Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Slow Computer Crashes when 3d Graphics are run [Closed]

Started by bwhsify , May 07 2012 07:29 PM

  • This topic is locked This topic is locked

#1
bwhsify
Posted 07 May 2012 - 07:29 PM

bwhsify

    Member

  • Member
  • PipPip
  • 15 posts
Hello all, my computer is currently running ridiculously slow. I suspect that this is due to a large number of unwanted programs running on it. In addition, I've slowly but surely not been able to run any graphics or videos with 3d acceleration. Recently, this has become a problem that crashes the computer when 3d graphics are run. I've also been unable to run system restores or use the add/remove programs tool. This is not good considering i've been in need of removing some unused programs/files for a while.

This is the OTL log I just ran.

OTL logfile created on: 5/7/2012 6:41:43 PM - Run 2
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\Ben\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 53.12% Memory free
3.35 Gb Paging File | 2.47 Gb Available in Paging File | 73.83% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.46 Gb Total Space | 11.19 Gb Free Space | 7.69% Space Free | Partition Type: NTFS
Drive D: | 7.56 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive X: | 928.30 Gb Total Space | 259.72 Gb Free Space | 27.98% Space Free | Partition Type: NTFS
Drive Z: | 928.30 Gb Total Space | 259.72 Gb Free Space | 27.98% Space Free | Partition Type: NTFS

Computer Name: TEAMWHEELS | User Name: Ben | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Ben\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe (COMODO)
PRC - C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
PRC - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel)
PRC - C:\Program Files\WD\WD Anywhere Backup\MemeoBackup.exe (Memeo Inc.)
PRC - C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe (Memeo)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe (Copernic Inc.)
PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe (Linksys, a Division of Cisco Systems, Inc.)
PRC - C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe (American Power Conversion Corporation)
PRC - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)
PRC - C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Eraser\eraser.exe (-)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\12050701\algo.dll ()
MOD - C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\db1d2470de43ffcb6f562277208d56e5\System.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\56e433394df8d44e43690a855e403555\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3ec4a3f74cb80c9b9581d778e8645b2c\Microsoft.VisualBasic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d96906db18e87ffe2e08f6cda7e2be0f\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\8d886cdc2ca5f0ff97cd1afe8773bb6e\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\Socket\Adaptor.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\GuiListener\export.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\Socket\Export.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\RemoteDesktop\Export.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\RemoteDesktop\ShHook.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\CRF\export.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\EventMonitor\export.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\EventMonitor\EventMonitor.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\CLPS_RES.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLANG.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll ()
MOD - C:\Program Files\LeapFrog\LeapFrog Connect\QtGui4.dll ()
MOD - C:\Program Files\LeapFrog\LeapFrog Connect\QtCore4.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Shared\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Dashboard\2.0.3693.42559__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Runtime\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Dashboard\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Runtime\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Shared\2.0.3693.42556__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Shared\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Dashboard\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Runtime\2.0.3693.42553__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Runtime\2.0.3693.42556__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3693.42559__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.3693.42553__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Program Files\Yahoo!\Messenger\yui.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Program Files\WD\WD Anywhere Backup\sqlite3.dll ()
MOD - c:\Program Files\McAfee\SiteAdvisor\mcfrmwk.dll ()
MOD - c:\Program Files\McAfee\SiteAdvisor\cntscan.dll ()
MOD - c:\Program Files\McAfee\SiteAdvisor\apengine.dll ()
MOD - C:\WINDOWS\SYSTEM32\Primomonnt.dll ()
MOD - C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll ()
MOD - C:\Program Files\Copernic Desktop Search 2\DesktopSearchSystem203000018.dll ()


========== Win32 Services (SafeList) ==========

SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (CLPSLS) -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO)
SRV - (LeapFrog Connect Device Service) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)
SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (MemeoBackgroundService) -- C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe (Memeo)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (aawservice) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SRV - (MioNet) -- C:\Program Files\MioNet\MioNetManager.exe ()
SRV - (Symantec RemoteAssist) -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (Symantec, Inc.)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (Automatic LiveUpdate Scheduler) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
SRV - (PSI_SVC_2) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (APC UPS Service) -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)
SRV - (IAANTMon) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe (Intel Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (wanatw) WAN Miniport (ATW) -- system32\DRIVERS\wanatw4.sys File not found
DRV - (SMPCLS) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Drvnlhwdww) -- File not found
DRV - (Changer) -- File not found
DRV - (bvrp_pci) -- File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\SYSTEM32\DRIVERS\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (Leapfrog-USBLAN) -- C:\WINDOWS\SYSTEM32\DRIVERS\btblan.sys (Belcarra Technologies)
DRV - (Inspect) -- C:\WINDOWS\SYSTEM32\DRIVERS\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdhlp.sys (COMODO)
DRV - (cmdGuard) -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdGuard.sys (COMODO)
DRV - (ati2mtag) -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (pavboot) -- C:\WINDOWS\SYSTEM32\DRIVERS\pavboot.sys (Panda Security, S.L.)
DRV - (FlyUsb) -- C:\WINDOWS\SYSTEM32\DRIVERS\FlyUsb.sys (LeapFrog)
DRV - (NDISRD) -- C:\WINDOWS\System32\drivers\ndisrd.sys (NT Kernel Resources)
DRV - (ATIAVAIW) -- C:\WINDOWS\SYSTEM32\DRIVERS\atinavt2.sys (ATI Technologies Inc.)
DRV - (MPE) -- C:\WINDOWS\SYSTEM32\DRIVERS\MPE.sys (Microsoft Corporation)
DRV - (BANTExt) -- C:\WINDOWS\SYSTEM32\DRIVERS\BANTExt.sys ()
DRV - (VPROEVENTMONITOR) -- C:\WINDOWS\SYSTEM32\DRIVERS\vproeventmonitor.sys (Symantec Corporation)
DRV - (SQTECH905C) -- C:\WINDOWS\SYSTEM32\DRIVERS\Capt905c.sys (Service & Quality Technology.)
DRV - (elagopro) -- C:\WINDOWS\SYSTEM32\DRIVERS\elagopro.sys (Gteko Ltd.)
DRV - (elaunidr) -- C:\WINDOWS\SYSTEM32\DRIVERS\elaunidr.sys (Gteko Ltd.)
DRV - (dsunidrv) -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys (Gteko Ltd.)
DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Sonic Solutions)
DRV - (PID_08A0) QuickCam IM(PID_08A0) -- C:\WINDOWS\SYSTEM32\DRIVERS\LV302AV.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\WINDOWS\SYSTEM32\DRIVERS\lv302af.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\SYSTEM32\DRIVERS\LVUSBSta.sys (Logitech Inc.)
DRV - (senfilt) -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys (Creative Technology Ltd.)
DRV - (b57w2k) -- C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys (Broadcom Corporation)
DRV - (HSFHWBS2) -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (omci) -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys (Dell Computer Corporation)
DRV - (AgilentUSBCam) -- C:\WINDOWS\SYSTEM32\DRIVERS\Atusbcam.sys (Agilent Technologies)
DRV - (DMX3191) -- C:\WINDOWS\SYSTEM32\DRIVERS\dmx3191.sys (Microsoft Corporation)
DRV - (UDNT) -- C:\WINDOWS\System32\drivers\UDNT.SYS ()
DRV - (AEC671X) -- C:\WINDOWS\SYSTEM32\DRIVERS\aec671x.sys (Acard Technology Corp.)
DRV - (PPSCAN) -- C:\WINDOWS\System32\drivers\PPSCAN.SYS (Shuttle Technology.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}
IE - HKCU\..\SearchScopes\{1A91E3AD-D911-4F76-8B75-9EC2A54F81B8}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.1: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.8.1: C:\Documents and Settings\Ben\Local Settings\Application Data\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/04/28 05:40:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/10 09:24:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/02/05 09:13:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/28 05:26:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/28 18:53:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\components [2012/04/28 23:19:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files\plugins [2012/04/28 18:53:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{86D92CB0-3EB2-4979-AD43-DF0341807D7F}: C:\Program Files\Copernic Desktop Search 2\FirefoxToolbar\ [2008/03/14 01:18:08 | 000,000,000 | ---D | M]

[2011/04/09 10:21:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Extensions
[2011/04/09 10:21:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/03/16 18:03:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Extensions\[email protected]
[2012/05/05 16:48:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions
[2011/12/09 00:56:53 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2010/02/07 14:57:30 | 000,000,000 | ---D | M] (ANTHEM) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{07b2a769-ed19-4483-87ce-c643914c9626}
[2011/03/30 12:19:34 | 000,000,000 | ---D | M] ("Malware Search") -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}
[2011/07/10 10:45:15 | 000,000,000 | ---D | M] (Delicious Bookmarks) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2011/03/08 13:17:59 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009/05/02 16:26:21 | 000,000,000 | ---D | M] ("W3v8 for Firefox") -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{7DA90D46-1B69-4cc5-9ACE-CB64D8D85B00}
[2009/07/06 15:25:36 | 000,000,000 | ---D | M] (Update Notifier) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
[2010/04/10 10:57:29 | 000,000,000 | ---D | M] (Gradient iCool) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2009/11/14 01:01:30 | 000,000,000 | ---D | M] (KidZui) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\[email protected]
[2012/02/24 23:24:15 | 000,000,000 | ---D | M] (Foxdie) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\[email protected]
[2010/08/20 11:42:29 | 000,000,000 | ---D | M] (Foxdie for Firefox) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\[email protected]
[2010/02/28 17:20:07 | 000,000,000 | ---D | M] (Linky) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\[email protected]
[2005/12/19 15:56:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\temp
[2011/05/19 09:23:50 | 000,000,000 | ---D | M] (2conv.com Toolbar) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\[email protected]
[2010/10/02 19:54:50 | 000,000,000 | ---D | M] ("UnPlug") -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\unplug@compunach(2)
[2005/08/22 00:46:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\x
[2011/12/06 19:57:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/04/14 00:55:51 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/04/28 05:26:26 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/05/11 17:57:56 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2005/12/05 22:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npmozax.dll
[2005/04/27 16:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npracplug.dll
[2005/11/15 15:28:00 | 000,266,240 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2010/01/13 18:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012/02/12 11:45:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/09/22 10:11:18 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/02/12 11:45:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2008/03/10 00:57:39 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Copernic Desktop Search 2) - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand203000018.dll (Copernic Inc.)
O3 - HKLM\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Copernic Desktop Search 2) - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand203000018.dll (Copernic Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe (COMODO)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MioNet] C:\Program Files\MioNet\MioNetLauncher.exe ()
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [Standby] C:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Thunderbird] C:\Program Files\thunderbird.exe (Mozilla Messaging)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WD Anywhere Backup] C:\Program Files\WD\WD Anywhere Backup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKCU..\Run: [Copernic Desktop Search 2] C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe (Copernic Inc.)
O4 - HKCU..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [EasyLinkAdvisor] C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe (Linksys, a Division of Cisco Systems, Inc.)
O4 - HKCU..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe (-)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\APC UPS Status.lnk = C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe (American Power Conversion Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\COMODO Firewall Pro.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O4 - Startup: C:\Documents and Settings\Ben\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Ben\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Ben\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43AC3B09-2B11-45C1-B65F-BF4EFF2DDEAB}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\SYSTEM32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Ben\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ben\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/07/29 22:56:49 | 000,000,037 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/10/15 19:26:27 | 000,000,048 | RH-- | M] () - D:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009/12/12 16:55:56 | 000,000,000 | ---D | M] - Z:\Automatic for the People -- [ NTFS ]
O33 - MountPoints2\{a79cd2a8-cb88-11db-9a37-001111e36f13}\Shell - "" = AutoRun
O33 - MountPoints2\{a79cd2a8-cb88-11db-9a37-001111e36f13}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a79cd2a8-cb88-11db-9a37-001111e36f13}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (pgdfgsvc C 1)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/04 15:31:30 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
[2012/05/04 15:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft
[2012/05/04 15:13:33 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
[2012/05/04 07:42:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.b74ef164.temp
[2012/05/04 07:42:02 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft.96db388c.temp
[2012/04/28 23:17:52 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Program Files\D3DCompiler_43.dll
[2012/04/28 23:17:42 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Program Files\d3dx9_43.dll
[2012/04/28 23:17:40 | 000,000,000 | ---D | C] -- C:\Program Files\distribution
[2012/04/28 23:17:36 | 000,596,952 | ---- | C] (Mozilla Foundation) -- C:\Program Files\gkmedias.dll
[2012/04/28 23:17:35 | 000,109,528 | ---- | C] (Mozilla Foundation) -- C:\Program Files\libEGL.dll
[2012/04/28 23:17:34 | 000,465,880 | ---- | C] (Mozilla Foundation) -- C:\Program Files\libGLESv2.dll
[2012/04/28 23:17:32 | 000,016,344 | ---- | C] (Mozilla Foundation) -- C:\Program Files\mozalloc.dll
[2012/04/28 23:17:31 | 000,033,240 | ---- | C] (Mozilla Foundation) -- C:\Program Files\mozglue.dll
[2012/04/28 23:17:29 | 000,531,416 | ---- | C] (sqlite.org) -- C:\Program Files\mozsqlite3.dll
[2012/04/28 23:17:28 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcm80.dll
[2012/04/28 23:17:27 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr80.dll
[2012/04/28 23:17:27 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp80.dll
[2012/04/28 23:17:10 | 000,016,856 | ---- | C] (Mozilla Corporation) -- C:\Program Files\plugin-container.exe
[2012/04/28 23:17:09 | 000,000,000 | ---D | C] -- C:\Program Files\searchplugins
[2012/04/28 23:17:00 | 016,792,536 | ---- | C] (Mozilla Foundation) -- C:\Program Files\xul.dll
[2012/04/28 05:28:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012/04/28 05:27:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/04/14 00:54:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/04/14 00:54:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011/04/09 10:19:46 | 000,018,904 | ---- | C] (Mozilla Foundation) -- C:\Program Files\WSEnable.exe
[2011/04/09 10:19:43 | 000,125,912 | ---- | C] (Mozilla Foundation) -- C:\Program Files\crashreporter.exe
[2010/06/29 15:32:10 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Ben\Application Data\pcouffin.sys
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/07 18:46:03 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/07 18:33:37 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2012/05/07 18:31:21 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-568151950-2823069611-3313978389-1006.job
[2012/05/07 18:31:12 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-568151950-2823069611-3313978389-1007.job
[2012/05/07 18:30:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2012/05/07 18:30:28 | 2145,554,432 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/07 16:34:36 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2012/05/07 13:19:39 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash
[2012/05/07 13:07:58 | 000,009,449 | ---- | M] () -- C:\Program Files\updates.xml
[2012/05/07 13:07:57 | 000,000,057 | ---- | M] () -- C:\Program Files\active-update.xml
[2012/05/07 13:06:17 | 000,002,061 | ---- | M] () -- C:\Program Files\application.ini
[2012/05/07 13:06:12 | 000,000,478 | ---- | M] () -- C:\Program Files\freebl3.chk
[2012/05/07 13:06:02 | 001,952,728 | ---- | M] () -- C:\Program Files\mozjs.dll
[2012/05/07 13:06:00 | 000,531,416 | ---- | M] (sqlite.org) -- C:\Program Files\mozsqlite3.dll
[2012/05/07 13:05:59 | 000,162,776 | ---- | M] () -- C:\Program Files\nsldap32v60.dll
[2012/05/07 13:05:57 | 000,021,976 | ---- | M] () -- C:\Program Files\nsldappr32v60.dll
[2012/05/07 13:05:55 | 000,017,368 | ---- | M] () -- C:\Program Files\nsldif32v60.dll
[2012/05/07 13:05:43 | 000,000,478 | ---- | M] () -- C:\Program Files\nssdbm3.chk
[2012/05/07 13:05:37 | 008,306,077 | ---- | M] () -- C:\Program Files\omni.ja
[2012/05/07 13:05:35 | 000,000,140 | ---- | M] () -- C:\Program Files\platform.ini
[2012/05/07 13:05:30 | 000,002,136 | ---- | M] () -- C:\Program Files\precomplete
[2012/05/07 13:05:29 | 000,000,478 | ---- | M] () -- C:\Program Files\softokn3.chk
[2012/05/07 12:51:55 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/05/07 02:07:01 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/05/06 01:24:05 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/05/05 17:55:08 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-568151950-2823069611-3313978389-1006.job
[2012/05/05 06:34:27 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Ben\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/05/04 15:34:10 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
[2012/05/04 15:16:39 | 000,399,480 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\setup.exe
[2012/05/04 15:12:31 | 032,157,120 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\WOW-4.0.0.12911-enUS-Trial.exe
[2012/05/04 07:42:13 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk.5d7140b5.temp
[2012/05/04 05:28:51 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-568151950-2823069611-3313978389-1007.job
[2012/05/02 19:14:14 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/05/02 06:48:47 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Disk Cleanup.job
[2012/04/28 23:17:48 | 000,007,669 | ---- | M] () -- C:\Program Files\blocklist.xml
[2012/04/28 23:17:44 | 000,003,803 | ---- | M] () -- C:\Program Files\crashreporter.ini
[2012/04/28 23:17:10 | 000,018,968 | ---- | M] () -- C:\Program Files\removed-files
[2012/04/28 23:17:06 | 000,000,715 | ---- | M] () -- C:\Program Files\updater.ini
[2012/04/28 18:53:07 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/04/28 05:41:18 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/04/14 12:04:40 | 000,000,006 | ---- | M] () -- C:\Program Files\update.locale
[2012/04/11 10:12:10 | 000,443,202 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2012/04/11 10:12:10 | 000,072,276 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2012/04/11 10:01:29 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/07 13:07:57 | 000,009,449 | ---- | C] () -- C:\Program Files\updates.xml
[2012/05/07 13:07:55 | 000,000,057 | ---- | C] () -- C:\Program Files\active-update.xml
[2012/05/05 06:34:27 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/05/04 15:16:36 | 000,399,480 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\setup.exe
[2012/05/04 15:13:34 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2012/05/04 15:11:38 | 032,157,120 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\WOW-4.0.0.12911-enUS-Trial.exe
[2012/05/04 07:42:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk.5d7140b5.temp
[2012/04/28 23:20:05 | 000,001,448 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012/04/28 23:17:29 | 001,952,728 | ---- | C] () -- C:\Program Files\mozjs.dll
[2012/04/28 23:17:15 | 008,306,077 | ---- | C] () -- C:\Program Files\omni.ja
[2012/04/28 23:17:10 | 000,002,136 | ---- | C] () -- C:\Program Files\precomplete
[2012/04/28 05:24:35 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2011/12/06 22:22:31 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\$_hpcst$.hpc
[2011/09/06 23:12:58 | 000,018,968 | ---- | C] () -- C:\Program Files\removed-files
[2011/05/18 19:32:55 | 000,000,848 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2011/05/08 19:53:13 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/04/09 10:20:04 | 000,000,715 | ---- | C] () -- C:\Program Files\updater.ini
[2011/04/09 10:20:04 | 000,000,006 | ---- | C] () -- C:\Program Files\update.locale
[2011/04/09 10:19:45 | 000,000,140 | ---- | C] () -- C:\Program Files\platform.ini
[2011/04/09 10:19:44 | 000,162,776 | ---- | C] () -- C:\Program Files\nsldap32v60.dll
[2011/04/09 10:19:44 | 000,021,976 | ---- | C] () -- C:\Program Files\nsldappr32v60.dll
[2011/04/09 10:19:44 | 000,017,368 | ---- | C] () -- C:\Program Files\nsldif32v60.dll
[2011/04/09 10:19:44 | 000,000,478 | ---- | C] () -- C:\Program Files\nssdbm3.chk
[2011/04/09 10:19:43 | 000,007,669 | ---- | C] () -- C:\Program Files\blocklist.xml
[2011/04/09 10:19:43 | 000,003,803 | ---- | C] () -- C:\Program Files\crashreporter.ini
[2011/04/09 10:19:43 | 000,002,061 | ---- | C] () -- C:\Program Files\application.ini
[2010/10/06 00:22:19 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/09/22 18:21:04 | 007,313,968 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/16 16:18:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2010/06/29 15:32:48 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\vso_ts_preview.xml
[2010/06/29 15:32:11 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\inst.exe
[2010/06/29 15:32:11 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\pcouffin.cat
[2010/06/29 15:32:10 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\pcouffin.inf

