[orapaho]

I recently had an issue with my laptop, where I ended up with a BSOD after using SuperAntispyware. That has been resolved, and I can go to the internet, but at certain sites, it will disconnect. I notice a correlation to using the scroll bar, but this maybe that the page is loading at the same time I go to scroll down. I can go to Internet Explorer, this does not happen, but if I go to, Wikipedia, certain words are deleted in the text and spaced out far apart. example:
The original intent was to send the Navy sloop-of-war USS B y, but it was discovered that Confederates had sunk some derelict ships to block the shipping channel into Charleston and there was concern that B y had too deep a draft to negotiate the obstacles. Instead, it seemed prudent to send an unarmed civilian merchant ship, S , which might be perceived as less provocative to the Confederates

the name of the USS Brooklyn is partially hidden. To be sure, when I copy and pasted it here, the full word showed up, but I deleted the letter to show you what I am seeing.

I took SAS off my computer and put in a trial of Trend Micro Systems maximum security on. What to do?

[Advertisements]

Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Check the box that says Scan All Users.
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

[Gammo]

Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Check the box that says Scan All Users.
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

[orapaho]

OTL logfile created on: 4/23/2012 9:20:05 PM - Run 1
OTL by OldTimer - Version 3.2.41.0 Folder = C:\Users\Daniel\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.94 Gb Available Physical Memory | 70.69% Memory free
5.50 Gb Paging File | 4.28 Gb Available in Paging File | 77.88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 172.79 Gb Total Space | 107.10 Gb Free Space | 61.98% Space Free | Partition Type: NTFS
Drive D: | 115.20 Gb Total Space | 113.55 Gb Free Space | 98.57% Space Free | Partition Type: NTFS

Computer Name: DANIEL-MSI | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/23 20:59:07 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
PRC - [2012/04/13 01:35:55 | 000,200,632 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
PRC - [2012/04/13 01:35:55 | 000,142,952 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
PRC - [2012/03/01 19:22:14 | 004,335,616 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files\Cobian Backup 11\cbInterface.exe
PRC - [2012/03/01 17:43:20 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) -- C:\Program Files\Cobian Backup 11\cbVSCService11.exe
PRC - [2012/02/27 06:44:06 | 001,006,864 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
PRC - [2012/02/27 06:44:06 | 000,133,424 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
PRC - [2011/08/21 10:51:52 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/06/23 21:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/15 12:53:20 | 000,325,512 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011/04/07 08:33:31 | 003,857,408 | ---- | M] (Native Instruments GmbH) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 05:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/09/14 19:09:52 | 001,213,848 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010/09/09 15:38:16 | 000,452,016 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2010/07/25 19:08:00 | 002,569,616 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2010/01/28 15:03:12 | 000,454,856 | ---- | M] (Blockbuster) -- C:\Program Files\Blockbuster\BLOCKBUSTERMovielink\Movielink User.exe
PRC - [2010/01/28 15:02:40 | 001,867,464 | ---- | M] (Blockbuster) -- C:\Program Files\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
PRC - [2009/12/17 04:55:44 | 003,350,528 | ---- | M] (Sentelic Corporation) -- C:\Program Files\FSP\FspUip.exe
PRC - [2009/12/10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
PRC - [2009/12/10 03:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
PRC - [2009/07/24 10:52:08 | 002,068,480 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MGSysCtrl.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/13 01:35:55 | 000,057,344 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
MOD - [2012/04/13 01:35:55 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
MOD - [2011/04/14 18:01:33 | 000,548,854 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2009/12/17 04:51:18 | 000,077,824 | ---- | M] () -- C:\Program Files\FSP\FspLib.dll
MOD - [2009/12/17 04:51:12 | 000,053,248 | ---- | M] () -- C:\Program Files\FSP\KbdHook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - File not found [Auto | Stopped] -- G:\HitmanPro35.exe /crusader:boot -- (HitmanPro35CrusaderBoot) Hitman Pro 3.5 Crusader (Boot)
SRV - File not found [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV - [2012/03/01 19:22:10 | 001,131,008 | ---- | M] (Luis Cobian, CobianSoft) [Auto | Stopped] -- C:\Program Files\Cobian Backup 11\cbService.exe -- (CobianBackup11)
SRV - [2012/03/01 17:43:20 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Program Files\Cobian Backup 11\cbVSCService11.exe -- (cbVSCService11)
SRV - [2012/02/15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/07 08:33:31 | 003,857,408 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/09/23 09:49:08 | 000,067,084 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Stopped] -- C:\Program Files\Cobian Backup 10\cbVSCService.exe -- (cbVSCService)
SRV - [2010/04/20 00:25:36 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/01/28 15:02:40 | 001,867,464 | ---- | M] (Blockbuster) [Auto | Running] -- C:\Program Files\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe -- (Movielink Core Service)
SRV - [2009/12/10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | System | Stopped] -- C:\Users\Daniel\Downloads\SASKUTIL.SYS -- (SABKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\ohci1394.sys -- (ohci1394) 1394 OHCI Compliant Host Controller (Legacy)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\NAVENG.SYS -- (NAVENG)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{767A5A13-E730-4133-8181-8582449E5980}\MpKsld1c08d25.sys -- (MpKsld1c08d25)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{98B5CA0C-846F-4E0E-A61F-AE8E8CEAA4A1}\MpKslaa4e8ed7.sys -- (MpKslaa4e8ed7)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{98B5CA0C-846F-4E0E-A61F-AE8E8CEAA4A1}\MpKsl6d712253.sys -- (MpKsl6d712253)
DRV - [2012/04/13 01:35:57 | 000,205,072 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2012/04/13 01:35:57 | 000,171,280 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tmnciesc.sys -- (tmnciesc)
DRV - [2012/04/13 01:35:57 | 000,092,432 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2012/04/13 01:35:57 | 000,081,168 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2012/04/13 01:35:57 | 000,068,368 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2012/04/13 01:35:57 | 000,055,056 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tmeevw.sys -- (tmeevw)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/11/20 03:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 02:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/01/07 11:24:03 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\System32\drivers\NIS\1007000.01E\srtsp.sys -- (SRTSP)
DRV - [2010/01/07 11:24:03 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1007000.01E\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/12/17 05:07:12 | 000,043,008 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fspad_wlh32.sys -- (fspad_wlh32)
DRV - [2009/10/07 08:49:40 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) QuickCam for Notebooks Pro(UVC)
DRV - [2009/08/04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009/07/30 17:12:54 | 000,287,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009/07/13 16:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 15:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009/07/13 15:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/06/29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009/06/06 14:29:00 | 009,759,520 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/05/26 15:32:02 | 000,017,408 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2009/04/30 06:43:34 | 000,064,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{5AFCC6E9-1F38-4E1D-B713-465F1342B257}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 3E 81 72 4B 1C CD 01 [binary data]
IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\..\SearchScopes,DefaultScope = {F3C20966-2A2F-4DF2-B225-809CACBA5BEF}
IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\..\SearchScopes\{F3C20966-2A2F-4DF2-B225-809CACBA5BEF}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..keyword.URL: "http://dts.search-re...id=406&sr=0&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Daniel\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\paypalfirefoxplugin@orbiscom: C:\Program Files\PayPal\PayPal Plug-In [2010/04/27 19:57:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/03/24 11:18:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\firefoxextension [2012/04/13 01:43:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2012/04/13 01:38:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ [2012/04/13 01:43:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/24 11:18:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/09 13:24:10 | 000,000,000 | ---D | M]

[2012/02/26 21:43:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Extensions
[2012/04/22 09:59:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions
[2012/04/22 09:59:40 | 000,000,000 | ---D | M] (ShopToWin15) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\{4ac80c6c-0a1b-4b3a-ad7e-8a6d8f5e6928}
[2012/01/25 18:45:16 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/03/02 23:09:17 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/12/01 00:30:13 | 000,000,000 | ---D | M] (BFlix Toolbar) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\{a6bf16ab-42a1-4bc5-965d-5e407e449aaa}
[2012/04/17 09:01:46 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2012/04/22 09:59:42 | 000,000,000 | ---D | M] (ShopToWin6) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\{e68d0d96-5f18-496c-87f2-c0d521d78fbe}
[2011/12/12 14:35:53 | 000,000,000 | ---D | M] (Yontoo Layers (Drop Down Deals)) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\[email protected]
[2011/12/01 00:30:18 | 000,001,945 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\searchplugins\bing-zugo.xml
[2012/02/24 21:25:48 | 000,002,519 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\searchplugins\Search_Results.xml
[2012/04/21 10:12:35 | 000,002,112 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\searchplugins\wot-safe-search.xml
[2012/02/26 21:43:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/27 14:23:17 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/02/19 22:33:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/11/10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/18 08:54:58 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/10/09 15:23:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
[2012/02/24 21:25:48 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012/02/18 08:54:58 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = http://dts.search-re...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Daniel\AppData\Local\Google\Chrome\Application\18.0.1025.152\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Daniel\AppData\Local\Google\Chrome\Application\18.0.1025.152\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Daniel\AppData\Local\Google\Chrome\Application\18.0.1025.152\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\npSkypeChromePlugin.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Daniel\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: TrendMicro Toolbar = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\5.2.0.1035_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Gmail = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011/08/08 00:01:33 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1102\7.1.1102\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (OToolbarHelper Class) - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (PayPal Plug-In) - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-927333513-3874424503-187824201-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [Cobian Backup 11 interface] C:\Program Files\Cobian Backup 11\cbInterface.exe (Luis Cobian, CobianSoft)
O4 - HKLM..\Run: [fspuip] C:\Program Files\FSP\fspuip.exe (Sentelic Corporation)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [LoadMSvcmm] C:\Program Files\Blockbuster\BLOCKBUSTERMovielink\Movielink User.exe (Blockbuster)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-21-927333513-3874424503-187824201-1000..\Run: [Spotify] C:\Users\Daniel\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-927333513-3874424503-187824201-1000..\RunOnce: [FlashPlayerUpdate] C:\windows\System32\Macromed\Flash\FlashUtil10v_ActiveX.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-927333513-3874424503-187824201-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-927333513-3874424503-187824201-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.50.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13F0D9B1-99B4-4A92-A7C4-84DEF28F053F}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941}: DhcpNameServer = 192.168.50.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1102\7.1.1102\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - File not found
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/11/22 12:24:51 | 000,000,000 | ---D | M] - C:\Automotive -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/23 20:59:05 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2012/04/13 01:43:11 | 000,000,000 | ---D | C] -- C:\temp
[2012/04/13 01:40:36 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Trend Micro
[2012/04/13 01:40:27 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security 2012
[2012/04/13 01:39:29 | 000,055,056 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmeevw.sys
[2012/04/13 01:39:27 | 000,171,280 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmnciesc.sys
[2012/04/13 01:39:25 | 000,092,432 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmtdi.sys
[2012/04/13 01:39:11 | 000,205,072 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmcomm.sys
[2012/04/13 01:39:11 | 000,081,168 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmactmon.sys
[2012/04/13 01:39:11 | 000,068,368 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmevtmgr.sys
[2012/04/13 01:38:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2012/04/13 01:08:22 | 062,844,032 | ---- | C] (Trend Micro Inc.) -- C:\Users\Public\Desktop\Trend_Micro.exe
[2012/04/11 12:58:24 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\SUPERSystemInspector
[2012/04/10 12:29:24 | 000,000,000 | -HSD | C] -- C:\found.003
[2012/04/10 00:01:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2012/04/09 20:36:51 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2012/04/09 20:35:10 | 004,485,448 | ---- | C] (Piriform Ltd) -- C:\Users\Daniel\Desktop\spsetup116.exe
[2012/04/09 19:47:16 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\Windows7_Vista_jcgriff2
[2012/04/09 12:34:36 | 000,000,000 | ---D | C] -- C:\New folder
[2012/04/09 00:03:23 | 000,000,000 | -HSD | C] -- C:\found.002
[2012/04/07 12:03:51 | 000,000,000 | -HSD | C] -- C:\found.001
[2012/04/07 09:36:09 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/04/05 01:10:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[1 C:\Users\Public\Documents\*.tmp files -> C:\Users\Public\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/23 21:17:01 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-927333513-3874424503-187824201-1000UA.job
[2012/04/23 20:59:07 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2012/04/23 20:55:01 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/23 19:46:06 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/04/23 13:31:49 | 000,000,860 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-927333513-3874424503-187824201-1000Core.job
[2012/04/23 10:16:52 | 000,000,380 | ---- | M] () -- C:\windows\tasks\FreeFileViewerUpdateChecker.job
[2012/04/23 10:16:50 | 000,017,600 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/23 10:16:50 | 000,017,600 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/23 10:13:48 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/23 10:09:05 | 2213,990,400 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/14 22:55:18 | 000,002,374 | ---- | M] () -- C:\Users\Daniel\Desktop\Google Chrome.lnk
[2012/04/13 13:24:53 | 000,000,635 | ---- | M] () -- C:\windows\System32\drivers\etc\tmsshf.bin
[2012/04/13 01:48:43 | 000,108,048 | ---- | M] () -- C:\windows\RegBootClean.exe
[2012/04/13 01:40:33 | 000,001,451 | ---- | M] () -- C:\Users\Daniel\Desktop\Trend Micro Titanium Maximum Security 2012.lnk
[2012/04/13 01:39:08 | 000,676,880 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/04/13 01:39:08 | 000,126,956 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/04/13 01:38:14 | 000,000,056 | ---- | M] () -- C:\windows\System32\SupportTool.exe.bat
[2012/04/13 01:35:57 | 000,205,072 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmcomm.sys
[2012/04/13 01:35:57 | 000,171,280 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmnciesc.sys
[2012/04/13 01:35:57 | 000,092,432 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmtdi.sys
[2012/04/13 01:35:57 | 000,081,168 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmactmon.sys
[2012/04/13 01:35:57 | 000,068,368 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmevtmgr.sys
[2012/04/13 01:35:57 | 000,055,056 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmeevw.sys
[2012/04/13 01:10:15 | 062,844,032 | ---- | M] (Trend Micro Inc.) -- C:\Users\Public\Desktop\Trend_Micro.exe
[2012/04/12 21:53:59 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2012/04/12 21:52:03 | 000,000,324 | ---- | M] () -- C:\windows\tasks\At5.job
[2012/04/12 17:20:14 | 000,054,016 | ---- | M] () -- C:\windows\System32\drivers\ueuhfgk.sys
[2012/04/12 12:35:31 | 000,001,361 | ---- | M] () -- C:\Users\Daniel\Desktop\CSR00087251.ssd - Shortcut.lnk
[2012/04/10 00:05:19 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2012/04/09 23:54:38 | 003,197,264 | ---- | M] () -- C:\Users\Daniel\Documents\Windows7_Vista_jcgriff2 (2).zip
[2012/04/09 20:35:21 | 004,485,448 | ---- | M] (Piriform Ltd) -- C:\Users\Daniel\Desktop\spsetup116.exe
[2012/04/09 20:32:11 | 000,001,522 | ---- | M] () -- C:\Users\Daniel\Desktop\MiniToolBox(1) - Shortcut.lnk
[2012/04/09 20:31:44 | 000,396,041 | ---- | M] () -- C:\Users\Daniel\Desktop\MiniToolBox(1).exe
[2012/04/09 20:06:55 | 003,044,827 | ---- | M] () -- C:\Users\Daniel\Documents\Windows7_Vista_jcgriff2.zip
[2012/04/09 18:59:54 | 320,459,177 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/04/09 14:40:54 | 008,435,712 | ---- | M] () -- C:\Users\Daniel\Desktop\XPRC.iso
[2012/04/05 01:10:18 | 000,001,763 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/25 16:07:19 | 000,468,128 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[1 C:\Users\Public\Documents\*.tmp files -> C:\Users\Public\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/13 01:46:10 | 000,108,048 | ---- | C] () -- C:\windows\RegBootClean.exe
[2012/04/13 01:40:27 | 000,001,451 | ---- | C] () -- C:\Users\Daniel\Desktop\Trend Micro Titanium Maximum Security 2012.lnk
[2012/04/13 01:38:14 | 000,000,056 | ---- | C] () -- C:\windows\System32\SupportTool.exe.bat
[2012/04/12 17:20:14 | 000,054,016 | ---- | C] () -- C:\windows\System32\drivers\ueuhfgk.sys
[2012/04/12 12:35:31 | 000,001,361 | ---- | C] () -- C:\Users\Daniel\Desktop\CSR00087251.ssd - Shortcut.lnk
[2012/04/09 23:54:32 | 003,197,264 | ---- | C] () -- C:\Users\Daniel\Documents\Windows7_Vista_jcgriff2 (2).zip
[2012/04/09 20:36:56 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2012/04/09 20:32:11 | 000,001,522 | ---- | C] () -- C:\Users\Daniel\Desktop\MiniToolBox(1) - Shortcut.lnk
[2012/04/09 20:31:43 | 000,396,041 | ---- | C] () -- C:\Users\Daniel\Desktop\MiniToolBox(1).exe
[2012/04/09 20:06:51 | 003,044,827 | ---- | C] () -- C:\Users\Daniel\Documents\Windows7_Vista_jcgriff2.zip
[2012/04/09 14:40:54 | 008,435,712 | ---- | C] () -- C:\Users\Daniel\Desktop\XPRC.iso
[2012/04/05 01:10:18 | 000,001,763 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/09/06 20:54:06 | 000,014,051 | ---- | C] () -- C:\windows\System32\RaCoInst.dat
[2011/07/16 22:04:41 | 000,021,064 | ---- | C] () -- C:\windows\System32\drivers\hitmanpro35.sys
[2011/07/16 16:40:06 | 000,007,602 | ---- | C] () -- C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg
[2011/07/09 00:10:43 | 000,009,794 | -HS- | C] () -- C:\Users\Daniel\AppData\Local\1hu4i5i6c1wx6ngdh3brb4vh33mo74i8k66043
[2011/07/09 00:10:43 | 000,009,794 | -HS- | C] () -- C:\ProgramData\1hu4i5i6c1wx6ngdh3brb4vh33mo74i8k66043
[2011/05/17 21:57:54 | 000,011,120 | -HS- | C] () -- C:\Users\Daniel\AppData\Local\fo85h7deu88aq42sp862xe76evu583fq
[2011/05/17 21:57:54 | 000,011,120 | -HS- | C] () -- C:\ProgramData\fo85h7deu88aq42sp862xe76evu583fq
[2011/05/06 15:19:06 | 000,005,078 | ---- | C] () -- C:\ProgramData\bltofzsb.qlf

========== LOP Check ==========

[2011/07/31 10:05:29 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Acoustica
[2011/07/30 23:25:32 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\BitZipper
[2011/08/26 23:04:58 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/03/24 11:18:58 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\FreeFileViewer
[2011/08/21 08:01:38 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\go
[2011/10/13 10:19:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\LegalSounds
[2011/05/06 16:43:09 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\PokerAcademyPro2
[2011/12/09 23:22:23 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Smilebox
[2012/04/23 10:14:37 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Spotify
[2011/08/01 09:13:31 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\SynthMaker
[2011/12/12 12:48:50 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TuneUpMedia
[2011/08/05 09:46:00 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\uTorrent
[2011/07/15 02:02:08 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\WhiteSmoke
[2011/08/21 11:54:34 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\WinPatrol
[2012/04/12 21:52:03 | 000,000,324 | ---- | M] () -- C:\windows\Tasks\At5.job
[2012/04/23 10:16:52 | 000,000,380 | ---- | M] () -- C:\windows\Tasks\FreeFileViewerUpdateChecker.job
[2012/04/08 20:50:09 | 000,032,620 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >


extras


OTL Extras logfile created on: 4/23/2012 9:20:05 PM - Run 1
OTL by OldTimer - Version 3.2.41.0 Folder = C:\Users\Daniel\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.94 Gb Available Physical Memory | 70.69% Memory free
5.50 Gb Paging File | 4.28 Gb Available in Paging File | 77.88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 172.79 Gb Total Space | 107.10 Gb Free Space | 61.98% Space Free | Partition Type: NTFS
Drive D: | 115.20 Gb Total Space | 113.55 Gb Free Space | 98.57% Space Free | Partition Type: NTFS

Computer Name: DANIEL-MSI | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-927333513-3874424503-187824201-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007811BF-E310-4285-BFC6-55DB29B3EDDE}" = WinPatrol
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{01A1A019-E1D8-482A-BE17-5E118D17C0A0}" = ArcSoft Print Creations - Brochures & Flyers
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07690F1C-04B1-4060-9691-6748ED1826B9}" = msi Software Install
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX700_series" = Canon MX700 series
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series" = Canon MX880 series MP Drivers
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{24873332-B98B-4235-ABBA-CCDEACC62BB9}" = Native Instruments Traktor Audio 6
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{25478065-4CB1-448C-80E4-8C4529017EE3}" = ArcSoft WebCam Companion 3
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 30
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{3054FEFA-4748-4cf0-8C3C-8DB887DE379F}" = Native Instruments Traktor Audio 2
"{305CA7E5-C739-48e2-B247-584C0E1B717C}" = Native Instruments Traktor Audio 10
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BDDA587-7CDE-430C-90A4-E2C4E48D3AE9}" = Camera Recorder
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE47E6B-AE27-4E40-AC54-329EED96B933}" = ArcSoft Print Creations - Funhouse II
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4ED7D297-58F7-45C3-A9BA-A7CD6FA0D373}_is1" = SureThing CD Labeler Deluxe
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}" = ArcSoft Print Creations - Poster Creator
"{5DBC79DA-87D2-376D-A65D-B14097C06C71}" = Google Talk Plugin
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1" = PokerStove version 1.23
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73317C31-2B6E-4B88-9865-B97C1331A39D}" = PayPal Plug-In
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E90189A-A5D4-4C0E-A908-06C4236F98EE}" = ArcSoft Magic-i Visual Effects 2
"{90120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{90120000-0014-0000-0000-0000000FF1CE}_PRO_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PRO_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}_PRO_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}_PRO_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PRO_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PRO_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}_PRO_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_HOMESTUDENTR_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_HOMESTUDENTR_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-042D-0000-0000000FF1CE}_HOMESTUDENTR_{017A6981-5E03-4A97-830A-35FE0927BB7F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0456-0000-0000000FF1CE}_HOMESTUDENTR_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PRO_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_PRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_PRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PRO_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{95F875CC-1B85-43E6-B3E0-13EA04F3D995}" = ArcSoft Print Creations - Photo Prints
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DF0BE48-16F0-4E36-814D-9B4FDFFAF25F}" = PayPal Plug-In
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Maximum Security 2012
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C5D7039E-0803-4FE8-976D-156DE1147E4F}" = ArcSoft Print Creations
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3D1D696-84A8-465A-BC61-CDAC852B24CD}_is1" = Phone to PC 4.1.4.2
"{D5B1535A-FDFC-4B40-B2E2-21DA83D9CB57}" = Adobe Audition CS5.5
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}" = Finger Sensing Pad Driver
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
"{EC8282AB-48DD-91D2-7387-01CD6E100A5D}" = Adobe Photoshop.com Inspiration Browser
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FE112330-9654-453C-A060-883C854F9613}_is1" = Shop To Win
"5CE8E1D35521D8BC63DF6A4C47D72B94FADC4072" = Windows Driver Package - Ralink Technology, Corp. (netr28) Net (07/06/2010 3.01.08.0001)
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 5" = Acoustica Mixcraft 5
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"bflixtoolbar" = BFlix Toolbar
"Cake Poker 2.0" = Cake Poker 2.0
"Canon MX700 series User Registration" = Canon MX700 series User Registration
"Canon MX880 series User Registration" = Canon MX880 series User Registration
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CobBackup10" = Cobian Backup 10
"CobBackup11" = Cobian Backup 11 Gravity
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ESET Online Scanner" = ESET Online Scanner v3
"FreeFileViewer_is1" = Free File Viewer 2011
"HitmanPro35" = Hitman Pro 3.5
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"LegalSounds Music Downloader_is1" = LegalSounds Music Downloader 1.8
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mixed In Key" = Mixed In Key 2.5
"Movielink Manager" = BLOCKBUSTER Movielink
"Mozilla Firefox 10.0.2 (x86 en-US)" = Mozilla Firefox 10.0.2 (x86 en-US)
"MP Navigator EX 4.1" = Canon MP Navigator EX 4.1
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor 2" = Native Instruments Traktor 2
"Native Instruments Traktor Audio 10" = Native Instruments Traktor Audio 10
"Native Instruments Traktor Audio 2" = Native Instruments Traktor Audio 2
"Native Instruments Traktor Audio 6" = Native Instruments Traktor Audio 6
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"PokerAcademyPro2" = Poker Academy Pro 2
"PokerStars.net" = PokerStars.net
"PokerTracker3" = PokerTracker 3 (remove only)
"PremElem90" = Adobe Premiere Elements 9
"PRO" = Microsoft Office Professional 2007
"RealPlayer 12.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.93
"Speccy" = Speccy
"Speed Dial Utility" = Canon Speed Dial Utility
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"Trusted Software Assistant_is1" = File Type Assistant
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"YTdetect" = Yahoo! Detect

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-927333513-3874424503-187824201-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
"Smilebox" = Smilebox
"Spotify" = Spotify
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/28/2012 5:39:03 PM | Computer Name = Daniel-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1248

Error - 1/28/2012 5:39:04 PM | Computer Name = Daniel-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/28/2012 5:39:04 PM | Computer Name = Daniel-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2246

Error - 1/28/2012 5:39:04 PM | Computer Name = Daniel-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2246

Error - 1/28/2012 5:39:05 PM | Computer Name = Daniel-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/28/2012 5:39:05 PM | Computer Name = Daniel-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3510

Error - 1/28/2012 5:39:05 PM | Computer Name = Daniel-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3510

Error - 1/28/2012 5:54:07 PM | Computer Name = Daniel-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/28/2012 5:54:07 PM | Computer Name = Daniel-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 906787

Error - 1/28/2012 5:54:07 PM | Computer Name = Daniel-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 906787

[ Media Center Events ]
Error - 8/8/2010 1:00:29 PM | Computer Name = Daniel-msi | Source = MCUpdate | ID = 0
Description = 10:00:29 AM - Error connecting to the internet. 10:00:29 AM - Unable
to contact server..

