,512 | ---- | M] (Enounce Incorporated) -- C:\Program Files (x86)\Enounce\MySpeed\MySpeed.exe
PRC - [2010/12/15 13:31:20 | 000,460,144 | ---- | M] () -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
PRC - [2010/12/15 13:22:42 | 001,085,440 | ---- | M] () -- C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
PRC - [2010/08/20 16:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/07/02 14:25:48 | 000,656,896 | ---- | M] (j2 Global Communications, Inc.) -- C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe
PRC - [2009/06/24 21:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/06/04 20:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/12/18 15:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2007/01/01 17:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Bob\AppData\Roaming\Google\Google Talk\googletalk.exe
========== Modules (No Company Name) ==========
MOD - [2012/04/11 04:09:11 | 000,161,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\bb5d636d74c874b9d45d145031e15ed9\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
MOD - [2012/04/11 04:09:07 | 000,617,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b1196f23d3ea34127c316e7e4ee4fe46\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
MOD - [2012/04/11 04:08:30 | 000,167,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\58039c8c505717229b0d8fcf56a14c65\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
MOD - [2012/04/11 04:08:25 | 000,816,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\bd390319f90ce01ab8deba1289e8dbbb\Microsoft.Office.Tools.Common.v9.0.ni.dll
MOD - [2012/04/11 04:07:07 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e9a76c0c260e1f88d38f4e3287f40457\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
MOD - [2012/04/11 04:07:00 | 000,152,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\a7cebecbb32108466ba2925a6d2f9506\Microsoft.Office.Tools.v9.0.ni.dll
MOD - [2012/04/11 04:06:58 | 000,215,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\531970b65a818fc81bf606aad1a4fcb1\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
MOD - [2012/04/11 03:53:29 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d932bdb0712c33e0000c75035dbe74d1\PresentationFramework.ni.dll
MOD - [2012/04/11 03:52:59 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5c37600b4ae4ffeaeff645bb16a58137\System.Windows.Forms.ni.dll
MOD - [2012/04/11 03:52:47 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b7bec10dca3f27113cc91c24b79c8f75\System.Drawing.ni.dll
MOD - [2012/04/11 03:51:56 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\66fdd11e758f6c833fbc173338c1ff5b\PresentationCore.ni.dll
MOD - [2012/03/16 15:42:58 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2012/03/16 15:42:56 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2012/03/13 10:30:20 | 000,085,288 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{06849336-9cf6-4fd5-82dc-316e56d03ff7}\components\RadioWMPCoreGecko11.dll
MOD - [2012/03/13 00:39:07 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/02/16 05:00:33 | 000,161,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f1f015a3645c90929de3be8e005ce579\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll
MOD - [2012/02/16 05:00:30 | 000,337,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\5e3abe17bf44f0efc0dce053e26d5939\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll
MOD - [2012/02/16 05:00:29 | 000,650,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3514bdc0cdf9188136f0ef38b6b6f675\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
MOD - [2012/02/16 05:00:27 | 000,363,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ac16592da3971bfc1efb027346383848\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
MOD - [2012/02/16 05:00:24 | 001,300,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\8f512f0654c06ede69aa3634db4997ec\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll
MOD - [2012/02/16 04:57:01 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b6dc261fa4cb6702ef0c24f4bc9b3384\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll
MOD - [2012/02/16 04:57:00 | 000,134,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0462ab3f4db13940f68dded92927ae3b\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
MOD - [2012/02/16 04:56:57 | 000,179,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\bf01cf77677b266c813293e180b8ea9b\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll
MOD - [2012/02/16 04:56:53 | 000,133,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ad5f62d2008f0f40ca06df91ceb082a8\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
MOD - [2012/02/16 04:56:52 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\a25e06e527720656434230d3ee420427\System.Core.ni.dll
MOD - [2012/02/16 04:56:44 | 000,042,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\8357c8cd875fca83d6d249de7217b716\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll
MOD - [2012/02/16 04:56:43 | 000,042,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\5fc479fc10d8b7f0c8f76cc9d52f701b\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
MOD - [2012/02/16 04:56:41 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1c0f1cc6fcadc6fdc33682a22c6aa9ac\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
MOD - [2012/02/16 04:56:40 | 000,633,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\64b7e2fa8a11164f2ae27b40e964907c\System.AddIn.ni.dll
MOD - [2012/02/16 04:44:14 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll
MOD - [2012/02/16 04:44:03 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
MOD - [2012/02/16 04:43:55 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
MOD - [2012/02/16 04:34:29 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
MOD - [2012/02/07 10:18:42 | 000,495,616 | ---- | M] () -- C:\Users\Bob\AppData\Local\assembly\dl3\DVGZBW5V.87R\4JZ51H72.PE5\53218571\0031acbf_45e0cc01\Interop.Word.DLL
MOD - [2012/02/07 10:18:42 | 000,286,720 | ---- | M] () -- C:\Users\Bob\AppData\Local\assembly\dl3\DVGZBW5V.87R\4JZ51H72.PE5\8cf24c0b\007e5370_e7e4cc01\Interop.Outlook.DLL
MOD - [2012/02/06 11:53:18 | 000,470,096 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\CATS Software, Inc\CATS Outlook Plugin\adxloader.dll
MOD - [2012/01/31 22:15:02 | 000,547,112 | ---- | M] () -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\sqlite3.dll
MOD - [2012/01/24 20:43:40 | 000,448,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\office\14.0.0.0__71e9bce111e9429c\office.dll
MOD - [2012/01/24 20:43:38 | 000,004,608 | ---- | M] () -- C:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\Extensibility.dll
MOD - [2012/01/24 20:43:37 | 001,550,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Excel\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
MOD - [2012/01/24 20:43:37 | 000,972,664 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Outlook\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll
MOD - [2012/01/24 20:43:35 | 000,907,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Word\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
MOD - [2011/11/15 04:50:31 | 000,082,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\49c0850ff20d17128d372aec3efddba2\System.AddIn.Contract.ni.dll
MOD - [2011/11/15 04:48:03 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\545f2e1ca544c2a8a39cbf8565e1c709\CustomMarshalers.ni.dll
MOD - [2011/11/15 04:46:29 | 000,112,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f67689a77323b6c427a752f596d76822\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll
MOD - [2011/11/15 04:46:28 | 000,035,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3d5e215ba177747fee682b21798338fe\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll
MOD - [2011/11/15 04:46:28 | 000,028,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6414133d645a6e56a4dcdf062492076a\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll
MOD - [2011/11/15 04:18:27 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011/11/14 13:06:38 | 000,051,712 | ---- | M] () -- C:\Users\Bob\AppData\Local\assembly\dl3\DVGZBW5V.87R\4JZ51H72.PE5\b4ba0bc4\00c499fb_8f57cc01\Outlook07DymoAddIn.DLL
MOD - [2011/11/14 13:05:14 | 000,081,408 | ---- | M] () -- C:\Users\Bob\AppData\Local\assembly\dl3\DVGZBW5V.87R\4JZ51H72.PE5\7e6e869d\008d8272_8f57cc01\DYMO.Common.DLL
MOD - [2011/03/22 11:19:55 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/21 01:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
MOD - [2010/11/21 23:19:32 | 000,082,432 | ---- | M] () -- C:\Program Files (x86)\CATS Microsoft Word Plug-in\Languages\CATSWord.0409.wlx