========== LOP Check ==========

[2010/07/17 17:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adventure Workshop
[2005/06/08 21:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Authentium
[2011/04/02 13:00:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2008/12/01 10:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2006/03/23 15:00:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/01/11 20:22:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2011/12/06 21:22:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CPA_VA
[2009/02/11 02:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2010/01/23 12:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/09/20 22:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2011/05/18 19:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2008/03/11 09:42:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IsolatedStorage
[2009/07/27 15:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leapfrog
[2008/03/12 02:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2009/06/06 18:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2005/04/15 08:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2008/12/01 01:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2005/04/15 20:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS
[2009/09/20 12:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2008/05/08 09:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Shockwave
[2009/12/26 14:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SimCity Societies
[2010/05/21 22:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive
[2008/01/30 21:39:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/04/20 15:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/05/18 19:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2005/03/31 13:37:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/03/12 21:26:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/02/11 02:49:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
[2008/03/02 21:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Aim
[2009/12/22 21:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\AnvSoft
[2009/05/26 20:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Atari
[2009/06/28 11:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Auslogics
[2011/07/14 11:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Azureus
[2007/08/21 13:14:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Business Logic
[2009/06/11 19:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\CallingID
[2011/05/01 17:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\DivoGames
[2012/05/07 18:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Dropbox
[2011/08/06 19:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Free Labs
[2008/11/11 15:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Hemera
[2009/04/22 20:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\ICAClient
[2009/09/25 07:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\iWin
[2009/05/25 19:53:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\JAM Software
[2010/02/13 17:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\KidZui
[2008/11/03 22:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\KompoZer
[2005/04/16 13:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Leadertech
[2012/02/08 03:38:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\MioNet
[2011/04/20 22:54:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\MusE
[2007/04/25 21:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\MusicIP
[2006/08/26 00:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Musicmatch
[2008/12/01 01:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\NCH Swift Sound
[2010/07/04 09:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Outertech
[2006/08/29 12:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\PlayFirst
[2010/06/26 15:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Red Alert 3 Demo
[2009/12/07 15:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\SecondLife
[2005/12/31 17:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Snapfish
[2010/05/21 22:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Sports Interactive
[2010/01/27 22:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Stellarium
[2010/07/04 09:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\SuperNZB
[2010/05/04 17:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\The Creative Assembly
[2011/04/09 10:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Thunderbird
[2010/04/10 22:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Ubisoft
[2011/05/18 20:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Ulead Systems
[2008/12/18 01:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Uniblue
[2010/03/16 18:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Vivox
[2010/06/30 12:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Vso
[2009/06/06 18:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\WD
[2006/06/29 21:26:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\WeatherBug
[2010/01/29 20:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\wsInspector
[2012/05/02 06:48:47 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Disk Cleanup.job
[2012/05/07 02:07:01 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5F538558
@Alternate Data Stream - 192 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D20FFA63
@Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:015DC393
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:35759C73
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:837546C7
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:41C283B2
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:87FA5E8A
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:00C31200
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8591AF9
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2615E8F1

< End of report >

I've already run MBAM and avast virus scanner not showing anything of note. Please help!
  • 0

Advertisements

#2
CompCav
Posted 09 May 2012 - 02:05 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Hi, bwhsify! Posted ImageMy nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out. :)

If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.


Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.

If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:
  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
  • Please make sure to carefully read any instructions that I give you. Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. These instructions are not suitable for any other computer, even if the issues are fairly similar.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. However, the one thing that you should always do, is to make sure your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Just do a Copy/Paste of the entire contents of the log file inside your post and submit.
  • You must reply within four days failure to reply will result in the topic being closed!
  • Please do not PM me directly for help. If you have any questions, post them in this topic. PM me only if I have not responded to your last post in 2 days.
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to ultimately reformat your hard drive and reinstall the operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Please have the software and storage media for backing up your data available.


It looks like you have both Comodo and Avast running and there are remnants of Symantec's products on your machine

Are you running both and have you had a Norton before?




Since it has been awhile we need an updated OTL plus Extras and aswMBR logs :)


Step 1.

Download OTL to your Desktop
or
If you still have OTL on your desktop go immediately to the following steps:

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Under File Scans File Age: Select 30 days from the drop down box.
  • Select Lop Check and Purity Check
  • Under Extra Registry: Select Use SafeList
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    C:\Windows\assembly\tmp\U\*.* /s
    C:\Program Files\Common Files\ComObjects\*.* /s
    %Temp%\smtmp\1\*.*
    %Temp%\smtmp\2\*.*
    %Temp%\smtmp\3\*.*
    %Temp%\smtmp\4\*.*
    >C:\commands.txt echo list vol /raw /hide /c
    /wait
    >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
    /wait
    type c:\diskreport.txt /c
    /wait
    erase c:\commands.txt /hide /c
    /wait
    erase c:\diskreport.txt /hide /c
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt and Extras.txt .
  • Post both logs


Step 2.

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
If it does not run rename aswMBR.exe to Iexplore.exe and try it again.

Step 3.

Please post:

OTL.txt
Extras.txt
aswMBR log




Give me any updates on issues with your computer
  • 0

#3
bwhsify
Posted 09 May 2012 - 10:37 PM

bwhsify

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
I use avast antivirus and comodo for firewall, I don't use any of the mcafee or symantec products anymore. I had used them in the past, but have discontinued the use of them.

The following is the OTL log file.

OTL logfile created on: 5/9/2012 9:46:26 PM - Run 3
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\Ben\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.97 Gb Available Physical Memory | 48.68% Memory free
3.35 Gb Paging File | 2.38 Gb Available in Paging File | 71.06% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.46 Gb Total Space | 7.23 Gb Free Space | 4.97% Space Free | Partition Type: NTFS
Drive D: | 7.56 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive X: | 928.30 Gb Total Space | 259.72 Gb Free Space | 27.98% Space Free | Partition Type: NTFS
Drive Z: | 928.30 Gb Total Space | 259.72 Gb Free Space | 27.98% Space Free | Partition Type: NTFS

Computer Name: TEAMWHEELS | User Name: Ben | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Ben\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe (COMODO)
PRC - C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
PRC - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel)
PRC - C:\Program Files\WD\WD Anywhere Backup\MemeoBackup.exe (Memeo Inc.)
PRC - C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe (Memeo)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe (Copernic Inc.)
PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe (Linksys, a Division of Cisco Systems, Inc.)
PRC - C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe (American Power Conversion Corporation)
PRC - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)
PRC - C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Eraser\eraser.exe (-)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\12050901\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\defs\12050800\algo.dll ()
MOD - C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\db1d2470de43ffcb6f562277208d56e5\System.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\56e433394df8d44e43690a855e403555\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3ec4a3f74cb80c9b9581d778e8645b2c\Microsoft.VisualBasic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d96906db18e87ffe2e08f6cda7e2be0f\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\8d886cdc2ca5f0ff97cd1afe8773bb6e\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\Socket\Adaptor.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\GuiListener\export.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\Socket\Export.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\RemoteDesktop\Export.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\RemoteDesktop\ShHook.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\CRF\export.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\EventMonitor\export.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\EventMonitor\EventMonitor.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\CLPS_RES.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLANG.dll ()
MOD - C:\WINDOWS\SYSTEM32\quartz.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll ()
MOD - C:\Program Files\LeapFrog\LeapFrog Connect\QtGui4.dll ()
MOD - C:\Program Files\LeapFrog\LeapFrog Connect\QtCore4.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Shared\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Dashboard\2.0.3693.42559__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Runtime\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Dashboard\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Runtime\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Shared\2.0.3693.42556__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Shared\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Dashboard\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Runtime\2.0.3693.42553__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Runtime\2.0.3693.42556__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3693.42559__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.3693.42553__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared\2.0.3693.42478__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Program Files\WD\WD Anywhere Backup\sqlite3.dll ()
MOD - c:\Program Files\McAfee\SiteAdvisor\mcfrmwk.dll ()
MOD - c:\Program Files\McAfee\SiteAdvisor\cntscan.dll ()
MOD - c:\Program Files\McAfee\SiteAdvisor\apengine.dll ()
MOD - C:\WINDOWS\SYSTEM32\Primomonnt.dll ()
MOD - C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll ()
MOD - C:\Program Files\Copernic Desktop Search 2\DesktopSearchSystem203000018.dll ()


========== Win32 Services (SafeList) ==========

SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (CLPSLS) -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO)
SRV - (LeapFrog Connect Device Service) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)
SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (MemeoBackgroundService) -- C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe (Memeo)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (aawservice) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SRV - (MioNet) -- C:\Program Files\MioNet\MioNetManager.exe ()
SRV - (Symantec RemoteAssist) -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (Symantec, Inc.)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (Automatic LiveUpdate Scheduler) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
SRV - (PSI_SVC_2) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (APC UPS Service) -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)
SRV - (IAANTMon) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe (Intel Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (wanatw) WAN Miniport (ATW) -- system32\DRIVERS\wanatw4.sys File not found
DRV - (SMPCLS) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Drvnlhwdww) -- File not found
DRV - (Changer) -- File not found
DRV - (bvrp_pci) -- File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\SYSTEM32\DRIVERS\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (Leapfrog-USBLAN) -- C:\WINDOWS\SYSTEM32\DRIVERS\btblan.sys (Belcarra Technologies)
DRV - (Inspect) -- C:\WINDOWS\SYSTEM32\DRIVERS\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdhlp.sys (COMODO)
DRV - (cmdGuard) -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdGuard.sys (COMODO)
DRV - (ati2mtag) -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (pavboot) -- C:\WINDOWS\SYSTEM32\DRIVERS\pavboot.sys (Panda Security, S.L.)
DRV - (FlyUsb) -- C:\WINDOWS\SYSTEM32\DRIVERS\FlyUsb.sys (LeapFrog)
DRV - (NDISRD) -- C:\WINDOWS\System32\drivers\ndisrd.sys (NT Kernel Resources)
DRV - (ATIAVAIW) -- C:\WINDOWS\SYSTEM32\DRIVERS\atinavt2.sys (ATI Technologies Inc.)
DRV - (MPE) -- C:\WINDOWS\SYSTEM32\DRIVERS\MPE.sys (Microsoft Corporation)
DRV - (BANTExt) -- C:\WINDOWS\SYSTEM32\DRIVERS\BANTExt.sys ()
DRV - (VPROEVENTMONITOR) -- C:\WINDOWS\SYSTEM32\DRIVERS\vproeventmonitor.sys (Symantec Corporation)
DRV - (SQTECH905C) -- C:\WINDOWS\SYSTEM32\DRIVERS\Capt905c.sys (Service & Quality Technology.)
DRV - (elagopro) -- C:\WINDOWS\SYSTEM32\DRIVERS\elagopro.sys (Gteko Ltd.)
DRV - (elaunidr) -- C:\WINDOWS\SYSTEM32\DRIVERS\elaunidr.sys (Gteko Ltd.)
DRV - (dsunidrv) -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys (Gteko Ltd.)
DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Sonic Solutions)
DRV - (PID_08A0) QuickCam IM(PID_08A0) -- C:\WINDOWS\SYSTEM32\DRIVERS\LV302AV.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\WINDOWS\SYSTEM32\DRIVERS\lv302af.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\SYSTEM32\DRIVERS\LVUSBSta.sys (Logitech Inc.)
DRV - (senfilt) -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys (Creative Technology Ltd.)
DRV - (b57w2k) -- C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys (Broadcom Corporation)
DRV - (HSFHWBS2) -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (omci) -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys (Dell Computer Corporation)
DRV - (AgilentUSBCam) -- C:\WINDOWS\SYSTEM32\DRIVERS\Atusbcam.sys (Agilent Technologies)
DRV - (DMX3191) -- C:\WINDOWS\SYSTEM32\DRIVERS\dmx3191.sys (Microsoft Corporation)
DRV - (UDNT) -- C:\WINDOWS\System32\drivers\UDNT.SYS ()
DRV - (AEC671X) -- C:\WINDOWS\SYSTEM32\DRIVERS\aec671x.sys (Acard Technology Corp.)
DRV - (PPSCAN) -- C:\WINDOWS\System32\drivers\PPSCAN.SYS (Shuttle Technology.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\..\SearchScopes\{1A91E3AD-D911-4F76-8B75-9EC2A54F81B8}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.1: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.8.1: C:\Documents and Settings\Ben\Local Settings\Application Data\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/04/28 05:40:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/10 09:24:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/02/05 09:13:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/28 05:26:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/28 18:53:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\components [2012/04/28 23:19:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files\plugins [2012/04/28 18:53:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{86D92CB0-3EB2-4979-AD43-DF0341807D7F}: C:\Program Files\Copernic Desktop Search 2\FirefoxToolbar\ [2008/03/14 01:18:08 | 000,000,000 | ---D | M]