Error - 8/8/2010 1:02:01 PM | Computer Name = Daniel-msi | Source = MCUpdate | ID = 0
Description = 10:01:56 AM - Error connecting to the internet. 10:01:56 AM - Unable
to contact server..

[ OSession Events ]
Error - 7/14/2011 12:44:45 PM | Computer Name = Daniel-msi | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 73
seconds with 60 seconds of active time. This session ended with a crash.

Error - 4/9/2012 3:07:41 AM | Computer Name = Daniel-msi | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 63
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 4/23/2012 1:09:03 PM | Computer Name = Daniel-msi | Source = SRTSP | ID = 524293
Description = Error loading Symantec real time Anti-Virus driver.

Error - 4/23/2012 1:09:11 PM | Computer Name = Daniel-msi | Source = Service Control Manager | ID = 7000
Description = The Hitman Pro 3.5 Crusader (Boot) service failed to start due to
the following error: %%2

Error - 4/23/2012 1:09:16 PM | Computer Name = Daniel-msi | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Cobian
Backup 10 Volume Shadow Copy service service to connect.

Error - 4/23/2012 1:09:16 PM | Computer Name = Daniel-msi | Source = Service Control Manager | ID = 7000
Description = The Cobian Backup 10 Volume Shadow Copy service service failed to
start due to the following error: %%1053

Error - 4/23/2012 1:09:16 PM | Computer Name = Daniel-msi | Source = Service Control Manager | ID = 7038
Description = The CobianBackup11 service was unable to log on as .\daniel with the
currently configured password due to the following error: %%1326 To ensure that
the service is configured properly, use the Services snap-in in Microsoft Management
Console (MMC).

Error - 4/23/2012 1:09:16 PM | Computer Name = Daniel-msi | Source = Service Control Manager | ID = 7000
Description = The Cobian Backup 11 Gravity service failed to start due to the following
error: %%1069

Error - 4/23/2012 1:09:44 PM | Computer Name = Daniel-msi | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL SRTSP

Error - 4/23/2012 1:14:19 PM | Computer Name = Daniel-msi | Source = DCOM | ID = 10005
Description =

Error - 4/23/2012 1:14:19 PM | Computer Name = Daniel-msi | Source = Service Control Manager | ID = 7000
Description = The iPod Service service failed to start due to the following error:
%%2

Error - 4/23/2012 3:01:12 PM | Computer Name = Daniel-msi | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.


< End of report >

[Gammo]

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :OTL
  IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
  IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
  IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
  FF - prefs.js..browser.search.defaultenginename: "Search Results"
  FF - prefs.js..browser.search.order.1: "Search Results"
  FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=164&systemid=406&sr=0&q="
  [2012/04/22 09:59:40 | 000,000,000 | ---D | M] (ShopToWin15) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\{4ac80c6c-0a1b-4b3a-ad7e-8a6d8f5e6928}
  [2011/12/01 00:30:13 | 000,000,000 | ---D | M] (BFlix Toolbar) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\{a6bf16ab-42a1-4bc5-965d-5e407e449aaa}
  [2012/04/17 09:01:46 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
  [2012/04/22 09:59:42 | 000,000,000 | ---D | M] (ShopToWin6) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\{e68d0d96-5f18-496c-87f2-c0d521d78fbe}
  [2011/12/12 14:35:53 | 000,000,000 | ---D | M] (Yontoo Layers (Drop Down Deals)) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\[email protected]
  [2011/12/01 00:30:18 | 000,001,945 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\searchplugins\bing-zugo.xml
  [2012/02/24 21:25:48 | 000,002,519 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\searchplugins\Search_Results.xml
  [2012/02/24 21:25:48 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
  [2012/04/12 21:52:03 | 000,000,324 | ---- | M] () -- C:\windows\tasks\At5.job
  [2012/04/12 17:20:14 | 000,054,016 | ---- | M] () -- C:\windows\System32\drivers\ueuhfgk.sys
  [2011/07/09 00:10:43 | 000,009,794 | -HS- | C] () -- C:\Users\Daniel\AppData\Local\1hu4i5i6c1wx6ngdh3brb4vh33mo74i8k66043
  [2011/07/09 00:10:43 | 000,009,794 | -HS- | C] () -- C:\ProgramData\1hu4i5i6c1wx6ngdh3brb4vh33mo74i8k66043
  [2011/05/17 21:57:54 | 000,011,120 | -HS- | C] () -- C:\Users\Daniel\AppData\Local\fo85h7deu88aq42sp862xe76evu583fq
  [2011/05/17 21:57:54 | 000,011,120 | -HS- | C] () -- C:\ProgramData\fo85h7deu88aq42sp862xe76evu583fq
  [2011/05/06 15:19:06 | 000,005,078 | ---- | C] () -- C:\ProgramData\bltofzsb.qlf
  [2011/07/15 02:02:08 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\WhiteSmoke
  [1 C:\Users\Public\Documents\*.tmp files -> C:\Users\Public\Documents\*.tmp -> ]
  
  :Services
  
  :Reg
  
  :Files
  ipconfig /flushdns /c
  C:\windows\tasks\At*.job
  
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [emptyflash]
  [createrestorepoint]
  [reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

• Double click on ComboFix.exe & follow the prompts.
• Accept the disclaimer and allow to update if it asks
  
  
  
  
  
• When finished, it shall produce a log for you.
• Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.



Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

[orapaho]

ran the otl fix. then combo fix. the log is below. after combofix the computer did not restart... I will do a restart after I post this. I am on the internet and there is still the problem with the appearance of words as mentioned in the first post. For whatever reason I can go to the same sight on either mozilla or IE, and Mozilla will hangup and shut down... when IE does not. BUT IE also has that strange appearance of words. will post again if there is an improvement after reboot. Thank you.