MOD - [2009/12/16 14:58:58 | 000,221,184 | ---- | M] () -- C:\Program Files (x86)\CATS Microsoft Word Plug-in\pcrelib.dll
MOD - [2009/06/10 17:22:50 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/08/04 15:09:16 | 000,053,528 | ---- | M] (Mozy, Inc.) [Auto | Running] -- C:\Program Files\MozyPro\mozyprobackup.exe -- (mozyprobackup)
SRV:64bit: - [2010/12/03 12:09:08 | 000,341,296 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe -- (NitroReaderDriverReadSpool)
SRV:64bit: - [2009/07/16 21:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/29 00:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2008/12/18 15:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2012/02/03 03:55:28 | 000,296,232 | ---- | M] (Anvisoft) [Auto | Stopped] -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe -- (asdsrv)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/10 15:22:12 | 000,032,336 | ---- | M] (Sanford, L.P.) [Auto | Running] -- C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe -- (DymoPnpService)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/06/05 21:12:44 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010/12/15 13:31:20 | 000,460,144 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/12/15 13:22:42 | 001,085,440 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe -- (FlipShareServer)
SRV - [2010/10/22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/08/20 16:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/23 06:51:52 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/06/29 00:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe -- (STacSV)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2004/04/18 07:11:14 | 000,036,864 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\OpenSSH\bin\cygrunsrv.exe -- (OpenSSHd)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/03/01 02:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/09 04:26:30 | 000,024,360 | ---- | M] (Anvisoft) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\avhips.sys -- (avhips)
DRV:64bit: - [2012/01/09 04:26:30 | 000,020,264 | ---- | M] (Anvisoft) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avfsmn.sys -- (avfsmn)
DRV:64bit: - [2011/10/07 06:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/09/13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/08/04 15:09:04 | 000,066,552 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mozypro.sys -- (mozyproFilter)
DRV:64bit: - [2011/07/11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/03 15:43:39 | 000,198,944 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2009/07/16 21:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/16 21:06:18 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/09 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/29 00:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 06:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/02 23:16:56 | 007,333,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/05/19 23:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/08 04:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/02/05 07:54:10 | 000,225,328 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mybasicisp.net
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{BFE8C948-10C3-45AC-A59F-A5BA19C19A9A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {F89CA8A7-8F5E-4E94-9E14-DCB324E15A43}
IE - HKLM\..\SearchScopes\{F89CA8A7-8F5E-4E94-9E14-DCB324E15A43}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@dymo.com/DymoLabelFramework: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/27 10:11:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/02/01 09:17:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2012/03/21 09:32:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/13 23:00:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/21 09:06:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/27 10:11:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}: C:\Users\Bob\AppData\Local\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}\ [2012/03/30 20:26:22 | 000,000,000 | ---D | M]
[2011/05/17 20:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Extensions
[2011/05/17 20:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Extensions\{ea278cf8-93cd-484f-b951-57360482d33a}
[2012/04/14 07:20:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions
[2010/09/11 21:33:24 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2012/03/21 09:14:47 | 000,000,000 | ---D | M] (Mobile Marketing Resources Community Toolbar) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{06849336-9cf6-4fd5-82dc-316e56d03ff7}
[2011/05/14 09:23:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/04/11 06:44:37 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2010/07/03 20:01:03 | 000,000,000 | ---D | M] (del.icio.us) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{5a2b4e34-ce62-42e9-a658-06ba4490adf8}
[2010/07/03 20:01:03 | 000,000,000 | ---D | M] (Niche Watch Tool) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{5c1a272d-6af9-4229-b821-11703c6b5ccf}
[2012/01/19 09:32:50 | 000,000,000 | ---D | M] (MeasureIt) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}
[2010/07/03 20:01:04 | 000,000,000 | ---D | M] (CATS Toolbar) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{8ca292c6-ec28-4eec-baa5-87c950ecd07d}
[2011/05/27 09:46:58 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2011/03/22 11:34:29 | 000,000,000 | ---D | M] (Pixlr Grabber) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}
[2012/03/21 12:53:01 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2012/01/19 09:32:50 | 000,000,000 | ---D | M] (LinkedIn Companion for Firefox) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{e2337727-f9c9-411b-929e-287584341d1a}
[2012/03/21 12:53:05 | 000,000,000 | ---D | M] (Recruiter.com Community Toolbar) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{f4ae7cd3-d355-4e66-a8dc-a050070d29cf}
[2010/07/03 20:01:11 | 000,000,000 | ---D | M] ("KeywordSpyâ„¢ SEO/PPC") -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{fae5bcbc-dd73-439a-a15e-5b9ff39c0e9b}
[2012/03/21 09:14:41 | 000,000,000 | ---D | M] (CATS Toolbar) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\[email protected]
[2010/07/03 20:01:00 | 000,000,000 | ---D | M] (TimeTracker) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\[email protected]
[2010/06/28 23:57:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\hzsuutp1.default\extensions
[2010/02/06 10:22:57 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\hzsuutp1.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2012/04/13 23:00:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/29 20:27:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/03/13 00:39:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/03/13 00:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/13 00:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U23 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Screen Capture Plugin (Enabled) = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.3_0\plugin/screen_capture.dll
CHR - plugin: RoboForm Plugin for Google Chrome/Opera/etc. (Enabled) = C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\plugin/rf-chrome-plugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: DYMO Label Framework (Enabled) = C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Screen Capture (by Google) = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\
CHR - Extension: AVG Safe Search = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: Japanese Vocab Tutor = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldemblkooloonmjfiainhkhmmlelfnfb\1.3_0\
CHR - Extension: Skype Click to Call = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
O1 HOSTS File: ([2012/04/17 22:41:53 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Anvi Smart Defender] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe (Anvisoft)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001..\Run: [3xAV] C:\Program Files (x86)\Enounce\MySpeed\MySpeed.exe (Enounce Incorporated)
O4 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001..\Run: [googletalk] C:\Users\Bob\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" File not found
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2011/12/24 10:05:19 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eFax 4.4.lnk = C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe (j2 Global Communications, Inc.)