[2011/04/09 10:21:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Extensions
[2011/04/09 10:21:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/03/16 18:03:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Extensions\[email protected]
[2012/05/05 16:48:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions
[2011/12/09 00:56:53 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2010/02/07 14:57:30 | 000,000,000 | ---D | M] (ANTHEM) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{07b2a769-ed19-4483-87ce-c643914c9626}
[2011/03/30 12:19:34 | 000,000,000 | ---D | M] ("Malware Search") -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}
[2011/07/10 10:45:15 | 000,000,000 | ---D | M] (Delicious Bookmarks) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2011/03/08 13:17:59 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009/05/02 16:26:21 | 000,000,000 | ---D | M] ("W3v8 for Firefox") -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{7DA90D46-1B69-4cc5-9ACE-CB64D8D85B00}
[2009/07/06 15:25:36 | 000,000,000 | ---D | M] (Update Notifier) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
[2010/04/10 10:57:29 | 000,000,000 | ---D | M] (Gradient iCool) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2009/11/14 01:01:30 | 000,000,000 | ---D | M] (KidZui) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\[email protected]
[2012/02/24 23:24:15 | 000,000,000 | ---D | M] (Foxdie) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\[email protected]
[2010/08/20 11:42:29 | 000,000,000 | ---D | M] (Foxdie for Firefox) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\[email protected]
[2010/02/28 17:20:07 | 000,000,000 | ---D | M] (Linky) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\[email protected]
[2005/12/19 15:56:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\temp
[2011/05/19 09:23:50 | 000,000,000 | ---D | M] (2conv.com Toolbar) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\[email protected]
[2010/10/02 19:54:50 | 000,000,000 | ---D | M] ("UnPlug") -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\unplug@compunach(2)
[2005/08/22 00:46:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\x
[2011/12/06 19:57:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/04/14 00:55:51 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/04/28 05:26:26 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/05/11 17:57:56 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2005/12/05 22:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npmozax.dll
[2005/04/27 16:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npracplug.dll
[2005/11/15 15:28:00 | 000,266,240 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2010/01/13 18:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012/02/12 11:45:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/09/22 10:11:18 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/02/12 11:45:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2008/03/10 00:57:39 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Copernic Desktop Search 2) - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand203000018.dll (Copernic Inc.)
O3 - HKLM\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\..\Toolbar\WebBrowser: (no name) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No CLSID value found.
O3 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\..\Toolbar\WebBrowser: (Copernic Desktop Search 2) - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand203000018.dll (Copernic Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe (COMODO)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MioNet] C:\Program Files\MioNet\MioNetLauncher.exe ()
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [Standby] C:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Thunderbird] C:\Program Files\thunderbird.exe (Mozilla Messaging)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WD Anywhere Backup] C:\Program Files\WD\WD Anywhere Backup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006..\Run: [Copernic Desktop Search 2] C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe (Copernic Inc.)
O4 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006..\Run: [EasyLinkAdvisor] C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe (Linksys, a Division of Cisco Systems, Inc.)
O4 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe (-)
O4 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\APC UPS Status.lnk = C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe (American Power Conversion Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\COMODO Firewall Pro.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O4 - Startup: C:\Documents and Settings\Ben\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Ben\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Ben\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43AC3B09-2B11-45C1-B65F-BF4EFF2DDEAB}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\SYSTEM32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Ben\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ben\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/07/29 22:56:49 | 000,000,037 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/10/15 19:26:27 | 000,000,048 | RH-- | M] () - D:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009/12/12 16:55:56 | 000,000,000 | ---D | M] - Z:\Automatic for the People -- [ NTFS ]
O33 - MountPoints2\{a79cd2a8-cb88-11db-9a37-001111e36f13}\Shell - "" = AutoRun
O33 - MountPoints2\{a79cd2a8-cb88-11db-9a37-001111e36f13}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a79cd2a8-cb88-11db-9a37-001111e36f13}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (pgdfgsvc C 1)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1056

========== Files/Folders - Created Within 30 Days ==========

[2012/05/09 19:14:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
[2012/05/09 00:53:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Start Menu\Programs\FriendFinder
[2012/05/09 00:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\FriendFinder
[2012/05/04 15:31:30 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
[2012/05/04 15:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft
[2012/05/04 15:13:33 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
[2012/05/04 07:42:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.b74ef164.temp
[2012/05/04 07:42:02 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft.96db388c.temp
[2012/04/28 23:17:52 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Program Files\D3DCompiler_43.dll
[2012/04/28 23:17:42 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Program Files\d3dx9_43.dll
[2012/04/28 23:17:40 | 000,000,000 | ---D | C] -- C:\Program Files\distribution
[2012/04/28 23:17:36 | 000,596,952 | ---- | C] (Mozilla Foundation) -- C:\Program Files\gkmedias.dll
[2012/04/28 23:17:35 | 000,109,528 | ---- | C] (Mozilla Foundation) -- C:\Program Files\libEGL.dll
[2012/04/28 23:17:34 | 000,465,880 | ---- | C] (Mozilla Foundation) -- C:\Program Files\libGLESv2.dll
[2012/04/28 23:17:32 | 000,016,344 | ---- | C] (Mozilla Foundation) -- C:\Program Files\mozalloc.dll
[2012/04/28 23:17:31 | 000,033,240 | ---- | C] (Mozilla Foundation) -- C:\Program Files\mozglue.dll
[2012/04/28 23:17:29 | 000,531,416 | ---- | C] (sqlite.org) -- C:\Program Files\mozsqlite3.dll
[2012/04/28 23:17:28 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcm80.dll
[2012/04/28 23:17:27 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr80.dll
[2012/04/28 23:17:27 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp80.dll
[2012/04/28 23:17:10 | 000,016,856 | ---- | C] (Mozilla Corporation) -- C:\Program Files\plugin-container.exe
[2012/04/28 23:17:09 | 000,000,000 | ---D | C] -- C:\Program Files\searchplugins
[2012/04/28 23:17:00 | 016,792,536 | ---- | C] (Mozilla Foundation) -- C:\Program Files\xul.dll
[2012/04/28 05:28:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012/04/28 05:27:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/04/28 05:24:30 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/04/14 00:54:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/04/14 00:54:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011/04/09 10:19:46 | 000,018,904 | ---- | C] (Mozilla Foundation) -- C:\Program Files\WSEnable.exe
[2011/04/09 10:19:43 | 000,125,912 | ---- | C] (Mozilla Foundation) -- C:\Program Files\crashreporter.exe
[2010/06/29 15:32:10 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Ben\Application Data\pcouffin.sys
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/09 21:46:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/09 19:14:09 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/05/09 06:48:19 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Disk Cleanup.job
[2012/05/09 02:07:02 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/05/09 00:53:44 | 000,002,036 | ---- | M] () -- C:\Documents and Settings\Ben\Application Data\Microsoft\Internet Explorer\Quick Launch\FriendFinder Messenger v4.1.lnk
[2012/05/08 16:16:46 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2012/05/08 16:13:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2012/05/08 16:11:31 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-568151950-2823069611-3313978389-1006.job
[2012/05/08 16:11:22 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-568151950-2823069611-3313978389-1007.job
[2012/05/08 16:10:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2012/05/08 16:10:44 | 2145,554,432 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/08 16:05:12 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-568151950-2823069611-3313978389-1006.job
[2012/05/07 13:19:39 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash
[2012/05/07 13:07:58 | 000,009,449 | ---- | M] () -- C:\Program Files\updates.xml
[2012/05/07 13:07:57 | 000,000,057 | ---- | M] () -- C:\Program Files\active-update.xml
[2012/05/07 13:06:22 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files\AccessibleMarshal.dll
[2012/05/07 13:06:20 | 000,017,880 | ---- | M] (Mozilla.org) -- C:\Program Files\MapiProxy_InUse.dll
[2012/05/07 13:06:20 | 000,017,880 | ---- | M] (Mozilla.org) -- C:\Program Files\MapiProxy.dll
[2012/05/07 13:06:19 | 000,018,904 | ---- | M] (Mozilla Foundation) -- C:\Program Files\WSEnable.exe
[2012/05/07 13:06:17 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files\crashreporter.exe
[2012/05/07 13:06:17 | 000,002,061 | ---- | M] () -- C:\Program Files\application.ini
[2012/05/07 13:06:12 | 000,000,478 | ---- | M] () -- C:\Program Files\freebl3.chk
[2012/05/07 13:06:11 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\freebl3.dll
[2012/05/07 13:06:09 | 000,596,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files\gkmedias.dll
[2012/05/07 13:06:07 | 000,109,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files\libEGL.dll
[2012/05/07 13:06:06 | 000,465,880 | ---- | M] (Mozilla Foundation) -- C:\Program Files\libGLESv2.dll
[2012/05/07 13:06:05 | 000,060,376 | ---- | M] (Mozilla.org) -- C:\Program Files\mozMapi32_InUse.dll
[2012/05/07 13:06:05 | 000,060,376 | ---- | M] (Mozilla.org) -- C:\Program Files\mozMapi32.dll
[2012/05/07 13:06:05 | 000,016,344 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozalloc.dll
[2012/05/07 13:06:04 | 000,033,240 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozglue.dll
[2012/05/07 13:06:02 | 001,952,728 | ---- | M] () -- C:\Program Files\mozjs.dll
[2012/05/07 13:06:00 | 000,531,416 | ---- | M] (sqlite.org) -- C:\Program Files\mozsqlite3.dll
[2012/05/07 13:05:59 | 000,162,776 | ---- | M] () -- C:\Program Files\nsldap32v60.dll
[2012/05/07 13:05:57 | 000,021,976 | ---- | M] () -- C:\Program Files\nsldappr32v60.dll
[2012/05/07 13:05:55 | 000,017,368 | ---- | M] () -- C:\Program Files\nsldif32v60.dll
[2012/05/07 13:05:51 | 000,175,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\nspr4.dll
[2012/05/07 13:05:48 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\nss3.dll
[2012/05/07 13:05:45 | 000,371,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\nssckbi.dll
[2012/05/07 13:05:43 | 000,000,478 | ---- | M] () -- C:\Program Files\nssdbm3.chk
[2012/05/07 13:05:41 | 000,109,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files\nssdbm3.dll
[2012/05/07 13:05:37 | 008,306,077 | ---- | M] () -- C:\Program Files\omni.ja
[2012/05/07 13:05:37 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\nssutil3.dll
[2012/05/07 13:05:35 | 000,000,140 | ---- | M] () -- C:\Program Files\platform.ini
[2012/05/07 13:05:34 | 000,021,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files\plc4.dll
[2012/05/07 13:05:33 | 000,018,904 | ---- | M] (Mozilla Foundation) -- C:\Program Files\plds4.dll
[2012/05/07 13:05:32 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\plugin-container.exe
[2012/05/07 13:05:30 | 000,002,136 | ---- | M] () -- C:\Program Files\precomplete
[2012/05/07 13:05:29 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\smime3.dll
[2012/05/07 13:05:29 | 000,000,478 | ---- | M] () -- C:\Program Files\softokn3.chk
[2012/05/07 13:05:28 | 000,170,968 | ---- | M] (Mozilla Foundation) -- C:\Program Files\softokn3.dll
[2012/05/07 13:05:25 | 000,158,680 | ---- | M] (Mozilla Foundation) -- C:\Program Files\ssl3.dll
[2012/05/07 13:05:24 | 000,400,344 | ---- | M] (Mozilla Messaging) -- C:\Program Files\thunderbird.exe
[2012/05/07 13:05:21 | 000,277,464 | ---- | M] (Mozilla Foundation) -- C:\Program Files\updater.exe
[2012/05/07 13:05:20 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files\xpcom.dll
[2012/05/07 13:05:19 | 016,792,536 | ---- | M] (Mozilla Foundation) -- C:\Program Files\xul.dll
[2012/05/07 12:51:55 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/05/06 01:24:05 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/05/05 06:34:27 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Ben\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/05/04 15:34:10 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
[2012/05/04 15:12:31 | 032,157,120 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\WOW-4.0.0.12911-enUS-Trial.exe
[2012/05/04 14:46:41 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/05/04 14:46:40 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/05/04 07:42:13 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk.5d7140b5.temp
[2012/05/04 05:28:51 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-568151950-2823069611-3313978389-1007.job
[2012/04/28 23:17:52 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files\D3DCompiler_43.dll
[2012/04/28 23:17:48 | 000,007,669 | ---- | M] () -- C:\Program Files\blocklist.xml
[2012/04/28 23:17:44 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Program Files\d3dx9_43.dll
[2012/04/28 23:17:44 | 000,003,803 | ---- | M] () -- C:\Program Files\crashreporter.ini
[2012/04/28 23:17:28 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\msvcm80.dll
[2012/04/28 23:17:27 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\msvcr80.dll
[2012/04/28 23:17:27 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\msvcp80.dll
[2012/04/28 23:17:10 | 000,018,968 | ---- | M] () -- C:\Program Files\removed-files
[2012/04/28 23:17:06 | 000,000,715 | ---- | M] () -- C:\Program Files\updater.ini
[2012/04/28 18:53:07 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/04/28 05:41:18 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/04/14 12:04:41 | 000,409,752 | ---- | M] (Mozilla Foundation) -- C:\Program Files\xpcom_core.dll
[2012/04/14 12:04:40 | 000,000,006 | ---- | M] () -- C:\Program Files\update.locale
[2012/04/11 10:12:10 | 000,443,202 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2012/04/11 10:12:10 | 000,072,276 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2012/04/11 10:01:29 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/09 00:53:44 | 000,002,036 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\Microsoft\Internet Explorer\Quick Launch\FriendFinder Messenger v4.1.lnk
[2012/05/07 13:07:57 | 000,009,449 | ---- | C] () -- C:\Program Files\updates.xml
[2012/05/07 13:07:55 | 000,000,057 | ---- | C] () -- C:\Program Files\active-update.xml
[2012/05/05 06:34:27 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/05/04 15:13:34 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2012/05/04 15:11:38 | 032,157,120 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\WOW-4.0.0.12911-enUS-Trial.exe
[2012/05/04 07:42:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk.5d7140b5.temp
[2012/04/28 23:20:05 | 000,001,448 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012/04/28 23:17:29 | 001,952,728 | ---- | C] () -- C:\Program Files\mozjs.dll
[2012/04/28 23:17:15 | 008,306,077 | ---- | C] () -- C:\Program Files\omni.ja
[2012/04/28 23:17:10 | 000,002,136 | ---- | C] () -- C:\Program Files\precomplete
[2012/04/28 05:24:35 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2011/12/06 22:22:31 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\$_hpcst$.hpc
[2011/09/06 23:12:58 | 000,018,968 | ---- | C] () -- C:\Program Files\removed-files
[2011/05/18 19:32:55 | 000,000,848 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2011/05/08 19:53:13 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/04/09 10:20:04 | 000,000,715 | ---- | C] () -- C:\Program Files\updater.ini
[2011/04/09 10:20:04 | 000,000,006 | ---- | C] () -- C:\Program Files\update.locale
[2011/04/09 10:19:45 | 000,000,140 | ---- | C] () -- C:\Program Files\platform.ini
[2011/04/09 10:19:44 | 000,162,776 | ---- | C] () -- C:\Program Files\nsldap32v60.dll
[2011/04/09 10:19:44 | 000,021,976 | ---- | C] () -- C:\Program Files\nsldappr32v60.dll
[2011/04/09 10:19:44 | 000,017,368 | ---- | C] () -- C:\Program Files\nsldif32v60.dll
[2011/04/09 10:19:44 | 000,000,478 | ---- | C] () -- C:\Program Files\nssdbm3.chk
[2011/04/09 10:19:43 | 000,007,669 | ---- | C] () -- C:\Program Files\blocklist.xml
[2011/04/09 10:19:43 | 000,003,803 | ---- | C] () -- C:\Program Files\crashreporter.ini
[2011/04/09 10:19:43 | 000,002,061 | ---- | C] () -- C:\Program Files\application.ini
[2010/10/06 00:22:19 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/07/16 16:18:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2010/06/29 15:32:48 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\vso_ts_preview.xml
[2010/06/29 15:32:11 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\inst.exe
[2010/06/29 15:32:11 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\pcouffin.cat
[2010/06/29 15:32:10 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\pcouffin.inf