ComboFix 12-04-24.02 - Daniel 04/24/2012 14:24:21.7.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2815.1883 [GMT -7:00]
Running from: c:\users\Daniel\Desktop\ComboFix.exe
AV: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92}
SP: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\bflixtoolbar
c:\program files\bflixtoolbar\chrome\content\lib\about.xml
c:\program files\bflixtoolbar\chrome\content\lib\dtxpanel.xul
c:\program files\bflixtoolbar\chrome\content\lib\dtxpaneltransparent.xul
c:\program files\bflixtoolbar\chrome\content\lib\dtxpanelwin.xul
c:\program files\bflixtoolbar\chrome\content\lib\dtxprefwin.xul
c:\program files\bflixtoolbar\chrome\content\lib\dtxtransparentwin.xul
c:\program files\bflixtoolbar\chrome\content\lib\dtxwin.xul
c:\program files\bflixtoolbar\chrome\content\lib\emailnotifierproviders.xml
c:\program files\bflixtoolbar\chrome\content\lib\external.js
c:\program files\bflixtoolbar\chrome\content\lib\neterror.xhtml
c:\program files\bflixtoolbar\chrome\content\lib\rsspreview.html
c:\program files\bflixtoolbar\chrome\content\lib\rsswin.xml
c:\program files\bflixtoolbar\chrome\content\lib\rsswin.xsl
c:\program files\bflixtoolbar\chrome\content\lib\vmncode.js
c:\program files\bflixtoolbar\chrome\content\lib\wmpstreamer.html
c:\program files\bflixtoolbar\chrome\content\modules\datastore.jsm
c:\program files\bflixtoolbar\chrome\content\modules\nsDragAndDrop.js
c:\program files\bflixtoolbar\chrome\content\neterror.xhtml
c:\program files\bflixtoolbar\chrome\content\newtab\images\btn_search.gif
c:\program files\bflixtoolbar\chrome\content\newtab\images\bullet.gif
c:\program files\bflixtoolbar\chrome\content\newtab\images\field_bg.gif
c:\program files\bflixtoolbar\chrome\content\newtab\images\powered_by_yahoo.gif
c:\program files\bflixtoolbar\chrome\content\newtab\newtab.html
c:\program files\bflixtoolbar\chrome\content\newtab\newtab_mystart.html
c:\program files\bflixtoolbar\chrome\content\newtab\newtab_yahoo.html
c:\program files\bflixtoolbar\chrome\content\preferences.xml
c:\program files\bflixtoolbar\chrome\content\template.xml
c:\program files\bflixtoolbar\chrome\content\toolbar.htm
c:\program files\bflixtoolbar\chrome\content\toolbar.xul
c:\program files\bflixtoolbar\chrome\content\vmncode.js
c:\program files\bflixtoolbar\chrome\content\vmnrsswin.xml
c:\program files\bflixtoolbar\chrome\data\dynamicElements\vmntoolbar.xsl
c:\program files\bflixtoolbar\chrome\data\product.xml
c:\program files\bflixtoolbar\chrome\data\rss\rss.xml
c:\program files\bflixtoolbar\chrome\data\search\engines.xml
c:\program files\bflixtoolbar\chrome\data\search\search.xsl
c:\program files\bflixtoolbar\chrome\data\weather\icons.xml
c:\program files\bflixtoolbar\chrome\skin\1x1_png
c:\program files\bflixtoolbar\chrome\skin\1x1_white_png
c:\program files\bflixtoolbar\chrome\skin\about.gif
c:\program files\bflixtoolbar\chrome\skin\about_logo.png
c:\program files\bflixtoolbar\chrome\skin\arcade_png
c:\program files\bflixtoolbar\chrome\skin\babylon_logo.png
c:\program files\bflixtoolbar\chrome\skin\bflix_logo_png
c:\program files\bflixtoolbar\chrome\skin\blank_png
c:\program files\bflixtoolbar\chrome\skin\bluelite.gif
c:\program files\bflixtoolbar\chrome\skin\bluesky.gif
c:\program files\bflixtoolbar\chrome\skin\btn-search-over.png
c:\program files\bflixtoolbar\chrome\skin\btn-search.png
c:\program files\bflixtoolbar\chrome\skin\btn-settings-over.png
c:\program files\bflixtoolbar\chrome\skin\btn-settings.png
c:\program files\bflixtoolbar\chrome\skin\btn-widgets-over.png
c:\program files\bflixtoolbar\chrome\skin\btn-widgets.png
c:\program files\bflixtoolbar\chrome\skin\btn_settings.png
c:\program files\bflixtoolbar\chrome\skin\ca.png
c:\program files\bflixtoolbar\chrome\skin\dictionary.png
c:\program files\bflixtoolbar\chrome\skin\divider.png
c:\program files\bflixtoolbar\chrome\skin\downloadcom.png
c:\program files\bflixtoolbar\chrome\skin\dtxlogo.png
c:\program files\bflixtoolbar\chrome\skin\email.png
c:\program files\bflixtoolbar\chrome\skin\email_on.png
c:\program files\bflixtoolbar\chrome\skin\facebook.png
c:\program files\bflixtoolbar\chrome\skin\facebook_png
c:\program files\bflixtoolbar\chrome\skin\games.png
c:\program files\bflixtoolbar\chrome\skin\Games_png
c:\program files\bflixtoolbar\chrome\skin\graphna.png
c:\program files\bflixtoolbar\chrome\skin\graphred0.png
c:\program files\bflixtoolbar\chrome\skin\graphred0_5.png
c:\program files\bflixtoolbar\chrome\skin\graphred1.png
c:\program files\bflixtoolbar\chrome\skin\graphred1_5.png
c:\program files\bflixtoolbar\chrome\skin\graphred2.png
c:\program files\bflixtoolbar\chrome\skin\graphred2_5.png
c:\program files\bflixtoolbar\chrome\skin\graphred3.png
c:\program files\bflixtoolbar\chrome\skin\graphred3_5.png
c:\program files\bflixtoolbar\chrome\skin\graphred4.png
c:\program files\bflixtoolbar\chrome\skin\graphred4_5.png
c:\program files\bflixtoolbar\chrome\skin\graphred5.png
c:\program files\bflixtoolbar\chrome\skin\graphredna.png
c:\program files\bflixtoolbar\chrome\skin\grey.gif
c:\program files\bflixtoolbar\chrome\skin\ico-shield.png
c:\program files\bflixtoolbar\chrome\skin\images.png
c:\program files\bflixtoolbar\chrome\skin\lfg_smll_png
c:\program files\bflixtoolbar\chrome\skin\lib\add.png
c:\program files\bflixtoolbar\chrome\skin\lib\alexabutton.css
c:\program files\bflixtoolbar\chrome\skin\lib\aol.png
c:\program files\bflixtoolbar\chrome\skin\lib\arrow-dn.gif
c:\program files\bflixtoolbar\chrome\skin\lib\arrow-right-disabled.gif
c:\program files\bflixtoolbar\chrome\skin\lib\arrow-right.gif
c:\program files\bflixtoolbar\chrome\skin\lib\arrow-up.gif
c:\program files\bflixtoolbar\chrome\skin\lib\bg-btn-divider.png
c:\program files\bflixtoolbar\chrome\skin\lib\bg-btn-end.png
c:\program files\bflixtoolbar\chrome\skin\lib\bg-btn-mdl.png
c:\program files\bflixtoolbar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files\bflixtoolbar\chrome\skin\lib\bg-btn-start.png
c:\program files\bflixtoolbar\chrome\skin\lib\bg-btnover-divider.png
c:\program files\bflixtoolbar\chrome\skin\lib\bg-btnover-end.png
c:\program files\bflixtoolbar\chrome\skin\lib\bg-btnover-mdl.png
c:\program files\bflixtoolbar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files\bflixtoolbar\chrome\skin\lib\bg-btnover-start.png
c:\program files\bflixtoolbar\chrome\skin\lib\blank.gif
c:\program files\bflixtoolbar\chrome\skin\lib\btn-widgets-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\btn-widgets.png
c:\program files\bflixtoolbar\chrome\skin\lib\btn_slider.png
c:\program files\bflixtoolbar\chrome\skin\lib\btnback-down-vista.png
c:\program files\bflixtoolbar\chrome\skin\lib\btnback-vista.png
c:\program files\bflixtoolbar\chrome\skin\lib\btnleft-down-vista.png
c:\program files\bflixtoolbar\chrome\skin\lib\btnleft-vista.png
c:\program files\bflixtoolbar\chrome\skin\lib\btnright-down-vista.png
c:\program files\bflixtoolbar\chrome\skin\lib\btnright-vista.png
c:\program files\bflixtoolbar\chrome\skin\lib\button-splitter-down-vista.png
c:\program files\bflixtoolbar\chrome\skin\lib\button-splitter-vista.png
c:\program files\bflixtoolbar\chrome\skin\lib\button-splitter.png
c:\program files\bflixtoolbar\chrome\skin\lib\checkmark.png
c:\program files\bflixtoolbar\chrome\skin\lib\chevron.png
c:\program files\bflixtoolbar\chrome\skin\lib\collapse.png
c:\program files\bflixtoolbar\chrome\skin\lib\comcast.png
c:\program files\bflixtoolbar\chrome\skin\lib\debugbar\debug.html
c:\program files\bflixtoolbar\chrome\skin\lib\dtx-test.css
c:\program files\bflixtoolbar\chrome\skin\lib\dtx.css
c:\program files\bflixtoolbar\chrome\skin\lib\edit-back-hot.png
c:\program files\bflixtoolbar\chrome\skin\lib\edit-back.png
c:\program files\bflixtoolbar\chrome\skin\lib\embarq.png
c:\program files\bflixtoolbar\chrome\skin\lib\expand.png
c:\program files\bflixtoolbar\chrome\skin\lib\fast.png
c:\program files\bflixtoolbar\chrome\skin\lib\found.png
c:\program files\bflixtoolbar\chrome\skin\lib\gmail.png
c:\program files\bflixtoolbar\chrome\skin\lib\gripper.png
c:\program files\bflixtoolbar\chrome\skin\lib\highlight.png
c:\program files\bflixtoolbar\chrome\skin\lib\highlight_blue.png
c:\program files\bflixtoolbar\chrome\skin\lib\highlight_cyan.png
c:\program files\bflixtoolbar\chrome\skin\lib\highlight_lime.png
c:\program files\bflixtoolbar\chrome\skin\lib\highlight_magenta.png
c:\program files\bflixtoolbar\chrome\skin\lib\highlight_yellow.png
c:\program files\bflixtoolbar\chrome\skin\lib\hotmail.png
c:\program files\bflixtoolbar\chrome\skin\lib\ico-check.png
c:\program files\bflixtoolbar\chrome\skin\lib\imap.png
c:\program files\bflixtoolbar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files\bflixtoolbar\chrome\skin\lib\launchers.css
c:\program files\bflixtoolbar\chrome\skin\lib\loadingMid.gif
c:\program files\bflixtoolbar\chrome\skin\lib\lock.png
c:\program files\bflixtoolbar\chrome\skin\lib\logo-separator.png
c:\program files\bflixtoolbar\chrome\skin\lib\mailcom.png
c:\program files\bflixtoolbar\chrome\skin\lib\menu_bg-basic.png
c:\program files\bflixtoolbar\chrome\skin\lib\menu_separator_bar.png
c:\program files\bflixtoolbar\chrome\skin\lib\menu_separator_white.png
c:\program files\bflixtoolbar\chrome\skin\lib\menuitem-splitter.png
c:\program files\bflixtoolbar\chrome\skin\lib\menuitemback-down-vista.png
c:\program files\bflixtoolbar\chrome\skin\lib\menuitemback-vista.png
c:\program files\bflixtoolbar\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files\bflixtoolbar\chrome\skin\lib\menuitemleft-vista.png
c:\program files\bflixtoolbar\chrome\skin\lib\menuitemleft.png
c:\program files\bflixtoolbar\chrome\skin\lib\menuitemright-down-vista.png
c:\program files\bflixtoolbar\chrome\skin\lib\menuitemright-vista.png
c:\program files\bflixtoolbar\chrome\skin\lib\minus.gif
c:\program files\bflixtoolbar\chrome\skin\lib\modify.png
c:\program files\bflixtoolbar\chrome\skin\lib\move.gif
c:\program files\bflixtoolbar\chrome\skin\lib\movetarget.png
c:\program files\bflixtoolbar\chrome\skin\lib\newsitem.gif
c:\program files\bflixtoolbar\chrome\skin\lib\panels\css\panels.css
c:\program files\bflixtoolbar\chrome\skin\lib\panels\css\popupAbout.css
c:\program files\bflixtoolbar\chrome\skin\lib\panels\css\popupGames.css
c:\program files\bflixtoolbar\chrome\skin\lib\panels\css\popupRSS.css
c:\program files\bflixtoolbar\chrome\skin\lib\panels\css\popupWidgets.css
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\css\dialog.css
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\bg.gif
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\btn-search.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\default.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\tab-off-r.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\tab-on-l.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\tab-on-r.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\transparent.gif
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\ttlbar-left.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\ttlbar-right.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\win-left.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\images\win-right.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\main.html
c:\program files\bflixtoolbar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files\bflixtoolbar\chrome\skin\lib\panels\footer.htm
c:\program files\bflixtoolbar\chrome\skin\lib\panels\gamecategory.xsl
c:\program files\bflixtoolbar\chrome\skin\lib\panels\gameData.js
c:\program files\bflixtoolbar\chrome\skin\lib\panels\gameList.xsl
c:\program files\bflixtoolbar\chrome\skin\lib\panels\games.xsl
c:\program files\bflixtoolbar\chrome\skin\lib\panels\gametype.xsl
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\arrow-dn.gif
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\arrow-up.gif
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\bg-btnover.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-back.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-drag.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-mdl.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-moredetails.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-next-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-next.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-play-left-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-play-left.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-previous.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-right-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-try-left-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\btn-try-left.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\bullet-orange.gif
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\ico-calendar.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\ico-dollar.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\ico-download.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\ico-news24.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\ico-play.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\ico-tags.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\icon-Add.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\icon-download.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\icon-Info.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\icon-play.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\icon-shop.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\menul-bgover.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\scroll-bg.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\scrollb-down.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\scrollb.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\scrollt-down.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\scrollt-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\scrollt.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\star_x_grey.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\star_x_orange.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\images\widgets.png
c:\program files\bflixtoolbar\chrome\skin\lib\panels\initHTML.html
c:\program files\bflixtoolbar\chrome\skin\lib\panels\popupGames.html
c:\program files\bflixtoolbar\chrome\skin\lib\panels\popupHTML.html
c:\program files\bflixtoolbar\chrome\skin\lib\panels\popupRSS.html
c:\program files\bflixtoolbar\chrome\skin\lib\panels\popupWidgets.html
c:\program files\bflixtoolbar\chrome\skin\lib\panels\scroll.png
c:\program files\bflixtoolbar\chrome\skin\lib\plus.gif
c:\program files\bflixtoolbar\chrome\skin\lib\pop.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\css\manager.css
c:\program files\bflixtoolbar\chrome\skin\lib\radio\css\slider.css
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\bg-pnl.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\expanded_button.gif
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\ico-playstation.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\ico-radio.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\music-note.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-eq-buffer.gif
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-options-design.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-options-on.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-options.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\slider.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\slideron.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\images\track.png
c:\program files\bflixtoolbar\chrome\skin\lib\radio\managerpanel.html
c:\program files\bflixtoolbar\chrome\skin\lib\radio\volumeslider.html
c:\program files\bflixtoolbar\chrome\skin\lib\rank0.png
c:\program files\bflixtoolbar\chrome\skin\lib\rank0_5.png
c:\program files\bflixtoolbar\chrome\skin\lib\rank1.png
c:\program files\bflixtoolbar\chrome\skin\lib\rank1_5.png
c:\program files\bflixtoolbar\chrome\skin\lib\rank2.png
c:\program files\bflixtoolbar\chrome\skin\lib\rank2_5.png
c:\program files\bflixtoolbar\chrome\skin\lib\rank3.png
c:\program files\bflixtoolbar\chrome\skin\lib\rank3_5.png
c:\program files\bflixtoolbar\chrome\skin\lib\rank4.png
c:\program files\bflixtoolbar\chrome\skin\lib\rank4_5.png
c:\program files\bflixtoolbar\chrome\skin\lib\rank5.png
c:\program files\bflixtoolbar\chrome\skin\lib\rankna.png
c:\program files\bflixtoolbar\chrome\skin\lib\reload.png
c:\program files\bflixtoolbar\chrome\skin\lib\remove.png
c:\program files\bflixtoolbar\chrome\skin\lib\rename.gif
c:\program files\bflixtoolbar\chrome\skin\lib\resize-box.gif
c:\program files\bflixtoolbar\chrome\skin\lib\rss.png
c:\program files\bflixtoolbar\chrome\skin\lib\rsschannelback.png
c:\program files\bflixtoolbar\chrome\skin\lib\RSSLogo.png
c:\program files\bflixtoolbar\chrome\skin\lib\rsstabdivider.gif
c:\program files\bflixtoolbar\chrome\skin\lib\scroll-left.png
c:\program files\bflixtoolbar\chrome\skin\lib\scroll-right.png
c:\program files\bflixtoolbar\chrome\skin\lib\search-go.png
c:\program files\bflixtoolbar\chrome\skin\lib\search.png
c:\program files\bflixtoolbar\chrome\skin\lib\separator.png
c:\program files\bflixtoolbar\chrome\skin\lib\text-ellipsis.xml
c:\program files\bflixtoolbar\chrome\skin\lib\throbber.gif
c:\program files\bflixtoolbar\chrome\skin\lib\toolbarsplitter.gif
c:\program files\bflixtoolbar\chrome\skin\lib\transparent_1px.gif
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_02.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_03.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_04.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_06.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_07.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_08.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_09.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_10.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_11.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_12.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_13.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_14.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_15.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_16.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_18.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_19.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_20.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\border_21.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\btn-close-grey.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\close-hot.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\close-normal.png
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\loadingMid.gif
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\proxy.html
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\template.html
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\template.xml
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\templateFF.html
c:\program files\bflixtoolbar\chrome\skin\lib\uwa\throbber.gif
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton.css
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\icons\na-t.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\icons\na.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\icons\weather.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\program files\bflixtoolbar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\program files\bflixtoolbar\chrome\skin\lib\websiteinspector-highrisk-user.gif
c:\program files\bflixtoolbar\chrome\skin\lib\websiteinspector-highrisk.gif
c:\program files\bflixtoolbar\chrome\skin\lib\websiteinspector-lowrisk.gif
c:\program files\bflixtoolbar\chrome\skin\lib\websiteinspector-norating.gif
c:\program files\bflixtoolbar\chrome\skin\lib\websiteinspector-verified-user.gif
c:\program files\bflixtoolbar\chrome\skin\lib\websiteinspector-verified.gif
c:\program files\bflixtoolbar\chrome\skin\lib\websiteinspector-verifying.gif
c:\program files\bflixtoolbar\chrome\skin\lib\yahoo.png
c:\program files\bflixtoolbar\chrome\skin\lichen.gif
c:\program files\bflixtoolbar\chrome\skin\Linked_in_png
c:\program files\bflixtoolbar\chrome\skin\logo-about.png
c:\program files\bflixtoolbar\chrome\skin\logo-over.png
c:\program files\bflixtoolbar\chrome\skin\logo-separator.png
c:\program files\bflixtoolbar\chrome\skin\logo.png
c:\program files\bflixtoolbar\chrome\skin\mail.png
c:\program files\bflixtoolbar\chrome\skin\menuseparatorback.gif
c:\program files\bflixtoolbar\chrome\skin\modify-save.png
c:\program files\bflixtoolbar\chrome\skin\modify.png
c:\program files\bflixtoolbar\chrome\skin\modifyhot.png
c:\program files\bflixtoolbar\chrome\skin\music.png
c:\program files\bflixtoolbar\chrome\skin\music_png
c:\program files\bflixtoolbar\chrome\skin\Myspace_png
c:\program files\bflixtoolbar\chrome\skin\namespacetoolbar.css
c:\program files\bflixtoolbar\chrome\skin\news.png
c:\program files\bflixtoolbar\chrome\skin\options-main.png
c:\program files\bflixtoolbar\chrome\skin\options-search.png
c:\program files\bflixtoolbar\chrome\skin\options\options-main.png
c:\program files\bflixtoolbar\chrome\skin\options\options-search.png
c:\program files\bflixtoolbar\chrome\skin\options\options-weather.gif
c:\program files\bflixtoolbar\chrome\skin\options\options-weather.png
c:\program files\bflixtoolbar\chrome\skin\options\options-widgets.png
c:\program files\bflixtoolbar\chrome\skin\orange.gif
c:\program files\bflixtoolbar\chrome\skin\p_yahoo.png
c:\program files\bflixtoolbar\chrome\skin\pixsy.png
c:\program files\bflixtoolbar\chrome\skin\ppcbully.png
c:\program files\bflixtoolbar\chrome\skin\protect-id.png
c:\program files\bflixtoolbar\chrome\skin\relatedlinks.png
c:\program files\bflixtoolbar\chrome\skin\rss-collapse.png
c:\program files\bflixtoolbar\chrome\skin\rss-delete.png
c:\program files\bflixtoolbar\chrome\skin\rss-expand.png
c:\program files\bflixtoolbar\chrome\skin\rss-feed.png
c:\program files\bflixtoolbar\chrome\skin\rss-folder-remove.png
c:\program files\bflixtoolbar\chrome\skin\rss-folder-rename.png
c:\program files\bflixtoolbar\chrome\skin\rss-folder.png
c:\program files\bflixtoolbar\chrome\skin\rss-found.png
c:\program files\bflixtoolbar\chrome\skin\rss-reload.png
c:\program files\bflixtoolbar\chrome\skin\rss-subscribe.png
c:\program files\bflixtoolbar\chrome\skin\rss.png
c:\program files\bflixtoolbar\chrome\skin\rssback.gif
c:\program files\bflixtoolbar\chrome\skin\rsstopback.gif
c:\program files\bflixtoolbar\chrome\skin\search-over.png
c:\program files\bflixtoolbar\chrome\skin\search.png
c:\program files\bflixtoolbar\chrome\skin\searchbar\searchbar-background-left.png
c:\program files\bflixtoolbar\chrome\skin\searchbar\searchbar-background-middle.png
c:\program files\bflixtoolbar\chrome\skin\searchbar\searchbar-background-right.png
c:\program files\bflixtoolbar\chrome\skin\settings.png
c:\program files\bflixtoolbar\chrome\skin\shopping.png
c:\program files\bflixtoolbar\chrome\skin\siteinfo.png
c:\program files\bflixtoolbar\chrome\skin\skin-bluelite.png
c:\program files\bflixtoolbar\chrome\skin\skin-bluesky.png
c:\program files\bflixtoolbar\chrome\skin\skin-grey.png
c:\program files\bflixtoolbar\chrome\skin\skin-lichen.png
c:\program files\bflixtoolbar\chrome\skin\skin-orange.png
c:\program files\bflixtoolbar\chrome\skin\skin-yellow.png
c:\program files\bflixtoolbar\chrome\skin\skin.xml
c:\program files\bflixtoolbar\chrome\skin\technorati.png
c:\program files\bflixtoolbar\chrome\skin\throbber.gif
c:\program files\bflixtoolbar\chrome\skin\toolbarsplitter.png
c:\program files\bflixtoolbar\chrome\skin\translate.png
c:\program files\bflixtoolbar\chrome\skin\TRUSTe_about.png
c:\program files\bflixtoolbar\chrome\skin\tv_png
c:\program files\bflixtoolbar\chrome\skin\twitter_png
c:\program files\bflixtoolbar\chrome\skin\vmn.css
c:\program files\bflixtoolbar\chrome\skin\vmn.png
c:\program files\bflixtoolbar\chrome\skin\Weather_png
c:\program files\bflixtoolbar\chrome\skin\web.png
c:\program files\bflixtoolbar\chrome\skin\websearch.png
c:\program files\bflixtoolbar\chrome\skin\wikipedia.png
c:\program files\bflixtoolbar\chrome\skin\yahoosearch.png
c:\program files\bflixtoolbar\chrome\skin\yellow.gif
c:\program files\bflixtoolbar\chrome\skin\youtube.png
c:\program files\bflixtoolbar\chrome\skin\zoom.png
c:\program files\bflixtoolbar\components\windowmediator.js
c:\program files\bflixtoolbar\install.ico
c:\program files\bflixtoolbar\manifest.xml
c:\program files\bflixtoolbar\partner.xml
c:\program files\bflixtoolbar\uninstall.exe
c:\program files\bflixtoolbar\vmntemplate.dll
c:\program files\bflixtoolbar\vmntemplateX.dll
c:\program files\Shop to Win 15
c:\program files\Shop to Win 15\patch.bat
c:\program files\Shop to Win 15\settings.xml
c:\program files\Shop to Win 15\Shop to Win 15.dll
c:\program files\Shop to Win 15\ShoppingBHO.dll
c:\program files\Shop to Win 15\ShopToWin.ico
c:\program files\Shop to Win 15\Uninst.exe
c:\program files\Shop to Win 15\version.txt
c:\program files\Shop to Win
c:\program files\Shop to Win\InstallNotifier.exe
c:\program files\Shop to Win\unins000.dat
c:\program files\Shop to Win\unins000.exe
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\Check out Previous Winners.lnk
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\Frequently Asked Questions.lnk
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\How can I win $100,000.lnk
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\How can I win $500 Today.lnk
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\Shop To Win Privacy Policy.lnk
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\Shop to Win Terms and Conditions.lnk
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\Sweepstakes Official Rules.lnk
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\Uninstall.lnk
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\View My Shop to Win Account.lnk
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\Visit the Shop to Win Mall.lnk
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\weave\toFetch
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\weave\toFetch\bookmarks.json
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\weave\toFetch\clients.json
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\weave\toFetch\forms.json
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\weave\toFetch\history.json
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\weave\toFetch\passwords.json
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\weave\toFetch\prefs.json
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\weave\toFetch\tabs.json
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Files Created from 2012-03-24 to 2012-04-24 )))))))))))))))))))))))))))))))
.
.
2012-04-24 20:52 . 2012-04-24 20:52 -------- d-----w- C:\_OTL
2012-04-13 08:46 . 2012-04-13 20:24 635 ----a-w- c:\windows\system32\drivers\etc\tmsshf.bin
2012-04-13 08:46 . 2012-04-13 08:48 108048 ----a-w- c:\windows\RegBootClean.exe
2012-04-13 08:43 . 2012-04-13 08:43 -------- d-----w- C:\temp
2012-04-13 08:40 . 2012-04-13 08:40 -------- d-----w- c:\users\Daniel\AppData\Local\Trend Micro
2012-04-13 08:39 . 2012-04-13 08:35 55056 ----a-w- c:\windows\system32\drivers\tmeevw.sys
2012-04-13 08:39 . 2012-04-13 08:35 171280 ----a-w- c:\windows\system32\drivers\tmnciesc.sys
2012-04-13 08:39 . 2012-04-13 08:35 92432 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2012-04-13 08:39 . 2012-04-13 08:35 81168 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2012-04-13 08:39 . 2012-04-13 08:35 68368 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2012-04-13 08:39 . 2012-04-13 08:35 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2012-04-13 08:38 . 2012-04-13 08:41 -------- d-----w- c:\programdata\Trend Micro
2012-04-13 08:38 . 2012-04-13 08:38 56 ----a-w- c:\windows\system32\SupportTool.exe.bat
2012-04-12 15:21 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-12 15:21 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-04-12 15:21 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-12 15:21 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-12 15:21 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-12 15:21 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 19:58 . 2012-04-12 17:29 -------- d-----w- c:\users\Daniel\AppData\Local\SUPERSystemInspector
2012-04-10 19:29 . 2012-04-10 19:29 -------- d-----w- C:\found.003
2012-04-10 03:36 . 2012-04-10 07:05 -------- d-----w- c:\program files\Speccy
2012-04-09 19:34 . 2012-04-09 19:34 -------- d-----w- C:\New folder
2012-04-09 07:03 . 2012-04-09 07:03 -------- d-----w- C:\found.002
2012-04-07 19:03 . 2012-04-07 19:03 -------- d-----w- C:\found.001
2012-04-07 16:36 . 2012-04-07 16:36 -------- d-----w- C:\found.000
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-27 15:51 . 2011-08-21 18:28 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-08 21:47 . 2012-03-08 21:47 1060864 ----a-w- c:\windows\system32\mfc71.dll
2012-03-08 21:47 . 2012-03-08 21:47 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-03-04 22:27 . 2012-03-04 22:27 162664 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
2012-02-17 05:34 . 2012-03-25 17:39 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 04:14 . 2012-03-25 17:39 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13 . 2012-03-25 17:39 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-15 18:01 . 2012-02-15 18:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-02-15 18:01 . 2012-02-15 18:01 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-02-10 05:38 . 2012-03-25 17:41 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-02-07 18:02 . 2012-02-07 18:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-02-07 17:29 . 2012-02-07 17:29 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-02-07 17:29 . 2012-02-07 17:29 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-02-07 17:29 . 2012-02-07 17:29 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-02-07 17:29 . 2012-02-07 17:29 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-02-07 17:29 . 2012-02-07 17:29 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-02-07 17:29 . 2012-02-07 17:29 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-02-07 17:29 . 2012-02-07 17:29 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-02-07 17:29 . 2012-02-07 17:29 367104 ----a-w- c:\windows\system32\html.iec
2012-02-07 17:29 . 2012-02-07 17:29 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-02-07 17:29 . 2012-02-07 17:29 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-02-07 17:29 . 2012-02-07 17:29 161792 ----a-w- c:\windows\system32\msls31.dll
2012-02-07 17:29 . 2012-02-07 17:29 152064 ----a-w- c:\windows\system32\wextract.exe
2012-02-07 17:29 . 2012-02-07 17:29 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-02-07 17:29 . 2012-02-07 17:29 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-02-07 17:29 . 2012-02-07 17:29 11776 ----a-w- c:\windows\system32\mshta.exe
2012-02-07 17:29 . 2012-02-07 17:29 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-02-07 17:29 . 2012-02-07 17:29 101888 ----a-w- c:\windows\system32\admparse.dll
2012-02-03 03:54 . 2012-03-25 17:41 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-01-31 12:44 . 2010-04-03 03:40 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-20 05:33 . 2011-07-09 18:30 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify"="c:\users\Daniel\AppData\Roaming\Spotify\Spotify.exe" [2012-02-22 4009648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-05-22 7514656]
"fspuip"="c:\program files\FSP\fspuip.exe" [2009-12-17 3350528]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2009-07-24 2068480]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-08-21 273528]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2011-05-15 325512]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-07-26 2569616]
"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-09-15 1213848]
"IJNetworkScannerSelectorEX"="c:\program files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2010-09-09 452016]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"LoadMSvcmm"="c:\program files\Blockbuster\BLOCKBUSTERMovielink\Movielink User.exe" [2010-01-28 454856]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Cobian Backup 11 interface"="c:\program files\Cobian Backup 11\cbInterface.exe" [2012-03-02 4335616]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2012-02-27 1304792]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2012-02-27 133424]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
.
R1 MpKsl6d712253;MpKsl6d712253;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{98B5CA0C-846F-4E0E-A61F-AE8E8CEAA4A1}\MpKsl6d712253.sys [x]
R1 MpKslaa4e8ed7;MpKslaa4e8ed7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{98B5CA0C-846F-4E0E-A61F-AE8E8CEAA4A1}\MpKslaa4e8ed7.sys [x]
R1 MpKsld1c08d25;MpKsld1c08d25;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{767A5A13-E730-4133-8181-8582449E5980}\MpKsld1c08d25.sys [x]
R1 SABKUTIL;SABKUTIL;c:\users\Daniel\Downloads\SASKUTIL.SYS [x]
R2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service;c:\program files\Cobian Backup 10\cbVSCService.exe [2010-09-23 67084]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 CobianBackup11;Cobian Backup 11 Gravity;c:\program files\Cobian Backup 11\cbService.exe [2012-03-02 1131008]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-31 130248]
R2 HitmanPro35CrusaderBoot;Hitman Pro 3.5 Crusader (Boot);G:\HitmanPro35.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-15 158856]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-31 130248]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-20 1343400]
S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2012-04-13 68368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;c:\program files\Cobian Backup 11\cbVSCService11.exe [2012-03-02 67584]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-04-07 3857408]
S2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\PostgreSQL\8.3\bin\pg_ctl.exe [2009-12-10 65536]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 17408]
S3 fspad_wlh32;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh32;c:\windows\system32\DRIVERS\fspad_wlh32.sys [2009-12-17 43008]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2010-06-29 794464]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-04-30 64032]
S3 tmeevw;tmeevw;c:\windows\system32\DRIVERS\tmeevw.sys [2012-04-13 55056]
S3 tmnciesc;tmnciesc;c:\windows\system32\DRIVERS\tmnciesc.sys [2012-04-13 171280]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-24 c:\windows\Tasks\FreeFileViewerUpdateChecker.job
- c:\program files\FreeFileViewer\FFVCheckForUpdates.exe [2011-11-22 23:24]
.
2012-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-31 00:32]
.
2012-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-31 00:32]
.
2012-04-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-927333513-3874424503-187824201-1000Core.job
- c:\users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-04 00:29]
.
2012-04-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-927333513-3874424503-187824201-1000UA.job
- c:\users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-04 00:29]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
TCP: DhcpNameServer = 192.168.50.1
TCP: Interfaces\{13F0D9B1-99B4-4A92-A7C4-84DEF28F053F}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941}\24557414454594: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - user.js: extentions.y2layers.installId - cb25260d-4573-4330-9604-8761a2e90a46
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,Buzzdock,BuzzdockTease,DropDownDeals,
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\SUPERAntiSpyware\SASSEH.DLL
Notify-!SASWinLogon - c:\program files\SUPERAntiSpyware\SASWINLO.DLL
SafeBoot-MsMpSvc
AddRemove-bflixtoolbar - c:\program files\bflixtoolbar\uninstall.exe
AddRemove-{FE112330-9654-453C-A060-883C854F9613}_is1 - c:\program files\Shop To Win\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HitmanPro35CrusaderBoot]
"ImagePath"="\"g:\hitmanpro35.exe\" /crusader:boot"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\*PNP30df\0000]
@DACL=(02 0000)
"Service"="1264026743"
"ClassGUID"="{4D36E97D-E325-11CE-BFC1-08002BE10318}"
"Class"="System"
"DeviceDesc"="PCI bus"
"Mfg"="Technologies Inc"
"LocationInformation"="on Microsoft ACPI-Compliant System"
"ConfigFlags"=dword:00000000
"Capabilities"=dword:00000000
"ContainerID"="{00000000-0000-0000-FFFF-FFFFFFFFFFFF}"
.
Completion time: 2012-04-24 15:16:54
ComboFix-quarantined-files.txt 2012-04-24 22:16
.
Pre-Run: 115,999,440,896 bytes free
Post-Run: 115,929,759,744 bytes free
.
- - End Of File - - C170EBCBDE2D25E398E3589727031B17

[orapaho]

The text problem is still there.

[Gammo]

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish, so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.





1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the codebox below into it:

Firefox::
FF - ProfilePath - c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\
FF - user.js: extentions.y2layers.installId - cb25260d-4573-4330-9604-8761a2e90a46
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,Buzzdock,BuzzdockTease,DropDownDeals,

Save this as CFScript.txt, in the same location as ComboFix.exe




Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.




Run OTL

• Check the box that says Scan All Users.
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open a notepad window. OTL.Txt. This is saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post it in your topic.

[orapaho]

OK here are the logs:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.25.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Daniel :: DANIEL-MSI [administrator]

4/25/2012 8:46:47 AM
mbam-log-2012-04-25 (08-46-47).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 242040
Time elapsed: 9 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