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..Trusted Domains: highrisehq.com ([careergoals] https in Trusted sites)
O15 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BEA45FA-D3ED-4EE9-80D5-FE21F8ECA9FB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8CC56B0F-565F-487F-9FFA-580F9C6808C9}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/04/18 09:19:04 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Users\Bob\Desktop\GooredFix.exe
[2012/04/17 22:41:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/04/17 14:22:33 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/04/17 14:14:03 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Bob\Desktop\aswMBR.exe
[2012/04/17 13:11:23 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\@Read Review
[2012/04/16 20:39:03 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{53484B47-6DEF-4D50-9109-8D2EA4F56CD9}
[2012/04/16 20:38:50 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{032931A3-6E18-4E5D-8EB0-722E3C9C2DCF}
[2012/04/16 19:59:37 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/04/16 18:53:49 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/04/15 08:23:08 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/04/15 08:23:08 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/04/15 08:23:08 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/04/15 08:23:00 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/04/15 08:20:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/04/14 15:40:52 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{88C36626-9CB8-40A3-AA56-D05EF34F6850}
[2012/04/14 15:40:41 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{C7DE92E0-FA99-4563-87EE-AE1137C0647E}
[2012/04/14 15:36:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
[2012/04/13 09:05:48 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{98438F55-FFC3-4B9B-A1A3-4C91190B37E3}
[2012/04/13 09:05:37 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{58F67726-F003-4F02-B208-693296DD946B}
[2012/04/12 21:08:13 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{31B37272-024E-46D5-BFDF-C5DECDEDEBE0}
[2012/04/12 08:04:55 | 000,000,000 | ---D | C] -- C:\Users\Bob\Desktop\GooredFix Backups
[2012/04/12 04:47:40 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{78607B35-ECC1-48E1-801A-CAD833B5E797}
[2012/04/10 15:44:13 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{ED7C3B49-6486-4C57-91C7-17BB02B45BA2}
[2012/04/09 07:32:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2012/04/09 07:21:42 | 000,230,952 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2012/04/09 07:21:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2012/04/09 07:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/04/09 07:21:06 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\TestApp
[2012/04/08 13:42:16 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{0463CC8D-EAD6-4BE9-8BC2-F8B6704B8969}
[2012/04/06 09:56:45 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Malwarebytes
[2012/04/06 09:56:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/04/06 09:49:46 | 002,073,136 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Bob\Desktop\tdsskiller.exe
[2012/04/04 10:23:16 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{15C15D85-78C8-4F82-B347-CEF4E8ECBD0C}
[2012/04/03 08:37:17 | 000,024,360 | ---- | C] (Anvisoft) -- C:\Windows\SysNative\drivers\avhips.sys
[2012/04/03 08:37:17 | 000,020,264 | ---- | C] (Anvisoft) -- C:\Windows\SysNative\drivers\avfsmn.sys
[2012/04/03 08:37:17 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2012/04/03 08:37:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2012/04/03 06:18:19 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/04/02 18:34:12 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{0F873F8A-7403-445A-969B-D7526FBCAD0A}
[2012/04/02 07:53:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2012/03/31 10:11:14 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{FC852DBB-DDCA-444D-B91E-7DB27FFD0C26}
[2012/03/30 20:26:22 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}
[2012/03/29 21:14:14 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\facebook
[2012/03/29 10:42:43 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{FC9CC576-C7C6-4EF5-901F-EC812B39EBD7}
[2012/03/27 12:28:27 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{B082F103-FE44-47DD-9F59-CEEC343D442C}
[2012/03/27 12:28:13 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{B1105F89-E26A-4E93-A1A8-2EA949830C3E}
[2012/03/23 22:05:20 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\CurationSoft
[2012/03/23 22:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CurationSoft
[2012/03/20 14:04:25 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\BU
[2012/03/20 11:34:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad Spot Sniper
[2012/03/20 03:28:19 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{B1B54B1A-6B23-4B3F-A272-60ED9DF65544}
[2012/03/20 03:27:54 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{4EA0F713-27DB-4F59-9770-38E6086990C8}
[2012/03/19 22:21:34 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{E4DF19A0-D7BC-4BC3-9194-85245E6C2204}
[2012/03/19 22:20:30 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{83ED9E45-982B-4E28-9361-CD7EB6DE817B}
[1 C:\Users\Bob\Desktop\*.tmp files -> C:\Users\Bob\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/04/18 09:28:06 | 000,000,066 | ---- | M] () -- C:\Users\Bob\AppData\Local\CATSWord.ini
[2012/04/18 09:19:06 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Users\Bob\Desktop\GooredFix.exe
[2012/04/18 08:43:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/18 06:27:04 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/18 06:27:04 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/18 06:20:39 | 095,468,922 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/04/18 06:18:13 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/18 06:16:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/18 06:16:23 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/17 22:41:53 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/04/17 21:30:56 | 000,001,258 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2012/04/17 14:44:55 | 617,221,003 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/04/17 14:14:20 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Bob\Desktop\aswMBR.exe
[2012/04/17 05:19:05 | 000,002,844 | ---- | M] () -- C:\Windows\mozypro.blk
[2012/04/17 05:19:05 | 000,001,410 | ---- | M] () -- C:\Windows\mozypro.flt
[2012/04/16 22:46:31 | 000,491,489 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/04/16 19:59:43 | 000,060,304 | ---- | M] () -- C:\Users\Bob\g2mdlhlpx.exe
[2012/04/16 18:41:12 | 000,007,588 | ---- | M] () -- C:\Users\Bob\AppData\Local\resmon.resmoncfg
[2012/04/15 12:13:05 | 000,783,310 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/15 12:13:05 | 000,663,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/15 12:13:05 | 000,122,286 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/13 23:01:02 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/04/13 15:45:49 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/04/12 14:01:55 | 001,802,332 | ---- | M] () -- C:\Users\Bob\Desktop\bookmarks-2012-04-12.json
[2012/04/11 05:49:37 | 000,001,097 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/04/06 09:49:48 | 002,073,136 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Bob\Desktop\tdsskiller.exe
[2012/04/06 07:05:25 | 000,000,000 | ---- | M] () -- C:\Users\Bob\defogger_reenable
[2012/04/04 19:11:20 | 000,005,333 | ---- | M] () -- C:\Users\Bob\.recently-used.xbel
[2012/04/03 15:00:24 | 000,205,236 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/04/03 08:37:17 | 000,001,150 | ---- | M] () -- C:\Users\Bob\Desktop\Anvi Smart Defender.lnk
[2012/03/28 15:54:20 | 000,001,159 | ---- | M] () -- C:\Users\Bob\Desktop\Deck 3 8 12 - Shortcut.lnk
[2012/03/23 22:05:06 | 000,000,873 | ---- | M] () -- C:\Users\Public\Desktop\CurationSoft.lnk
[2012/03/23 22:04:01 | 001,730,710 | ---- | M] () -- C:\Users\Bob\Desktop\CurationSoft.air
[2012/03/23 14:26:28 | 000,040,426 | ---- | M] () -- C:\Users\Bob\Documents\The-Godfather-Switch-for-Recruiters-Handout.pdf
[2012/03/20 11:34:28 | 000,000,893 | ---- | M] () -- C:\Users\Public\Desktop\Ad Spot Sniper.lnk
[2012/03/20 03:08:31 | 000,777,526 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/19 11:35:51 | 017,767,424 | ---- | M] () -- C:\Users\Bob\AppData\Local\LocalMarketingTitanSetup.msi
[1 C:\Users\Bob\Desktop\*.tmp files -> C:\Users\Bob\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/04/16 19:59:43 | 000,060,304 | ---- | C] () -- C:\Users\Bob\g2mdlhlpx.exe
[2012/04/15 08:23:08 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/04/15 08:23:08 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/04/15 08:23:08 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/04/15 08:23:08 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/04/15 08:23:08 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/04/13 23:01:01 | 000,001,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/04/13 23:01:01 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/04/12 14:01:48 | 001,802,332 | ---- | C] () -- C:\Users\Bob\Desktop\bookmarks-2012-04-12.json