========== LOP Check ==========

[2010/07/17 17:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adventure Workshop
[2005/06/08 21:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Authentium
[2011/04/02 13:00:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2008/12/01 10:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2006/03/23 15:00:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/01/11 20:22:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2011/12/06 21:22:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CPA_VA
[2009/02/11 02:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2010/01/23 12:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/09/20 22:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2011/05/18 19:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2008/03/11 09:42:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IsolatedStorage
[2009/07/27 15:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leapfrog
[2008/03/12 02:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2009/06/06 18:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2005/04/15 08:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2008/12/01 01:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2005/04/15 20:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS
[2009/09/20 12:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2008/05/08 09:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Shockwave
[2009/12/26 14:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SimCity Societies
[2010/05/21 22:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive
[2008/01/30 21:39:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/04/20 15:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/05/18 19:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2005/03/31 13:37:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/03/12 21:26:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/02/11 02:49:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
[2008/03/02 21:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Aim
[2009/12/22 21:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\AnvSoft
[2009/05/26 20:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Atari
[2009/06/28 11:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Auslogics
[2011/07/14 11:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Azureus
[2007/08/21 13:14:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Business Logic
[2009/06/11 19:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\CallingID
[2011/05/01 17:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\DivoGames
[2012/05/08 16:15:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Dropbox
[2011/08/06 19:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Free Labs
[2008/11/11 15:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Hemera
[2009/04/22 20:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\ICAClient
[2009/09/25 07:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\iWin
[2009/05/25 19:53:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\JAM Software
[2010/02/13 17:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\KidZui
[2008/11/03 22:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\KompoZer
[2005/04/16 13:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Leadertech
[2012/02/08 03:38:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\MioNet
[2011/04/20 22:54:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\MusE
[2007/04/25 21:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\MusicIP
[2006/08/26 00:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Musicmatch
[2008/12/01 01:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\NCH Swift Sound
[2010/07/04 09:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Outertech
[2006/08/29 12:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\PlayFirst
[2010/06/26 15:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Red Alert 3 Demo
[2009/12/07 15:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\SecondLife
[2005/12/31 17:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Snapfish
[2010/05/21 22:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Sports Interactive
[2010/01/27 22:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Stellarium
[2010/07/04 09:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\SuperNZB
[2010/05/04 17:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\The Creative Assembly
[2011/04/09 10:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Thunderbird
[2010/04/10 22:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Ubisoft
[2011/05/18 20:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Ulead Systems
[2008/12/18 01:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Uniblue
[2010/03/16 18:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Vivox
[2010/06/30 12:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Vso
[2009/06/06 18:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\WD
[2006/06/29 21:26:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\WeatherBug
[2010/01/29 20:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\wsInspector
[2009/11/29 15:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/04/11 21:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\Aim
[2010/10/06 15:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\Azureus
[2009/06/04 14:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\CallingID
[2012/01/11 20:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\Canon
[2006/01/26 21:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\DeductionPro 2005-06
[2011/12/10 16:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\Dropbox
[2006/01/11 21:37:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\ICAClient
[2005/11/09 21:22:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\Leadertech
[2009/07/17 19:56:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\MioNet
[2005/04/24 20:39:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\Netscape
[2005/12/31 17:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\Snapfish
[2011/04/18 07:36:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\Thunderbird
[2009/06/14 20:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\WD
[2007/08/16 14:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\WeatherBug
[2010/09/12 13:32:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Max\Application Data\Azureus
[2010/09/11 23:40:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Max\Application Data\Thunderbird
[2010/09/11 23:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Max\Application Data\WD
[2010/10/02 19:54:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam\Application Data\Azureus
[2010/09/26 13:05:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam\Application Data\KidZui
[2009/07/12 19:30:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam\Application Data\MioNet
[2007/08/28 18:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam\Application Data\Thunderbird
[2009/07/02 17:34:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam\Application Data\WD
[2012/05/09 06:48:19 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Disk Cleanup.job
[2012/05/09 02:07:02 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/04 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SYSTEM32\svchost.exe
[2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\I386\SVCHOST.EXE
[2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\I386\USERINIT.EXE
[2004/08/04 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SYSTEM32\DLLCACHE\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SYSTEM32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\I386\WINLOGON.EXE
[2004/08/04 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SYSTEM32\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"Type" = 1
"Start" = 1
"ErrorControl" = 1
"Tag" = 5
"ImagePath" = system32\DRIVERS\netbt.sys -- [2008/04/13 15:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation)
"DisplayName" = NetBios over Tcpip
"Group" = PNP_TDI
"DependOnService" = Tcpip [binary data]
"DependOnGroup" = [binary data]
"Description" = NetBios over Tcpip
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"NbProvider" = _tcp
"NameServerPort" = 137
"CacheTimeout" = 600000
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"Size/Small/Medium/Large" = 1
"SessionKeepAlive" = 3600000
"TransportBindName" = \Device\
"EnableLMHOSTS" = 1
"DhcpNodeType" = 8
"EnableProxy" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{2810EB22-763D-4D0C-9450-64BBD1758685}]
"NameServerList" = [binary data]
"RASFlags" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{2F8B8FAF-B9E7-4291-A184-F767D3436815}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{43AC3B09-2B11-45C1-B65F-BF4EFF2DDEAB}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{531D3D38-B38F-4A40-9052-52EFBA55506B}]
"NameServerList" = [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{77EA0F56-8769-4B93-8146-8AEDD86D8B14}]
"NameServerList" = [binary data]
"NetbiosOptions" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 1
"ImagePath" = system32\DRIVERS\netbios.sys -- [2008/04/13 14:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation)
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 04 01 03 01 00 00 01 00 02 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters\Winsock]
"HelperDllName" = %SystemRoot%\System32\wshnetbs.dll -- [2004/08/04 07:00:00 | 000,007,168 | ---- | M] (Microsoft Corporation)
"MaxSockAddrLength" = 20
"MinSockAddrLength" = 20
"Mapping" = 02 00 00 00 03 00 00 00 11 00 00 00 05 00 00 00 00 00 00 00 11 00 00 00 02 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/04/28 05:26:01 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/04/28 05:26:01 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/04/28 05:26:01 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/04/28 05:26:23 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/04/28 05:26:23 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/04/28 05:26:23 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/02/29 08:16:50 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/02/29 08:16:50 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/02/29 08:16:50 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [2012/02/29 07:01:00 | 000,634,680 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/04/28 05:26:01 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/04/28 05:26:01 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/04/28 05:26:01 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/04/28 05:26:23 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/04/28 05:26:23 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/04/28 05:26:23 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/02/29 08:16:50 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/02/29 08:16:50 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/02/29 08:16:50 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [2012/02/29 07:01:00 | 000,634,680 | ---- | M] (Microsoft Corporation)

< C:\Windows\assembly\tmp\U\*.* /s >

< C:\Program Files\Common Files\ComObjects\*.* /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 5.1.3565
Copyright © 1999-2003 Microsoft Corporation.
On computer: TEAMWHEELS
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 D WLK3.2.0 UDF DVD-ROM 7744 MB
Volume 1 E DVD-ROM 0 B
Volume 2 C NTFS Partition 145 GB Healthy System
Volume 3 F Partition 145 GB Healthy

========== Alternate Data Streams ==========

@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5F538558
@Alternate Data Stream - 192 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D20FFA63
@Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:015DC393
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:35759C73
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:837546C7
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:41C283B2
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:87FA5E8A
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:00C31200
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8591AF9
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2615E8F1

< End of report >

This is the EXTRAS Logfile.

OTL Extras logfile created on: 5/9/2012 9:46:26 PM - Run 3
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\Ben\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.97 Gb Available Physical Memory | 48.68% Memory free
3.35 Gb Paging File | 2.38 Gb Available in Paging File | 71.06% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.46 Gb Total Space | 7.23 Gb Free Space | 4.97% Space Free | Partition Type: NTFS
Drive D: | 7.56 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive X: | 928.30 Gb Total Space | 259.72 Gb Free Space | 27.98% Space Free | Partition Type: NTFS
Drive Z: | 928.30 Gb Total Space | 259.72 Gb Free Space | 27.98% Space Free | Partition Type: NTFS

Computer Name: TEAMWHEELS | User Name: Ben | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.ini [@ = GetDiz.Document] -- C:\Program Files\GetDiz\GetDiz.exe (Outertech - http://outertech.com)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-568151950-2823069611-3313978389-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" %*
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"67:UDP" = 67:UDP:0.0.0.0/255.255.255.255:Enabled:DHCP Discovery Service
"1700:TCP" = 1700:TCP:*:Enabled:MioNet Remote Drive Access 0
"1701:TCP" = 1701:TCP:*:Enabled:MioNet Remote Drive Access 1
"1702:TCP" = 1702:TCP:*:Enabled:MioNet Remote Drive Access 2
"1703:TCP" = 1703:TCP:*:Enabled:MioNet Remote Drive Access 3
"1704:TCP" = 1704:TCP:*:Enabled:MioNet Remote Drive Access 4
"1705:TCP" = 1705:TCP:*:Enabled:MioNet Remote Drive Access 5
"1706:TCP" = 1706:TCP:*:Enabled:MioNet Remote Drive Access 6
"1707:TCP" = 1707:TCP:*:Enabled:MioNet Remote Drive Access 7
"1708:TCP" = 1708:TCP:*:Enabled:MioNet Remote Drive Access 8
"1709:TCP" = 1709:TCP:*:Enabled:MioNet Remote Drive Access 9
"1641:TCP" = 1641:TCP:*:Enabled:MioNet Remote Drive Verification
"1647:TCP" = 1647:TCP:*:Enabled:MioNet Storage Device Configuration
"5432:UDP" = 5432:UDP:*:Enabled:MioNet Storage Device Discovery
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe" = C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe:*:Enabled:LeapFrog Connect -- (LeapFrog Enterprises, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\SecondLife\SLVoice.exe" = C:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\MioNet\MioNetManager.exe" = C:\Program Files\MioNet\MioNetManager.exe:*:Enabled:MioNetManager -- ()
"C:\Program Files\MioNet\jvm\bin\MioNet.exe" = C:\Program Files\MioNet\jvm\bin\MioNet.exe:*:Enabled:MioNet -- (Sun Microsystems, Inc.)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe" = C:\Program Files\Steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe:*:Enabled:Shattered Horizon
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze -- (Vuze Inc.)
"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"C:\Documents and Settings\Ben\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Ben\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Steam\steamapps\common\sid meier's railroads\RailRoads.exe" = C:\Program Files\Steam\steamapps\common\sid meier's railroads\RailRoads.exe:*:Enabled:Sid Meier's Railroads! -- (Firaxis Games, Inc)
"C:\Program Files\Steam\steamapps\common\railroad tycoon 3\RT3.exe" = C:\Program Files\Steam\steamapps\common\railroad tycoon 3\RT3.exe:*:Enabled:Railroad Tycoon 3 -- (PopTop Software, Inc.)
"C:\Program Files\Steam\steamapps\common\railroad tycoon 2 platinum\RT2_PLAT.EXE" = C:\Program Files\Steam\steamapps\common\railroad tycoon 2 platinum\RT2_PLAT.EXE:*:Enabled:Railroad Tycoon 2: Platinum -- (PopTop Software, Inc.)
"C:\Program Files\Steam\steamapps\common\command & conquer red alert 3 demo\RA3Demo.exe" = C:\Program Files\Steam\steamapps\common\command & conquer red alert 3 demo\RA3Demo.exe:*:Enabled:Red Alert 3 Demo -- (Electronic Arts, Inc.)
"C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe" = C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe:*:Enabled:LeapFrog Connect -- (LeapFrog Enterprises, Inc.)
"C:\Program Files\Steam\steamapps\common\defensegridtheawakening\DefenseGrid.exe" = C:\Program Files\Steam\steamapps\common\defensegridtheawakening\DefenseGrid.exe:*:Enabled:Defense Grid: The Awakening -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{CBC7FF57-42A3-414E-B8EA-D971C986BA40}" = Corel VideoStudio 2010
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{069F290E-8895-452A-B32C-2195FEA5DEB0}" = Webcam Capture
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Societies
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series" = Canon MP560 series MP Drivers
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14374619-0900-4056-BA06-C87C900AF9E6}" = QuickBooks Simple Start Special Edition
"{162B71B8-8464-4680-A086-601D555B331D}" = Apple Mobile Device Support
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862}" = Adobe ExtendScript Toolkit 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{20DFB114-5520-4BEE-B276-4A4204E1FBB4}" = PureHD
"{2157961D-0507-44A8-BCF2-1EE2D439E8DF}" = Civilization III Complete Edition
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{2DD9C2F1-CC6E-449D-935B-4111396EF19F}" = MLE
"{2E086814-7392-4E0F-ADB8-54A81E47406C}" = Broadcom Advanced Control Suite 2
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.2
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{53AF3638-DDB4-4755-B3DC-259981689DB7}" = MioNet
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5A0C892E-FD1C-4203-941E-0956AED20A6A}" = APC PowerChute Personal Edition
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{624885E1-2458-4F12-A975-EA368C3523FA}" = DeviceIO
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{652BCEE6-463A-4A8E-A6E3-FCFED88345E0}" = VDS10
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.3
"{68131B0A-D78D-4aed-B74E-33A6C7324E50}" = WD Anywhere Backup
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6BCD1560-6292-4A70-A808-C0FE414A7DB4}" = Contents
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72327FA3-281D-4BC6-AB4C-FA24BDF352D5}" = IPM_V
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}" = Plants vs Zombies
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117398253}" = Build a Lot 4
"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = MyDSC2
"{86C1A488-24AD-42F0-BCEF-FDB11FC2BEFA}" = NetZero For Riverdeep
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{885744A4-1A01-44B0-858A-0AE6738CBCF7}" = PrimoPDF Redistribution Package
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Application Accelerator
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0045E1F-34A6-40B0-BC25-98E951244BD3}" = DC-350 Setup Program
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1960A82-DB70-474D-A86B-FA74466103C6}" = Drivers Install For Linksys Easylink Advisor
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A59BB15D-51B7-F12B-4548-8C0368243441}" = EA Download Manager UI
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}" = Dell Media Experience
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF06CAE4-C134-44B1-B699-14FBDB63BD37}" = Dell Picture Studio v3.0
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B1B96C4D-EDE5-4A47-A4E3-01C3504A812B}" = Corel Style Pack 2010-001
"{B208806F-A231-4FA0-AB3F-5C1B8979223E}" = Microsoft ActiveSync 4.0
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{B517AB23-2C69-4173-BEBD-EB0086182799}" = ViaMichelin Navigation PND North America
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{CAA96826-BDE8-4B17-97C4-45ACFCD90D5E}" = Setup
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBC7FF57-42A3-414E-B8EA-D971C986BA40}" = ICA
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D19C4BCB-FAAE-48C1-A423-3DA40C3B7F42}" = LeapFrog Leapster Explorer Plugin
"{D504303A-717D-414C-BA9F-FE01093E2EF8}" = Adobe Setup
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.12.327
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{DE114695-AE58-4B66-8E0F-2505188602FB}_is1" = Uninstall Startup Inspector
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"{E0B7F981-EA26-491A-A975-E3AB4748E9FA}" = Share
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A}" = FriendFinder Messenger v4.1
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F3FA8952-2C42-452A-BA22-2F7BDEC8D310}" = VIO
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{F9D59E62-845F-49A2-8B75-DDB00661673C}" = LeapFrog Connect
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FCCDE84B-0154-459E-A8F2-C6B3FA5C1881}" = HydraVision
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"1st JavaScript Editor 3" = Free JavaScript Editor 4.2
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"8461-7759-5462-8226" = Vuze
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe ActiveShare" = Adobe ActiveShare 1.2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe PhotoDeluxe Home Edition 4.0" = Adobe PhotoDeluxe Home Edition 4.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_5bc0f8414ec36c555a3e7e5ec2e225e" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Age of Mythology 1.0" = Age of Mythology
"All ATI Software" = ATI - Software Uninstall Utility
"Arthur's Thinking Games" = Arthur's Thinking Games
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"avast" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"Belarc Advisor" = Belarc Advisor 7.2
"Canon PhotoStitch 3.1" = Canon Utilities PhotoStitch 3.1
"Canon Setup Utility 2.0" = Canon Setup Utility 2.0
"CANONBJ_Deinstall_CNMCP78.DLL" = Canon iP4200
"Celestia_is1" = Celestia 1.6.0
"Citrix ICA Client" = Citrix ICA Client
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"COMODO GeekBuddy" = COMODO GeekBuddy
"CopernicDesktopSearch2" = Copernic Desktop Search 2
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EA Download Manager" = EA Download Manager
"EasyLinkAdvisor" = Linksys EasyLink Advisor 1.6 (0032)
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"Editor" = Editor
"Eraser_is1" = Eraser
"ESET Online Scanner" = ESET Online Scanner v3
"ExamView ActiveX Control v2" = ExamView ActiveX Control v2
"ExamView Pro" = ExamView Assessment Suite
"GameSpy Arcade" = GameSpy Arcade
"GetDiz 4.5" = GetDiz 4.5
"HijackThis" = HijackThis 2.0.2
"HUFFYUV" = Huffyuv AVI lossless video codec (Remove Only)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{2157961D-0507-44A8-BCF2-1EE2D439E8DF}" = Civilization III Complete Edition
"InstallShield_{2E086814-7392-4E0F-ADB8-54A81E47406C}" = Broadcom Advanced Control Suite 2
"Jack of All Tribes" = Jack of All Tribes
"JVA Multi-Purpose Bot_is1" = JVA Bot 1.20.1
"Kidzui" = Kidzui
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"LeapsterExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin)
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Logo Design Studio Pro3.0.0" = Logo Design Studio Pro
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Math Detective A1" = Math Detective A1
"Math Detective B1" = Math Detective B1
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006b" = Microsoft Money 2006
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"Mozilla Thunderbird 12.0.1 (x86 en-US)" = Mozilla Thunderbird 12.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MTV Music Generator" = MTV Music Generator
"MuseScore" = MuseScore 1.0 MuseScore score typesetter
"Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM
"Network Play System (Patching)" = Network Play System (Patching)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OneTouch Version 3.0" = OneTouch Version 3.0
"PhotoRecord" = Canon PhotoRecord
"Picasa 3" = Picasa 3
"Presto! Video Works 4.5" = Presto! Video Works 4.5
"PrimoPDF3.1" = PrimoPDF
"QcDrv" = Logitech® Camera Driver
"Reader Rabbit Math Ages 4-6" = Reader Rabbit Math Ages 4-6
"RealPlayer 12.0" = RealPlayer
"RiseOfNations 1.0" = Microsoft Rise Of Nations
"Second Inventory" = Second Inventory
"Steam App 18500" = Defense Grid: The Awakening
"Steam App 24710" = Red Alert 3 Demo
"Steam App 400" = Portal
"Steam App 7600" = Sid Meier's Railroads!
"Steam App 7610" = Railroad Tycoon 3
"Steam App 7620" = Railroad Tycoon 2: Platinum
"Stellarium_is1" = Stellarium 0.10.5
"SuperNZB_is1" = SuperNZB v4.0.0
"Switch" = Switch Sound File Converter
"The Print Shop Premier Edition 5.1" = The Print Shop Premier Edition 5.0
"TreeSize Professional_is1" = TreeSize Professional 5.2.3
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"UPCShell" = LeapFrog Connect
"ViewpointMediaPlayer" = Viewpoint Media Player
"Winamp" = Winamp
"WinCleaner OneClick CleanUp_is1" = WinCleaner OneClick Cleanup Version 10
"Windows Lemmings" = Lemmings for Windows 95
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.2.1 final uninstall
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"ZoomBrowserEXDeInstall" = Canon Utilities ZoomBrowser EX

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-568151950-2823069611-3313978389-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Bendometer PS" = Bendometer PS
"Dropbox" = Dropbox
"jlGui 2.3.2" = jlGui 2.3.2
"PowerTeacher Gradebook" = PowerTeacher Gradebook
"Winamp Detect" = Winamp Detector Plug-in
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.8.1

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 3/13/2010 8:25:32 PM | Computer Name = TEAMWHEELS | Source = avast! | ID = 33554522
Description =

Error - 3/13/2010 8:25:32 PM | Computer Name = TEAMWHEELS | Source = avast! | ID = 33554522
Description =

Error - 3/13/2010 8:25:32 PM | Computer Name = TEAMWHEELS | Source = avast! | ID = 33554522
Description =

Error - 3/13/2010 8:25:33 PM | Computer Name = TEAMWHEELS | Source = avast! | ID = 33554522
Description =

Error - 7/5/2010 10:15:15 AM | Computer Name = TEAMWHEELS | Source = avast! | ID = 33554522
Description =

Error - 7/5/2010 10:15:17 AM | Computer Name = TEAMWHEELS | Source = avast! | ID = 33554522
Description =

Error - 7/5/2010 10:15:19 AM | Computer Name = TEAMWHEELS | Source = avast! | ID = 33554522
Description =

Error - 7/5/2010 10:15:19 AM | Computer Name = TEAMWHEELS | Source = avast! | ID = 33554522
Description =

Error - 7/5/2010 10:15:21 AM | Computer Name = TEAMWHEELS | Source = avast! | ID = 33554522
Description =

Error - 3/23/2011 11:24:20 PM | Computer Name = TEAMWHEELS | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 5/2/2012 8:19:16 AM | Computer Name = TEAMWHEELS | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 memeobackup.exe, P2 2.0.0.0, P3 49e8c15e, P4
mscorlib, P5 2.0.0.0, P6 4e154d36, P7 3612, P8 34, P9 system.argumentexception,
P10 NIL.