ComboFix 12-04-24.02 - Daniel 04/25/2012 9:57.8.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2815.1784 [GMT -7:00]
Running from: c:\users\Daniel\Desktop\ComboFix.exe
Command switches used :: c:\users\Daniel\Desktop\CFScript.txt
AV: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92}
SP: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-03-25 to 2012-04-25 )))))))))))))))))))))))))))))))
.
.
2012-04-25 17:08 . 2012-04-25 17:08 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-04-25 17:08 . 2012-04-25 17:08 -------- d-----w- c:\users\postgres\AppData\Local\temp
2012-04-25 17:08 . 2012-04-25 17:08 -------- d-----w- c:\users\fixme\AppData\Local\temp
2012-04-25 17:08 . 2012-04-25 17:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-25 15:45 . 2012-04-04 22:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-24 20:52 . 2012-04-24 20:52 -------- d-----w- C:\_OTL
2012-04-13 08:46 . 2012-04-13 20:24 635 ----a-w- c:\windows\system32\drivers\etc\tmsshf.bin
2012-04-13 08:46 . 2012-04-13 08:48 108048 ----a-w- c:\windows\RegBootClean.exe
2012-04-13 08:43 . 2012-04-13 08:43 -------- d-----w- C:\temp
2012-04-13 08:40 . 2012-04-13 08:40 -------- d-----w- c:\users\Daniel\AppData\Local\Trend Micro
2012-04-13 08:39 . 2012-04-13 08:35 55056 ----a-w- c:\windows\system32\drivers\tmeevw.sys
2012-04-13 08:39 . 2012-04-13 08:35 171280 ----a-w- c:\windows\system32\drivers\tmnciesc.sys
2012-04-13 08:39 . 2012-04-13 08:35 92432 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2012-04-13 08:39 . 2012-04-13 08:35 81168 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2012-04-13 08:39 . 2012-04-13 08:35 68368 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2012-04-13 08:39 . 2012-04-13 08:35 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2012-04-13 08:38 . 2012-04-13 08:41 -------- d-----w- c:\programdata\Trend Micro
2012-04-13 08:38 . 2012-04-13 08:38 56 ----a-w- c:\windows\system32\SupportTool.exe.bat
2012-04-12 15:21 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-12 15:21 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-04-12 15:21 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-12 15:21 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-12 15:21 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-12 15:21 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 19:58 . 2012-04-12 17:29 -------- d-----w- c:\users\Daniel\AppData\Local\SUPERSystemInspector
2012-04-10 19:29 . 2012-04-10 19:29 -------- d-----w- C:\found.003
2012-04-10 03:36 . 2012-04-10 07:05 -------- d-----w- c:\program files\Speccy
2012-04-09 19:34 . 2012-04-09 19:34 -------- d-----w- C:\New folder
2012-04-09 07:03 . 2012-04-09 07:03 -------- d-----w- C:\found.002
2012-04-07 19:03 . 2012-04-07 19:03 -------- d-----w- C:\found.001
2012-04-07 16:36 . 2012-04-07 16:36 -------- d-----w- C:\found.000
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-27 15:51 . 2011-08-21 18:28 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-08 21:47 . 2012-03-08 21:47 1060864 ----a-w- c:\windows\system32\mfc71.dll
2012-03-08 21:47 . 2012-03-08 21:47 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-03-04 22:27 . 2012-03-04 22:27 162664 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
2012-02-17 05:34 . 2012-03-25 17:39 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 04:14 . 2012-03-25 17:39 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13 . 2012-03-25 17:39 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-15 18:01 . 2012-02-15 18:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-02-15 18:01 . 2012-02-15 18:01 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-02-10 05:38 . 2012-03-25 17:41 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-02-07 18:02 . 2012-02-07 18:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-02-07 17:29 . 2012-02-07 17:29 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-02-07 17:29 . 2012-02-07 17:29 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-02-07 17:29 . 2012-02-07 17:29 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-02-07 17:29 . 2012-02-07 17:29 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-02-07 17:29 . 2012-02-07 17:29 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-02-07 17:29 . 2012-02-07 17:29 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-02-07 17:29 . 2012-02-07 17:29 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-02-07 17:29 . 2012-02-07 17:29 367104 ----a-w- c:\windows\system32\html.iec
2012-02-07 17:29 . 2012-02-07 17:29 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-02-07 17:29 . 2012-02-07 17:29 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-02-07 17:29 . 2012-02-07 17:29 161792 ----a-w- c:\windows\system32\msls31.dll
2012-02-07 17:29 . 2012-02-07 17:29 152064 ----a-w- c:\windows\system32\wextract.exe
2012-02-07 17:29 . 2012-02-07 17:29 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-02-07 17:29 . 2012-02-07 17:29 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-02-07 17:29 . 2012-02-07 17:29 11776 ----a-w- c:\windows\system32\mshta.exe
2012-02-07 17:29 . 2012-02-07 17:29 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-02-07 17:29 . 2012-02-07 17:29 101888 ----a-w- c:\windows\system32\admparse.dll
2012-02-03 03:54 . 2012-03-25 17:41 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-01-31 12:44 . 2010-04-03 03:40 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-20 05:33 . 2011-07-09 18:30 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify"="c:\users\Daniel\AppData\Roaming\Spotify\Spotify.exe" [2012-02-22 4009648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-05-22 7514656]
"fspuip"="c:\program files\FSP\fspuip.exe" [2009-12-17 3350528]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2009-07-24 2068480]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-04-04 981680]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-08-21 273528]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2011-05-15 325512]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-07-26 2569616]
"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-09-15 1213848]
"IJNetworkScannerSelectorEX"="c:\program files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2010-09-09 452016]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"LoadMSvcmm"="c:\program files\Blockbuster\BLOCKBUSTERMovielink\Movielink User.exe" [2010-01-28 454856]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Cobian Backup 11 interface"="c:\program files\Cobian Backup 11\cbInterface.exe" [2012-03-02 4335616]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2012-02-27 1304792]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2012-02-27 133424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
.
R1 MpKsl6d712253;MpKsl6d712253;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{98B5CA0C-846F-4E0E-A61F-AE8E8CEAA4A1}\MpKsl6d712253.sys [x]
R1 MpKslaa4e8ed7;MpKslaa4e8ed7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{98B5CA0C-846F-4E0E-A61F-AE8E8CEAA4A1}\MpKslaa4e8ed7.sys [x]
R1 MpKsld1c08d25;MpKsld1c08d25;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{767A5A13-E730-4133-8181-8582449E5980}\MpKsld1c08d25.sys [x]
R1 SABKUTIL;SABKUTIL;c:\users\Daniel\Downloads\SASKUTIL.SYS [x]
R2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service;c:\program files\Cobian Backup 10\cbVSCService.exe [2010-09-23 67084]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 CobianBackup11;Cobian Backup 11 Gravity;c:\program files\Cobian Backup 11\cbService.exe [2012-03-02 1131008]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-31 130248]
R2 HitmanPro35CrusaderBoot;Hitman Pro 3.5 Crusader (Boot);G:\HitmanPro35.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-15 158856]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-31 130248]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-20 1343400]
S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2012-04-13 68368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;c:\program files\Cobian Backup 11\cbVSCService11.exe [2012-03-02 67584]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-04-07 3857408]
S2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\PostgreSQL\8.3\bin\pg_ctl.exe [2009-12-10 65536]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 17408]
S3 fspad_wlh32;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh32;c:\windows\system32\DRIVERS\fspad_wlh32.sys [2009-12-17 43008]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2010-06-29 794464]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-04-30 64032]
S3 tmeevw;tmeevw;c:\windows\system32\DRIVERS\tmeevw.sys [2012-04-13 55056]
S3 tmnciesc;tmnciesc;c:\windows\system32\DRIVERS\tmnciesc.sys [2012-04-13 171280]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-25 c:\windows\Tasks\FreeFileViewerUpdateChecker.job
- c:\program files\FreeFileViewer\FFVCheckForUpdates.exe [2011-11-22 23:24]
.
2012-04-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-31 00:32]
.
2012-04-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-31 00:32]
.
2012-04-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-927333513-3874424503-187824201-1000Core.job
- c:\users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-04 00:29]
.
2012-04-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-927333513-3874424503-187824201-1000UA.job
- c:\users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-04 00:29]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
TCP: DhcpNameServer = 192.168.50.1
TCP: Interfaces\{13F0D9B1-99B4-4A92-A7C4-84DEF28F053F}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941}\24557414454594: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HitmanPro35CrusaderBoot]
"ImagePath"="\"g:\hitmanpro35.exe\" /crusader:boot"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\*PNP30df\0000]
@DACL=(02 0000)
"Service"="1264026743"
"ClassGUID"="{4D36E97D-E325-11CE-BFC1-08002BE10318}"
"Class"="System"
"DeviceDesc"="PCI bus"
"Mfg"="Technologies Inc"
"LocationInformation"="on Microsoft ACPI-Compliant System"
"ConfigFlags"=dword:00000000
"Capabilities"=dword:00000000
"ContainerID"="{00000000-0000-0000-FFFF-FFFFFFFFFFFF}"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3984)
c:\program files\BillP Studios\WinPatrol\PATROLPRO.DLL
.
Completion time: 2012-04-25 10:10:30
ComboFix-quarantined-files.txt 2012-04-25 17:10
ComboFix2.txt 2012-04-24 22:16
.
Pre-Run: 115,685,892,096 bytes free
Post-Run: 115,528,675,328 bytes free
.
- - End Of File - - E5F382A14C7AE851F94820CA31106AFC


OTL logfile created on: 4/25/2012 10:20:02 AM - Run 2
OTL by OldTimer - Version 3.2.41.0 Folder = C:\Users\Daniel\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.46 Gb Available Physical Memory | 53.26% Memory free
5.50 Gb Paging File | 4.20 Gb Available in Paging File | 76.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 172.79 Gb Total Space | 107.66 Gb Free Space | 62.31% Space Free | Partition Type: NTFS
Drive D: | 115.20 Gb Total Space | 113.55 Gb Free Space | 98.57% Space Free | Partition Type: NTFS

Computer Name: DANIEL-MSI | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/23 20:59:07 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
PRC - [2012/04/13 01:35:55 | 000,200,632 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
PRC - [2012/04/13 01:35:55 | 000,142,952 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
PRC - [2012/03/01 19:22:14 | 004,335,616 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files\Cobian Backup 11\cbInterface.exe
PRC - [2012/03/01 17:43:20 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) -- C:\Program Files\Cobian Backup 11\cbVSCService11.exe
PRC - [2012/02/27 06:44:18 | 001,304,792 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
PRC - [2012/02/27 06:44:06 | 001,006,864 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
PRC - [2012/02/27 06:44:06 | 000,133,424 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
PRC - [2011/08/21 10:51:52 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/06/23 21:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/15 12:53:20 | 000,325,512 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011/04/07 08:33:31 | 003,857,408 | ---- | M] (Native Instruments GmbH) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 05:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/09/14 19:09:52 | 001,213,848 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010/09/09 15:38:16 | 000,452,016 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2010/07/25 19:08:00 | 002,569,616 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2010/01/28 15:03:12 | 000,454,856 | ---- | M] (Blockbuster) -- C:\Program Files\Blockbuster\BLOCKBUSTERMovielink\Movielink User.exe
PRC - [2010/01/28 15:02:40 | 001,867,464 | ---- | M] (Blockbuster) -- C:\Program Files\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
PRC - [2009/12/17 04:55:44 | 003,350,528 | ---- | M] (Sentelic Corporation) -- C:\Program Files\FSP\FspUip.exe
PRC - [2009/12/10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
PRC - [2009/12/10 03:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
PRC - [2009/07/24 10:52:08 | 002,068,480 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MGSysCtrl.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/13 01:35:55 | 000,057,344 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
MOD - [2012/04/13 01:35:55 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
MOD - [2012/02/27 06:44:20 | 000,057,344 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc80-mt-1_36.dll
MOD - [2012/02/27 06:44:20 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc80-mt-1_36.dll
MOD - [2011/04/14 18:01:33 | 000,548,854 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2009/12/17 04:51:18 | 000,077,824 | ---- | M] () -- C:\Program Files\FSP\FspLib.dll
MOD - [2009/12/17 04:51:12 | 000,053,248 | ---- | M] () -- C:\Program Files\FSP\KbdHook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - File not found [Auto | Stopped] -- G:\HitmanPro35.exe /crusader:boot -- (HitmanPro35CrusaderBoot) Hitman Pro 3.5 Crusader (Boot)
SRV - File not found [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV - [2012/03/01 19:22:10 | 001,131,008 | ---- | M] (Luis Cobian, CobianSoft) [Auto | Stopped] -- C:\Program Files\Cobian Backup 11\cbService.exe -- (CobianBackup11)
SRV - [2012/03/01 17:43:20 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Program Files\Cobian Backup 11\cbVSCService11.exe -- (cbVSCService11)
SRV - [2012/02/15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/07 08:33:31 | 003,857,408 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/09/23 09:49:08 | 000,067,084 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Stopped] -- C:\Program Files\Cobian Backup 10\cbVSCService.exe -- (cbVSCService)
SRV - [2010/04/20 00:25:36 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/01/28 15:02:40 | 001,867,464 | ---- | M] (Blockbuster) [Auto | Running] -- C:\Program Files\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe -- (Movielink Core Service)
SRV - [2009/12/10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | System | Stopped] -- C:\Users\Daniel\Downloads\SASKUTIL.SYS -- (SABKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\ohci1394.sys -- (ohci1394) 1394 OHCI Compliant Host Controller (Legacy)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\NAVENG.SYS -- (NAVENG)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{767A5A13-E730-4133-8181-8582449E5980}\MpKsld1c08d25.sys -- (MpKsld1c08d25)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{98B5CA0C-846F-4E0E-A61F-AE8E8CEAA4A1}\MpKslaa4e8ed7.sys -- (MpKslaa4e8ed7)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{98B5CA0C-846F-4E0E-A61F-AE8E8CEAA4A1}\MpKsl6d712253.sys -- (MpKsl6d712253)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Daniel\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012/04/13 01:35:57 | 000,205,072 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2012/04/13 01:35:57 | 000,171,280 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tmnciesc.sys -- (tmnciesc)
DRV - [2012/04/13 01:35:57 | 000,092,432 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2012/04/13 01:35:57 | 000,081,168 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2012/04/13 01:35:57 | 000,068,368 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2012/04/13 01:35:57 | 000,055,056 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tmeevw.sys -- (tmeevw)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/11/20 03:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 02:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/01/07 11:24:03 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\System32\drivers\NIS\1007000.01E\srtsp.sys -- (SRTSP)
DRV - [2010/01/07 11:24:03 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1007000.01E\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/12/17 05:07:12 | 000,043,008 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fspad_wlh32.sys -- (fspad_wlh32)
DRV - [2009/10/07 08:49:40 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) QuickCam for Notebooks Pro(UVC)
DRV - [2009/08/04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009/07/30 17:12:54 | 000,287,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009/07/13 16:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 15:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009/07/13 15:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/06/29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009/06/06 14:29:00 | 009,759,520 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/05/26 15:32:02 | 000,017,408 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2009/04/30 06:43:34 | 000,064,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{5AFCC6E9-1F38-4E1D-B713-465F1342B257}: "URL" = http://www.bing.com/...rc=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 3E 81 72 4B 1C CD 01 [binary data]
IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\..\SearchScopes,DefaultScope = {F3C20966-2A2F-4DF2-B225-809CACBA5BEF}
IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\..\SearchScopes\{F3C20966-2A2F-4DF2-B225-809CACBA5BEF}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-927333513-3874424503-187824201-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Daniel\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\paypalfirefoxplugin@orbiscom: C:\Program Files\PayPal\PayPal Plug-In [2010/04/27 19:57:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/03/24 11:18:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\firefoxextension [2012/04/13 01:43:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2012/04/13 01:38:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ [2012/04/13 01:43:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/24 11:18:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/09 13:24:10 | 000,000,000 | ---D | M]

[2012/02/26 21:43:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Extensions
[2012/04/24 13:52:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions
[2012/01/25 18:45:16 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/03/02 23:09:17 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/04/21 10:12:35 | 000,002,112 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\searchplugins\wot-safe-search.xml
[2012/02/26 21:43:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/27 14:23:17 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/02/19 22:33:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/11/10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/18 08:54:58 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/10/09 15:23:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
[2012/02/18 08:54:58 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = http://dts.search-re...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Daniel\AppData\Local\Google\Chrome\Application\18.0.1025.152\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Daniel\AppData\Local\Google\Chrome\Application\18.0.1025.152\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Daniel\AppData\Local\Google\Chrome\Application\18.0.1025.152\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\npSkypeChromePlugin.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Daniel\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: TrendMicro Toolbar = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\5.2.0.1035_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Gmail = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/04/24 15:14:16 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1102\7.1.1102\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (OToolbarHelper Class) - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (PayPal Plug-In) - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll ()
O3 - HKU\S-1-5-21-927333513-3874424503-187824201-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [Cobian Backup 11 interface] C:\Program Files\Cobian Backup 11\cbInterface.exe (Luis Cobian, CobianSoft)
O4 - HKLM..\Run: [fspuip] C:\Program Files\FSP\fspuip.exe (Sentelic Corporation)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [LoadMSvcmm] C:\Program Files\Blockbuster\BLOCKBUSTERMovielink\Movielink User.exe (Blockbuster)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-21-927333513-3874424503-187824201-1000..\Run: [Spotify] C:\Users\Daniel\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-927333513-3874424503-187824201-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-927333513-3874424503-187824201-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-927333513-3874424503-187824201-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.50.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13F0D9B1-99B4-4A92-A7C4-84DEF28F053F}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941}: DhcpNameServer = 192.168.50.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1102\7.1.1102\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/11/22 12:24:51 | 000,000,000 | ---D | M] - C:\Automotive -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/25 10:14:37 | 000,000,000 | ---D | C] -- C:\windows\temp
[2012/04/25 10:09:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/04/25 09:56:25 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2012/04/25 09:56:16 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/04/25 08:45:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/25 08:45:34 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012/04/25 08:42:18 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Daniel\Desktop\mbam-setup-1.61.0.1400.exe
[2012/04/24 14:22:40 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2012/04/24 14:22:40 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2012/04/24 14:22:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/04/24 13:52:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/04/24 13:48:18 | 004,474,448 | R--- | C] (Swearware) -- C:\Users\Daniel\Desktop\ComboFix.exe
[2012/04/23 20:59:05 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2012/04/13 01:43:11 | 000,000,000 | ---D | C] -- C:\temp
[2012/04/13 01:40:36 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Trend Micro
[2012/04/13 01:40:27 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security 2012
[2012/04/13 01:39:29 | 000,055,056 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmeevw.sys
[2012/04/13 01:39:27 | 000,171,280 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmnciesc.sys
[2012/04/13 01:39:25 | 000,092,432 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmtdi.sys
[2012/04/13 01:39:11 | 000,205,072 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmcomm.sys
[2012/04/13 01:39:11 | 000,081,168 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmactmon.sys
[2012/04/13 01:39:11 | 000,068,368 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmevtmgr.sys
[2012/04/13 01:38:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2012/04/13 01:08:22 | 062,844,032 | ---- | C] (Trend Micro Inc.) -- C:\Users\Public\Desktop\Trend_Micro.exe
[2012/04/11 12:58:24 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\SUPERSystemInspector
[2012/04/10 12:29:24 | 000,000,000 | ---D | C] -- C:\found.003
[2012/04/10 00:01:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2012/04/09 20:36:51 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2012/04/09 20:35:10 | 004,485,448 | ---- | C] (Piriform Ltd) -- C:\Users\Daniel\Desktop\spsetup116.exe
[2012/04/09 19:47:16 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\Windows7_Vista_jcgriff2
[2012/04/09 12:34:36 | 000,000,000 | ---D | C] -- C:\New folder
[2012/04/09 00:03:23 | 000,000,000 | ---D | C] -- C:\found.002
[2012/04/07 12:03:51 | 000,000,000 | ---D | C] -- C:\found.001
[2012/04/07 09:36:09 | 000,000,000 | ---D | C] -- C:\found.000
[2012/04/05 01:10:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

========== Files - Modified Within 30 Days ==========

[2012/04/25 10:23:30 | 000,017,600 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/25 10:23:30 | 000,017,600 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/25 10:17:00 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-927333513-3874424503-187824201-1000UA.job
[2012/04/25 10:15:16 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/25 10:15:16 | 000,000,380 | ---- | M] () -- C:\windows\tasks\FreeFileViewerUpdateChecker.job
[2012/04/25 10:14:39 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/04/25 10:14:32 | 2213,990,400 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/25 09:55:00 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/25 08:45:36 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/25 08:42:18 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Daniel\Desktop\mbam-setup-1.61.0.1400.exe
[2012/04/24 15:14:16 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2012/04/24 13:48:19 | 004,474,448 | R--- | M] (Swearware) -- C:\Users\Daniel\Desktop\ComboFix.exe
[2012/04/24 13:17:00 | 000,000,860 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-927333513-3874424503-187824201-1000Core.job
[2012/04/23 20:59:07 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2012/04/14 22:55:18 | 000,002,374 | ---- | M] () -- C:\Users\Daniel\Desktop\Google Chrome.lnk
[2012/04/13 13:24:53 | 000,000,635 | ---- | M] () -- C:\windows\System32\drivers\etc\tmsshf.bin
[2012/04/13 01:48:43 | 000,108,048 | ---- | M] () -- C:\windows\RegBootClean.exe
[2012/04/13 01:40:33 | 000,001,451 | ---- | M] () -- C:\Users\Daniel\Desktop\Trend Micro Titanium Maximum Security 2012.lnk
[2012/04/13 01:39:08 | 000,676,880 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/04/13 01:39:08 | 000,126,956 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/04/13 01:38:14 | 000,000,056 | ---- | M] () -- C:\windows\System32\SupportTool.exe.bat
[2012/04/13 01:35:57 | 000,205,072 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmcomm.sys
[2012/04/13 01:35:57 | 000,171,280 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmnciesc.sys
[2012/04/13 01:35:57 | 000,092,432 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmtdi.sys
[2012/04/13 01:35:57 | 000,081,168 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmactmon.sys
[2012/04/13 01:35:57 | 000,068,368 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmevtmgr.sys
[2012/04/13 01:35:57 | 000,055,056 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmeevw.sys
[2012/04/13 01:10:15 | 062,844,032 | ---- | M] (Trend Micro Inc.) -- C:\Users\Public\Desktop\Trend_Micro.exe
[2012/04/12 21:53:59 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2012/04/12 12:35:31 | 000,001,361 | ---- | M] () -- C:\Users\Daniel\Desktop\CSR00087251.ssd - Shortcut.lnk
[2012/04/10 00:05:19 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2012/04/09 23:54:38 | 003,197,264 | ---- | M] () -- C:\Users\Daniel\Documents\Windows7_Vista_jcgriff2 (2).zip
[2012/04/09 20:35:21 | 004,485,448 | ---- | M] (Piriform Ltd) -- C:\Users\Daniel\Desktop\spsetup116.exe
[2012/04/09 20:32:11 | 000,001,522 | ---- | M] () -- C:\Users\Daniel\Desktop\MiniToolBox(1) - Shortcut.lnk
[2012/04/09 20:31:44 | 000,396,041 | ---- | M] () -- C:\Users\Daniel\Desktop\MiniToolBox(1).exe
[2012/04/09 20:06:55 | 003,044,827 | ---- | M] () -- C:\Users\Daniel\Documents\Windows7_Vista_jcgriff2.zip
[2012/04/09 18:59:54 | 320,459,177 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/04/09 14:40:54 | 008,435,712 | ---- | M] () -- C:\Users\Daniel\Desktop\XPRC.iso
[2012/04/05 01:10:18 | 000,001,763 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2012/04/25 08:45:36 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/24 14:22:40 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012/04/24 14:22:40 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012/04/24 14:22:40 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012/04/24 14:22:40 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012/04/24 14:22:40 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012/04/13 01:46:10 | 000,108,048 | ---- | C] () -- C:\windows\RegBootClean.exe
[2012/04/13 01:40:27 | 000,001,451 | ---- | C] () -- C:\Users\Daniel\Desktop\Trend Micro Titanium Maximum Security 2012.lnk
[2012/04/13 01:38:14 | 000,000,056 | ---- | C] () -- C:\windows\System32\SupportTool.exe.bat
[2012/04/12 12:35:31 | 000,001,361 | ---- | C] () -- C:\Users\Daniel\Desktop\CSR00087251.ssd - Shortcut.lnk
[2012/04/09 23:54:32 | 003,197,264 | ---- | C] () -- C:\Users\Daniel\Documents\Windows7_Vista_jcgriff2 (2).zip
[2012/04/09 20:36:56 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2012/04/09 20:32:11 | 000,001,522 | ---- | C] () -- C:\Users\Daniel\Desktop\MiniToolBox(1) - Shortcut.lnk
[2012/04/09 20:31:43 | 000,396,041 | ---- | C] () -- C:\Users\Daniel\Desktop\MiniToolBox(1).exe
[2012/04/09 20:06:51 | 003,044,827 | ---- | C] () -- C:\Users\Daniel\Documents\Windows7_Vista_jcgriff2.zip
[2012/04/09 14:40:54 | 008,435,712 | ---- | C] () -- C:\Users\Daniel\Desktop\XPRC.iso
[2012/04/05 01:10:18 | 000,001,763 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/09/06 20:54:06 | 000,014,051 | ---- | C] () -- C:\windows\System32\RaCoInst.dat
[2011/07/16 22:04:41 | 000,021,064 | ---- | C] () -- C:\windows\System32\drivers\hitmanpro35.sys
[2011/07/16 16:40:06 | 000,007,602 | ---- | C] () -- C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg

========== LOP Check ==========

[2011/07/31 10:05:29 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Acoustica
[2011/07/30 23:25:32 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\BitZipper
[2011/08/26 23:04:58 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/03/24 11:18:58 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\FreeFileViewer
[2011/08/21 08:01:38 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\go
[2011/10/13 10:19:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\LegalSounds
[2011/05/06 16:43:09 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\PokerAcademyPro2
[2011/12/09 23:22:23 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Smilebox
[2012/04/25 10:17:01 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Spotify
[2011/08/01 09:13:31 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\SynthMaker
[2011/12/12 12:48:50 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TuneUpMedia
[2011/08/05 09:46:00 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\uTorrent
[2011/08/21 11:54:34 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\WinPatrol
[2012/04/25 10:15:16 | 000,000,380 | ---- | M] () -- C:\windows\Tasks\FreeFileViewerUpdateChecker.job
[2012/04/08 20:50:09 | 000,032,620 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

[orapaho]

Connecting to Mozilla still freezes and then crashes. It send a report to mozilla. IE does not crash but still has the erratic text pattern.

[Gammo]

Download the latest version of TDSSKiller from here and save it to your Desktop.

• Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  
  
  
• Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  
  
  
• Click the Start Scan button.
  
  
  
• If a suspicious object is detected, the default action will be Skip, click on Continue.
  