[2012/04/06 07:05:25 | 000,000,000 | ---- | C] () -- C:\Users\Bob\defogger_reenable
[2012/04/04 19:11:20 | 000,005,333 | ---- | C] () -- C:\Users\Bob\.recently-used.xbel
[2012/04/03 15:00:24 | 000,205,236 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/04/03 08:37:17 | 000,001,150 | ---- | C] () -- C:\Users\Bob\Desktop\Anvi Smart Defender.lnk
[2012/03/28 15:54:20 | 000,001,159 | ---- | C] () -- C:\Users\Bob\Desktop\Deck 3 8 12 - Shortcut.lnk
[2012/03/23 22:05:06 | 000,000,885 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CurationSoft.lnk
[2012/03/23 22:05:06 | 000,000,873 | ---- | C] () -- C:\Users\Public\Desktop\CurationSoft.lnk
[2012/03/23 22:04:09 | 001,730,710 | ---- | C] () -- C:\Users\Bob\Desktop\CurationSoft.air
[2012/03/23 14:26:27 | 000,040,426 | ---- | C] () -- C:\Users\Bob\Documents\The-Godfather-Switch-for-Recruiters-Handout.pdf
[2012/03/20 11:34:28 | 000,000,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad Spot Sniper.lnk
[2012/03/20 11:34:28 | 000,000,893 | ---- | C] () -- C:\Users\Public\Desktop\Ad Spot Sniper.lnk
[2012/01/27 10:03:39 | 000,221,302 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012/01/27 10:03:39 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012/01/26 12:20:52 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
[2012/01/14 12:19:10 | 000,003,235 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\SAS7_000.DAT
[2012/01/13 11:43:25 | 000,000,066 | ---- | C] () -- C:\Users\Bob\AppData\Local\CATSWord.ini
[2012/01/04 23:38:29 | 017,767,424 | ---- | C] () -- C:\Users\Bob\AppData\Local\LocalMarketingTitanSetup.msi
[2011/11/12 11:46:30 | 000,038,451 | ---- | C] () -- C:\Users\Bob\AppData\Local\CATSOutlookCompanies.inf
[2011/10/14 06:47:42 | 000,840,971 | ---- | C] () -- C:\Users\Bob\AppData\Local\census.cache
[2011/10/14 06:46:54 | 000,127,874 | ---- | C] () -- C:\Users\Bob\AppData\Local\ars.cache
[2011/10/14 06:36:14 | 000,000,036 | ---- | C] () -- C:\Users\Bob\AppData\Local\housecall.guid.cache
[2011/09/21 20:52:23 | 000,000,110 | ---- | C] () -- C:\Windows\Adweek.INI
[2011/09/21 11:13:49 | 000,777,526 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/24 21:13:33 | 000,009,352 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft Excel 97-2003.EML
[2011/08/20 12:05:58 | 000,011,446 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft Excel 97-2003.TSK
[2011/08/08 12:40:29 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2011/08/08 07:06:57 | 000,038,458 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2011/07/05 14:20:53 | 000,016,896 | ---- | C] () -- C:\Users\Bob\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/24 13:20:54 | 001,526,468 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll
[2011/04/24 13:20:54 | 000,312,885 | ---- | C] () -- C:\Windows\SysWow64\ssleay32.dll
[2011/04/24 13:20:54 | 000,000,320 | ---- | C] () -- C:\Users\Bob\AppData\Local\CATSOutlook.ini
[2011/04/23 22:20:19 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/04/23 22:20:19 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/03/29 17:04:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/17 10:53:18 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/01/13 11:05:11 | 000,623,642 | ---- | C] () -- C:\Windows\XHeader Uninstaller.exe
[2010/09/06 13:02:04 | 000,023,140 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/07/03 19:32:26 | 000,007,588 | ---- | C] () -- C:\Users\Bob\AppData\Local\resmon.resmoncfg
========== LOP Check ==========
[2010/01/27 09:47:17 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Absolute
[2010/12/29 07:53:05 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Absolute Software
[2011/05/03 11:53:08 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Affilorama
[2009/12/04 15:58:17 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Artisteer
[2011/12/03 15:51:17 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\AVG
[2011/10/14 08:00:38 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\AVG2012
[2012/02/07 10:08:02 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\CATS Software, Inc
[2011/12/20 20:30:16 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\com.blueprintcentral.keywordblaze
[2011/12/07 12:24:31 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\com.springbox.mobilizer
[2012/03/23 22:05:20 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\CurationSoft
[2012/04/18 06:18:54 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Dropbox
[2010/06/11 21:00:24 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Echo Software
[2011/12/14 11:48:40 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\eFax Messenger
[2011/05/14 21:28:11 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\EurekaLog
[2012/04/17 17:02:49 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\FileZilla
[2011/10/20 19:39:27 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Flip Video
[2012/04/04 19:11:20 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\gtk-2.0
[2011/04/20 10:23:36 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\j2 Global
[2009/12/08 09:36:12 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\KompoZer
[2011/02/19 09:38:00 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\kompozer.net
[2011/12/12 16:33:14 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Niche
[2012/04/16 16:48:11 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Nitro PDF
[2011/03/02 07:54:06 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Notepad++
[2012/01/10 19:35:39 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Nuance
[2011/03/19 11:27:44 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\OpenOffice.org
[2010/08/08 11:28:36 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\OverDrive
[2011/04/17 16:40:47 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\PrimoPDF
[2011/03/19 11:52:46 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\RoboForm
[2011/12/12 22:22:12 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\RockstarSuite
[2011/12/26 23:02:35 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\SEORankFinderv2
[2011/06/09 11:17:46 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TeamViewer
[2012/04/09 07:21:06 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TestApp
[2011/12/30 22:18:40 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TightVNC
[2011/09/19 16:17:07 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011/03/24 13:55:28 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\ViralSubmitter
[2011/03/02 13:05:30 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Windows Live Writer
[2011/12/08 12:05:25 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\YourLocalShorcut
[2011/10/28 08:03:04 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 873 bytes -> C:\Users\Bob\Documents\KPMG Connect!.eml:OECustomProperty
@Alternate Data Stream - 235 bytes -> C:\ProgramData\Temp:0FF263E8
@Alternate Data Stream - 143 bytes -> C:\Users\Bob\AppData\Roaming\Microsoft Excel 97-2003.EML:OECustomProperty
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2
< End of report >
Log created at 09:21 on 18/04/2012 (Bob)
Firefox version 11.0 (en-US)
========== GooredScan ==========
========== GooredLog ==========
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [00:27 30/11/2011]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [03:00 14/04/2012]
C:\Users\Bob\Application Data\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\
[email protected] [13:14 21/03/2012]
[email protected] [11:12 16/07/2009]
{02450954-cdd9-410f-b1da-db804e18c671} [01:33 12/09/2010]
{06849336-9cf6-4fd5-82dc-316e56d03ff7} [13:14 21/03/2012]
{20a82645-c095-46ed-80e3-08825760534b} [13:23 14/05/2011]
{317B5128-0B0B-49b2-B2DB-1E7560E16C74} [10:44 11/04/2012]
{5a2b4e34-ce62-42e9-a658-06ba4490adf8} [13:59 05/04/2008]
{5c1a272d-6af9-4229-b821-11703c6b5ccf} [14:41 16/11/2009]
{75CEEE46-9B64-46f8-94BF-54012DE155F0} [13:32 19/01/2012]
{8ca292c6-ec28-4eec-baa5-87c950ecd07d} [19:50 06/12/2008]
{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [13:46 27/05/2011]
{d47a9f51-8281-43fa-f450-f28ef8735e9a} [15:34 22/03/2011]
{E0B8C461-F8FB-49b4-8373-FE32E9252800} [16:52 21/03/2012]
{e2337727-f9c9-411b-929e-287584341d1a} [13:32 19/01/2012]
{f4ae7cd3-d355-4e66-a8dc-a050070d29cf} [16:53 21/03/2012]
{fae5bcbc-dd73-439a-a15e-5b9ff39c0e9b} [13:34 11/04/2010]
C:\Users\Bob\Application Data\Mozilla\Firefox\Profiles\hzsuutp1.default\extensions\
{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [14:22 06/02/2010]
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [14:11 27/01/2012]
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"="C:\Program Files (x86)\AVG\AVG2012\Firefox4\" [11:58 14/10/2011]
"{22119944-ED35-4ab1-910B-E619EA06A115}"="C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox" [15:34 19/03/2011]
---------- Old Logs ----------
GooredFix[12.05.08_12-04-2012].txt
GooredFix[13.19.58_18-04-2012].txt
-=E.O.F=-
OTL logfile created on: 4/18/2012 9:32:07 AM - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Bob\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.96 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 39.51% Memory free