Error - 5/2/2012 1:11:48 PM | Computer Name = TEAMWHEELS | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 8.1.0.421, faulting
module msvcr71.dll, version 7.10.3052.4, fault address 0x00011e30.

Error - 5/4/2012 7:36:40 AM | Computer Name = TEAMWHEELS | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 memeobackup.exe, P2 2.0.0.0, P3 49e8c15e, P4
system, P5 2.0.0.0, P6 4ea7901b, P7 3790, P8 96, P9 system.outofmemoryexception,
P10 NIL.

Error - 5/4/2012 1:07:45 PM | Computer Name = TEAMWHEELS | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x8007041D

Error - 5/4/2012 1:46:55 PM | Computer Name = TEAMWHEELS | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 8.1.0.421, faulting
module msvcr71.dll, version 7.10.3052.4, fault address 0x00011e30.

Error - 5/4/2012 3:33:55 PM | Computer Name = TEAMWHEELS | Source = Application Hang | ID = 1002
Description = Hanging application Launcher.exe, version 4.2.1.2736, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/6/2012 1:01:54 AM | Computer Name = TEAMWHEELS | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 8.1.0.421, faulting
module msvcr71.dll, version 7.10.3052.4, fault address 0x00011e30.

Error - 5/7/2012 6:33:23 PM | Computer Name = TEAMWHEELS | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 ccc.exe, P2 2.0.0.0, P3 494a943f, P4 mscorlib,
P5 2.0.0.0, P6 4e154d36, P7 f4f, P8 7, P9 n3ctrye2kn3c34sgl4zqyrbfte4m13nb, P10
NIL.

Error - 5/8/2012 8:53:55 AM | Computer Name = TEAMWHEELS | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application memeobackup.exe, version 2.0.0.0, stamp 49e8c15e,
faulting module msvcr80.dll, version 8.0.50727.6195, stamp 4dcddbf3, debug? 0,
fault address 0x0001500a.

Error - 5/8/2012 11:50:42 AM | Computer Name = TEAMWHEELS | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 8.1.0.421, faulting
module msvcr71.dll, version 7.10.3052.4, fault address 0x00011e30.

[ System Events ]
Error - 5/8/2012 3:46:22 PM | Computer Name = TEAMWHEELS | Source = Service Control Manager | ID = 7001
Description = The Windows Media Player Network Sharing Service service depends on
the Universal Plug and Play Device Host service which failed to start because of
the following error: %%1068

Error - 5/8/2012 3:46:47 PM | Computer Name = TEAMWHEELS | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
asc

Error - 5/8/2012 3:47:08 PM | Computer Name = TEAMWHEELS | Source = Service Control Manager | ID = 7001
Description = The Universal Plug and Play Device Host service depends on the SSDP
Discovery Service service which failed to start because of the following error:
%%1058

Error - 5/8/2012 3:47:08 PM | Computer Name = TEAMWHEELS | Source = Service Control Manager | ID = 7001
Description = The Windows Media Player Network Sharing Service service depends on
the Universal Plug and Play Device Host service which failed to start because of
the following error: %%1068

Error - 5/8/2012 4:12:19 PM | Computer Name = TEAMWHEELS | Source = Service Control Manager | ID = 7000
Description = The UDNT service failed to start due to the following error: %%20

Error - 5/8/2012 4:12:19 PM | Computer Name = TEAMWHEELS | Source = Service Control Manager | ID = 7001
Description = The Universal Plug and Play Device Host service depends on the SSDP
Discovery Service service which failed to start because of the following error:
%%1058

Error - 5/8/2012 4:12:19 PM | Computer Name = TEAMWHEELS | Source = Service Control Manager | ID = 7001
Description = The Windows Media Player Network Sharing Service service depends on
the Universal Plug and Play Device Host service which failed to start because of
the following error: %%1068

Error - 5/8/2012 4:12:36 PM | Computer Name = TEAMWHEELS | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
asc

Error - 5/8/2012 4:13:20 PM | Computer Name = TEAMWHEELS | Source = Service Control Manager | ID = 7001
Description = The Universal Plug and Play Device Host service depends on the SSDP
Discovery Service service which failed to start because of the following error:
%%1058

Error - 5/8/2012 4:13:20 PM | Computer Name = TEAMWHEELS | Source = Service Control Manager | ID = 7001
Description = The Windows Media Player Network Sharing Service service depends on
the Universal Plug and Play Device Host service which failed to start because of
the following error: %%1068


< End of report >

aswMBR logfile:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-09 22:37:23
-----------------------------
22:37:23.953 OS Version: Windows 5.1.2600 Service Pack 3
22:37:23.953 Number of processors: 2 586 0x403
22:37:23.953 ComputerName: TEAMWHEELS UserName: Ben
22:37:25.718 Initialize success
22:37:27.046 AVAST engine defs: 12050901
22:37:44.171 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
22:37:44.171 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
22:37:44.187 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
22:37:44.187 Disk 1 Vendor: WDC_WD32 15.0 Size: 305245MB BusType: 3
22:37:44.218 Disk 0 MBR read successfully
22:37:44.218 Disk 0 MBR scan
22:37:44.250 Disk 0 unknown MBR code
22:37:44.250 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 62 MB offset 63
22:37:44.265 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 148946 MB offset 128520
22:37:44.296 Disk 0 Partition 3 00 DB CP/M / CTOS MSWIN4.1 3616 MB offset 305170740
22:37:44.312 Disk 0 scanning sectors +312576705
22:37:44.390 Disk 0 scanning C:\WINDOWS\system32\drivers
22:37:56.953 File: C:\WINDOWS\system32\drivers\UDNT.SYS **INFECTED** Win32:Zeroot-B [Rtk]
22:37:58.968 Disk 0 trace - called modules:
22:37:58.984 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
22:37:58.984 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8bc5c128]
22:37:58.984 3 CLASSPNP.SYS[ba168fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8bc70030]
22:37:59.593 AVAST engine scan C:\WINDOWS
22:38:17.406 AVAST engine scan C:\WINDOWS\system32
22:41:14.343 AVAST engine scan C:\WINDOWS\system32\drivers
22:41:26.968 File: C:\WINDOWS\system32\drivers\UDNT.SYS **INFECTED** Win32:Zeroot-B [Rtk]
22:41:34.046 AVAST engine scan C:\Documents and Settings\Ben
23:40:42.406 AVAST engine scan C:\Documents and Settings\All Users
23:49:31.296 Scan finished successfully
00:36:36.281 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Ben\Desktop\MBR.dat"
00:36:36.328 The log file has been saved successfully to "C:\Documents and Settings\Ben\Desktop\aswMBR.txt"
  • 0

#4
CompCav
Posted 09 May 2012 - 11:15 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1.

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop * IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. This infection will require a reboot to correct so make sure these are turned off and will not turn back on at reboot. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
    Posted Image
  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
    Posted Image
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" for further review.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions


Step 2.

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • Get the report by selecting Reports

    Posted Image

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Step 3.

Please post:

ComboFix.txt
TDSSKiller log

Update me on your computer issues.
  • 0

#5
bwhsify
Posted 10 May 2012 - 07:19 AM

bwhsify

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Ran combofix, here is the log it did crash the computer at one point and I did re-run it. Sorry Hadn't noticed that it said not to do that.