  
  
• If malicious objects are found, they will show in the Scan results and offer three (3) options.
• Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  
  
  
• Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

[orapaho]

14:37:26.0620 5780 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
14:37:27.0320 5780 ============================================================
14:37:27.0320 5780 Current date / time: 2012/04/25 14:37:27.0320
14:37:27.0320 5780 SystemInfo:
14:37:27.0320 5780
14:37:27.0320 5780 OS Version: 6.1.7601 ServicePack: 1.0
14:37:27.0320 5780 Product type: Workstation
14:37:27.0320 5780 ComputerName: DANIEL-MSI
14:37:27.0320 5780 UserName: Daniel
14:37:27.0320 5780 Windows directory: C:\windows
14:37:27.0320 5780 System windows directory: C:\windows
14:37:27.0320 5780 Processor architecture: Intel x86
14:37:27.0320 5780 Number of processors: 2
14:37:27.0320 5780 Page size: 0x1000
14:37:27.0320 5780 Boot type: Normal boot
14:37:27.0320 5780 ============================================================
14:37:28.0407 5780 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:37:28.0418 5780 ============================================================
14:37:28.0418 5780 \Device\Harddisk0\DR0:
14:37:28.0418 5780 MBR partitions:
14:37:28.0418 5780 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1432800, BlocksNum 0x15997000
14:37:28.0418 5780 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x16DC9800, BlocksNum 0xE664800
14:37:28.0418 5780 ============================================================
14:37:28.0442 5780 C: <-> \Device\Harddisk0\DR0\Partition0
14:37:28.0477 5780 D: <-> \Device\Harddisk0\DR0\Partition1
14:37:28.0477 5780 ============================================================
14:37:28.0477 5780 Initialize success
14:37:28.0477 5780 ============================================================
14:37:37.0392 4692 ============================================================
14:37:37.0393 4692 Scan started
14:37:37.0393 4692 Mode: Manual; SigCheck; TDLFS;
14:37:37.0393 4692 ============================================================
14:37:39.0083 4692 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
14:37:39.0143 4692 1394ohci - ok
14:37:39.0185 4692 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
14:37:39.0202 4692 ACPI - ok
14:37:39.0239 4692 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
14:37:39.0257 4692 AcpiPmi - ok
14:37:39.0365 4692 AdobeActiveFileMonitor9.0 (1474f121c3df1232d3e7239c03691ee6) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
14:37:39.0378 4692 AdobeActiveFileMonitor9.0 - ok
14:37:39.0493 4692 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:37:39.0503 4692 AdobeARMservice - ok
14:37:39.0565 4692 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
14:37:39.0588 4692 adp94xx - ok
14:37:39.0653 4692 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
14:37:39.0672 4692 adpahci - ok
14:37:39.0706 4692 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
14:37:39.0722 4692 adpu320 - ok
14:37:39.0759 4692 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll
14:37:39.0792 4692 AeLookupSvc - ok
14:37:39.0846 4692 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys
14:37:39.0868 4692 AFD - ok
14:37:39.0896 4692 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
14:37:39.0910 4692 agp440 - ok
14:37:39.0959 4692 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
14:37:39.0974 4692 aic78xx - ok
14:37:40.0023 4692 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe
14:37:40.0038 4692 ALG - ok
14:37:40.0084 4692 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
14:37:40.0097 4692 aliide - ok
14:37:40.0119 4692 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
14:37:40.0133 4692 amdagp - ok
14:37:40.0147 4692 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
14:37:40.0160 4692 amdide - ok
14:37:40.0200 4692 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
14:37:40.0217 4692 AmdK8 - ok
14:37:40.0223 4692 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
14:37:40.0240 4692 AmdPPM - ok
14:37:40.0269 4692 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
14:37:40.0284 4692 amdsata - ok
14:37:40.0309 4692 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
14:37:40.0325 4692 amdsbs - ok
14:37:40.0346 4692 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
14:37:40.0359 4692 amdxata - ok
14:37:40.0481 4692 Amsp (feb0b5022c012a4a68dabcb711faff03) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
14:37:40.0515 4692 Amsp - ok
14:37:40.0698 4692 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
14:37:40.0752 4692 AppID - ok
14:37:40.0788 4692 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll
14:37:40.0830 4692 AppIDSvc - ok
14:37:40.0855 4692 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll
14:37:40.0882 4692 Appinfo - ok
14:37:40.0994 4692 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:37:41.0006 4692 Apple Mobile Device - ok
14:37:41.0063 4692 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
14:37:41.0078 4692 arc - ok
14:37:41.0089 4692 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
14:37:41.0104 4692 arcsas - ok
14:37:41.0147 4692 ArcSoftKsUFilter (dfd07f0a36bd4f7e7ad2bc5548213694) C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys
14:37:41.0158 4692 ArcSoftKsUFilter - ok
14:37:41.0278 4692 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:37:41.0290 4692 aspnet_state - ok
14:37:41.0327 4692 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
14:37:41.0356 4692 AsyncMac - ok
14:37:41.0405 4692 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
14:37:41.0419 4692 atapi - ok
14:37:41.0469 4692 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
14:37:41.0500 4692 AudioEndpointBuilder - ok
14:37:41.0508 4692 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
14:37:41.0541 4692 Audiosrv - ok
14:37:41.0582 4692 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll
14:37:41.0601 4692 AxInstSV - ok
14:37:41.0650 4692 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
14:37:41.0691 4692 b06bdrv - ok
14:37:41.0736 4692 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
14:37:41.0755 4692 b57nd60x - ok
14:37:41.0800 4692 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll
14:37:41.0829 4692 BDESVC - ok
14:37:41.0862 4692 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
14:37:41.0891 4692 Beep - ok
14:37:41.0945 4692 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll
14:37:41.0978 4692 BFE - ok
14:37:42.0015 4692 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\system32\qmgr.dll
14:37:42.0050 4692 BITS - ok
14:37:42.0061 4692 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
14:37:42.0077 4692 blbdrive - ok
14:37:42.0193 4692 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
14:37:42.0209 4692 Bonjour Service - ok
14:37:42.0266 4692 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
14:37:42.0283 4692 bowser - ok
14:37:42.0301 4692 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
14:37:42.0318 4692 BrFiltLo - ok
14:37:42.0323 4692 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
14:37:42.0343 4692 BrFiltUp - ok
14:37:42.0392 4692 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\windows\system32\DRIVERS\bridge.sys
14:37:42.0423 4692 BridgeMP - ok
14:37:42.0486 4692 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll
14:37:42.0513 4692 Browser - ok
14:37:42.0546 4692 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
14:37:42.0575 4692 Brserid - ok
14:37:42.0582 4692 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
14:37:42.0602 4692 BrSerWdm - ok
14:37:42.0606 4692 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
14:37:42.0626 4692 BrUsbMdm - ok
14:37:42.0636 4692 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
14:37:42.0653 4692 BrUsbSer - ok
14:37:42.0665 4692 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
14:37:42.0684 4692 BTHMODEM - ok
14:37:42.0719 4692 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll
14:37:42.0749 4692 bthserv - ok
14:37:42.0833 4692 catchme - ok
14:37:42.0877 4692 cbVSCService (e9bf75b975ccd281e1361f8445ffc6fa) C:\Program Files\Cobian Backup 10\cbVSCService.exe
14:37:42.0885 4692 cbVSCService ( UnsignedFile.Multi.Generic ) - warning
14:37:42.0885 4692 cbVSCService - detected UnsignedFile.Multi.Generic (1)
14:37:42.0956 4692 cbVSCService11 (58bf7714a312698108a96d0de2bb6825) C:\Program Files\Cobian Backup 11\cbVSCService11.exe
14:37:42.0985 4692 cbVSCService11 ( UnsignedFile.Multi.Generic ) - warning
14:37:42.0985 4692 cbVSCService11 - detected UnsignedFile.Multi.Generic (1)
14:37:43.0024 4692 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
14:37:43.0054 4692 cdfs - ok
14:37:43.0103 4692 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys
14:37:43.0121 4692 cdrom - ok
14:37:43.0160 4692 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
14:37:43.0188 4692 CertPropSvc - ok
14:37:43.0216 4692 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
14:37:43.0237 4692 circlass - ok
14:37:43.0280 4692 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
14:37:43.0299 4692 CLFS - ok
14:37:43.0389 4692 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:37:43.0401 4692 clr_optimization_v2.0.50727_32 - ok
14:37:43.0464 4692 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:37:43.0478 4692 clr_optimization_v4.0.30319_32 - ok
14:37:43.0495 4692 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
14:37:43.0511 4692 CmBatt - ok
14:37:43.0540 4692 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
14:37:43.0555 4692 cmdide - ok
14:37:43.0603 4692 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys
14:37:43.0629 4692 CNG - ok
14:37:43.0766 4692 CobianBackup11 (f3ecf4d778f40129e2e5d80aa9751006) C:\Program Files\Cobian Backup 11\cbService.exe
14:37:43.0787 4692 CobianBackup11 ( UnsignedFile.Multi.Generic ) - warning
14:37:43.0787 4692 CobianBackup11 - detected UnsignedFile.Multi.Generic (1)
14:37:43.0909 4692 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
14:37:43.0922 4692 Compbatt - ok
14:37:43.0964 4692 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
14:37:43.0982 4692 CompositeBus - ok
14:37:44.0003 4692 COMSysApp - ok
14:37:44.0028 4692 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
14:37:44.0041 4692 crcdisk - ok
14:37:44.0075 4692 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\windows\system32\cryptsvc.dll
14:37:44.0103 4692 CryptSvc - ok
14:37:44.0139 4692 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
14:37:44.0171 4692 DcomLaunch - ok
14:37:44.0194 4692 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll
14:37:44.0225 4692 defragsvc - ok
14:37:44.0262 4692 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
14:37:44.0291 4692 DfsC - ok
14:37:44.0339 4692 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll
14:37:44.0369 4692 Dhcp - ok
14:37:44.0400 4692 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
14:37:44.0429 4692 discache - ok
14:37:44.0464 4692 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
14:37:44.0478 4692 Disk - ok
14:37:44.0503 4692 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll
14:37:44.0531 4692 Dnscache - ok
14:37:44.0565 4692 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll
14:37:44.0595 4692 dot3svc - ok
14:37:44.0632 4692 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll
14:37:44.0661 4692 DPS - ok
14:37:44.0690 4692 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
14:37:44.0709 4692 drmkaud - ok
14:37:44.0763 4692 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
14:37:44.0791 4692 DXGKrnl - ok
14:37:44.0824 4692 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll
14:37:44.0854 4692 EapHost - ok
14:37:44.0979 4692 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
14:37:45.0056 4692 ebdrv - ok
14:37:45.0136 4692 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe
14:37:45.0152 4692 EFS - ok
14:37:45.0215 4692 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe
14:37:45.0252 4692 ehRecvr - ok
14:37:45.0292 4692 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe
14:37:45.0309 4692 ehSched - ok
14:37:45.0373 4692 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
14:37:45.0397 4692 elxstor - ok
14:37:45.0425 4692 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
14:37:45.0441 4692 ErrDev - ok
14:37:45.0509 4692 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll
14:37:45.0540 4692 EventSystem - ok
14:37:45.0571 4692 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
14:37:45.0602 4692 exfat - ok
14:37:45.0616 4692 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
14:37:45.0647 4692 fastfat - ok
14:37:45.0699 4692 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe
14:37:45.0727 4692 Fax - ok
14:37:45.0752 4692 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
14:37:45.0771 4692 fdc - ok
14:37:45.0796 4692 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll
14:37:45.0826 4692 fdPHost - ok
14:37:45.0836 4692 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll
14:37:45.0866 4692 FDResPub - ok
14:37:45.0893 4692 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
14:37:45.0908 4692 FileInfo - ok
14:37:45.0913 4692 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
14:37:45.0945 4692 Filetrace - ok
14:37:45.0964 4692 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
14:37:45.0981 4692 flpydisk - ok
14:37:46.0011 4692 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
14:37:46.0028 4692 FltMgr - ok
14:37:46.0083 4692 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll
14:37:46.0130 4692 FontCache - ok
14:37:46.0254 4692 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:37:46.0265 4692 FontCache3.0.0.0 - ok
14:37:46.0292 4692 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
14:37:46.0307 4692 FsDepends - ok
14:37:46.0354 4692 fspad_wlh32 (8042377edef55850f275b36f6e8b24ab) C:\windows\system32\DRIVERS\fspad_wlh32.sys
14:37:46.0368 4692 fspad_wlh32 - ok
14:37:46.0389 4692 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
14:37:46.0403 4692 Fs_Rec - ok
14:37:46.0442 4692 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
14:37:46.0462 4692 fvevol - ok
14:37:46.0574 4692 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
14:37:46.0588 4692 gagp30kx - ok
14:37:46.0663 4692 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
14:37:46.0673 4692 GEARAspiWDM - ok
14:37:46.0738 4692 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll
14:37:46.0781 4692 gpsvc - ok
14:37:46.0905 4692 gupdate (7629a95fe5c3c94ceaf88a623be3469c) C:\Program Files\Google\Update\GoogleUpdate.exe
14:37:46.0910 4692 gupdate ( UnsignedFile.Multi.Generic ) - warning
14:37:46.0910 4692 gupdate - detected UnsignedFile.Multi.Generic (1)
14:37:46.0927 4692 gupdatem (7629a95fe5c3c94ceaf88a623be3469c) C:\Program Files\Google\Update\GoogleUpdate.exe
14:37:46.0932 4692 gupdatem ( UnsignedFile.Multi.Generic ) - warning
14:37:46.0933 4692 gupdatem - detected UnsignedFile.Multi.Generic (1)
14:37:46.0961 4692 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
14:37:46.0991 4692 hcw85cir - ok
14:37:47.0038 4692 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
14:37:47.0061 4692 HdAudAddService - ok
14:37:47.0080 4692 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
14:37:47.0100 4692 HDAudBus - ok
14:37:47.0126 4692 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
14:37:47.0142 4692 HidBatt - ok
14:37:47.0149 4692 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
14:37:47.0170 4692 HidBth - ok
14:37:47.0192 4692 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
14:37:47.0211 4692 HidIr - ok
14:37:47.0242 4692 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\System32\hidserv.dll
14:37:47.0271 4692 hidserv - ok
14:37:47.0315 4692 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\DRIVERS\hidusb.sys
14:37:47.0331 4692 HidUsb - ok
14:37:47.0345 4692 HitmanPro35CrusaderBoot - ok
14:37:47.0376 4692 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll
14:37:47.0406 4692 hkmsvc - ok
14:37:47.0423 4692 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll
14:37:47.0454 4692 HomeGroupListener - ok
14:37:47.0484 4692 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll
14:37:47.0502 4692 HomeGroupProvider - ok
14:37:47.0544 4692 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
14:37:47.0558 4692 HpSAMD - ok
14:37:47.0624 4692 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
14:37:47.0660 4692 HTTP - ok
14:37:47.0675 4692 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
14:37:47.0688 4692 hwpolicy - ok
14:37:47.0736 4692 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
14:37:47.0753 4692 i8042prt - ok
14:37:47.0791 4692 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
14:37:47.0811 4692 iaStorV - ok
14:37:47.0920 4692 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:37:47.0942 4692 idsvc - ok
14:37:47.0983 4692 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
14:37:47.0997 4692 iirsp - ok
14:37:48.0051 4692 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll
14:37:48.0105 4692 IKEEXT - ok
14:37:48.0211 4692 IntcAzAudAddService (8b27c21412ae4404eb0acfe1d98579ec) C:\windows\system32\drivers\RTKVHDA.sys
14:37:48.0273 4692 IntcAzAudAddService - ok
14:37:48.0366 4692 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
14:37:48.0379 4692 intelide - ok
14:37:48.0415 4692 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
14:37:48.0431 4692 intelppm - ok
14:37:48.0456 4692 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll
14:37:48.0486 4692 IPBusEnum - ok
14:37:48.0508 4692 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
14:37:48.0537 4692 IpFilterDriver - ok
14:37:48.0584 4692 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\windows\System32\iphlpsvc.dll
14:37:48.0616 4692 iphlpsvc - ok
14:37:48.0639 4692 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
14:37:48.0656 4692 IPMIDRV - ok
14:37:48.0692 4692 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
14:37:48.0723 4692 IPNAT - ok
14:37:48.0760 4692 iPod Service - ok
14:37:48.0796 4692 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
14:37:48.0816 4692 IRENUM - ok
14:37:48.0841 4692 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
14:37:48.0855 4692 isapnp - ok
14:37:48.0872 4692 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
14:37:48.0890 4692 iScsiPrt - ok
14:37:48.0924 4692 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
14:37:48.0937 4692 kbdclass - ok
14:37:48.0971 4692 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
14:37:48.0987 4692 kbdhid - ok
14:37:49.0015 4692 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
14:37:49.0030 4692 KeyIso - ok
14:37:49.0047 4692 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys
14:37:49.0062 4692 KSecDD - ok
14:37:49.0087 4692 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys
14:37:49.0103 4692 KSecPkg - ok
14:37:49.0133 4692 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll
14:37:49.0166 4692 KtmRm - ok
14:37:49.0243 4692 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\System32\srvsvc.dll
14:37:49.0273 4692 LanmanServer - ok
14:37:49.0297 4692 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll
14:37:49.0326 4692 LanmanWorkstation - ok
14:37:49.0371 4692 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
14:37:49.0400 4692 lltdio - ok
14:37:49.0431 4692 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll
14:37:49.0462 4692 lltdsvc - ok
14:37:49.0477 4692 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll
14:37:49.0506 4692 lmhosts - ok
14:37:49.0525 4692 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
14:37:49.0542 4692 LSI_FC - ok
14:37:49.0569 4692 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
14:37:49.0584 4692 LSI_SAS - ok
14:37:49.0599 4692 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
14:37:49.0613 4692 LSI_SAS2 - ok
14:37:49.0652 4692 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
14:37:49.0667 4692 LSI_SCSI - ok
14:37:49.0691 4692 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
14:37:49.0722 4692 luafv - ok
14:37:49.0974 4692 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\windows\system32\DRIVERS\lvuvc.sys
14:37:50.0179 4692 LVUVC - ok
14:37:50.0265 4692 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll
14:37:50.0282 4692 Mcx2Svc - ok
14:37:50.0362 4692 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
14:37:50.0375 4692 megasas - ok
14:37:50.0407 4692 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
14:37:50.0426 4692 MegaSR - ok
14:37:50.0444 4692 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
14:37:50.0474 4692 MMCSS - ok
14:37:50.0496 4692 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
14:37:50.0526 4692 Modem - ok
14:37:50.0548 4692 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
14:37:50.0565 4692 monitor - ok
14:37:50.0589 4692 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
14:37:50.0603 4692 mouclass - ok
14:37:50.0633 4692 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
14:37:50.0649 4692 mouhid - ok
14:37:50.0673 4692 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
14:37:50.0687 4692 mountmgr - ok
14:37:50.0849 4692 Movielink Core Service (19e4baa7be36144c41af844de1cfb50d) C:\Program Files\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
14:37:50.0885 4692 Movielink Core Service - ok
14:37:51.0023 4692 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\windows\system32\DRIVERS\MpFilter.sys
14:37:51.0040 4692 MpFilter - ok
14:37:51.0074 4692 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
14:37:51.0090 4692 mpio - ok
14:37:51.0180 4692 MpKsl6d712253 - ok
14:37:51.0206 4692 MpKslaa4e8ed7 - ok
14:37:51.0216 4692 MpKsld1c08d25 - ok
14:37:51.0242 4692 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\windows\system32\DRIVERS\MpNWMon.sys
14:37:51.0254 4692 MpNWMon - ok
14:37:51.0272 4692 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
14:37:51.0300 4692 mpsdrv - ok
14:37:51.0357 4692 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll
14:37:51.0392 4692 MpsSvc - ok
14:37:51.0421 4692 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
14:37:51.0441 4692 MRxDAV - ok
14:37:51.0512 4692 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
14:37:51.0529 4692 mrxsmb - ok
14:37:51.0560 4692 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
14:37:51.0579 4692 mrxsmb10 - ok
14:37:51.0599 4692 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
14:37:51.0616 4692 mrxsmb20 - ok
14:37:51.0654 4692 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
14:37:51.0668 4692 msahci - ok
14:37:51.0695 4692 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
14:37:51.0711 4692 msdsm - ok
14:37:51.0739 4692 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe
14:37:51.0756 4692 MSDTC - ok
14:37:51.0804 4692 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
14:37:51.0834 4692 Msfs - ok
14:37:51.0852 4692 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
14:37:51.0880 4692 mshidkmdf - ok
14:37:51.0902 4692 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
14:37:51.0916 4692 msisadrv - ok
14:37:51.0958 4692 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll
14:37:51.0986 4692 MSiSCSI - ok
14:37:51.0990 4692 msiserver - ok
14:37:52.0033 4692 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
14:37:52.0062 4692 MSKSSRV - ok
14:37:52.0083 4692 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
14:37:52.0120 4692 MSPCLOCK - ok
14:37:52.0140 4692 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
14:37:52.0168 4692 MSPQM - ok
14:37:52.0202 4692 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
14:37:52.0219 4692 MsRPC - ok
14:37:52.0256 4692 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
14:37:52.0269 4692 mssmbios - ok
14:37:52.0310 4692 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
14:37:52.0339 4692 MSTEE - ok
14:37:52.0348 4692 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
14:37:52.0365 4692 MTConfig - ok
14:37:52.0389 4692 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
14:37:52.0405 4692 Mup - ok
14:37:52.0439 4692 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll
14:37:52.0471 4692 napagent - ok
14:37:52.0525 4692 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
14:37:52.0549 4692 NativeWifiP - ok
14:37:52.0609 4692 NAVENG - ok
14:37:52.0616 4692 NAVEX15 - ok
14:37:52.0658 4692 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
14:37:52.0681 4692 NDIS - ok
14:37:52.0722 4692 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
14:37:52.0751 4692 NdisCap - ok
14:37:52.0779 4692 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
14:37:52.0806 4692 NdisTapi - ok
14:37:52.0845 4692 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
14:37:52.0873 4692 Ndisuio - ok
14:37:52.0893 4692 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
14:37:52.0922 4692 NdisWan - ok
14:37:52.0938 4692 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
14:37:52.0965 4692 NDProxy - ok
14:37:52.0996 4692 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
14:37:53.0026 4692 NetBIOS - ok
14:37:53.0050 4692 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
14:37:53.0080 4692 NetBT - ok
14:37:53.0105 4692 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
14:37:53.0120 4692 Netlogon - ok
14:37:53.0162 4692 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll
14:37:53.0194 4692 Netman - ok
14:37:53.0308 4692 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:37:53.0320 4692 NetMsmqActivator - ok
14:37:53.0325 4692 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:37:53.0338 4692 NetPipeActivator - ok
14:37:53.0369 4692 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll
14:37:53.0403 4692 netprofm - ok
14:37:53.0460 4692 netr28 (091d731c04e7a1543b391a5b883b4598) C:\windows\system32\DRIVERS\netr28.sys
14:37:53.0487 4692 netr28 - ok
14:37:53.0586 4692 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:37:53.0598 4692 NetTcpActivator - ok
14:37:53.0602 4692 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:37:53.0617 4692 NetTcpPortSharing - ok
14:37:53.0658 4692 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
14:37:53.0672 4692 nfrd960 - ok
14:37:53.0869 4692 NIHardwareService (bd7a1d7bef2c0fde73f7b87971ed9d2f) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
14:37:53.0925 4692 NIHardwareService ( UnsignedFile.Multi.Generic ) - warning
14:37:53.0926 4692 NIHardwareService - detected UnsignedFile.Multi.Generic (1)
14:37:54.0047 4692 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\windows\system32\DRIVERS\NisDrvWFP.sys
14:37:54.0059 4692 NisDrv - ok
14:37:54.0092 4692 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll
14:37:54.0133 4692 NlaSvc - ok
14:37:54.0164 4692 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
14:37:54.0195 4692 Npfs - ok
14:37:54.0215 4692 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll
14:37:54.0246 4692 nsi - ok
14:37:54.0266 4692 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
14:37:54.0304 4692 nsiproxy - ok
14:37:54.0376 4692 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
14:37:54.0417 4692 Ntfs - ok
14:37:54.0440 4692 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
14:37:54.0468 4692 Null - ok
14:37:54.0502 4692 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\windows\system32\DRIVERS\nvm62x32.sys
14:37:54.0524 4692 NVENETFD - ok
14:37:54.0585 4692 NVHDA (603b0c9bb86f7b3efb88a482c6663ec4) C:\windows\system32\drivers\nvhda32v.sys
14:37:54.0598 4692 NVHDA - ok
14:37:54.0908 4692 nvlddmkm (6369c7702e931ec4b495a8930a8149f2) C:\windows\system32\DRIVERS\nvlddmkm.sys
14:37:55.0153 4692 nvlddmkm - ok
14:37:55.0301 4692 NVNET (5bf9c11586f4764446407f509f1beca8) C:\windows\system32\DRIVERS\nvmf6232.sys
14:37:55.0339 4692 NVNET - ok
14:37:55.0404 4692 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
14:37:55.0419 4692 nvraid - ok
14:37:55.0469 4692 nvsmu (f13618f0cb1e95232f4c2401592a59e9) C:\windows\system32\DRIVERS\nvsmu.sys
14:37:55.0482 4692 nvsmu - ok
14:37:55.0532 4692 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
14:37:55.0548 4692 nvstor - ok
14:37:55.0581 4692 nvstor32 (3ff57a9a657c9690ecbc8b1e3b6e3979) C:\windows\system32\DRIVERS\nvstor32.sys
14:37:55.0594 4692 nvstor32 - ok
14:37:55.0623 4692 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
14:37:55.0638 4692 nv_agp - ok
14:37:55.0726 4692 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:37:55.0743 4692 odserv - ok
14:37:55.0764 4692 ohci1394 - ok
14:37:55.0825 4692 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:37:55.0838 4692 ose - ok
14:37:55.0882 4692 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
14:37:55.0911 4692 p2pimsvc - ok
14:37:55.0943 4692 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll
14:37:55.0964 4692 p2psvc - ok
14:37:55.0985 4692 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
14:37:56.0004 4692 Parport - ok
14:37:56.0035 4692 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
14:37:56.0051 4692 partmgr - ok
14:37:56.0069 4692 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
14:37:56.0085 4692 Parvdm - ok
14:37:56.0126 4692 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll
14:37:56.0147 4692 PcaSvc - ok
14:37:56.0191 4692 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
14:37:56.0208 4692 pci - ok
14:37:56.0220 4692 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
14:37:56.0235 4692 pciide - ok
14:37:56.0260 4692 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
14:37:56.0277 4692 pcmcia - ok
14:37:56.0291 4692 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
14:37:56.0305 4692 pcw - ok
14:37:56.0345 4692 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
14:37:56.0385 4692 PEAUTH - ok
14:37:56.0485 4692 pgsql-8.3 (acc93675d78d1c07dad09d7837f2397a) C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
14:37:56.0492 4692 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - warning
14:37:56.0492 4692 pgsql-8.3 - detected UnsignedFile.Multi.Generic (1)
14:37:56.0560 4692 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll
14:37:56.0605 4692 pla - ok
14:37:56.0715 4692 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll
14:37:56.0743 4692 PlugPlay - ok
14:37:56.0766 4692 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll
14:37:56.0783 4692 PNRPAutoReg - ok
14:37:56.0806 4692 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
14:37:56.0824 4692 PNRPsvc - ok
14:37:56.0866 4692 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll
14:37:56.0897 4692 PolicyAgent - ok
14:37:56.0924 4692 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll
14:37:56.0953 4692 Power - ok
14:37:57.0019 4692 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
14:37:57.0049 4692 PptpMiniport - ok
14:37:57.0070 4692 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
14:37:57.0087 4692 Processor - ok
14:37:57.0135 4692 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\windows\system32\profsvc.dll
14:37:57.0164 4692 ProfSvc - ok
14:37:57.0194 4692 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
14:37:57.0210 4692 ProtectedStorage - ok
14:37:57.0242 4692 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
14:37:57.0271 4692 Psched - ok
14:37:57.0308 4692 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\windows\system32\Drivers\PxHelp20.sys
14:37:57.0321 4692 PxHelp20 - ok
14:37:57.0373 4692 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
14:37:57.0417 4692 ql2300 - ok
14:37:57.0536 4692 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
14:37:57.0551 4692 ql40xx - ok
14:37:57.0598 4692 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll
14:37:57.0620 4692 QWAVE - ok
14:37:57.0643 4692 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
14:37:57.0661 4692 QWAVEdrv - ok
14:37:57.0676 4692 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
14:37:57.0705 4692 RasAcd - ok
14:37:57.0746 4692 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
14:37:57.0773 4692 RasAgileVpn - ok
14:37:57.0800 4692 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll
14:37:57.0831 4692 RasAuto - ok
14:37:57.0873 4692 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
14:37:57.0903 4692 Rasl2tp - ok
14:37:57.0949 4692 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll
14:37:57.0982 4692 RasMan - ok
14:37:58.0012 4692 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
14:37:58.0042 4692 RasPppoe - ok
14:37:58.0063 4692 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
14:37:58.0092 4692 RasSstp - ok
14:37:58.0124 4692 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
14:37:58.0155 4692 rdbss - ok
14:37:58.0171 4692 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
14:37:58.0188 4692 rdpbus - ok
14:37:58.0214 4692 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
14:37:58.0244 4692 RDPCDD - ok
14:37:58.0291 4692 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
14:37:58.0328 4692 RDPENCDD - ok
14:37:58.0343 4692 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
14:37:58.0370 4692 RDPREFMP - ok
14:37:58.0401 4692 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys
14:37:58.0428 4692 RDPWD - ok
14:37:58.0483 4692 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
14:37:58.0500 4692 rdyboost - ok
14:37:58.0537 4692 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll
14:37:58.0566 4692 RemoteAccess - ok
14:37:58.0592 4692 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll
14:37:58.0623 4692 RemoteRegistry - ok
14:37:58.0654 4692 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll
14:37:58.0685 4692 RpcEptMapper - ok
14:37:58.0710 4692 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe
14:37:58.0727 4692 RpcLocator - ok
14:37:58.0761 4692 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\System32\rpcss.dll
14:37:58.0793 4692 RpcSs - ok
14:37:58.0832 4692 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
14:37:58.0862 4692 rspndr - ok
14:37:58.0878 4692 RSUSBSTOR - ok
14:37:58.0915 4692 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
14:37:58.0933 4692 RTL8167 - ok
14:37:58.0937 4692 RtsUIR - ok