7.92 Gb Paging File | 5.24 Gb Available in Paging File | 66.10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 160.86 Gb Free Space | 56.76% Space Free | Partition Type: NTFS
Computer Name: BOB-DELL | User Name: Bob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/04/17 13:35:27 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Bob\Downloads\OTL.exe
PRC - [2012/03/22 12:09:12 | 001,014,112 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2012/03/21 09:31:35 | 000,243,304 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\identities.exe
PRC - [2012/03/21 09:31:35 | 000,108,136 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2012/03/13 00:39:04 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/02/14 19:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/02/03 03:55:26 | 000,715,048 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/08/15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/06/05 21:41:34 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2011/06/05 21:12:44 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
PRC - [2011/05/19 10:55:14 | 000,913,512 | ---- | M] (Enounce Incorporated) -- C:\Program Files (x86)\Enounce\MySpeed\MySpeed.exe
PRC - [2010/12/15 13:31:20 | 000,460,144 | ---- | M] () -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
PRC - [2010/12/15 13:22:42 | 001,085,440 | ---- | M] () -- C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
PRC - [2010/08/20 16:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/07/02 14:25:48 | 000,656,896 | ---- | M] (j2 Global Communications, Inc.) -- C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe
PRC - [2009/06/24 21:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/06/04 20:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/12/18 15:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2007/01/01 17:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Bob\AppData\Roaming\Google\Google Talk\googletalk.exe
========== Modules (No Company Name) ==========
MOD - [2012/04/11 04:09:11 | 000,161,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\bb5d636d74c874b9d45d145031e15ed9\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
MOD - [2012/04/11 04:09:07 | 000,617,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b1196f23d3ea34127c316e7e4ee4fe46\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
MOD - [2012/04/11 04:08:30 | 000,167,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\58039c8c505717229b0d8fcf56a14c65\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
MOD - [2012/04/11 04:08:25 | 000,816,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\bd390319f90ce01ab8deba1289e8dbbb\Microsoft.Office.Tools.Common.v9.0.ni.dll
MOD - [2012/04/11 04:07:07 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e9a76c0c260e1f88d38f4e3287f40457\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
MOD - [2012/04/11 04:07:00 | 000,152,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\a7cebecbb32108466ba2925a6d2f9506\Microsoft.Office.Tools.v9.0.ni.dll
MOD - [2012/04/11 04:06:58 | 000,215,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\531970b65a818fc81bf606aad1a4fcb1\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
MOD - [2012/04/11 03:53:29 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d932bdb0712c33e0000c75035dbe74d1\PresentationFramework.ni.dll
MOD - [2012/04/11 03:52:59 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5c37600b4ae4ffeaeff645bb16a58137\System.Windows.Forms.ni.dll
MOD - [2012/04/11 03:52:47 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b7bec10dca3f27113cc91c24b79c8f75\System.Drawing.ni.dll
MOD - [2012/04/11 03:51:56 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\66fdd11e758f6c833fbc173338c1ff5b\PresentationCore.ni.dll
MOD - [2012/03/16 15:42:58 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2012/03/16 15:42:56 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2012/03/13 10:30:20 | 000,085,288 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{06849336-9cf6-4fd5-82dc-316e56d03ff7}\components\RadioWMPCoreGecko11.dll
MOD - [2012/03/13 00:39:07 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/02/16 05:00:33 | 000,161,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f1f015a3645c90929de3be8e005ce579\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll
MOD - [2012/02/16 05:00:30 | 000,337,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\5e3abe17bf44f0efc0dce053e26d5939\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll
MOD - [2012/02/16 05:00:29 | 000,650,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3514bdc0cdf9188136f0ef38b6b6f675\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
MOD - [2012/02/16 05:00:27 | 000,363,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ac16592da3971bfc1efb027346383848\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
MOD - [2012/02/16 05:00:24 | 001,300,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\8f512f0654c06ede69aa3634db4997ec\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll
MOD - [2012/02/16 04:57:01 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b6dc261fa4cb6702ef0c24f4bc9b3384\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll
MOD - [2012/02/16 04:57:00 | 000,134,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0462ab3f4db13940f68dded92927ae3b\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
MOD - [2012/02/16 04:56:57 | 000,179,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\bf01cf77677b266c813293e180b8ea9b\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll
MOD - [2012/02/16 04:56:53 | 000,133,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ad5f62d2008f0f40ca06df91ceb082a8\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
MOD - [2012/02/16 04:56:52 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\a25e06e527720656434230d3ee420427\System.Core.ni.dll
MOD - [2012/02/16 04:56:44 | 000,042,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\8357c8cd875fca83d6d249de7217b716\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll
MOD - [2012/02/16 04:56:43 | 000,042,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\5fc479fc10d8b7f0c8f76cc9d52f701b\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
MOD - [2012/02/16 04:56:41 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1c0f1cc6fcadc6fdc33682a22c6aa9ac\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
MOD - [2012/02/16 04:56:40 | 000,633,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\64b7e2fa8a11164f2ae27b40e964907c\System.AddIn.ni.dll
MOD - [2012/02/16 04:44:14 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll
MOD - [2012/02/16 04:44:03 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
MOD - [2012/02/16 04:43:55 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
MOD - [2012/02/16 04:34:29 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
MOD - [2012/02/07 10:18:42 | 000,495,616 | ---- | M] () -- C:\Users\Bob\AppData\Local\assembly\dl3\DVGZBW5V.87R\4JZ51H72.PE5\53218571\0031acbf_45e0cc01\Interop.Word.DLL
MOD - [2012/02/07 10:18:42 | 000,286,720 | ---- | M] () -- C:\Users\Bob\AppData\Local\assembly\dl3\DVGZBW5V.87R\4JZ51H72.PE5\8cf24c0b\007e5370_e7e4cc01\Interop.Outlook.DLL
MOD - [2012/02/06 11:53:18 | 000,470,096 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\CATS Software, Inc\CATS Outlook Plugin\adxloader.dll
MOD - [2012/01/31 22:15:02 | 000,547,112 | ---- | M] () -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\sqlite3.dll
MOD - [2012/01/24 20:43:40 | 000,448,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\office\14.0.0.0__71e9bce111e9429c\office.dll
MOD - [2012/01/24 20:43:38 | 000,004,608 | ---- | M] () -- C:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\Extensibility.dll
MOD - [2012/01/24 20:43:37 | 001,550,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Excel\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
MOD - [2012/01/24 20:43:37 | 000,972,664 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Outlook\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll
MOD - [2012/01/24 20:43:35 | 000,907,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Word\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
MOD - [2011/11/15 04:50:31 | 000,082,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\49c0850ff20d17128d372aec3efddba2\System.AddIn.Contract.ni.dll
MOD - [2011/11/15 04:48:03 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\545f2e1ca544c2a8a39cbf8565e1c709\CustomMarshalers.ni.dll
MOD - [2011/11/15 04:46:29 | 000,112,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f67689a77323b6c427a752f596d76822\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll
MOD - [2011/11/15 04:46:28 | 000,035,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3d5e215ba177747fee682b21798338fe\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll
MOD - [2011/11/15 04:46:28 | 000,028,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6414133d645a6e56a4dcdf062492076a\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll
MOD - [2011/11/15 04:18:27 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011/11/14 13:06:38 | 000,051,712 | ---- | M] () -- C:\Users\Bob\AppData\Local\assembly\dl3\DVGZBW5V.87R\4JZ51H72.PE5\b4ba0bc4\00c499fb_8f57cc01\Outlook07DymoAddIn.DLL
MOD - [2011/11/14 13:05:14 | 000,081,408 | ---- | M] () -- C:\Users\Bob\AppData\Local\assembly\dl3\DVGZBW5V.87R\4JZ51H72.PE5\7e6e869d\008d8272_8f57cc01\DYMO.Common.DLL
MOD - [2011/03/22 11:19:55 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/21 01:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
MOD - [2010/11/21 23:19:32 | 000,082,432 | ---- | M] () -- C:\Program Files (x86)\CATS Microsoft Word Plug-in\Languages\CATSWord.0409.wlx
MOD - [2009/12/16 14:58:58 | 000,221,184 | ---- | M] () -- C:\Program Files (x86)\CATS Microsoft Word Plug-in\pcrelib.dll
MOD - [2009/06/10 17:22:50 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/08/04 15:09:16 | 000,053,528 | ---- | M] (Mozy, Inc.) [Auto | Running] -- C:\Program Files\MozyPro\mozyprobackup.exe -- (mozyprobackup)
SRV:64bit: - [2010/12/03 12:09:08 | 000,341,296 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe -- (NitroReaderDriverReadSpool)
SRV:64bit: - [2009/07/16 21:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/29 00:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2008/12/18 15:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2012/02/03 03:55:28 | 000,296,232 | ---- | M] (Anvisoft) [Auto | Stopped] -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe -- (asdsrv)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/10 15:22:12 | 000,032,336 | ---- | M] (Sanford, L.P.) [Auto | Running] -- C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe -- (DymoPnpService)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/06/05 21:12:44 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010/12/15 13:31:20 | 000,460,144 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/12/15 13:22:42 | 001,085,440 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe -- (FlipShareServer)
SRV - [2010/10/22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/08/20 16:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/23 06:51:52 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/06/29 00:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe -- (STacSV)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2004/04/18 07:11:14 | 000,036,864 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\OpenSSH\bin\cygrunsrv.exe -- (OpenSSHd)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/03/01 02:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/09 04:26:30 | 000,024,360 | ---- | M] (Anvisoft) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\avhips.sys -- (avhips)
DRV:64bit: - [2012/01/09 04:26:30 | 000,020,264 | ---- | M] (Anvisoft) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avfsmn.sys -- (avfsmn)
DRV:64bit: - [2011/10/07 06:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/09/13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/08/04 15:09:04 | 000,066,552 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mozypro.sys -- (mozyproFilter)
DRV:64bit: - [2011/07/11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/03 15:43:39 | 000,198,944 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2009/07/16 21:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/16 21:06:18 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/09 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/29 00:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 06:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/02 23:16:56 | 007,333,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/05/19 23:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/08 04:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/02/05 07:54:10 | 000,225,328 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mybasicisp.net
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{BFE8C948-10C3-45AC-A59F-A5BA19C19A9A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {F89CA8A7-8F5E-4E94-9E14-DCB324E15A43}
IE - HKLM\..\SearchScopes\{F89CA8A7-8F5E-4E94-9E14-DCB324E15A43}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@dymo.com/DymoLabelFramework: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/27 10:11:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/02/01 09:17:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2012/03/21 09:32:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/13 23:00:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/21 09:06:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/27 10:11:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}: C:\Users\Bob\AppData\Local\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}\ [2012/03/30 20:26:22 | 000,000,000 | ---D | M]
[2011/05/17 20:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Extensions
[2011/05/17 20:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Extensions\{ea278cf8-93cd-484f-b951-57360482d33a}
[2012/04/14 07:20:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions
[2010/09/11 21:33:24 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2012/03/21 09:14:47 | 000,000,000 | ---D | M] (Mobile Marketing Resources Community Toolbar) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{06849336-9cf6-4fd5-82dc-316e56d03ff7}
[2011/05/14 09:23:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/04/11 06:44:37 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2010/07/03 20:01:03 | 000,000,000 | ---D | M] (del.icio.us) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{5a2b4e34-ce62-42e9-a658-06ba4490adf8}
[2010/07/03 20:01:03 | 000,000,000 | ---D | M] (Niche Watch Tool) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{5c1a272d-6af9-4229-b821-11703c6b5ccf}
[2012/01/19 09:32:50 | 000,000,000 | ---D | M] (MeasureIt) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}
[2010/07/03 20:01:04 | 000,000,000 | ---D | M] (CATS Toolbar) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{8ca292c6-ec28-4eec-baa5-87c950ecd07d}
[2011/05/27 09:46:58 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2011/03/22 11:34:29 | 000,000,000 | ---D | M] (Pixlr Grabber) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}
[2012/03/21 12:53:01 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2012/01/19 09:32:50 | 000,000,000 | ---D | M] (LinkedIn Companion for Firefox) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{e2337727-f9c9-411b-929e-287584341d1a}
[2012/03/21 12:53:05 | 000,000,000 | ---D | M] (Recruiter.com Community Toolbar) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{f4ae7cd3-d355-4e66-a8dc-a050070d29cf}
[2010/07/03 20:01:11 | 000,000,000 | ---D | M] ("KeywordSpyâ„¢ SEO/PPC") -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\{fae5bcbc-dd73-439a-a15e-5b9ff39c0e9b}
[2012/03/21 09:14:41 | 000,000,000 | ---D | M] (CATS Toolbar) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\[email protected]
[2010/07/03 20:01:00 | 000,000,000 | ---D | M] (TimeTracker) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0ryqupsn.default\extensions\[email protected]
[2010/06/28 23:57:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\hzsuutp1.default\extensions
[2010/02/06 10:22:57 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\hzsuutp1.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2012/04/13 23:00:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/29 20:27:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/03/13 00:39:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/03/13 00:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/13 00:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U23 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Screen Capture Plugin (Enabled) = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.3_0\plugin/screen_capture.dll
CHR - plugin: RoboForm Plugin for Google Chrome/Opera/etc. (Enabled) = C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\plugin/rf-chrome-plugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: DYMO Label Framework (Enabled) = C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Screen Capture (by Google) = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\
CHR - Extension: AVG Safe Search = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: Japanese Vocab Tutor = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldemblkooloonmjfiainhkhmmlelfnfb\1.3_0\
CHR - Extension: Skype Click to Call = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
O1 HOSTS File: ([2012/04/17 22:41:53 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Anvi Smart Defender] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe (Anvisoft)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001..\Run: [3xAV] C:\Program Files (x86)\Enounce\MySpeed\MySpeed.exe (Enounce Incorporated)
O4 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001..\Run: [googletalk] C:\Users\Bob\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" File not found
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2011/12/24 10:05:19 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eFax 4.4.lnk = C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe (j2 Global Communications, Inc.)