ComboFix 12-05-10.02 - Ben 05/10/2012 8:55.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1365 [GMT -4:00]
Running from: c:\documents and settings\Ben\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\Ben\001.ast
c:\documents and settings\Ben\002.ast
c:\documents and settings\Ben\003.ast
c:\documents and settings\Ben\Application Data\inst.exe
c:\documents and settings\Ben\Application Data\vso_ts_preview.xml
c:\program files\INSTALL.LOG
c:\windows\jestertb.dll
c:\windows\system32\_004000_.tmp.dll
c:\windows\system32\_004001_.tmp.dll
c:\windows\system32\_004002_.tmp.dll
c:\windows\system32\_004003_.tmp.dll
c:\windows\system32\_004009_.tmp.dll
c:\windows\system32\_004010_.tmp.dll
c:\windows\system32\_004011_.tmp.dll
c:\windows\system32\_004012_.tmp.dll
c:\windows\system32\_004013_.tmp.dll
c:\windows\system32\_004015_.tmp.dll
c:\windows\system32\_004016_.tmp.dll
c:\windows\system32\_004019_.tmp.dll
c:\windows\system32\_004020_.tmp.dll
c:\windows\system32\_004022_.tmp.dll
c:\windows\system32\_004023_.tmp.dll
c:\windows\system32\_004024_.tmp.dll
c:\windows\system32\_004026_.tmp.dll
c:\windows\system32\_004029_.tmp.dll
c:\windows\system32\_004030_.tmp.dll
c:\windows\system32\_004034_.tmp.dll
c:\windows\system32\_004035_.tmp.dll
c:\windows\system32\_004037_.tmp.dll
c:\windows\system32\_004040_.tmp.dll
c:\windows\system32\_004042_.tmp.dll
c:\windows\system32\_004043_.tmp.dll
c:\windows\system32\_004044_.tmp.dll
c:\windows\system32\_004045_.tmp.dll
c:\windows\system32\_004046_.tmp.dll
c:\windows\system32\_004049_.tmp.dll
c:\windows\system32\_004050_.tmp.dll
c:\windows\system32\_004051_.tmp.dll
c:\windows\system32\_004052_.tmp.dll
c:\windows\system32\_004053_.tmp.dll
c:\windows\system32\_004058_.tmp.dll
c:\windows\system32\_004060_.tmp.dll
c:\windows\system32\_004061_.tmp.dll
c:\windows\system32\bszip.dll
c:\windows\system32\LINKINFO(2).DLL
c:\windows\system32\ndisapi.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-04-10 to 2012-05-10 )))))))))))))))))))))))))))))))
.
.
2012-05-09 23:14 . 2012-05-09 23:14 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Yahoo!
2012-05-09 04:53 . 2012-05-09 04:53 -------- d-----w- c:\program files\FriendFinder
2012-05-04 19:13 . 2012-05-10 11:27 -------- d-----w- c:\program files\World of Warcraft
2012-04-28 09:27 . 2012-04-28 09:28 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-04-28 09:26 . 2012-04-28 09:26 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-28 09:26 . 2012-04-28 09:26 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe
2012-04-28 09:24 . 2012-05-04 18:46 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-14 04:54 . 2012-04-14 04:54 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-07 17:06 . 2006-09-13 02:54 19416 ----a-w- c:\program files\AccessibleMarshal.dll
2012-05-07 17:06 . 2009-06-23 18:30 17880 ----a-w- c:\program files\MapiProxy_InUse.dll
2012-05-07 17:06 . 2006-09-13 02:54 17880 ----a-w- c:\program files\MapiProxy.dll
2012-05-07 17:06 . 2011-04-09 14:19 18904 ----a-w- c:\program files\WSEnable.exe
2012-05-07 17:06 . 2011-04-09 14:19 125912 ----a-w- c:\program files\crashreporter.exe
2012-05-07 17:06 . 2007-03-04 15:05 269272 ----a-w- c:\program files\freebl3.dll
2012-05-07 17:06 . 2009-06-23 18:30 60376 ----a-w- c:\program files\mozMapi32_InUse.dll
2012-05-07 17:06 . 2006-09-13 02:54 60376 ----a-w- c:\program files\mozMapi32.dll
2012-05-07 17:05 . 2011-04-09 14:19 162776 ----a-w- c:\program files\nsldap32v60.dll
2012-05-07 17:05 . 2011-04-09 14:19 21976 ----a-w- c:\program files\nsldappr32v60.dll
2012-05-07 17:05 . 2011-04-09 14:19 17368 ----a-w- c:\program files\nsldif32v60.dll
2012-05-07 17:05 . 2006-09-13 02:54 175064 ----a-w- c:\program files\nspr4.dll
2012-05-07 17:05 . 2006-09-13 02:54 646104 ----a-w- c:\program files\nss3.dll
2012-05-07 17:05 . 2006-09-13 02:54 371672 ----a-w- c:\program files\nssckbi.dll
2012-05-07 17:05 . 2009-08-24 22:21 109528 ----a-w- c:\program files\nssdbm3.dll
2012-05-07 17:05 . 2009-08-24 22:21 105432 ----a-w- c:\program files\nssutil3.dll
2012-05-07 17:05 . 2006-09-13 02:54 21976 ----a-w- c:\program files\plc4.dll
2012-05-07 17:05 . 2006-09-13 02:54 18904 ----a-w- c:\program files\plds4.dll
2012-05-07 17:05 . 2006-09-13 02:54 105432 ----a-w- c:\program files\smime3.dll
2012-05-07 17:05 . 2006-09-13 02:54 170968 ----a-w- c:\program files\softokn3.dll
2012-05-07 17:05 . 2006-09-13 02:54 158680 ----a-w- c:\program files\ssl3.dll
2012-05-07 17:05 . 2006-09-13 02:54 400344 ----a-w- c:\program files\thunderbird.exe
2012-05-07 17:05 . 2006-09-13 02:54 277464 ----a-w- c:\program files\updater.exe
2012-05-07 17:05 . 2006-09-13 02:54 19416 ----a-w- c:\program files\xpcom.dll
2012-05-06 05:24 . 2011-04-07 19:46 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-05-04 18:46 . 2011-05-31 13:19 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-14 16:04 . 2006-09-13 02:54 409752 ----a-w- c:\program files\xpcom_core.dll
2012-04-04 19:56 . 2011-04-07 19:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-06 23:15 . 2011-04-02 17:01 41184 ----a-w- c:\windows\avastSS.scr
2012-03-06 23:15 . 2008-05-22 14:17 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-06 23:03 . 2011-04-02 17:02 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-06 23:03 . 2008-05-22 14:17 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-06 23:02 . 2008-05-22 14:18 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-03-06 23:01 . 2008-05-22 14:18 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-06 23:01 . 2008-05-22 14:17 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-03-06 23:01 . 2008-05-22 14:17 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-03-06 23:01 . 2008-05-22 14:17 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-06 22:58 . 2008-05-22 14:18 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-03-01 01:25 . 2004-08-04 11:00 832512 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 01:25 . 2004-08-04 11:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-03-01 01:25 . 2004-08-04 11:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2012-03-01 01:25 . 2004-08-04 11:00 17408 ----a-w- c:\windows\system32\corpol.dll
2012-02-29 14:10 . 2008-05-21 04:46 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 14:10 . 2004-08-04 11:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2006-08-29 01:55 . 2006-08-29 01:55 774144 -c--a-w- c:\program files\RngInterstitial.dll
2006-01-06 03:30 . 2006-01-06 03:30 54972 -c--a-w- c:\program files\tor-bundle-uninstall.exe
2012-04-28 09:26 . 2012-02-12 15:45 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files\Yahoo!\Companion\Installs\cpn1\yt.dll" [2012-01-12 1517368]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Ben\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Ben\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Ben\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Ben\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EasyLinkAdvisor"="c:\program files\Linksys EasyLink Advisor\LinksysAgent.exe" [2007-03-15 454784]
"Copernic Desktop Search 2"="c:\program files\Copernic Desktop Search 2\DesktopSearchService.exe" [2008-03-03 1583624]
"Eraser"="c:\program files\Eraser\eraser.exe" [2003-07-25 536576]
"Steam"="c:\program files\Steam\Steam.exe" [2011-08-07 1242448]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2007-08-30 4670704]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 4670704]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 1207080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"IAAnotif"="c:\program files\Intel\Intel Application Accelerator\iaanotif.exe" [2004-03-23 135168]
"Thunderbird"="c:\program files\thunderbird.exe" [2012-05-07 400344]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-10-12 57344]
"WD Anywhere Backup"="c:\program files\WD\WD Anywhere Backup\MemeoLauncher2.exe" [2009-04-17 197856]
"MioNet"="c:\program files\MioNet\MioNetLauncher.exe" [2009-09-29 32768]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-11 61440]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-07-24 2554696]
"Standby"="c:\program files\Common Files\Corel\Standby\Standby.exe" [2009-11-10 105632]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-07-10 273544]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"COMODO"="c:\program files\COMODO\COMODO GeekBuddy\CLPSLA.exe" [2011-11-23 208184]
"CPA"="c:\program files\COMODO\COMODO GeekBuddy\VALA.exe" [2011-11-23 182584]
"Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2011-11-12 268640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
.
c:\documents and settings\Ben\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\Ben\Application Data\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
APC UPS Status.lnk - c:\program files\APC\APC PowerChute Personal Edition\Display.exe [2008-11-11 221247]
COMODO Firewall Pro.lnk - c:\program files\COMODO\Firewall\cfp.exe [N/A]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 806912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SYSTEM32\guard32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ pgdfgsvc C 1\0lsdelete
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Ben^Start Menu^Programs^Startup^JVA Second Life Bot.lnk]
path=c:\documents and settings\Ben\Start Menu\Programs\Startup\JVA Second Life Bot.lnk
backup=c:\windows\pss\JVA Second Life Bot.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
2003-07-25 16:15 536576 -c--a-w- c:\program files\Eraser\eraser.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-06-10 08:27 144784 ----a-w- c:\program files\Java\jre1.6.0_07\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-04 00:20 866584 -c--a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WinDefend"=2 (0x2)
"gusvc"=3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\MioNet\\MioNetManager.exe"=
"c:\\Program Files\\MioNet\\jvm\\bin\\MioNet.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Documents and Settings\\Ben\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\sid meier's railroads\\RailRoads.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\railroad tycoon 3\\RT3.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\railroad tycoon 2 platinum\\RT2_PLAT.EXE"=
"c:\\Program Files\\Steam\\steamapps\\common\\command & conquer red alert 3 demo\\RA3Demo.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\LeapFrog\\LeapFrog Connect\\LeapFrogConnect.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\defensegridtheawakening\\DefenseGrid.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"67:UDP"= 67:UDP:0.0.0.0/255.255.255.255:Enabled:DHCP Discovery Service
"1700:TCP"= 1700:TCP:MioNet Remote Drive Access 0
"1701:TCP"= 1701:TCP:MioNet Remote Drive Access 1
"1702:TCP"= 1702:TCP:MioNet Remote Drive Access 2
"1703:TCP"= 1703:TCP:MioNet Remote Drive Access 3
"1704:TCP"= 1704:TCP:MioNet Remote Drive Access 4
"1705:TCP"= 1705:TCP:MioNet Remote Drive Access 5
"1706:TCP"= 1706:TCP:MioNet Remote Drive Access 6
"1707:TCP"= 1707:TCP:MioNet Remote Drive Access 7
"1708:TCP"= 1708:TCP:MioNet Remote Drive Access 8
"1709:TCP"= 1709:TCP:MioNet Remote Drive Access 9
"1641:TCP"= 1641:TCP:MioNet Remote Drive Verification
"1647:TCP"= 1647:TCP:MioNet Storage Device Configuration
"5432:UDP"= 5432:UDP:MioNet Storage Device Discovery
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 pavboot;pavboot;c:\windows\SYSTEM32\DRIVERS\pavboot.sys [4/14/2011 11:28 PM 28552]
R1 aswSnx;aswSnx;c:\windows\SYSTEM32\DRIVERS\aswSnx.sys [4/2/2011 1:02 PM 612184]
R1 aswSP;aswSP;c:\windows\SYSTEM32\DRIVERS\aswSP.sys [5/22/2008 10:17 AM 337880]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\SYSTEM32\DRIVERS\cmdGuard.sys [1/6/2011 5:37 PM 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\SYSTEM32\DRIVERS\cmdhlp.sys [1/6/2011 5:37 PM 29400]
R2 aswFsBlk;aswFsBlk;c:\windows\SYSTEM32\DRIVERS\aswFsBlk.sys [5/22/2008 10:17 AM 20696]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe [11/23/2011 6:27 AM 1052472]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [12/24/2008 12:29 PM 95200]
R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\WD\WD Anywhere Backup\MemeoBackgroundService.exe [4/17/2009 1:51 PM 25824]
R3 pcouffin;VSO Software pcouffin;c:\windows\SYSTEM32\DRIVERS\pcouffin.sys [6/29/2010 3:32 PM 47360]
S1 AEC671X;AEC671X;c:\windows\SYSTEM32\DRIVERS\aec671x.sys [7/29/2005 11:13 PM 12128]
S1 DMX3191;DMX3191;c:\windows\SYSTEM32\DRIVERS\dmx3191.sys [7/29/2005 11:13 PM 17700]
S2 MioNet;MioNet;c:\program files\MioNet\MioNetManager.exe [6/10/2008 3:05 PM 139264]
S2 PPSCAN;PPSCAN;c:\windows\SYSTEM32\DRIVERS\PPSCAN.SYS [7/29/2005 10:56 PM 115136]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2/29/2012 8:50 AM 158856]
S2 SMPCLS;SMPCLS; [x]
S2 UDNT;UDNT;c:\windows\SYSTEM32\DRIVERS\UDNT.SYS [7/29/2005 10:56 PM 76260]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe [4/28/2012 5:24 AM 257696]
S3 AgilentUSBCam;E-Video DC-350 USB Camera;c:\windows\SYSTEM32\DRIVERS\Atusbcam.sys [4/26/2001 1:04 AM 117984]
S3 Drvnlhwdww;Drvnlhwdww; [x]
S3 FlyUsb;FLY Fusion;c:\windows\SYSTEM32\DRIVERS\FlyUsb.sys [7/27/2009 3:43 PM 18560]
S3 Leapfrog-USBLAN;Leapfrog-USBLAN;c:\windows\SYSTEM32\DRIVERS\btblan.sys [12/26/2011 10:06 AM 33792]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\SYSTEM32\DRIVERS\mbamswissarmy.sys [4/7/2011 3:46 PM 40776]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/28/2012 5:27 AM 129976]
S4 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 8:19 PM 13592]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - NDISRD
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-28 18:46]
.
2012-05-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
.
2012-05-09 c:\windows\Tasks\Disk Cleanup.job
- c:\windows\SYSTEM32\CLEANMGR.EXE [2004-08-04 00:12]
.
2012-05-10 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 00:20]
.
2012-05-10 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-568151950-2823069611-3313978389-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2012-05-10 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-568151950-2823069611-3313978389-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2012-05-08 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-568151950-2823069611-3313978389-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2012-05-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-568151950-2823069611-3313978389-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Ben\Start Menu\Programs\IMVU\Run IMVU.lnk
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
FF - ProfilePath - c:\documents and settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe
MSConfigStartUp-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
AddRemove-Canon PhotoStitch 3.1 - c:\program files\Canon\PhotoStitch\Uninst.isu
AddRemove-Celestia_is1 - g:\celestia\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-10 09:10
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-568151950-2823069611-3313978389-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:db,43,65,ff,50,e2,7c,e0,d5,2c,7e,dd,dd,65,d4,64,7e,fc,5e,03,25,56,1c,
13,d8,e6,89,4b,cb,ee,c4,e6,18,42,1b,66,7a,98,32,fe,cb,b4,65,f0,a0,be,e5,9f,\
"??"=hex:d9,eb,e8,87,54,a1,8d,80,f0,7a,3a,0f,c2,c7,4d,2a
.
[HKEY_USERS\S-1-5-21-568151950-2823069611-3313978389-1006\Software\SecuROM\License information*]
"datasecu"=hex:e8,4b,9d,5e,5f,26,73,ad,fa,bf,37,ef,21,02,dc,c4,49,9a,98,ef,f5,
95,77,cc,f3,91,4e,a6,12,37,bf,09,42,0e,8a,78,72,40,16,e9,7f,b9,a1,d8,50,31,\
"rkeysecu"=hex:64,b6,bd,e1,3e,80,9e,c4,40,b4,90,83,87,8e,33,49
.
[HKEY_LOCAL_MACHINE\software\Classes\FlashProp.FlashProp\CurVer]
@DACL=(02 0000)
@="FlashProp.FlashProp.1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(792)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(856)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'explorer.exe'(4784)
c:\windows\system32\WININET.dll
c:\windows\system32\guard32.dll
c:\progra~1\mcafee\SITEAD~1\saHook.dll
c:\documents and settings\Ben\Application Data\Dropbox\bin\DropboxExt.14.dll
c:\program files\Copernic Desktop Search 2\DesktopSearchBand203000018.dll
c:\program files\Copernic Desktop Search 2\TOOLBA~1.DLL
c:\program files\Windows Media Player\wmpband.dll
c:\program files\Copernic Desktop Search 2\DesktopSearchSystem203000018.dll
c:\windows\system32\ieframe.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\progra~1\JAMSOF~1\TREESI~1\FSizeCol.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
Completion time: 2012-05-10 09:15:09
ComboFix-quarantined-files.txt 2012-05-10 13:14
.
Pre-Run: 7,884,099,584 bytes free
Post-Run: 7,827,787,776 bytes free
.
- - End Of File - - ADB7110456BBD3F2A1E29925E4E2C660
  • 0