14:37:58.0997 4692 SABKUTIL - ok
14:37:59.0039 4692 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
14:37:59.0055 4692 SamSs - ok
14:37:59.0111 4692 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
14:37:59.0126 4692 sbp2port - ok
14:37:59.0163 4692 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll
14:37:59.0193 4692 SCardSvr - ok
14:37:59.0226 4692 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
14:37:59.0254 4692 scfilter - ok
14:37:59.0306 4692 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll
14:37:59.0341 4692 Schedule - ok
14:37:59.0363 4692 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
14:37:59.0401 4692 SCPolicySvc - ok
14:37:59.0445 4692 sdbus (0328be1c7f1cba23848179f8762e391c) C:\windows\system32\drivers\sdbus.sys
14:37:59.0463 4692 sdbus - ok
14:37:59.0482 4692 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll
14:37:59.0501 4692 SDRSVC - ok
14:37:59.0534 4692 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
14:37:59.0563 4692 secdrv - ok
14:37:59.0595 4692 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll
14:37:59.0624 4692 seclogon - ok
14:37:59.0642 4692 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\system32\sens.dll
14:37:59.0671 4692 SENS - ok
14:37:59.0690 4692 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll
14:37:59.0716 4692 SensrSvc - ok
14:37:59.0728 4692 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
14:37:59.0745 4692 Serenum - ok
14:37:59.0781 4692 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
14:37:59.0799 4692 Serial - ok
14:37:59.0834 4692 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
14:37:59.0849 4692 sermouse - ok
14:37:59.0888 4692 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll
14:37:59.0916 4692 SessionEnv - ok
14:37:59.0941 4692 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
14:37:59.0958 4692 sffdisk - ok
14:37:59.0963 4692 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
14:37:59.0984 4692 sffp_mmc - ok
14:37:59.0989 4692 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
14:38:00.0014 4692 sffp_sd - ok
14:38:00.0043 4692 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
14:38:00.0059 4692 sfloppy - ok
14:38:00.0114 4692 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll
14:38:00.0146 4692 SharedAccess - ok
14:38:00.0176 4692 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll
14:38:00.0207 4692 ShellHWDetection - ok
14:38:00.0236 4692 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
14:38:00.0254 4692 sisagp - ok
14:38:00.0285 4692 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
14:38:00.0299 4692 SiSRaid2 - ok
14:38:00.0312 4692 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
14:38:00.0327 4692 SiSRaid4 - ok
14:38:00.0403 4692 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files\Skype\Updater\Updater.exe
14:38:00.0415 4692 SkypeUpdate - ok
14:38:00.0439 4692 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
14:38:00.0468 4692 Smb - ok
14:38:00.0539 4692 smserial (19301c27f3425dc39f6c599f527e507d) C:\windows\system32\DRIVERS\smserial.sys
14:38:00.0574 4692 smserial - ok
14:38:00.0611 4692 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe
14:38:00.0628 4692 SNMPTRAP - ok
14:38:00.0638 4692 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
14:38:00.0651 4692 spldr - ok
14:38:00.0687 4692 Spooler (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe
14:38:00.0719 4692 Spooler - ok
14:38:00.0845 4692 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe
14:38:00.0920 4692 sppsvc - ok
14:38:01.0007 4692 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll
14:38:01.0036 4692 sppuinotify - ok
14:38:01.0108 4692 SRTSP (e81f6caeab9ad5732e94c07c97866aa2) C:\windows\system32\drivers\NIS\1007000.01E\SRTSP.SYS
14:38:01.0127 4692 SRTSP - ok
14:38:01.0147 4692 SRTSPX (e28de499d942b08058bffac69d4122b6) C:\windows\system32\drivers\NIS\1007000.01E\SRTSPX.SYS
14:38:01.0159 4692 SRTSPX - ok
14:38:01.0192 4692 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
14:38:01.0212 4692 srv - ok
14:38:01.0229 4692 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
14:38:01.0249 4692 srv2 - ok
14:38:01.0280 4692 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
14:38:01.0298 4692 srvnet - ok
14:38:01.0323 4692 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll
14:38:01.0354 4692 SSDPSRV - ok
14:38:01.0374 4692 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll
14:38:01.0403 4692 SstpSvc - ok
14:38:01.0423 4692 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
14:38:01.0436 4692 stexstor - ok
14:38:01.0470 4692 StillCam (edb05bd63148796f23ea78506404a538) C:\windows\system32\DRIVERS\serscan.sys
14:38:01.0489 4692 StillCam - ok
14:38:01.0545 4692 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll
14:38:01.0570 4692 StiSvc - ok
14:38:01.0598 4692 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
14:38:01.0612 4692 swenum - ok
14:38:01.0650 4692 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll
14:38:01.0683 4692 swprv - ok
14:38:01.0743 4692 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll
14:38:01.0775 4692 SysMain - ok
14:38:01.0804 4692 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll
14:38:01.0825 4692 TabletInputService - ok
14:38:01.0869 4692 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll
14:38:01.0899 4692 TapiSrv - ok
14:38:01.0933 4692 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll
14:38:01.0965 4692 TBS - ok
14:38:02.0080 4692 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys
14:38:02.0125 4692 Tcpip - ok
14:38:02.0148 4692 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys
14:38:02.0180 4692 TCPIP6 - ok
14:38:02.0224 4692 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
14:38:02.0262 4692 tcpipreg - ok
14:38:02.0291 4692 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
14:38:02.0308 4692 TDPIPE - ok
14:38:02.0348 4692 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
14:38:02.0364 4692 TDTCP - ok
14:38:02.0390 4692 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
14:38:02.0418 4692 tdx - ok
14:38:02.0447 4692 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
14:38:02.0461 4692 TermDD - ok
14:38:02.0508 4692 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll
14:38:02.0541 4692 TermService - ok
14:38:02.0565 4692 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll
14:38:02.0585 4692 Themes - ok
14:38:02.0602 4692 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
14:38:02.0632 4692 THREADORDER - ok
14:38:02.0682 4692 tmactmon (e8e528896ff2595cfada88749cd72ef8) C:\windows\system32\DRIVERS\tmactmon.sys
14:38:02.0696 4692 tmactmon - ok
14:38:02.0753 4692 tmcomm (1837512d4aab862bd297a2ef035fba14) C:\windows\system32\DRIVERS\tmcomm.sys
14:38:02.0768 4692 tmcomm - ok
14:38:02.0819 4692 tmeevw (f49ca5c26378f4d5603f2a2fc86e09a1) C:\windows\system32\DRIVERS\tmeevw.sys
14:38:02.0830 4692 tmeevw - ok
14:38:02.0866 4692 tmevtmgr (dbac510d1c7cc66b7a78eb2264f3072e) C:\windows\system32\DRIVERS\tmevtmgr.sys
14:38:02.0878 4692 tmevtmgr - ok
14:38:02.0894 4692 tmnciesc (2e078184034a179c47787f87f238d5ba) C:\windows\system32\DRIVERS\tmnciesc.sys
14:38:02.0907 4692 tmnciesc - ok
14:38:02.0960 4692 tmtdi (a6e20b094a8d3e3f46d10bbe7e1ebb82) C:\windows\system32\DRIVERS\tmtdi.sys
14:38:02.0973 4692 tmtdi - ok
14:38:03.0012 4692 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll
14:38:03.0043 4692 TrkWks - ok
14:38:03.0088 4692 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe
14:38:03.0122 4692 TrustedInstaller - ok
14:38:03.0135 4692 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
14:38:03.0163 4692 tssecsrv - ok
14:38:03.0198 4692 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
14:38:03.0228 4692 TsUsbFlt - ok
14:38:03.0281 4692 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
14:38:03.0311 4692 tunnel - ok
14:38:03.0340 4692 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
14:38:03.0355 4692 uagp35 - ok
14:38:03.0386 4692 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
14:38:03.0418 4692 udfs - ok
14:38:03.0462 4692 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe
14:38:03.0479 4692 UI0Detect - ok
14:38:03.0515 4692 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
14:38:03.0530 4692 uliagpkx - ok
14:38:03.0564 4692 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
14:38:03.0580 4692 umbus - ok
14:38:03.0615 4692 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
14:38:03.0630 4692 UmPass - ok
14:38:03.0665 4692 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll
14:38:03.0697 4692 upnphost - ok
14:38:03.0735 4692 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\windows\system32\Drivers\usbaapl.sys
14:38:03.0757 4692 USBAAPL - ok
14:38:03.0799 4692 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\windows\system32\drivers\usbaudio.sys
14:38:03.0818 4692 usbaudio - ok
14:38:03.0833 4692 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
14:38:03.0850 4692 usbccgp - ok
14:38:03.0854 4692 USBCCID - ok
14:38:03.0898 4692 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
14:38:03.0917 4692 usbcir - ok
14:38:03.0929 4692 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
14:38:03.0945 4692 usbehci - ok
14:38:03.0976 4692 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
14:38:03.0997 4692 usbhub - ok
14:38:04.0022 4692 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\DRIVERS\usbohci.sys
14:38:04.0041 4692 usbohci - ok
14:38:04.0066 4692 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
14:38:04.0083 4692 usbprint - ok
14:38:04.0120 4692 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys
14:38:04.0138 4692 usbscan - ok
14:38:04.0173 4692 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
14:38:04.0190 4692 USBSTOR - ok
14:38:04.0208 4692 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\drivers\usbuhci.sys
14:38:04.0223 4692 usbuhci - ok
14:38:04.0274 4692 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys
14:38:04.0295 4692 usbvideo - ok
14:38:04.0319 4692 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll
14:38:04.0348 4692 UxSms - ok
14:38:04.0373 4692 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
14:38:04.0389 4692 VaultSvc - ok
14:38:04.0415 4692 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
14:38:04.0430 4692 vdrvroot - ok
14:38:04.0479 4692 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe
14:38:04.0512 4692 vds - ok
14:38:04.0548 4692 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
14:38:04.0565 4692 vga - ok
14:38:04.0581 4692 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
14:38:04.0611 4692 VgaSave - ok
14:38:04.0642 4692 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
14:38:04.0659 4692 vhdmp - ok
14:38:04.0683 4692 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
14:38:04.0697 4692 viaagp - ok
14:38:04.0722 4692 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
14:38:04.0738 4692 ViaC7 - ok
14:38:04.0768 4692 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
14:38:04.0782 4692 viaide - ok
14:38:04.0802 4692 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
14:38:04.0817 4692 volmgr - ok
14:38:04.0857 4692 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
14:38:04.0876 4692 volmgrx - ok
14:38:04.0908 4692 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
14:38:04.0926 4692 volsnap - ok
14:38:04.0959 4692 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
14:38:04.0975 4692 vsmraid - ok
14:38:05.0031 4692 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe
14:38:05.0070 4692 VSS - ok
14:38:05.0084 4692 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
14:38:05.0102 4692 vwifibus - ok
14:38:05.0133 4692 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
14:38:05.0152 4692 vwififlt - ok
14:38:05.0174 4692 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys
14:38:05.0192 4692 vwifimp - ok
14:38:05.0233 4692 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll
14:38:05.0266 4692 W32Time - ok
14:38:05.0296 4692 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
14:38:05.0312 4692 WacomPen - ok
14:38:05.0351 4692 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
14:38:05.0379 4692 WANARP - ok
14:38:05.0383 4692 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
14:38:05.0412 4692 Wanarpv6 - ok
14:38:05.0492 4692 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\windows\system32\Wat\WatAdminSvc.exe
14:38:05.0525 4692 WatAdminSvc - ok
14:38:05.0591 4692 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe
14:38:05.0634 4692 wbengine - ok
14:38:05.0672 4692 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll
14:38:05.0693 4692 WbioSrvc - ok
14:38:05.0724 4692 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll
14:38:05.0746 4692 wcncsvc - ok
14:38:05.0772 4692 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll
14:38:05.0798 4692 WcsPlugInService - ok
14:38:05.0842 4692 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
14:38:05.0856 4692 Wd - ok
14:38:05.0887 4692 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
14:38:05.0911 4692 Wdf01000 - ok
14:38:05.0926 4692 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
14:38:05.0960 4692 WdiServiceHost - ok
14:38:05.0964 4692 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
14:38:05.0984 4692 WdiSystemHost - ok
14:38:06.0013 4692 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll
14:38:06.0035 4692 WebClient - ok
14:38:06.0079 4692 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll
14:38:06.0116 4692 Wecsvc - ok
14:38:06.0149 4692 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll
14:38:06.0178 4692 wercplsupport - ok
14:38:06.0210 4692 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll
14:38:06.0240 4692 WerSvc - ok
14:38:06.0276 4692 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
14:38:06.0309 4692 WfpLwf - ok
14:38:06.0327 4692 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
14:38:06.0341 4692 WIMMount - ok
14:38:06.0418 4692 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
14:38:06.0443 4692 WinDefend - ok
14:38:06.0453 4692 WinHttpAutoProxySvc - ok
14:38:06.0510 4692 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll
14:38:06.0539 4692 Winmgmt - ok
14:38:06.0605 4692 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll
14:38:06.0648 4692 WinRM - ok
14:38:06.0730 4692 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys
14:38:06.0748 4692 WinUsb - ok
14:38:06.0817 4692 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll
14:38:06.0846 4692 Wlansvc - ok
14:38:06.0882 4692 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
14:38:06.0898 4692 WmiAcpi - ok
14:38:06.0950 4692 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe
14:38:06.0967 4692 wmiApSrv - ok
14:38:07.0076 4692 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
14:38:07.0103 4692 WMPNetworkSvc - ok
14:38:07.0137 4692 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll
14:38:07.0161 4692 WPCSvc - ok
14:38:07.0196 4692 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll
14:38:07.0215 4692 WPDBusEnum - ok
14:38:07.0265 4692 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
14:38:07.0294 4692 ws2ifsl - ok
14:38:07.0319 4692 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\system32\wscsvc.dll
14:38:07.0340 4692 wscsvc - ok
14:38:07.0344 4692 WSearch - ok
14:38:07.0435 4692 wuauserv (3026418a50c5b4761befa632cedb7406) C:\windows\system32\wuaueng.dll
14:38:07.0485 4692 wuauserv - ok
14:38:07.0601 4692 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys
14:38:07.0629 4692 WudfPf - ok
14:38:07.0643 4692 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys
14:38:07.0682 4692 WUDFRd - ok
14:38:07.0720 4692 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\windows\System32\WUDFSvc.dll
14:38:07.0749 4692 wudfsvc - ok
14:38:07.0781 4692 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll
14:38:07.0803 4692 WwanSvc - ok
14:38:07.0837 4692 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:38:07.0932 4692 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
14:38:07.0932 4692 \Device\Harddisk0\DR0 - detected TDSS File System (1)
14:38:07.0967 4692 Boot (0x1200) (3fb453d45083640cf69166a58c6c1524) \Device\Harddisk0\DR0\Partition0
14:38:07.0968 4692 \Device\Harddisk0\DR0\Partition0 - ok
14:38:07.0992 4692 Boot (0x1200) (47c488a83f7d5043947c9b1a68c8c0df) \Device\Harddisk0\DR0\Partition1
14:38:07.0993 4692 \Device\Harddisk0\DR0\Partition1 - ok
14:38:07.0994 4692 ============================================================
14:38:07.0994 4692 Scan finished
14:38:07.0994 4692 ============================================================
14:38:08.0011 5472 Detected object count: 8
14:38:08.0011 5472 Actual detected object count: 8
14:39:48.0917 5472 cbVSCService ( UnsignedFile.Multi.Generic ) - skipped by user
14:39:48.0917 5472 cbVSCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:39:48.0920 5472 cbVSCService11 ( UnsignedFile.Multi.Generic ) - skipped by user
14:39:48.0920 5472 cbVSCService11 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:39:48.0923 5472 CobianBackup11 ( UnsignedFile.Multi.Generic ) - skipped by user
14:39:48.0923 5472 CobianBackup11 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:39:48.0927 5472 gupdate ( UnsignedFile.Multi.Generic ) - skipped by user
14:39:48.0927 5472 gupdate ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:39:48.0929 5472 gupdatem ( UnsignedFile.Multi.Generic ) - skipped by user
14:39:48.0930 5472 gupdatem ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:39:48.0933 5472 NIHardwareService ( UnsignedFile.Multi.Generic ) - skipped by user
14:39:48.0933 5472 NIHardwareService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:39:48.0933 5472 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - skipped by user
14:39:48.0933 5472 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:39:48.0936 5472 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
14:39:48.0937 5472 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
14:40:17.0339 5644 ============================================================
14:40:17.0339 5644 Scan started
14:40:17.0339 5644 Mode: Manual; SigCheck; TDLFS;
14:40:17.0339 5644 ============================================================
14:40:18.0501 5644 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
14:40:18.0527 5644 1394ohci - ok
14:40:18.0548 5644 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
14:40:18.0564 5644 ACPI - ok
14:40:18.0579 5644 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
14:40:18.0596 5644 AcpiPmi - ok
14:40:18.0683 5644 AdobeActiveFileMonitor9.0 (1474f121c3df1232d3e7239c03691ee6) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
14:40:18.0696 5644 AdobeActiveFileMonitor9.0 - ok
14:40:18.0800 5644 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:40:18.0809 5644 AdobeARMservice - ok
14:40:18.0862 5644 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
14:40:18.0883 5644 adp94xx - ok
14:40:18.0905 5644 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
14:40:18.0922 5644 adpahci - ok
14:40:18.0936 5644 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
14:40:18.0950 5644 adpu320 - ok
14:40:18.0988 5644 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll
14:40:19.0003 5644 AeLookupSvc - ok
14:40:19.0042 5644 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys
14:40:19.0061 5644 AFD - ok
14:40:19.0092 5644 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
14:40:19.0115 5644 agp440 - ok
14:40:19.0155 5644 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
14:40:19.0169 5644 aic78xx - ok
14:40:19.0196 5644 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe
14:40:19.0212 5644 ALG - ok
14:40:19.0235 5644 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
14:40:19.0247 5644 aliide - ok
14:40:19.0269 5644 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
14:40:19.0282 5644 amdagp - ok
14:40:19.0298 5644 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
14:40:19.0311 5644 amdide - ok
14:40:19.0340 5644 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
14:40:19.0355 5644 AmdK8 - ok
14:40:19.0361 5644 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
14:40:19.0381 5644 AmdPPM - ok
14:40:19.0421 5644 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
14:40:19.0434 5644 amdsata - ok
14:40:19.0471 5644 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
14:40:19.0486 5644 amdsbs - ok
14:40:19.0497 5644 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
14:40:19.0510 5644 amdxata - ok
14:40:19.0600 5644 Amsp (feb0b5022c012a4a68dabcb711faff03) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
14:40:19.0613 5644 Amsp - ok
14:40:19.0661 5644 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
14:40:19.0687 5644 AppID - ok
14:40:19.0717 5644 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll
14:40:19.0744 5644 AppIDSvc - ok
14:40:19.0762 5644 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll
14:40:19.0790 5644 Appinfo - ok
14:40:19.0901 5644 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:40:19.0912 5644 Apple Mobile Device - ok
14:40:19.0948 5644 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
14:40:19.0961 5644 arc - ok
14:40:19.0974 5644 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
14:40:19.0988 5644 arcsas - ok
14:40:20.0020 5644 ArcSoftKsUFilter (dfd07f0a36bd4f7e7ad2bc5548213694) C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys
14:40:20.0030 5644 ArcSoftKsUFilter - ok
14:40:20.0141 5644 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:40:20.0152 5644 aspnet_state - ok
14:40:20.0167 5644 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
14:40:20.0195 5644 AsyncMac - ok
14:40:20.0223 5644 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
14:40:20.0237 5644 atapi - ok
14:40:20.0287 5644 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
14:40:20.0319 5644 AudioEndpointBuilder - ok
14:40:20.0330 5644 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
14:40:20.0363 5644 Audiosrv - ok
14:40:20.0389 5644 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll
14:40:20.0407 5644 AxInstSV - ok
14:40:20.0445 5644 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
14:40:20.0465 5644 b06bdrv - ok
14:40:20.0488 5644 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
14:40:20.0504 5644 b57nd60x - ok
14:40:20.0529 5644 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll
14:40:20.0545 5644 BDESVC - ok
14:40:20.0569 5644 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
14:40:20.0597 5644 Beep - ok
14:40:20.0641 5644 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll
14:40:20.0673 5644 BFE - ok
14:40:20.0712 5644 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\system32\qmgr.dll
14:40:20.0745 5644 BITS - ok
14:40:20.0767 5644 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
14:40:20.0782 5644 blbdrive - ok
14:40:20.0855 5644 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
14:40:20.0871 5644 Bonjour Service - ok
14:40:20.0907 5644 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
14:40:20.0921 5644 bowser - ok
14:40:20.0941 5644 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
14:40:20.0957 5644 BrFiltLo - ok
14:40:20.0962 5644 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
14:40:20.0982 5644 BrFiltUp - ok
14:40:20.0990 5644 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\windows\system32\DRIVERS\bridge.sys
14:40:21.0019 5644 BridgeMP - ok
14:40:21.0047 5644 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll
14:40:21.0075 5644 Browser - ok
14:40:21.0089 5644 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
14:40:21.0112 5644 Brserid - ok
14:40:21.0120 5644 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
14:40:21.0137 5644 BrSerWdm - ok
14:40:21.0142 5644 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
14:40:21.0164 5644 BrUsbMdm - ok
14:40:21.0170 5644 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
14:40:21.0194 5644 BrUsbSer - ok
14:40:21.0201 5644 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
14:40:21.0220 5644 BTHMODEM - ok
14:40:21.0248 5644 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll
14:40:21.0276 5644 bthserv - ok
14:40:21.0329 5644 catchme - ok
14:40:21.0373 5644 cbVSCService (e9bf75b975ccd281e1361f8445ffc6fa) C:\Program Files\Cobian Backup 10\cbVSCService.exe
14:40:21.0379 5644 cbVSCService ( UnsignedFile.Multi.Generic ) - warning
14:40:21.0379 5644 cbVSCService - detected UnsignedFile.Multi.Generic (1)
14:40:21.0419 5644 cbVSCService11 (58bf7714a312698108a96d0de2bb6825) C:\Program Files\Cobian Backup 11\cbVSCService11.exe
14:40:21.0425 5644 cbVSCService11 ( UnsignedFile.Multi.Generic ) - warning
14:40:21.0425 5644 cbVSCService11 - detected UnsignedFile.Multi.Generic (1)
14:40:21.0442 5644 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
14:40:21.0470 5644 cdfs - ok
14:40:21.0511 5644 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys
14:40:21.0528 5644 cdrom - ok
14:40:21.0556 5644 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
14:40:21.0583 5644 CertPropSvc - ok
14:40:21.0611 5644 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
14:40:21.0628 5644 circlass - ok
14:40:21.0654 5644 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
14:40:21.0673 5644 CLFS - ok
14:40:21.0752 5644 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:40:21.0763 5644 clr_optimization_v2.0.50727_32 - ok
14:40:21.0804 5644 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:40:21.0817 5644 clr_optimization_v4.0.30319_32 - ok
14:40:21.0835 5644 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
14:40:21.0849 5644 CmBatt - ok
14:40:21.0880 5644 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
14:40:21.0893 5644 cmdide - ok
14:40:21.0931 5644 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys
14:40:21.0954 5644 CNG - ok
14:40:22.0051 5644 CobianBackup11 (f3ecf4d778f40129e2e5d80aa9751006) C:\Program Files\Cobian Backup 11\cbService.exe
14:40:22.0071 5644 CobianBackup11 ( UnsignedFile.Multi.Generic ) - warning
14:40:22.0071 5644 CobianBackup11 - detected UnsignedFile.Multi.Generic (1)
14:40:22.0193 5644 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
14:40:22.0206 5644 Compbatt - ok
14:40:22.0226 5644 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
14:40:22.0243 5644 CompositeBus - ok
14:40:22.0246 5644 COMSysApp - ok
14:40:22.0268 5644 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
14:40:22.0281 5644 crcdisk - ok
14:40:22.0315 5644 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\windows\system32\cryptsvc.dll
14:40:22.0343 5644 CryptSvc - ok
14:40:22.0376 5644 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
14:40:22.0408 5644 DcomLaunch - ok
14:40:22.0434 5644 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll
14:40:22.0464 5644 defragsvc - ok
14:40:22.0490 5644 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
14:40:22.0518 5644 DfsC - ok
14:40:22.0546 5644 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll
14:40:22.0577 5644 Dhcp - ok
14:40:22.0606 5644 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
14:40:22.0634 5644 discache - ok
14:40:22.0647 5644 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
14:40:22.0661 5644 Disk - ok
14:40:22.0687 5644 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll
14:40:22.0703 5644 Dnscache - ok
14:40:22.0738 5644 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll
14:40:22.0767 5644 dot3svc - ok
14:40:22.0795 5644 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll
14:40:22.0823 5644 DPS - ok
14:40:22.0841 5644 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
14:40:22.0857 5644 drmkaud - ok
14:40:22.0913 5644 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
14:40:22.0939 5644 DXGKrnl - ok
14:40:22.0965 5644 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll
14:40:22.0996 5644 EapHost - ok
14:40:23.0127 5644 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
14:40:23.0175 5644 ebdrv - ok
14:40:23.0265 5644 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe
14:40:23.0281 5644 EFS - ok
14:40:23.0344 5644 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe
14:40:23.0365 5644 ehRecvr - ok
14:40:23.0399 5644 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe
14:40:23.0415 5644 ehSched - ok
14:40:23.0469 5644 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
14:40:23.0488 5644 elxstor - ok
14:40:23.0510 5644 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
14:40:23.0524 5644 ErrDev - ok
14:40:23.0570 5644 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll
14:40:23.0601 5644 EventSystem - ok
14:40:23.0633 5644 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
14:40:23.0662 5644 exfat - ok
14:40:23.0678 5644 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
14:40:23.0708 5644 fastfat - ok
14:40:23.0749 5644 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe
14:40:23.0770 5644 Fax - ok
14:40:23.0791 5644 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
14:40:23.0807 5644 fdc - ok
14:40:23.0836 5644 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll
14:40:23.0865 5644 fdPHost - ok
14:40:23.0876 5644 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll
14:40:23.0904 5644 FDResPub - ok
14:40:23.0923 5644 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
14:40:23.0936 5644 FileInfo - ok
14:40:23.0941 5644 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
14:40:23.0970 5644 Filetrace - ok
14:40:23.0982 5644 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
14:40:23.0997 5644 flpydisk - ok
14:40:24.0018 5644 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
14:40:24.0034 5644 FltMgr - ok
14:40:24.0105 5644 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll
14:40:24.0129 5644 FontCache - ok
14:40:24.0217 5644 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:40:24.0227 5644 FontCache3.0.0.0 - ok
14:40:24.0243 5644 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
14:40:24.0256 5644 FsDepends - ok
14:40:24.0283 5644 fspad_wlh32 (8042377edef55850f275b36f6e8b24ab) C:\windows\system32\DRIVERS\fspad_wlh32.sys
14:40:24.0296 5644 fspad_wlh32 - ok
14:40:24.0317 5644 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
14:40:24.0330 5644 Fs_Rec - ok
14:40:24.0359 5644 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
14:40:24.0378 5644 fvevol - ok
14:40:24.0408 5644 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
14:40:24.0422 5644 gagp30kx - ok
14:40:24.0469 5644 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
14:40:24.0478 5644 GEARAspiWDM - ok
14:40:24.0517 5644 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll
14:40:24.0550 5644 gpsvc - ok
14:40:24.0622 5644 gupdate (7629a95fe5c3c94ceaf88a623be3469c) C:\Program Files\Google\Update\GoogleUpdate.exe
14:40:24.0626 5644 gupdate ( UnsignedFile.Multi.Generic ) - warning
14:40:24.0627 5644 gupdate - detected UnsignedFile.Multi.Generic (1)
14:40:24.0631 5644 gupdatem (7629a95fe5c3c94ceaf88a623be3469c) C:\Program Files\Google\Update\GoogleUpdate.exe
14:40:24.0638 5644 gupdatem ( UnsignedFile.Multi.Generic ) - warning
14:40:24.0638 5644 gupdatem - detected UnsignedFile.Multi.Generic (1)
14:40:24.0656 5644 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
14:40:24.0673 5644 hcw85cir - ok
14:40:24.0700 5644 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
14:40:24.0720 5644 HdAudAddService - ok
14:40:24.0742 5644 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
14:40:24.0759 5644 HDAudBus - ok
14:40:24.0777 5644 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
14:40:24.0792 5644 HidBatt - ok
14:40:24.0800 5644 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
14:40:24.0818 5644 HidBth - ok
14:40:24.0824 5644 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
14:40:24.0841 5644 HidIr - ok
14:40:24.0871 5644 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\System32\hidserv.dll
14:40:24.0899 5644 hidserv - ok
14:40:24.0921 5644 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\DRIVERS\hidusb.sys
14:40:24.0937 5644 HidUsb - ok
14:40:24.0940 5644 HitmanPro35CrusaderBoot - ok
14:40:24.0983 5644 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll
14:40:25.0011 5644 hkmsvc - ok
14:40:25.0029 5644 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll
14:40:25.0047 5644 HomeGroupListener - ok
14:40:25.0080 5644 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll
14:40:25.0097 5644 HomeGroupProvider - ok
14:40:25.0129 5644 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
14:40:25.0143 5644 HpSAMD - ok
14:40:25.0197 5644 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
14:40:25.0229 5644 HTTP - ok
14:40:25.0249 5644 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
14:40:25.0262 5644 hwpolicy - ok
14:40:25.0286 5644 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
14:40:25.0302 5644 i8042prt - ok
14:40:25.0330 5644 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
14:40:25.0348 5644 iaStorV - ok
14:40:25.0467 5644 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:40:25.0490 5644 idsvc - ok
14:40:25.0511 5644 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
14:40:25.0525 5644 iirsp - ok
14:40:25.0557 5644 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll
14:40:25.0591 5644 IKEEXT - ok
14:40:25.0685 5644 IntcAzAudAddService (8b27c21412ae4404eb0acfe1d98579ec) C:\windows\system32\drivers\RTKVHDA.sys
14:40:25.0730 5644 IntcAzAudAddService - ok
14:40:25.0839 5644 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
14:40:25.0852 5644 intelide - ok
14:40:25.0877 5644 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
14:40:25.0901 5644 intelppm - ok
14:40:25.0929 5644 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll
14:40:25.0962 5644 IPBusEnum - ok
14:40:25.0981 5644 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
14:40:26.0013 5644 IpFilterDriver - ok
14:40:26.0046 5644 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\windows\System32\iphlpsvc.dll
14:40:26.0079 5644 iphlpsvc - ok
14:40:26.0114 5644 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
14:40:26.0132 5644 IPMIDRV - ok
14:40:26.0166 5644 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
14:40:26.0238 5644 IPNAT - ok