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..Trusted Domains: highrisehq.com ([careergoals] https in Trusted sites)
O15 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1873536395-2207681481-3875897620-1001\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BEA45FA-D3ED-4EE9-80D5-FE21F8ECA9FB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8CC56B0F-565F-487F-9FFA-580F9C6808C9}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/04/18 09:19:04 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Users\Bob\Desktop\GooredFix.exe
[2012/04/17 22:41:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/04/17 14:22:33 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/04/17 14:14:03 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Bob\Desktop\aswMBR.exe
[2012/04/17 13:11:23 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\@Read Review
[2012/04/16 20:39:03 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{53484B47-6DEF-4D50-9109-8D2EA4F56CD9}
[2012/04/16 20:38:50 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{032931A3-6E18-4E5D-8EB0-722E3C9C2DCF}
[2012/04/16 19:59:37 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/04/16 18:53:49 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/04/15 08:23:08 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/04/15 08:23:08 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/04/15 08:23:08 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/04/15 08:23:00 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/04/15 08:20:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/04/14 15:40:52 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{88C36626-9CB8-40A3-AA56-D05EF34F6850}
[2012/04/14 15:40:41 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{C7DE92E0-FA99-4563-87EE-AE1137C0647E}
[2012/04/14 15:36:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
[2012/04/13 09:05:48 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{98438F55-FFC3-4B9B-A1A3-4C91190B37E3}
[2012/04/13 09:05:37 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{58F67726-F003-4F02-B208-693296DD946B}
[2012/04/12 21:08:13 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{31B37272-024E-46D5-BFDF-C5DECDEDEBE0}
[2012/04/12 08:04:55 | 000,000,000 | ---D | C] -- C:\Users\Bob\Desktop\GooredFix Backups
[2012/04/12 04:47:40 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{78607B35-ECC1-48E1-801A-CAD833B5E797}
[2012/04/10 15:44:13 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{ED7C3B49-6486-4C57-91C7-17BB02B45BA2}
[2012/04/09 07:32:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2012/04/09 07:21:42 | 000,230,952 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2012/04/09 07:21:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2012/04/09 07:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/04/09 07:21:06 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\TestApp
[2012/04/08 13:42:16 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{0463CC8D-EAD6-4BE9-8BC2-F8B6704B8969}
[2012/04/06 09:56:45 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Malwarebytes
[2012/04/06 09:56:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/04/06 09:49:46 | 002,073,136 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Bob\Desktop\tdsskiller.exe
[2012/04/04 10:23:16 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{15C15D85-78C8-4F82-B347-CEF4E8ECBD0C}
[2012/04/03 08:37:17 | 000,024,360 | ---- | C] (Anvisoft) -- C:\Windows\SysNative\drivers\avhips.sys
[2012/04/03 08:37:17 | 000,020,264 | ---- | C] (Anvisoft) -- C:\Windows\SysNative\drivers\avfsmn.sys
[2012/04/03 08:37:17 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2012/04/03 08:37:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2012/04/03 06:18:19 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/04/02 18:34:12 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{0F873F8A-7403-445A-969B-D7526FBCAD0A}
[2012/04/02 07:53:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2012/03/31 10:11:14 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{FC852DBB-DDCA-444D-B91E-7DB27FFD0C26}
[2012/03/30 20:26:22 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}
[2012/03/29 21:14:14 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\facebook
[2012/03/29 10:42:43 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{FC9CC576-C7C6-4EF5-901F-EC812B39EBD7}
[2012/03/27 12:28:27 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{B082F103-FE44-47DD-9F59-CEEC343D442C}
[2012/03/27 12:28:13 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{B1105F89-E26A-4E93-A1A8-2EA949830C3E}
[2012/03/23 22:05:20 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\CurationSoft
[2012/03/23 22:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CurationSoft
[2012/03/20 14:04:25 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\BU
[2012/03/20 11:34:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad Spot Sniper
[2012/03/20 03:28:19 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{B1B54B1A-6B23-4B3F-A272-60ED9DF65544}
[2012/03/20 03:27:54 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{4EA0F713-27DB-4F59-9770-38E6086990C8}
[2012/03/19 22:21:34 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{E4DF19A0-D7BC-4BC3-9194-85245E6C2204}
[2012/03/19 22:20:30 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{83ED9E45-982B-4E28-9361-CD7EB6DE817B}
[1 C:\Users\Bob\Desktop\*.tmp files -> C:\Users\Bob\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/04/18 09:28:06 | 000,000,066 | ---- | M] () -- C:\Users\Bob\AppData\Local\CATSWord.ini
[2012/04/18 09:19:06 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Users\Bob\Desktop\GooredFix.exe
[2012/04/18 08:43:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/18 06:27:04 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/18 06:27:04 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/18 06:20:39 | 095,468,922 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/04/18 06:18:13 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/18 06:16:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/18 06:16:23 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/17 22:41:53 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/04/17 21:30:56 | 000,001,258 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2012/04/17 14:44:55 | 617,221,003 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/04/17 14:14:20 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Bob\Desktop\aswMBR.exe
[2012/04/17 05:19:05 | 000,002,844 | ---- | M] () -- C:\Windows\mozypro.blk
[2012/04/17 05:19:05 | 000,001,410 | ---- | M] () -- C:\Windows\mozypro.flt
[2012/04/16 22:46:31 | 000,491,489 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/04/16 19:59:43 | 000,060,304 | ---- | M] () -- C:\Users\Bob\g2mdlhlpx.exe
[2012/04/16 18:41:12 | 000,007,588 | ---- | M] () -- C:\Users\Bob\AppData\Local\resmon.resmoncfg
[2012/04/15 12:13:05 | 000,783,310 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/15 12:13:05 | 000,663,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/15 12:13:05 | 000,122,286 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/13 23:01:02 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/04/13 15:45:49 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/04/12 14:01:55 | 001,802,332 | ---- | M] () -- C:\Users\Bob\Desktop\bookmarks-2012-04-12.json
[2012/04/11 05:49:37 | 000,001,097 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/04/06 09:49:48 | 002,073,136 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Bob\Desktop\tdsskiller.exe
[2012/04/06 07:05:25 | 000,000,000 | ---- | M] () -- C:\Users\Bob\defogger_reenable
[2012/04/04 19:11:20 | 000,005,333 | ---- | M] () -- C:\Users\Bob\.recently-used.xbel
[2012/04/03 15:00:24 | 000,205,236 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/04/03 08:37:17 | 000,001,150 | ---- | M] () -- C:\Users\Bob\Desktop\Anvi Smart Defender.lnk
[2012/03/28 15:54:20 | 000,001,159 | ---- | M] () -- C:\Users\Bob\Desktop\Deck 3 8 12 - Shortcut.lnk
[2012/03/23 22:05:06 | 000,000,873 | ---- | M] () -- C:\Users\Public\Desktop\CurationSoft.lnk
[2012/03/23 22:04:01 | 001,730,710 | ---- | M] () -- C:\Users\Bob\Desktop\CurationSoft.air
[2012/03/23 14:26:28 | 000,040,426 | ---- | M] () -- C:\Users\Bob\Documents\The-Godfather-Switch-for-Recruiters-Handout.pdf
[2012/03/20 11:34:28 | 000,000,893 | ---- | M] () -- C:\Users\Public\Desktop\Ad Spot Sniper.lnk