#6
bwhsify
Posted 10 May 2012 - 07:26 AM

bwhsify

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
This is the tdsskiller log

09:20:13.0609 0312 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
09:20:15.0625 0312 ============================================================
09:20:15.0625 0312 Current date / time: 2012/05/10 09:20:15.0625
09:20:15.0625 0312 SystemInfo:
09:20:15.0625 0312
09:20:15.0625 0312 OS Version: 5.1.2600 ServicePack: 3.0
09:20:15.0625 0312 Product type: Workstation
09:20:15.0625 0312 ComputerName: TEAMWHEELS
09:20:15.0625 0312 UserName: Ben
09:20:15.0625 0312 Windows directory: C:\WINDOWS
09:20:15.0625 0312 System windows directory: C:\WINDOWS
09:20:15.0625 0312 Processor architecture: Intel x86
09:20:15.0625 0312 Number of processors: 2
09:20:15.0625 0312 Page size: 0x1000
09:20:15.0625 0312 Boot type: Normal boot
09:20:15.0625 0312 ============================================================
09:20:16.0093 0312 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:20:16.0093 0312 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:20:16.0125 0312 ============================================================
09:20:16.0125 0312 \Device\Harddisk0\DR0:
09:20:16.0125 0312 MBR partitions:
09:20:16.0125 0312 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F608, BlocksNum 0x122E932C
09:20:16.0125 0312 \Device\Harddisk1\DR1:
09:20:16.0125 0312 MBR partitions:
09:20:16.0125 0312 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x1F608, BlocksNum 0x122E932C
09:20:16.0125 0312 ============================================================
09:20:16.0171 0312 C: <-> \Device\Harddisk0\DR0\Partition0
09:20:16.0171 0312 ============================================================
09:20:16.0171 0312 Initialize success
09:20:16.0171 0312 ============================================================
09:20:39.0796 2336 ============================================================
09:20:39.0796 2336 Scan started
09:20:39.0796 2336 Mode: Manual; SigCheck; TDLFS;
09:20:39.0796 2336 ============================================================
09:20:40.0359 2336 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
09:20:40.0578 2336 Aavmker4 - ok
09:20:40.0734 2336 aawservice (17067069b9a7865028c1f2e6971d0ccc) C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
09:20:40.0781 2336 aawservice - ok
09:20:40.0781 2336 Abiosdsk - ok
09:20:40.0828 2336 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
09:20:41.0171 2336 abp480n5 - ok
09:20:41.0203 2336 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:20:41.0359 2336 ACPI - ok
09:20:41.0390 2336 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:20:41.0531 2336 ACPIEC - ok
09:20:41.0578 2336 Adobe LM Service (5ddc0a8d2cd60bda593ddaf45821ce08) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
09:20:41.0593 2336 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
09:20:41.0593 2336 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
09:20:41.0656 2336 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:20:41.0687 2336 AdobeFlashPlayerUpdateSvc - ok
09:20:41.0703 2336 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
09:20:41.0859 2336 adpu160m - ok
09:20:41.0890 2336 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:20:42.0031 2336 aec - ok
09:20:42.0062 2336 AEC671X (a61d71ad98e82ca5a3d444e7aade1571) C:\WINDOWS\System32\drivers\AEC671X.SYS
09:20:42.0078 2336 AEC671X ( UnsignedFile.Multi.Generic ) - warning
09:20:42.0078 2336 AEC671X - detected UnsignedFile.Multi.Generic (1)
09:20:42.0125 2336 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:20:42.0156 2336 AFD - ok
09:20:42.0187 2336 AgilentUSBCam (cbd15fc01388046c027eb52b838764c3) C:\WINDOWS\system32\DRIVERS\Atusbcam.sys
09:20:42.0187 2336 AgilentUSBCam ( UnsignedFile.Multi.Generic ) - warning
09:20:42.0187 2336 AgilentUSBCam - detected UnsignedFile.Multi.Generic (1)
09:20:42.0218 2336 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
09:20:42.0359 2336 agp440 - ok
09:20:42.0359 2336 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
09:20:42.0500 2336 agpCPQ - ok
09:20:42.0515 2336 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
09:20:42.0578 2336 Aha154x - ok
09:20:42.0578 2336 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
09:20:42.0781 2336 aic78u2 - ok
09:20:42.0781 2336 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
09:20:42.0968 2336 aic78xx - ok
09:20:43.0000 2336 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
09:20:43.0187 2336 Alerter - ok
09:20:43.0203 2336 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
09:20:43.0265 2336 ALG - ok
09:20:43.0296 2336 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
09:20:43.0453 2336 AliIde - ok
09:20:43.0453 2336 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
09:20:43.0609 2336 alim1541 - ok
09:20:43.0625 2336 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
09:20:43.0750 2336 amdagp - ok
09:20:43.0765 2336 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
09:20:43.0828 2336 amsint - ok
09:20:43.0953 2336 APC UPS Service (dc45ab27932447b598848b10650313c5) C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
09:20:43.0953 2336 APC UPS Service ( UnsignedFile.Multi.Generic ) - warning
09:20:43.0953 2336 APC UPS Service - detected UnsignedFile.Multi.Generic (1)
09:20:44.0000 2336 Apple Mobile Device (367592efca7ff8b4ce11ab6b0744e1e2) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
09:20:44.0015 2336 Apple Mobile Device - ok
09:20:44.0031 2336 AppMgmt - ok
09:20:44.0062 2336 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\drivers\ASC.SYS
09:20:44.0203 2336 asc - ok
09:20:44.0218 2336 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
09:20:44.0281 2336 asc3350p - ok
09:20:44.0281 2336 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
09:20:44.0437 2336 asc3550 - ok
09:20:44.0484 2336 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:20:44.0500 2336 aspnet_state - ok
09:20:44.0531 2336 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
09:20:44.0562 2336 aswFsBlk - ok
09:20:44.0593 2336 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
09:20:44.0609 2336 aswMon2 - ok
09:20:44.0625 2336 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
09:20:44.0640 2336 aswRdr - ok
09:20:44.0703 2336 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
09:20:44.0734 2336 aswSnx - ok
09:20:44.0765 2336 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
09:20:44.0796 2336 aswSP - ok
09:20:44.0812 2336 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
09:20:44.0828 2336 aswTdi - ok
09:20:44.0875 2336 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:20:45.0015 2336 AsyncMac - ok
09:20:45.0046 2336 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:20:45.0171 2336 atapi - ok
09:20:45.0187 2336 Atdisk - ok
09:20:45.0265 2336 Ati HotKey Poller (471087b5e1e01cc82604e81ea14781d8) C:\WINDOWS\system32\Ati2evxx.exe
09:20:45.0281 2336 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
09:20:45.0281 2336 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
09:20:45.0390 2336 ATI Smart (b979ba0120b6db757196a8e2e873fe3c) C:\WINDOWS\SYSTEM32\ati2sgag.exe
09:20:45.0437 2336 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
09:20:45.0437 2336 ATI Smart - detected UnsignedFile.Multi.Generic (1)
09:20:45.0765 2336 ati2mtag (c0b86ecb324e50f6bbd529f9d5c6b24b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:20:45.0921 2336 ati2mtag ( UnsignedFile.Multi.Generic ) - warning
09:20:45.0921 2336 ati2mtag - detected UnsignedFile.Multi.Generic (1)
09:20:46.0156 2336 ATIAVAIW (fed003fd00011946b0e4f8fb7a8b4307) C:\WINDOWS\system32\DRIVERS\atinavt2.sys
09:20:46.0218 2336 ATIAVAIW - ok
09:20:46.0250 2336 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:20:46.0406 2336 Atmarpc - ok
09:20:46.0437 2336 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
09:20:46.0593 2336 AudioSrv - ok
09:20:46.0625 2336 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:20:46.0765 2336 audstub - ok
09:20:46.0906 2336 Automatic LiveUpdate Scheduler (b5d974c1fd078a68c7536c561b031d39) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
09:20:46.0921 2336 Automatic LiveUpdate Scheduler - ok
09:20:47.0015 2336 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:20:47.0031 2336 avast! Antivirus - ok
09:20:47.0062 2336 b57w2k (4826fcf97c47b361a2e2f68cd487a19e) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:20:47.0109 2336 b57w2k - ok
09:20:47.0125 2336 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys
09:20:47.0156 2336 BANTExt ( UnsignedFile.Multi.Generic ) - warning
09:20:47.0156 2336 BANTExt - detected UnsignedFile.Multi.Generic (1)
09:20:47.0156 2336 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:20:47.0328 2336 Beep - ok
09:20:47.0375 2336 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
09:20:47.0546 2336 BITS - ok
09:20:47.0593 2336 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe
09:20:47.0625 2336 Bonjour Service - ok
09:20:47.0656 2336 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
09:20:47.0796 2336 Browser - ok
09:20:47.0812 2336 bvrp_pci - ok
09:20:47.0906 2336 catchme - ok
09:20:47.0937 2336 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
09:20:48.0187 2336 cbidf - ok
09:20:48.0203 2336 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:20:48.0359 2336 cbidf2k - ok
09:20:48.0406 2336 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:20:48.0546 2336 CCDECODE - ok
09:20:48.0562 2336 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
09:20:48.0625 2336 cd20xrnt - ok
09:20:48.0640 2336 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:20:48.0796 2336 Cdaudio - ok
09:20:48.0812 2336 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:20:48.0953 2336 Cdfs - ok
09:20:48.0984 2336 Cdr4_xp (bf79e659c506674c0497cc9c61f1a165) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
09:20:49.0000 2336 Cdr4_xp ( UnsignedFile.Multi.Generic ) - warning
09:20:49.0000 2336 Cdr4_xp - detected UnsignedFile.Multi.Generic (1)
09:20:49.0000 2336 Cdralw2k (2c41cd49d82d5fd85c72d57b6ca25471) C:\WINDOWS\system32\drivers\Cdralw2k.sys
09:20:49.0015 2336 Cdralw2k ( UnsignedFile.Multi.Generic ) - warning
09:20:49.0015 2336 Cdralw2k - detected UnsignedFile.Multi.Generic (1)
09:20:49.0031 2336 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:20:49.0218 2336 Cdrom - ok
09:20:49.0234 2336 Changer - ok
09:20:49.0265 2336 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
09:20:49.0406 2336 CiSvc - ok
09:20:49.0421 2336 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
09:20:49.0562 2336 ClipSrv - ok
09:20:49.0734 2336 CLPSLS (be465a17fda2e79ed49053cbec7e9335) C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
09:20:49.0796 2336 CLPSLS - ok
09:20:49.0890 2336 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:20:49.0906 2336 clr_optimization_v2.0.50727_32 - ok
09:20:50.0046 2336 cmdAgent (43f37e8f60f3677e84c6afc70c784afd) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
09:20:50.0156 2336 cmdAgent - ok
09:20:50.0343 2336 cmdGuard (251f906328af49e7927a1ad12b543a2f) C:\WINDOWS\system32\DRIVERS\cmdguard.sys
09:20:50.0390 2336 cmdGuard - ok
09:20:50.0421 2336 cmdHlp (207f06d08afcdd3bbc801eab1a845cfb) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
09:20:50.0437 2336 cmdHlp - ok
09:20:50.0453 2336 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
09:20:50.0578 2336 CmdIde - ok
09:20:50.0609 2336 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:20:50.0765 2336 Compbatt - ok
09:20:50.0765 2336 COMSysApp - ok
09:20:50.0781 2336 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
09:20:50.0937 2336 Cpqarray - ok
09:20:50.0984 2336 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
09:20:51.0125 2336 CryptSvc - ok
09:20:51.0140 2336 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
09:20:51.0281 2336 dac2w2k - ok
09:20:51.0281 2336 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
09:20:51.0421 2336 dac960nt - ok
09:20:51.0484 2336 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
09:20:51.0578 2336 DcomLaunch - ok
09:20:51.0625 2336 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
09:20:51.0765 2336 Dhcp - ok
09:20:51.0781 2336 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:20:51.0921 2336 Disk - ok
09:20:51.0921 2336 dmadmin - ok
09:20:51.0953 2336 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
09:20:52.0187 2336 dmboot - ok
09:20:52.0218 2336 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
09:20:52.0359 2336 dmio - ok
09:20:52.0390 2336 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:20:52.0515 2336 dmload - ok
09:20:52.0546 2336 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
09:20:52.0687 2336 dmserver - ok
09:20:52.0718 2336 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:20:52.0859 2336 DMusic - ok
09:20:52.0890 2336 DMX3191 (4898050118b195dc157456da87a95046) C:\WINDOWS\System32\drivers\DMX3191.SYS
09:20:52.0906 2336 DMX3191 ( UnsignedFile.Multi.Generic ) - warning
09:20:52.0906 2336 DMX3191 - detected UnsignedFile.Multi.Generic (1)
09:20:52.0953 2336 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
09:20:52.0984 2336 Dnscache - ok
09:20:53.0015 2336 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
09:20:53.0156 2336 Dot3svc - ok
09:20:53.0187 2336 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
09:20:53.0375 2336 dpti2o - ok
09:20:53.0406 2336 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:20:53.0578 2336 drmkaud - ok
09:20:53.0593 2336 Drvnlhwdww - ok
09:20:53.0718 2336 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
09:20:53.0734 2336 DSBrokerService - ok
09:20:53.0812 2336 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
09:20:53.0828 2336 DSproct ( UnsignedFile.Multi.Generic ) - warning
09:20:53.0828 2336 DSproct - detected UnsignedFile.Multi.Generic (1)
09:20:53.0859 2336 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
09:20:53.0906 2336 dsunidrv - ok
09:20:53.0953 2336 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
09:20:54.0093 2336 E100B - ok
09:20:54.0125 2336 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
09:20:54.0281 2336 EapHost - ok
09:20:54.0312 2336 elagopro (7ec42ec12a4bac14bcca99fb06f2d125) C:\WINDOWS\system32\DRIVERS\elagopro.sys
09:20:54.0359 2336 elagopro - ok
09:20:54.0375 2336 elaunidr (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\elaunidr.sys
09:20:54.0390 2336 elaunidr - ok
09:20:54.0421 2336 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
09:20:54.0578 2336 ERSvc - ok
09:20:54.0625 2336 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
09:20:54.0656 2336 Eventlog - ok
09:20:54.0703 2336 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
09:20:54.0734 2336 EventSystem - ok
09:20:54.0765 2336 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:20:54.0921 2336 Fastfat - ok
09:20:54.0968 2336 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:20:55.0000 2336 FastUserSwitchingCompatibility - ok
09:20:55.0046 2336 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
09:20:55.0234 2336 Fax - ok
09:20:55.0250 2336 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
09:20:55.0406 2336 Fdc - ok
09:20:55.0437 2336 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
09:20:55.0593 2336 Fips - ok
09:20:55.0609 2336 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:20:55.0765 2336 Flpydisk - ok
09:20:55.0781 2336 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:20:55.0937 2336 FltMgr - ok
09:20:55.0984 2336 FlyUsb (8efa9bfc940d9eb9348d9dafb839fe25) C:\WINDOWS\system32\DRIVERS\FlyUsb.sys
09:20:56.0015 2336 FlyUsb - ok
09:20:56.0093 2336 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:20:56.0109 2336 FontCache3.0.0.0 - ok
09:20:56.0140 2336 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:20:56.0281 2336 Fs_Rec - ok
09:20:56.0328 2336 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:20:56.0468 2336 Ftdisk - ok
09:20:56.0500 2336 GEARAspiWDM (df6e37b27a9a1a498c6d9f29995b7a03) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
09:20:56.0515 2336 GEARAspiWDM - ok
09:20:56.0562 2336 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:20:56.0718 2336 Gpc - ok
09:20:56.0812 2336 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:20:56.0843 2336 gusvc - ok
09:20:56.0906 2336 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:20:57.0046 2336 helpsvc - ok
09:20:57.0078 2336 HidBatt (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
09:20:57.0218 2336 HidBatt - ok
09:20:57.0234 2336 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
09:20:57.0406 2336 HidServ - ok
09:20:57.0437 2336 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:20:57.0562 2336 HidUsb - ok
09:20:57.0593 2336 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
09:20:57.0734 2336 hkmsvc - ok
09:20:57.0765 2336 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
09:20:57.0890 2336 hpn - ok
09:20:57.0921 2336 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
09:20:57.0953 2336 HSFHWBS2 - ok
09:20:58.0031 2336 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
09:20:58.0078 2336 HSF_DP - ok
09:20:58.0187 2336 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
09:20:58.0234 2336 HTTP - ok
09:20:58.0281 2336 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
09:20:58.0437 2336 HTTPFilter - ok
09:20:58.0468 2336 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
09:20:58.0656 2336 i2omgmt - ok
09:20:58.0656 2336 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
09:20:58.0875 2336 i2omp - ok
09:20:58.0890 2336 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:20:59.0062 2336 i8042prt - ok
09:20:59.0156 2336 IAANTMon (3277cf101ae78c38b00702d688e37d44) C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
09:20:59.0171 2336 IAANTMon ( UnsignedFile.Multi.Generic ) - warning
09:20:59.0171 2336 IAANTMon - detected UnsignedFile.Multi.Generic (1)
09:20:59.0218 2336 iaStor (f26bfd48b1c314e0f23bf77acfa75940) C:\WINDOWS\system32\drivers\iaStor.sys
09:20:59.0265 2336 iaStor - ok
09:20:59.0390 2336 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:20:59.0406 2336 IDriverT ( UnsignedFile.Multi.Generic ) - warning
09:20:59.0406 2336 IDriverT - detected UnsignedFile.Multi.Generic (1)
09:20:59.0531 2336 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:20:59.0578 2336 idsvc - ok
09:20:59.0578 2336 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:20:59.0718 2336 Imapi - ok
09:20:59.0750 2336 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
09:20:59.0906 2336 ImapiService - ok
09:20:59.0937 2336 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
09:21:00.0078 2336 ini910u - ok
09:21:00.0093 2336 Inspect (c9953067b2c9e3d3dd44ec22d1e0815a) C:\WINDOWS\system32\DRIVERS\inspect.sys
09:21:00.0125 2336 Inspect - ok
09:21:00.0140 2336 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
09:21:00.0281 2336 IntelIde - ok
09:21:00.0328 2336 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:21:00.0453 2336 intelppm - ok
09:21:00.0468 2336 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:21:00.0625 2336 Ip6Fw - ok
09:21:00.0640 2336 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:21:00.0765 2336 IpFilterDriver - ok
09:21:00.0781 2336 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:21:00.0937 2336 IpInIp - ok
09:21:00.0968 2336 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:21:01.0125 2336 IpNat - ok
09:21:01.0140 2336 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:21:01.0281 2336 IPSec - ok
09:21:01.0296 2336 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:21:01.0375 2336 IRENUM - ok
09:21:01.0390 2336 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:21:01.0531 2336 isapnp - ok
09:21:01.0687 2336 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
09:21:01.0734 2336 JavaQuickStarterService - ok
09:21:01.0765 2336 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:21:01.0906 2336 Kbdclass - ok
09:21:01.0921 2336 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:21:02.0062 2336 kbdhid - ok
09:21:02.0093 2336 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:21:02.0218 2336 kmixer - ok
09:21:02.0250 2336 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
09:21:02.0312 2336 KSecDD - ok
09:21:02.0343 2336 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
09:21:02.0406 2336 lanmanserver - ok
09:21:02.0453 2336 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
09:21:02.0515 2336 lanmanworkstation - ok
09:21:02.0531 2336 lbrtfdc - ok
09:21:03.0031 2336 LeapFrog Connect Device Service (3c879d04bb6466e2853c3155b635cc45) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
09:21:03.0265 2336 LeapFrog Connect Device Service - ok
09:21:03.0437 2336 Leapfrog-USBLAN (5cffda921fe0c9e9ebde3150d3c81594) C:\WINDOWS\system32\DRIVERS\btblan.sys
09:21:03.0500 2336 Leapfrog-USBLAN - ok
09:21:03.0781 2336 LiveUpdate (a97eeb81f05bce3d7aa6c81f04ef39a4) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
09:21:03.0921 2336 LiveUpdate - ok
09:21:04.0031 2336 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
09:21:04.0265 2336 LmHosts - ok
09:21:04.0312 2336 LVUSBSta (a730fc8671a60666d6e877c544dd7cd4) C:\WINDOWS\system32\drivers\lvusbsta.sys
09:21:04.0359 2336 LVUSBSta - ok
09:21:04.0375 2336 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
09:21:04.0406 2336 MBAMSwissArmy - ok
09:21:04.0468 2336 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
09:21:04.0484 2336 McAfee SiteAdvisor Service - ok
09:21:04.0515 2336 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:21:04.0546 2336 mdmxsdk - ok
09:21:04.0609 2336 MemeoBackgroundService (206df2fa99f1568c65feb6ce9e07a372) C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe
09:21:04.0625 2336 MemeoBackgroundService - ok
09:21:04.0656 2336 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
09:21:04.0828 2336 Messenger - ok
09:21:04.0875 2336 MioNet (99119316d505ee8192d5d1a0485bf110) C:\Program Files\MioNet\MioNetManager.exe
09:21:04.0890 2336 MioNet ( UnsignedFile.Multi.Generic ) - warning
09:21:04.0890 2336 MioNet - detected UnsignedFile.Multi.Generic (1)
09:21:04.0906 2336 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:21:05.0046 2336 mnmdd - ok
09:21:05.0078 2336 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
09:21:05.0234 2336 mnmsrvc - ok
09:21:05.0281 2336 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
09:21:05.0421 2336 Modem - ok
09:21:05.0421 2336 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
09:21:05.0562 2336 MODEMCSA - ok
09:21:05.0578 2336 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:21:05.0718 2336 Mouclass - ok
09:21:05.0734 2336 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:21:05.0906 2336 MountMgr - ok
09:21:05.0984 2336 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:21:06.0015 2336 MozillaMaintenance - ok
09:21:06.0031 2336 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
09:21:06.0171 2336 MPE - ok
09:21:06.0203 2336 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
09:21:06.0328 2336 mraid35x - ok
09:21:06.0359 2336 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:21:06.0500 2336 MRxDAV - ok
09:21:06.0562 2336 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:21:06.0609 2336 MRxSmb - ok
09:21:06.0640 2336 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
09:21:06.0781 2336 MSDTC - ok
09:21:06.0781 2336 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:21:06.0937 2336 Msfs - ok
09:21:06.0953 2336 MSIServer - ok
09:21:07.0000 2336 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:21:07.0156 2336 MSKSSRV - ok