14:40:26.0268 5644 iPod Service - ok
14:40:26.0281 5644 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
14:40:26.0298 5644 IRENUM - ok
14:40:26.0325 5644 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
14:40:26.0338 5644 isapnp - ok
14:40:26.0356 5644 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
14:40:26.0372 5644 iScsiPrt - ok
14:40:26.0386 5644 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
14:40:26.0399 5644 kbdclass - ok
14:40:26.0422 5644 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
14:40:26.0437 5644 kbdhid - ok
14:40:26.0455 5644 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
14:40:26.0470 5644 KeyIso - ok
14:40:26.0487 5644 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys
14:40:26.0500 5644 KSecDD - ok
14:40:26.0516 5644 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys
14:40:26.0530 5644 KSecPkg - ok
14:40:26.0562 5644 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll
14:40:26.0594 5644 KtmRm - ok
14:40:26.0646 5644 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\System32\srvsvc.dll
14:40:26.0675 5644 LanmanServer - ok
14:40:26.0703 5644 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll
14:40:26.0732 5644 LanmanWorkstation - ok
14:40:26.0756 5644 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
14:40:26.0784 5644 lltdio - ok
14:40:26.0815 5644 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll
14:40:26.0847 5644 lltdsvc - ok
14:40:26.0873 5644 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll
14:40:26.0900 5644 lmhosts - ok
14:40:26.0921 5644 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
14:40:26.0935 5644 LSI_FC - ok
14:40:26.0964 5644 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
14:40:26.0978 5644 LSI_SAS - ok
14:40:26.0994 5644 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
14:40:27.0008 5644 LSI_SAS2 - ok
14:40:27.0037 5644 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
14:40:27.0052 5644 LSI_SCSI - ok
14:40:27.0075 5644 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
14:40:27.0104 5644 luafv - ok
14:40:27.0376 5644 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\windows\system32\DRIVERS\lvuvc.sys
14:40:27.0486 5644 LVUVC - ok
14:40:27.0583 5644 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll
14:40:27.0599 5644 Mcx2Svc - ok
14:40:27.0657 5644 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
14:40:27.0670 5644 megasas - ok
14:40:27.0691 5644 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
14:40:27.0707 5644 MegaSR - ok
14:40:27.0729 5644 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
14:40:27.0760 5644 MMCSS - ok
14:40:27.0802 5644 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
14:40:27.0831 5644 Modem - ok
14:40:27.0843 5644 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
14:40:27.0860 5644 monitor - ok
14:40:27.0884 5644 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
14:40:27.0897 5644 mouclass - ok
14:40:27.0928 5644 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
14:40:27.0944 5644 mouhid - ok
14:40:27.0972 5644 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
14:40:27.0989 5644 mountmgr - ok
14:40:28.0128 5644 Movielink Core Service (19e4baa7be36144c41af844de1cfb50d) C:\Program Files\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
14:40:28.0163 5644 Movielink Core Service - ok
14:40:28.0285 5644 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\windows\system32\DRIVERS\MpFilter.sys
14:40:28.0300 5644 MpFilter - ok
14:40:28.0337 5644 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
14:40:28.0351 5644 mpio - ok
14:40:28.0420 5644 MpKsl6d712253 - ok
14:40:28.0426 5644 MpKslaa4e8ed7 - ok
14:40:28.0433 5644 MpKsld1c08d25 - ok
14:40:28.0459 5644 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\windows\system32\DRIVERS\MpNWMon.sys
14:40:28.0470 5644 MpNWMon - ok
14:40:28.0490 5644 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
14:40:28.0521 5644 mpsdrv - ok
14:40:28.0576 5644 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll
14:40:28.0609 5644 MpsSvc - ok
14:40:28.0638 5644 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
14:40:28.0659 5644 MRxDAV - ok
14:40:28.0707 5644 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
14:40:28.0723 5644 mrxsmb - ok
14:40:28.0756 5644 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
14:40:28.0775 5644 mrxsmb10 - ok
14:40:28.0794 5644 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
14:40:28.0810 5644 mrxsmb20 - ok
14:40:28.0838 5644 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
14:40:28.0851 5644 msahci - ok
14:40:28.0879 5644 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
14:40:28.0893 5644 msdsm - ok
14:40:28.0923 5644 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe
14:40:28.0940 5644 MSDTC - ok
14:40:28.0975 5644 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
14:40:29.0003 5644 Msfs - ok
14:40:29.0014 5644 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
14:40:29.0042 5644 mshidkmdf - ok
14:40:29.0064 5644 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
14:40:29.0077 5644 msisadrv - ok
14:40:29.0109 5644 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll
14:40:29.0137 5644 MSiSCSI - ok
14:40:29.0140 5644 msiserver - ok
14:40:29.0173 5644 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
14:40:29.0201 5644 MSKSSRV - ok
14:40:29.0212 5644 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
14:40:29.0240 5644 MSPCLOCK - ok
14:40:29.0257 5644 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
14:40:29.0287 5644 MSPQM - ok
14:40:29.0501 5644 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
14:40:29.0516 5644 MsRPC - ok
14:40:29.0552 5644 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
14:40:29.0564 5644 mssmbios - ok
14:40:29.0583 5644 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
14:40:29.0613 5644 MSTEE - ok
14:40:29.0633 5644 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
14:40:29.0648 5644 MTConfig - ok
14:40:29.0663 5644 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
14:40:29.0676 5644 Mup - ok
14:40:29.0711 5644 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll
14:40:29.0742 5644 napagent - ok
14:40:29.0788 5644 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
14:40:29.0808 5644 NativeWifiP - ok
14:40:29.0860 5644 NAVENG - ok
14:40:29.0867 5644 NAVEX15 - ok
14:40:29.0907 5644 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
14:40:29.0930 5644 NDIS - ok
14:40:29.0962 5644 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
14:40:29.0990 5644 NdisCap - ok
14:40:30.0008 5644 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
14:40:30.0035 5644 NdisTapi - ok
14:40:30.0063 5644 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
14:40:30.0090 5644 Ndisuio - ok
14:40:30.0110 5644 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
14:40:30.0138 5644 NdisWan - ok
14:40:30.0155 5644 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
14:40:30.0181 5644 NDProxy - ok
14:40:30.0203 5644 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
14:40:30.0231 5644 NetBIOS - ok
14:40:30.0257 5644 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
14:40:30.0287 5644 NetBT - ok
14:40:30.0311 5644 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
14:40:30.0326 5644 Netlogon - ok
14:40:30.0357 5644 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll
14:40:30.0389 5644 Netman - ok
14:40:30.0481 5644 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:40:30.0494 5644 NetMsmqActivator - ok
14:40:30.0503 5644 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:40:30.0521 5644 NetPipeActivator - ok
14:40:30.0565 5644 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll
14:40:30.0598 5644 netprofm - ok
14:40:30.0661 5644 netr28 (091d731c04e7a1543b391a5b883b4598) C:\windows\system32\DRIVERS\netr28.sys
14:40:30.0683 5644 netr28 - ok
14:40:30.0781 5644 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:40:30.0794 5644 NetTcpActivator - ok
14:40:30.0798 5644 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:40:30.0812 5644 NetTcpPortSharing - ok
14:40:30.0842 5644 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
14:40:30.0855 5644 nfrd960 - ok
14:40:31.0053 5644 NIHardwareService (bd7a1d7bef2c0fde73f7b87971ed9d2f) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
14:40:31.0113 5644 NIHardwareService ( UnsignedFile.Multi.Generic ) - warning
14:40:31.0113 5644 NIHardwareService - detected UnsignedFile.Multi.Generic (1)
14:40:31.0220 5644 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\windows\system32\DRIVERS\NisDrvWFP.sys
14:40:31.0231 5644 NisDrv - ok
14:40:31.0265 5644 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll
14:40:31.0295 5644 NlaSvc - ok
14:40:31.0315 5644 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
14:40:31.0344 5644 Npfs - ok
14:40:31.0377 5644 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll
14:40:31.0407 5644 nsi - ok
14:40:31.0429 5644 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
14:40:31.0458 5644 nsiproxy - ok
14:40:31.0542 5644 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
14:40:31.0572 5644 Ntfs - ok
14:40:31.0591 5644 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
14:40:31.0620 5644 Null - ok
14:40:31.0642 5644 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\windows\system32\DRIVERS\nvm62x32.sys
14:40:31.0661 5644 NVENETFD - ok
14:40:31.0680 5644 NVHDA (603b0c9bb86f7b3efb88a482c6663ec4) C:\windows\system32\drivers\nvhda32v.sys
14:40:31.0693 5644 NVHDA - ok
14:40:32.0006 5644 nvlddmkm (6369c7702e931ec4b495a8930a8149f2) C:\windows\system32\DRIVERS\nvlddmkm.sys
14:40:32.0144 5644 nvlddmkm - ok
14:40:32.0261 5644 NVNET (5bf9c11586f4764446407f509f1beca8) C:\windows\system32\DRIVERS\nvmf6232.sys
14:40:32.0275 5644 NVNET - ok
14:40:32.0321 5644 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
14:40:32.0336 5644 nvraid - ok
14:40:32.0364 5644 nvsmu (f13618f0cb1e95232f4c2401592a59e9) C:\windows\system32\DRIVERS\nvsmu.sys
14:40:32.0378 5644 nvsmu - ok
14:40:32.0406 5644 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
14:40:32.0422 5644 nvstor - ok
14:40:32.0454 5644 nvstor32 (3ff57a9a657c9690ecbc8b1e3b6e3979) C:\windows\system32\DRIVERS\nvstor32.sys
14:40:32.0467 5644 nvstor32 - ok
14:40:32.0507 5644 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
14:40:32.0521 5644 nv_agp - ok
14:40:32.0598 5644 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:40:32.0615 5644 odserv - ok
14:40:32.0620 5644 ohci1394 - ok
14:40:32.0654 5644 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:40:32.0667 5644 ose - ok
14:40:32.0711 5644 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
14:40:32.0731 5644 p2pimsvc - ok
14:40:32.0748 5644 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll
14:40:32.0770 5644 p2psvc - ok
14:40:32.0792 5644 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
14:40:32.0808 5644 Parport - ok
14:40:32.0830 5644 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
14:40:32.0844 5644 partmgr - ok
14:40:32.0865 5644 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
14:40:32.0880 5644 Parvdm - ok
14:40:32.0909 5644 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll
14:40:32.0929 5644 PcaSvc - ok
14:40:32.0964 5644 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
14:40:32.0979 5644 pci - ok
14:40:32.0993 5644 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
14:40:33.0006 5644 pciide - ok
14:40:33.0033 5644 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
14:40:33.0048 5644 pcmcia - ok
14:40:33.0064 5644 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
14:40:33.0078 5644 pcw - ok
14:40:33.0109 5644 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
14:40:33.0143 5644 PEAUTH - ok
14:40:33.0237 5644 pgsql-8.3 (acc93675d78d1c07dad09d7837f2397a) C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
14:40:33.0243 5644 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - warning
14:40:33.0243 5644 pgsql-8.3 - detected UnsignedFile.Multi.Generic (1)
14:40:33.0311 5644 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll
14:40:33.0357 5644 pla - ok
14:40:33.0455 5644 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll
14:40:33.0474 5644 PlugPlay - ok
14:40:33.0495 5644 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll
14:40:33.0511 5644 PNRPAutoReg - ok
14:40:33.0534 5644 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
14:40:33.0554 5644 PNRPsvc - ok
14:40:33.0595 5644 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll
14:40:33.0626 5644 PolicyAgent - ok
14:40:33.0653 5644 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll
14:40:33.0682 5644 Power - ok
14:40:33.0726 5644 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
14:40:33.0755 5644 PptpMiniport - ok
14:40:33.0776 5644 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
14:40:33.0791 5644 Processor - ok
14:40:33.0820 5644 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\windows\system32\profsvc.dll
14:40:33.0849 5644 ProfSvc - ok
14:40:33.0878 5644 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
14:40:33.0893 5644 ProtectedStorage - ok
14:40:33.0926 5644 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
14:40:33.0955 5644 Psched - ok
14:40:33.0981 5644 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\windows\system32\Drivers\PxHelp20.sys
14:40:33.0993 5644 PxHelp20 - ok
14:40:34.0046 5644 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
14:40:34.0083 5644 ql2300 - ok
14:40:34.0209 5644 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
14:40:34.0223 5644 ql40xx - ok
14:40:34.0260 5644 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll
14:40:34.0282 5644 QWAVE - ok
14:40:34.0305 5644 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
14:40:34.0324 5644 QWAVEdrv - ok
14:40:34.0349 5644 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
14:40:34.0377 5644 RasAcd - ok
14:40:34.0408 5644 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
14:40:34.0437 5644 RasAgileVpn - ok
14:40:34.0462 5644 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll
14:40:34.0493 5644 RasAuto - ok
14:40:34.0544 5644 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
14:40:34.0573 5644 Rasl2tp - ok
14:40:34.0633 5644 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll
14:40:34.0664 5644 RasMan - ok
14:40:34.0685 5644 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
14:40:34.0716 5644 RasPppoe - ok
14:40:34.0747 5644 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
14:40:34.0775 5644 RasSstp - ok
14:40:34.0805 5644 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
14:40:34.0834 5644 rdbss - ok
14:40:34.0865 5644 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
14:40:34.0882 5644 rdpbus - ok
14:40:34.0909 5644 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
14:40:34.0936 5644 RDPCDD - ok
14:40:34.0953 5644 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
14:40:34.0979 5644 RDPENCDD - ok
14:40:34.0994 5644 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
14:40:35.0020 5644 RDPREFMP - ok
14:40:35.0051 5644 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys
14:40:35.0068 5644 RDPWD - ok
14:40:35.0109 5644 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
14:40:35.0123 5644 rdyboost - ok
14:40:35.0155 5644 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll
14:40:35.0183 5644 RemoteAccess - ok
14:40:35.0221 5644 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll
14:40:35.0251 5644 RemoteRegistry - ok
14:40:35.0260 5644 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll
14:40:35.0293 5644 RpcEptMapper - ok
14:40:35.0317 5644 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe
14:40:35.0333 5644 RpcLocator - ok
14:40:35.0368 5644 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\System32\rpcss.dll
14:40:35.0400 5644 RpcSs - ok
14:40:35.0427 5644 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
14:40:35.0456 5644 rspndr - ok
14:40:35.0460 5644 RSUSBSTOR - ok
14:40:35.0477 5644 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
14:40:35.0494 5644 RTL8167 - ok
14:40:35.0504 5644 RtsUIR - ok
14:40:35.0548 5644 SABKUTIL - ok
14:40:35.0590 5644 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
14:40:35.0605 5644 SamSs - ok
14:40:35.0640 5644 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
14:40:35.0653 5644 sbp2port - ok
14:40:35.0692 5644 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll
14:40:35.0721 5644 SCardSvr - ok
14:40:35.0754 5644 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
14:40:35.0781 5644 scfilter - ok
14:40:35.0824 5644 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll
14:40:35.0860 5644 Schedule - ok
14:40:35.0881 5644 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
14:40:35.0910 5644 SCPolicySvc - ok
14:40:35.0939 5644 sdbus (0328be1c7f1cba23848179f8762e391c) C:\windows\system32\drivers\sdbus.sys
14:40:35.0956 5644 sdbus - ok
14:40:35.0977 5644 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll
14:40:35.0995 5644 SDRSVC - ok
14:40:36.0018 5644 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
14:40:36.0047 5644 secdrv - ok
14:40:36.0068 5644 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll
14:40:36.0100 5644 seclogon - ok
14:40:36.0115 5644 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\system32\sens.dll
14:40:36.0147 5644 SENS - ok
14:40:36.0163 5644 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll
14:40:36.0179 5644 SensrSvc - ok
14:40:36.0190 5644 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
14:40:36.0205 5644 Serenum - ok
14:40:36.0221 5644 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
14:40:36.0238 5644 Serial - ok
14:40:36.0262 5644 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
14:40:36.0277 5644 sermouse - ok
14:40:36.0316 5644 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll
14:40:36.0345 5644 SessionEnv - ok
14:40:36.0370 5644 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
14:40:36.0389 5644 sffdisk - ok
14:40:36.0393 5644 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
14:40:36.0413 5644 sffp_mmc - ok
14:40:36.0418 5644 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
14:40:36.0438 5644 sffp_sd - ok
14:40:36.0471 5644 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
14:40:36.0487 5644 sfloppy - ok
14:40:36.0521 5644 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll
14:40:36.0553 5644 SharedAccess - ok
14:40:36.0604 5644 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll
14:40:36.0635 5644 ShellHWDetection - ok
14:40:36.0665 5644 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
14:40:36.0678 5644 sisagp - ok
14:40:36.0714 5644 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
14:40:36.0727 5644 SiSRaid2 - ok
14:40:36.0741 5644 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
14:40:36.0755 5644 SiSRaid4 - ok
14:40:36.0809 5644 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files\Skype\Updater\Updater.exe
14:40:36.0821 5644 SkypeUpdate - ok
14:40:36.0833 5644 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
14:40:36.0863 5644 Smb - ok
14:40:36.0920 5644 smserial (19301c27f3425dc39f6c599f527e507d) C:\windows\system32\DRIVERS\smserial.sys
14:40:36.0947 5644 smserial - ok
14:40:36.0984 5644 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe
14:40:37.0001 5644 SNMPTRAP - ok
14:40:37.0011 5644 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
14:40:37.0023 5644 spldr - ok
14:40:37.0061 5644 Spooler (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe
14:40:37.0092 5644 Spooler - ok
14:40:37.0261 5644 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe
14:40:37.0325 5644 sppsvc - ok
14:40:37.0425 5644 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll
14:40:37.0453 5644 sppuinotify - ok
14:40:37.0521 5644 SRTSP (e81f6caeab9ad5732e94c07c97866aa2) C:\windows\system32\drivers\NIS\1007000.01E\SRTSP.SYS
14:40:37.0536 5644 SRTSP - ok
14:40:37.0554 5644 SRTSPX (e28de499d942b08058bffac69d4122b6) C:\windows\system32\drivers\NIS\1007000.01E\SRTSPX.SYS
14:40:37.0564 5644 SRTSPX - ok
14:40:37.0597 5644 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
14:40:37.0619 5644 srv - ok
14:40:37.0647 5644 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
14:40:37.0683 5644 srv2 - ok
14:40:37.0731 5644 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
14:40:37.0746 5644 srvnet - ok
14:40:37.0774 5644 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll
14:40:37.0806 5644 SSDPSRV - ok
14:40:37.0825 5644 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll
14:40:37.0853 5644 SstpSvc - ok
14:40:37.0874 5644 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
14:40:37.0887 5644 stexstor - ok
14:40:37.0910 5644 StillCam (edb05bd63148796f23ea78506404a538) C:\windows\system32\DRIVERS\serscan.sys
14:40:37.0926 5644 StillCam - ok
14:40:37.0973 5644 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll
14:40:37.0998 5644 StiSvc - ok
14:40:38.0026 5644 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
14:40:38.0039 5644 swenum - ok
14:40:38.0079 5644 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll
14:40:38.0117 5644 swprv - ok
14:40:38.0185 5644 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll
14:40:38.0217 5644 SysMain - ok
14:40:38.0244 5644 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll
14:40:38.0265 5644 TabletInputService - ok
14:40:38.0309 5644 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll
14:40:38.0340 5644 TapiSrv - ok
14:40:38.0373 5644 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll
14:40:38.0404 5644 TBS - ok
14:40:38.0498 5644 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys
14:40:38.0529 5644 Tcpip - ok
14:40:38.0544 5644 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys
14:40:38.0576 5644 TCPIP6 - ok
14:40:38.0608 5644 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
14:40:38.0634 5644 tcpipreg - ok
14:40:38.0664 5644 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
14:40:38.0681 5644 TDPIPE - ok
14:40:38.0710 5644 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
14:40:38.0724 5644 TDTCP - ok
14:40:38.0752 5644 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
14:40:38.0779 5644 tdx - ok
14:40:38.0798 5644 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
14:40:38.0811 5644 TermDD - ok
14:40:38.0859 5644 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll
14:40:38.0892 5644 TermService - ok
14:40:38.0916 5644 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll
14:40:38.0938 5644 Themes - ok
14:40:38.0975 5644 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
14:40:39.0004 5644 THREADORDER - ok
14:40:39.0032 5644 tmactmon (e8e528896ff2595cfada88749cd72ef8) C:\windows\system32\DRIVERS\tmactmon.sys
14:40:39.0044 5644 tmactmon - ok
14:40:39.0082 5644 tmcomm (1837512d4aab862bd297a2ef035fba14) C:\windows\system32\DRIVERS\tmcomm.sys
14:40:39.0095 5644 tmcomm - ok
14:40:39.0125 5644 tmeevw (f49ca5c26378f4d5603f2a2fc86e09a1) C:\windows\system32\DRIVERS\tmeevw.sys
14:40:39.0137 5644 tmeevw - ok
14:40:39.0173 5644 tmevtmgr (dbac510d1c7cc66b7a78eb2264f3072e) C:\windows\system32\DRIVERS\tmevtmgr.sys
14:40:39.0185 5644 tmevtmgr - ok
14:40:39.0212 5644 tmnciesc (2e078184034a179c47787f87f238d5ba) C:\windows\system32\DRIVERS\tmnciesc.sys
14:40:39.0225 5644 tmnciesc - ok
14:40:39.0244 5644 tmtdi (a6e20b094a8d3e3f46d10bbe7e1ebb82) C:\windows\system32\DRIVERS\tmtdi.sys
14:40:39.0257 5644 tmtdi - ok
14:40:39.0285 5644 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll
14:40:39.0317 5644 TrkWks - ok
14:40:39.0372 5644 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe
14:40:39.0401 5644 TrustedInstaller - ok
14:40:39.0420 5644 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
14:40:39.0450 5644 tssecsrv - ok
14:40:39.0482 5644 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
14:40:39.0497 5644 TsUsbFlt - ok
14:40:39.0531 5644 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
14:40:39.0559 5644 tunnel - ok
14:40:39.0591 5644 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
14:40:39.0605 5644 uagp35 - ok
14:40:39.0637 5644 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
14:40:39.0665 5644 udfs - ok
14:40:39.0702 5644 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe
14:40:39.0718 5644 UI0Detect - ok
14:40:39.0744 5644 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
14:40:39.0757 5644 uliagpkx - ok
14:40:39.0770 5644 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
14:40:39.0790 5644 umbus - ok
14:40:39.0821 5644 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
14:40:39.0837 5644 UmPass - ok
14:40:39.0882 5644 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll
14:40:39.0915 5644 upnphost - ok
14:40:39.0941 5644 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\windows\system32\Drivers\usbaapl.sys
14:40:39.0955 5644 USBAAPL - ok
14:40:39.0983 5644 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\windows\system32\drivers\usbaudio.sys
14:40:40.0001 5644 usbaudio - ok
14:40:40.0017 5644 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
14:40:40.0033 5644 usbccgp - ok
14:40:40.0037 5644 USBCCID - ok
14:40:40.0060 5644 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
14:40:40.0078 5644 usbcir - ok
14:40:40.0102 5644 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
14:40:40.0118 5644 usbehci - ok
14:40:40.0149 5644 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
14:40:40.0167 5644 usbhub - ok
14:40:40.0183 5644 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\DRIVERS\usbohci.sys
14:40:40.0202 5644 usbohci - ok
14:40:40.0228 5644 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
14:40:40.0244 5644 usbprint - ok
14:40:40.0281 5644 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys
14:40:40.0298 5644 usbscan - ok
14:40:40.0324 5644 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
14:40:40.0340 5644 USBSTOR - ok
14:40:40.0358 5644 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\drivers\usbuhci.sys
14:40:40.0374 5644 usbuhci - ok
14:40:40.0392 5644 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys
14:40:40.0410 5644 usbvideo - ok
14:40:40.0437 5644 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll
14:40:40.0468 5644 UxSms - ok
14:40:40.0491 5644 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
14:40:40.0506 5644 VaultSvc - ok
14:40:40.0533 5644 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
14:40:40.0546 5644 vdrvroot - ok
14:40:40.0597 5644 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe
14:40:40.0629 5644 vds - ok
14:40:40.0654 5644 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
14:40:40.0671 5644 vga - ok
14:40:40.0699 5644 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
14:40:40.0727 5644 VgaSave - ok
14:40:40.0759 5644 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
14:40:40.0774 5644 vhdmp - ok
14:40:40.0789 5644 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
14:40:40.0802 5644 viaagp - ok
14:40:40.0828 5644 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
14:40:40.0845 5644 ViaC7 - ok
14:40:40.0885 5644 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
14:40:40.0899 5644 viaide - ok
14:40:40.0920 5644 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
14:40:40.0934 5644 volmgr - ok
14:40:40.0974 5644 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
14:40:40.0992 5644 volmgrx - ok
14:40:41.0025 5644 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
14:40:41.0041 5644 volsnap - ok
14:40:41.0065 5644 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
14:40:41.0081 5644 vsmraid - ok
14:40:41.0137 5644 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe
14:40:41.0176 5644 VSS - ok
14:40:41.0191 5644 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
14:40:41.0208 5644 vwifibus - ok
14:40:41.0217 5644 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
14:40:41.0235 5644 vwififlt - ok
14:40:41.0247 5644 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys
14:40:41.0265 5644 vwifimp - ok
14:40:41.0306 5644 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll
14:40:41.0339 5644 W32Time - ok
14:40:41.0369 5644 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
14:40:41.0385 5644 WacomPen - ok
14:40:41.0413 5644 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
14:40:41.0440 5644 WANARP - ok
14:40:41.0443 5644 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
14:40:41.0473 5644 Wanarpv6 - ok
14:40:41.0554 5644 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\windows\system32\Wat\WatAdminSvc.exe
14:40:41.0589 5644 WatAdminSvc - ok
14:40:41.0653 5644 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe
14:40:41.0682 5644 wbengine - ok
14:40:41.0713 5644 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll
14:40:41.0734 5644 WbioSrvc - ok
14:40:41.0762 5644 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll
14:40:41.0785 5644 wcncsvc - ok
14:40:41.0811 5644 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll
14:40:41.0828 5644 WcsPlugInService - ok
14:40:41.0871 5644 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
14:40:41.0883 5644 Wd - ok
14:40:41.0916 5644 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
14:40:41.0935 5644 Wdf01000 - ok
14:40:41.0956 5644 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
14:40:41.0978 5644 WdiServiceHost - ok
14:40:41.0981 5644 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
14:40:42.0002 5644 WdiSystemHost - ok
14:40:42.0030 5644 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll
14:40:42.0051 5644 WebClient - ok
14:40:42.0076 5644 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll
14:40:42.0108 5644 Wecsvc - ok
14:40:42.0122 5644 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll
14:40:42.0151 5644 wercplsupport - ok
14:40:42.0171 5644 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll
14:40:42.0204 5644 WerSvc - ok
14:40:42.0215 5644 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
14:40:42.0246 5644 WfpLwf - ok
14:40:42.0267 5644 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
14:40:42.0280 5644 WIMMount - ok
14:40:42.0358 5644 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
14:40:42.0384 5644 WinDefend - ok
14:40:42.0404 5644 WinHttpAutoProxySvc - ok
14:40:42.0461 5644 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll
14:40:42.0493 5644 Winmgmt - ok
14:40:42.0556 5644 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll
14:40:42.0597 5644 WinRM - ok
14:40:42.0648 5644 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys
14:40:42.0665 5644 WinUsb - ok
14:40:42.0735 5644 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll
14:40:42.0763 5644 Wlansvc - ok
14:40:42.0788 5644 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
14:40:42.0805 5644 WmiAcpi - ok
14:40:42.0879 5644 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe
14:40:42.0895 5644 wmiApSrv - ok
14:40:43.0009 5644 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
14:40:43.0036 5644 WMPNetworkSvc - ok
14:40:43.0077 5644 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll
14:40:43.0114 5644 WPCSvc - ok
14:40:43.0147 5644 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll
14:40:43.0165 5644 WPDBusEnum - ok
14:40:43.0216 5644 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
14:40:43.0244 5644 ws2ifsl - ok
14:40:43.0270 5644 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\system32\wscsvc.dll
14:40:43.0290 5644 wscsvc - ok
14:40:43.0294 5644 WSearch - ok
14:40:43.0385 5644 wuauserv (3026418a50c5b4761befa632cedb7406) C:\windows\system32\wuaueng.dll
14:40:43.0434 5644 wuauserv - ok
14:40:43.0564 5644 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys
14:40:43.0596 5644 WudfPf - ok
14:40:43.0616 5644 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys
14:40:43.0644 5644 WUDFRd - ok
14:40:43.0671 5644 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\windows\System32\WUDFSvc.dll
14:40:43.0701 5644 wudfsvc - ok
14:40:43.0731 5644 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll
14:40:43.0756 5644 WwanSvc - ok
14:40:43.0788 5644 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:40:43.0882 5644 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
14:40:43.0882 5644 \Device\Harddisk0\DR0 - detected TDSS File System (1)
14:40:43.0918 5644 Boot (0x1200) (3fb453d45083640cf69166a58c6c1524) \Device\Harddisk0\DR0\Partition0
14:40:43.0919 5644 \Device\Harddisk0\DR0\Partition0 - ok
14:40:43.0943 5644 Boot (0x1200) (47c488a83f7d5043947c9b1a68c8c0df) \Device\Harddisk0\DR0\Partition1
14:40:43.0944 5644 \Device\Harddisk0\DR0\Partition1 - ok
14:40:43.0944 5644 ============================================================
14:40:43.0944 5644 Scan finished
14:40:43.0944 5644 ============================================================
14:40:43.0960 4628 Detected object count: 8
14:40:43.0960 4628 Actual detected object count: 8
14:42:06.0164 4628 cbVSCService ( UnsignedFile.Multi.Generic ) - skipped by user
14:42:06.0164 4628 cbVSCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:42:06.0166 4628 cbVSCService11 ( UnsignedFile.Multi.Generic ) - skipped by user
14:42:06.0167 4628 cbVSCService11 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:42:06.0169 4628 CobianBackup11 ( UnsignedFile.Multi.Generic ) - skipped by user
14:42:06.0169 4628 CobianBackup11 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:42:06.0173 4628 gupdate ( UnsignedFile.Multi.Generic ) - skipped by user
14:42:06.0173 4628 gupdate ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:42:06.0180 4628 gupdatem ( UnsignedFile.Multi.Generic ) - skipped by user
14:42:06.0180 4628 gupdatem ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:42:06.0180 4628 NIHardwareService ( UnsignedFile.Multi.Generic ) - skipped by user
14:42:06.0180 4628 NIHardwareService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:42:06.0183 4628 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - skipped by user
14:42:06.0183 4628 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:42:06.0186 4628 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
14:42:06.0186 4628 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
14:42:10.0441 3508 Deinitialize success