[2012/03/20 03:08:31 | 000,777,526 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/19 11:35:51 | 017,767,424 | ---- | M] () -- C:\Users\Bob\AppData\Local\LocalMarketingTitanSetup.msi
[1 C:\Users\Bob\Desktop\*.tmp files -> C:\Users\Bob\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/04/16 19:59:43 | 000,060,304 | ---- | C] () -- C:\Users\Bob\g2mdlhlpx.exe
[2012/04/15 08:23:08 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/04/15 08:23:08 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/04/15 08:23:08 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/04/15 08:23:08 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/04/15 08:23:08 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/04/13 23:01:01 | 000,001,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/04/13 23:01:01 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/04/12 14:01:48 | 001,802,332 | ---- | C] () -- C:\Users\Bob\Desktop\bookmarks-2012-04-12.json
[2012/04/06 07:05:25 | 000,000,000 | ---- | C] () -- C:\Users\Bob\defogger_reenable
[2012/04/04 19:11:20 | 000,005,333 | ---- | C] () -- C:\Users\Bob\.recently-used.xbel
[2012/04/03 15:00:24 | 000,205,236 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/04/03 08:37:17 | 000,001,150 | ---- | C] () -- C:\Users\Bob\Desktop\Anvi Smart Defender.lnk
[2012/03/28 15:54:20 | 000,001,159 | ---- | C] () -- C:\Users\Bob\Desktop\Deck 3 8 12 - Shortcut.lnk
[2012/03/23 22:05:06 | 000,000,885 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CurationSoft.lnk
[2012/03/23 22:05:06 | 000,000,873 | ---- | C] () -- C:\Users\Public\Desktop\CurationSoft.lnk
[2012/03/23 22:04:09 | 001,730,710 | ---- | C] () -- C:\Users\Bob\Desktop\CurationSoft.air
[2012/03/23 14:26:27 | 000,040,426 | ---- | C] () -- C:\Users\Bob\Documents\The-Godfather-Switch-for-Recruiters-Handout.pdf
[2012/03/20 11:34:28 | 000,000,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad Spot Sniper.lnk
[2012/03/20 11:34:28 | 000,000,893 | ---- | C] () -- C:\Users\Public\Desktop\Ad Spot Sniper.lnk
[2012/01/27 10:03:39 | 000,221,302 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012/01/27 10:03:39 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012/01/26 12:20:52 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
[2012/01/14 12:19:10 | 000,003,235 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\SAS7_000.DAT
[2012/01/13 11:43:25 | 000,000,066 | ---- | C] () -- C:\Users\Bob\AppData\Local\CATSWord.ini
[2012/01/04 23:38:29 | 017,767,424 | ---- | C] () -- C:\Users\Bob\AppData\Local\LocalMarketingTitanSetup.msi
[2011/11/12 11:46:30 | 000,038,451 | ---- | C] () -- C:\Users\Bob\AppData\Local\CATSOutlookCompanies.inf
[2011/10/14 06:47:42 | 000,840,971 | ---- | C] () -- C:\Users\Bob\AppData\Local\census.cache
[2011/10/14 06:46:54 | 000,127,874 | ---- | C] () -- C:\Users\Bob\AppData\Local\ars.cache
[2011/10/14 06:36:14 | 000,000,036 | ---- | C] () -- C:\Users\Bob\AppData\Local\housecall.guid.cache
[2011/09/21 20:52:23 | 000,000,110 | ---- | C] () -- C:\Windows\Adweek.INI
[2011/09/21 11:13:49 | 000,777,526 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/24 21:13:33 | 000,009,352 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft Excel 97-2003.EML
[2011/08/20 12:05:58 | 000,011,446 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft Excel 97-2003.TSK
[2011/08/08 12:40:29 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2011/08/08 07:06:57 | 000,038,458 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2011/07/05 14:20:53 | 000,016,896 | ---- | C] () -- C:\Users\Bob\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/24 13:20:54 | 001,526,468 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll
[2011/04/24 13:20:54 | 000,312,885 | ---- | C] () -- C:\Windows\SysWow64\ssleay32.dll
[2011/04/24 13:20:54 | 000,000,320 | ---- | C] () -- C:\Users\Bob\AppData\Local\CATSOutlook.ini
[2011/04/23 22:20:19 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/04/23 22:20:19 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/03/29 17:04:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/17 10:53:18 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/01/13 11:05:11 | 000,623,642 | ---- | C] () -- C:\Windows\XHeader Uninstaller.exe
[2010/09/06 13:02:04 | 000,023,140 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/07/03 19:32:26 | 000,007,588 | ---- | C] () -- C:\Users\Bob\AppData\Local\resmon.resmoncfg
========== LOP Check ==========
[2010/01/27 09:47:17 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Absolute
[2010/12/29 07:53:05 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Absolute Software
[2011/05/03 11:53:08 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Affilorama
[2009/12/04 15:58:17 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Artisteer
[2011/12/03 15:51:17 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\AVG
[2011/10/14 08:00:38 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\AVG2012
[2012/02/07 10:08:02 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\CATS Software, Inc
[2011/12/20 20:30:16 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\com.blueprintcentral.keywordblaze
[2011/12/07 12:24:31 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\com.springbox.mobilizer
[2012/03/23 22:05:20 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\CurationSoft
[2012/04/18 06:18:54 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Dropbox
[2010/06/11 21:00:24 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Echo Software
[2011/12/14 11:48:40 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\eFax Messenger
[2011/05/14 21:28:11 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\EurekaLog
[2012/04/17 17:02:49 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\FileZilla
[2011/10/20 19:39:27 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Flip Video
[2012/04/04 19:11:20 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\gtk-2.0
[2011/04/20 10:23:36 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\j2 Global
[2009/12/08 09:36:12 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\KompoZer
[2011/02/19 09:38:00 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\kompozer.net
[2011/12/12 16:33:14 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Niche
[2012/04/16 16:48:11 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Nitro PDF
[2011/03/02 07:54:06 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Notepad++
[2012/01/10 19:35:39 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Nuance
[2011/03/19 11:27:44 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\OpenOffice.org
[2010/08/08 11:28:36 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\OverDrive
[2011/04/17 16:40:47 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\PrimoPDF
[2011/03/19 11:52:46 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\RoboForm
[2011/12/12 22:22:12 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\RockstarSuite
[2011/12/26 23:02:35 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\SEORankFinderv2
[2011/06/09 11:17:46 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TeamViewer
[2012/04/09 07:21:06 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TestApp
[2011/12/30 22:18:40 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TightVNC
[2011/09/19 16:17:07 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011/03/24 13:55:28 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\ViralSubmitter
[2011/03/02 13:05:30 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Windows Live Writer
[2011/12/08 12:05:25 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\YourLocalShorcut
[2011/10/28 08:03:04 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 873 bytes -> C:\Users\Bob\Documents\KPMG Connect!.eml:OECustomProperty
@Alternate Data Stream - 235 bytes -> C:\ProgramData\Temp:0FF263E8
@Alternate Data Stream - 143 bytes -> C:\Users\Bob\AppData\Roaming\Microsoft Excel 97-2003.EML:OECustomProperty
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2
< End of report >
#15
Posted 18 April 2012 - 08:18 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
OK think I have it - gored fix is not seeing it
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}: C:\Users\Bob\AppData\Local\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}\ [2012/03/30 20:26:22 | 000,000,000 | ---D | M]
:Files
ipconfig /flushdns /c
C:\Users\Bob\AppData\Local\{240E3ABF-7AC8-11E1-826D-B8AC6F996F26}
:Commands
[CREATERESTOREPOINT]
[Reboot] - Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