[Gammo]

Your logs appear to be clean now. There is only a bit of cleanup that we will deal with in this post, as well as prevention from future infections. ^_^

Remove Combofix now that we're done with it.

• Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
• Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
  
• Please follow the prompts to uninstall Combofix.
• You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

• Download OTC to your desktop and run it
• A list of tool components used in the Cleanup of malware will be downloaded.
• If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
• Click Yes to begin the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keep a backup of your important files
Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Make proper use of your anti-virus and firewall
You should keep your anti-virus and firewall guard enabled at all times, don't shut them off unless there's a specific reason to do so.

Also, regularly performing a full system scan with your anti-virus program is a good idea to make sure nothing has slipped through your protection. Once every two weeks works well for many people. You can set the scan to run during a time when you don't plan to use the computer and just leave it to complete on its own.

Keep in mind that anti-virus programs are far from perfect. They don't protect you against every piece of malware that's out there, so don't trust them blindly. If an anti-virus reports a file as 'clean' then it's doesn't necessarily has to mean it is.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keep all your software updated
It is important to keep up on system updates from Microsoft by regularly checking their website at: http://windowsupdate.microsoft.com/, as these patch critical security vulnerabilities and help to keep you safe.

It's also important to keep programs up to date so that malware doesn't exploit any old security flaws. FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Java and Adobe Reader are two of the main security vulnerabilities. You can find the latest version of Java here, you will want the Java SE Runtime Environment (JRE) one. You can find the latest version of Adobe Reader here.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Use a safer web browser
Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are a couple good free alternatives: Google Chrome and Opera. Both are excellent faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these.

The WOT add-on will nicely help to enhance your security, no matter which web browser you use. This add-on tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Some other security programs

It is wise these days to have a few security programs installed and running on your machine except from just an anti-virus and a firewall. I will list some of them.

• A good anti-spyware program installed on your pc is very important to help remove any spyware that may have gotten on your computer. I highly recommend Malwarebytes' Anti-Malware.
• MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites in the future.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Be careful
Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to exercise common sense. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully to make sure that you know what you're getting.

Using peer-to-peer programs (eg: LimeWire, BitTorrent, uTorrent, Kazaa) or downloading cracks and keygens is something else to avoid. These are the most common way to get infected. Malware writers use these programs to spread infections as it is the easiest way for them. The majority of infections we see in the Malware Removal forum are due to people using p2p programs to download cracks/keygens/warez. These are not only illegal, but will always contain some form of malware. You have no way of verifying that the things you download are legitimate or that they don't contain malware. Even with an up to date anti-virus and firewall, some of these things will still infect you. It is highly recommend that you uninstall all peer-to-peer programs. It just isn't worth it.

Other common ways of getting infected are dis-reputable sites forcing you to download and install a codec. Or viruses using Instant Messaging programs (Windows Live Messenger, MSN Messenger, AIM) to send a file claiming it to be "photos" from a friend, only for it to turn out to be a virus.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Slow computer?
If your computer begins to slow down in the future for no particular reason, your first step should not be to come to the malware forum. As your computer ages and is used, it's parts wear, files and programs accumulate, and its performance can decrease. To restore your computer's performance to its best possible level, follow the steps in this page written by malware expert Miekiemoes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'll leave this thread open for a couple days in case you come across any lingering problems that need fixing, then I'll close it up. If you need it reopened for any reason just shoot me a PM. It's been a pleasure working with you, now best of luck!

Cheers,
Gammo

[orapaho]

My original problem has not improved, however. Mozilla is actually crashing sooner then it was. The text on sights like wikipedia (links) appears the same as I mentioned in the original posting. What to do?

[Gammo]

At the top of the Firefox window, click the Firefox button, go over to the Help menu and select Restart with Add-ons Disabled.. Firefox will start up with the Firefox Safe Mode dialog. Click at "Continue In Safe Mode".

Do you also have the problem in Firefox while it's running in Safe Mode?

[orapaho]

Yes, same problem from safe mode. when this started, If I typed titanic on google, it would give me wikipedia site as one of the search options. If I clicked the wikipedia titanic reference, It would immediately go to that page and the links within the text would appear erratic. "RMS Titanic" would appear as "RMS T ". Now when I click the wikipedia site from the search results, it hangs up. at the bottom it says "trasnferring from upload.wikipedia.org" Most of the time it crashes before I get to the site. IE is fast and allows me to the site AND THIS ONE. it will give me the text aberration, but at least I can use internet via IE7. I am reluctant to make changes to IE7 at this point, since it my only option to communicate with you.