09:21:07.0171 2336 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:21:07.0328 2336 MSPCLOCK - ok
09:21:07.0343 2336 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:21:07.0484 2336 MSPQM - ok
09:21:07.0500 2336 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:21:07.0640 2336 mssmbios - ok
09:21:07.0656 2336 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
09:21:07.0781 2336 MSTEE - ok
09:21:07.0812 2336 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:21:07.0843 2336 Mup - ok
09:21:07.0875 2336 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:21:08.0015 2336 NABTSFEC - ok
09:21:08.0062 2336 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
09:21:08.0203 2336 napagent - ok
09:21:08.0250 2336 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:21:08.0390 2336 NDIS - ok
09:21:08.0421 2336 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:21:08.0562 2336 NdisIP - ok
09:21:08.0593 2336 NDISRD (31c97e19ad9bb0030349e55d42d5e5d1) C:\WINDOWS\system32\drivers\NDISRD.sys
09:21:08.0593 2336 NDISRD ( UnsignedFile.Multi.Generic ) - warning
09:21:08.0593 2336 NDISRD - detected UnsignedFile.Multi.Generic (1)
09:21:08.0625 2336 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:21:08.0671 2336 NdisTapi - ok
09:21:08.0718 2336 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:21:08.0843 2336 Ndisuio - ok
09:21:08.0859 2336 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:21:09.0000 2336 NdisWan - ok
09:21:09.0015 2336 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:21:09.0062 2336 NDProxy - ok
09:21:09.0109 2336 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:21:09.0296 2336 NetBIOS - ok
09:21:09.0328 2336 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:21:09.0500 2336 NetBT - ok
09:21:09.0531 2336 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
09:21:09.0703 2336 NetDDE - ok
09:21:09.0703 2336 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
09:21:09.0843 2336 NetDDEdsdm - ok
09:21:09.0859 2336 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:21:09.0984 2336 Netlogon - ok
09:21:10.0031 2336 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
09:21:10.0218 2336 Netman - ok
09:21:10.0328 2336 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:21:10.0343 2336 NetTcpPortSharing - ok
09:21:10.0390 2336 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
09:21:10.0421 2336 Nla - ok
09:21:10.0437 2336 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:21:10.0578 2336 Npfs - ok
09:21:10.0640 2336 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:21:10.0796 2336 Ntfs - ok
09:21:10.0796 2336 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:21:10.0968 2336 NtLmSsp - ok
09:21:11.0015 2336 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
09:21:11.0156 2336 NtmsSvc - ok
09:21:11.0187 2336 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:21:11.0328 2336 Null - ok
09:21:11.0453 2336 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:21:11.0656 2336 nv - ok
09:21:11.0796 2336 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:21:11.0937 2336 NwlnkFlt - ok
09:21:11.0937 2336 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:21:12.0078 2336 NwlnkFwd - ok
09:21:12.0125 2336 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
09:21:12.0140 2336 omci ( UnsignedFile.Multi.Generic ) - warning
09:21:12.0140 2336 omci - detected UnsignedFile.Multi.Generic (1)
09:21:12.0171 2336 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
09:21:12.0312 2336 Parport - ok
09:21:12.0328 2336 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:21:12.0453 2336 PartMgr - ok
09:21:12.0484 2336 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
09:21:12.0609 2336 ParVdm - ok
09:21:12.0640 2336 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\WINDOWS\system32\drivers\pavboot.sys
09:21:12.0671 2336 pavboot - ok
09:21:12.0671 2336 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
09:21:12.0812 2336 PCI - ok
09:21:12.0828 2336 PCIDump - ok
09:21:12.0859 2336 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:21:12.0984 2336 PCIIde - ok
09:21:13.0031 2336 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:21:13.0203 2336 Pcmcia - ok
09:21:13.0234 2336 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
09:21:13.0234 2336 pcouffin ( UnsignedFile.Multi.Generic ) - warning
09:21:13.0234 2336 pcouffin - detected UnsignedFile.Multi.Generic (1)
09:21:13.0250 2336 PDCOMP - ok
09:21:13.0250 2336 PDFRAME - ok
09:21:13.0265 2336 PDRELI - ok
09:21:13.0265 2336 PDRFRAME - ok
09:21:13.0281 2336 pepifilter (16bc447de474a9e125db39806714f1e1) C:\WINDOWS\system32\DRIVERS\lv302af.sys
09:21:13.0312 2336 pepifilter - ok
09:21:13.0312 2336 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
09:21:13.0453 2336 perc2 - ok
09:21:13.0468 2336 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
09:21:13.0593 2336 perc2hib - ok
09:21:13.0656 2336 PID_08A0 (7a31b09c7f037a1217b658465f19bbce) C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
09:21:13.0703 2336 PID_08A0 - ok
09:21:13.0750 2336 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
09:21:13.0781 2336 PlugPlay - ok
09:21:13.0828 2336 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:21:13.0968 2336 PolicyAgent - ok
09:21:14.0000 2336 PPSCAN (8ae536cf74546536f282d1fbce943324) C:\WINDOWS\system32\drivers\PPSCAN.sys
09:21:14.0031 2336 PPSCAN ( UnsignedFile.Multi.Generic ) - warning
09:21:14.0031 2336 PPSCAN - detected UnsignedFile.Multi.Generic (1)
09:21:14.0062 2336 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:21:14.0187 2336 PptpMiniport - ok
09:21:14.0203 2336 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:21:14.0343 2336 ProtectedStorage - ok
09:21:14.0359 2336 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:21:14.0546 2336 PSched - ok
09:21:14.0671 2336 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
09:21:14.0703 2336 PSI_SVC_2 - ok
09:21:14.0765 2336 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:21:14.0890 2336 Ptilink - ok
09:21:14.0906 2336 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:21:14.0937 2336 PxHelp20 - ok
09:21:14.0953 2336 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
09:21:15.0078 2336 ql1080 - ok
09:21:15.0093 2336 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
09:21:15.0234 2336 Ql10wnt - ok
09:21:15.0250 2336 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
09:21:15.0390 2336 ql12160 - ok
09:21:15.0390 2336 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
09:21:15.0546 2336 ql1240 - ok
09:21:15.0546 2336 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
09:21:15.0671 2336 ql1280 - ok
09:21:15.0718 2336 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:21:15.0843 2336 RasAcd - ok
09:21:15.0890 2336 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
09:21:16.0031 2336 RasAuto - ok
09:21:16.0031 2336 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:21:16.0218 2336 Rasl2tp - ok
09:21:16.0250 2336 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
09:21:16.0390 2336 RasMan - ok
09:21:16.0421 2336 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:21:16.0562 2336 RasPppoe - ok
09:21:16.0578 2336 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:21:16.0703 2336 Raspti - ok
09:21:16.0718 2336 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:21:16.0859 2336 Rdbss - ok
09:21:16.0875 2336 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:21:17.0000 2336 RDPCDD - ok
09:21:17.0046 2336 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:21:17.0187 2336 rdpdr - ok
09:21:17.0218 2336 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
09:21:17.0281 2336 RDPWD - ok
09:21:17.0312 2336 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
09:21:17.0468 2336 RDSessMgr - ok
09:21:17.0484 2336 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:21:17.0625 2336 redbook - ok
09:21:17.0656 2336 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
09:21:17.0812 2336 RemoteAccess - ok
09:21:17.0828 2336 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
09:21:17.0890 2336 RimUsb - ok
09:21:17.0906 2336 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
09:21:18.0046 2336 RpcLocator - ok
09:21:18.0093 2336 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
09:21:18.0140 2336 RpcSs - ok
09:21:18.0156 2336 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
09:21:18.0296 2336 RSVP - ok
09:21:18.0328 2336 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:21:18.0468 2336 SamSs - ok
09:21:18.0484 2336 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
09:21:18.0625 2336 SCardSvr - ok
09:21:18.0687 2336 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
09:21:18.0859 2336 Schedule - ok
09:21:18.0906 2336 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:21:18.0968 2336 Secdrv - ok
09:21:19.0015 2336 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
09:21:19.0203 2336 seclogon - ok
09:21:19.0265 2336 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
09:21:19.0343 2336 senfilt - ok
09:21:19.0375 2336 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
09:21:19.0546 2336 SENS - ok
09:21:19.0593 2336 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
09:21:19.0734 2336 serenum - ok
09:21:19.0765 2336 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
09:21:19.0968 2336 Serial - ok
09:21:20.0015 2336 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:21:20.0140 2336 Sfloppy - ok
09:21:20.0187 2336 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
09:21:20.0328 2336 SharedAccess - ok
09:21:20.0375 2336 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:21:20.0406 2336 ShellHWDetection - ok
09:21:20.0421 2336 Simbad - ok
09:21:20.0468 2336 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
09:21:20.0593 2336 sisagp - ok
09:21:20.0734 2336 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
09:21:20.0765 2336 SkypeUpdate - ok
09:21:20.0781 2336 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:21:20.0937 2336 SLIP - ok
09:21:20.0953 2336 SMPCLS - ok
09:21:21.0015 2336 smwdm (86c4d93b7b7818d066c52fdb03c6c921) C:\WINDOWS\system32\drivers\smwdm.sys
09:21:21.0031 2336 smwdm - ok
09:21:21.0046 2336 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
09:21:21.0109 2336 Sparrow - ok
09:21:21.0140 2336 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:21:21.0312 2336 splitter - ok
09:21:21.0343 2336 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
09:21:21.0375 2336 Spooler - ok
09:21:21.0437 2336 SQTECH905C (2831ce28570a3cc5c079a58a12878760) C:\WINDOWS\system32\Drivers\Capt905c.sys
09:21:21.0453 2336 SQTECH905C ( UnsignedFile.Multi.Generic ) - warning
09:21:21.0453 2336 SQTECH905C - detected UnsignedFile.Multi.Generic (1)
09:21:21.0484 2336 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
09:21:21.0546 2336 sr - ok
09:21:21.0593 2336 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
09:21:21.0656 2336 srservice - ok
09:21:21.0703 2336 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
09:21:21.0765 2336 Srv - ok
09:21:21.0796 2336 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
09:21:21.0859 2336 SSDPSRV - ok
09:21:21.0906 2336 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
09:21:22.0046 2336 stisvc - ok
09:21:22.0093 2336 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:21:22.0250 2336 streamip - ok
09:21:22.0296 2336 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:21:22.0421 2336 swenum - ok
09:21:22.0453 2336 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:21:22.0593 2336 swmidi - ok
09:21:22.0593 2336 SwPrv - ok
09:21:22.0796 2336 Symantec RemoteAssist (267c914667c94e5f47d342311c1c577f) C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
09:21:22.0812 2336 Symantec RemoteAssist - ok
09:21:22.0828 2336 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
09:21:22.0953 2336 symc810 - ok
09:21:22.0984 2336 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
09:21:23.0125 2336 symc8xx - ok
09:21:23.0125 2336 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
09:21:23.0250 2336 sym_hi - ok
09:21:23.0265 2336 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
09:21:23.0406 2336 sym_u3 - ok
09:21:23.0453 2336 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:21:23.0578 2336 sysaudio - ok
09:21:23.0609 2336 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
09:21:23.0750 2336 SysmonLog - ok
09:21:23.0781 2336 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
09:21:23.0921 2336 TapiSrv - ok
09:21:23.0968 2336 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:21:24.0000 2336 Tcpip - ok
09:21:24.0031 2336 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:21:24.0171 2336 TDPIPE - ok
09:21:24.0203 2336 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:21:24.0343 2336 TDTCP - ok
09:21:24.0390 2336 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:21:24.0515 2336 TermDD - ok
09:21:24.0562 2336 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
09:21:24.0687 2336 TermService - ok
09:21:24.0734 2336 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:21:24.0796 2336 Themes - ok
09:21:24.0796 2336 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
09:21:24.0921 2336 TosIde - ok
09:21:24.0968 2336 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
09:21:25.0156 2336 TrkWks - ok
09:21:25.0187 2336 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:21:25.0390 2336 Udfs - ok
09:21:25.0468 2336 UDNT (fd15d929b3a24c20b3b5341cae1f0552) C:\WINDOWS\system32\drivers\UDNT.sys
09:21:25.0484 2336 UDNT ( UnsignedFile.Multi.Generic ) - warning
09:21:25.0484 2336 UDNT - detected UnsignedFile.Multi.Generic (1)
09:21:25.0500 2336 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
09:21:25.0562 2336 ultra - ok
09:21:25.0625 2336 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:21:25.0781 2336 Update - ok
09:21:25.0828 2336 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
09:21:25.0921 2336 upnphost - ok
09:21:25.0953 2336 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
09:21:26.0078 2336 UPS - ok
09:21:26.0125 2336 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
09:21:26.0265 2336 usbaudio - ok
09:21:26.0296 2336 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:21:26.0421 2336 usbccgp - ok
09:21:26.0453 2336 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:21:26.0593 2336 usbehci - ok
09:21:26.0640 2336 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:21:26.0781 2336 usbhub - ok
09:21:26.0828 2336 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:21:26.0953 2336 usbprint - ok
09:21:26.0984 2336 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:21:27.0109 2336 usbscan - ok
09:21:27.0140 2336 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:21:27.0281 2336 USBSTOR - ok
09:21:27.0312 2336 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:21:27.0453 2336 usbuhci - ok
09:21:27.0468 2336 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
09:21:27.0609 2336 usbvideo - ok
09:21:27.0656 2336 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:21:27.0781 2336 VgaSave - ok
09:21:27.0796 2336 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
09:21:27.0937 2336 viaagp - ok
09:21:27.0968 2336 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
09:21:28.0109 2336 ViaIde - ok
09:21:28.0125 2336 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
09:21:28.0265 2336 VolSnap - ok
09:21:28.0312 2336 VPROEVENTMONITOR (e14b7ae35be1e97830d42ec191d0dea2) C:\WINDOWS\system32\drivers\VProEventMonitor.sys
09:21:28.0328 2336 VPROEVENTMONITOR - ok
09:21:28.0359 2336 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
09:21:28.0437 2336 VSS - ok
09:21:28.0468 2336 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
09:21:28.0609 2336 w32time - ok
09:21:28.0625 2336 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:21:28.0765 2336 Wanarp - ok
09:21:28.0781 2336 wanatw - ok
09:21:28.0796 2336 WDICA - ok
09:21:28.0843 2336 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:21:29.0015 2336 wdmaud - ok
09:21:29.0046 2336 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
09:21:29.0187 2336 WebClient - ok
09:21:29.0265 2336 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
09:21:29.0296 2336 winachsf - ok
09:21:29.0390 2336 WinDefend (f45dd1e1365d857dd08bc23563370d0e) C:\Program Files\Windows Defender\MsMpEng.exe
09:21:29.0421 2336 WinDefend - ok
09:21:29.0468 2336 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
09:21:29.0593 2336 winmgmt - ok
09:21:29.0625 2336 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\mspmsnsv.dll
09:21:29.0687 2336 WmdmPmSN - ok
09:21:29.0734 2336 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:21:29.0875 2336 WmiApSrv - ok
09:21:30.0000 2336 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
09:21:30.0046 2336 WMPNetworkSvc - ok
09:21:30.0109 2336 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
09:21:30.0125 2336 WpdUsb - ok
09:21:30.0156 2336 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:21:30.0281 2336 WS2IFSL - ok
09:21:30.0328 2336 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
09:21:30.0562 2336 wscsvc - ok
09:21:30.0593 2336 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:21:30.0750 2336 WSTCODEC - ok
09:21:30.0781 2336 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
09:21:30.0953 2336 wuauserv - ok
09:21:30.0984 2336 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:21:31.0031 2336 WudfPf - ok
09:21:31.0062 2336 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:21:31.0093 2336 WudfRd - ok
09:21:31.0125 2336 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
09:21:31.0171 2336 WudfSvc - ok
09:21:31.0234 2336 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
09:21:31.0390 2336 WZCSVC - ok
09:21:31.0437 2336 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
09:21:31.0578 2336 xmlprov - ok
09:21:31.0734 2336 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
09:21:31.0765 2336 YahooAUService - ok
09:21:31.0796 2336 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0
09:21:31.0921 2336 \Device\Harddisk0\DR0 - ok
09:21:31.0921 2336 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk1\DR1
09:21:32.0062 2336 \Device\Harddisk1\DR1 - ok
09:21:32.0093 2336 Boot (0x1200) (9386ead611f3b3fcecfb47fd6bfaf5fd) \Device\Harddisk0\DR0\Partition0
09:21:32.0093 2336 \Device\Harddisk0\DR0\Partition0 - ok
09:21:32.0093 2336 Boot (0x1200) (b1e27aa018409de6bfd73f8afb883a65) \Device\Harddisk1\DR1\Partition0
09:21:32.0093 2336 \Device\Harddisk1\DR1\Partition0 - ok
09:21:32.0093 2336 ============================================================
09:21:32.0093 2336 Scan finished
09:21:32.0093 2336 ============================================================
09:21:32.0203 1500 Detected object count: 21
09:21:32.0203 1500 Actual detected object count: 21
09:22:19.0718 1500 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0718 1500 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0718 1500 AEC671X ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0718 1500 AEC671X ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0718 1500 AgilentUSBCam ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0718 1500 AgilentUSBCam ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0718 1500 APC UPS Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0718 1500 APC UPS Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0718 1500 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0718 1500 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0718 1500 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0718 1500 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0734 1500 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0734 1500 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0734 1500 BANTExt ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0734 1500 BANTExt ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0734 1500 Cdr4_xp ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0734 1500 Cdr4_xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0734 1500 Cdralw2k ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0734 1500 Cdralw2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0734 1500 DMX3191 ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0734 1500 DMX3191 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0734 1500 DSproct ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0734 1500 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0734 1500 IAANTMon ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0734 1500 IAANTMon ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0734 1500 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0734 1500 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0750 1500 MioNet ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0750 1500 MioNet ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0750 1500 NDISRD ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0750 1500 NDISRD ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0750 1500 omci ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0750 1500 omci ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0750 1500 pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0750 1500 pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0750 1500 PPSCAN ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0750 1500 PPSCAN ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0750 1500 SQTECH905C ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0750 1500 SQTECH905C ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:19.0750 1500 UDNT ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:19.0750 1500 UDNT ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:26.0828 4912 ============================================================
09:22:26.0828 4912 Scan started
09:22:26.0828 4912 Mode: Manual; SigCheck; TDLFS;
09:22:26.0828 4912 ============================================================
09:22:27.0234 4912 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
09:22:27.0265 4912 Aavmker4 - ok
09:22:27.0359 4912 aawservice (17067069b9a7865028c1f2e6971d0ccc) C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
09:22:27.0390 4912 aawservice - ok
09:22:27.0406 4912 Abiosdsk - ok
09:22:27.0437 4912 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
09:22:27.0500 4912 abp480n5 - ok
09:22:27.0531 4912 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:22:27.0687 4912 ACPI - ok
09:22:27.0703 4912 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:22:27.0843 4912 ACPIEC - ok
09:22:27.0921 4912 Adobe LM Service (5ddc0a8d2cd60bda593ddaf45821ce08) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
09:22:27.0921 4912 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
09:22:27.0921 4912 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
09:22:28.0000 4912 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:22:28.0031 4912 AdobeFlashPlayerUpdateSvc - ok
09:22:28.0062 4912 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
09:22:28.0281 4912 adpu160m - ok
09:22:28.0328 4912 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:22:28.0500 4912 aec - ok
09:22:28.0531 4912 AEC671X (a61d71ad98e82ca5a3d444e7aade1571) C:\WINDOWS\System32\drivers\AEC671X.SYS
09:22:28.0546 4912 AEC671X ( UnsignedFile.Multi.Generic ) - warning
09:22:28.0546 4912 AEC671X - detected UnsignedFile.Multi.Generic (1)
09:22:28.0578 4912 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:22:28.0609 4912 AFD - ok
09:22:28.0640 4912 AgilentUSBCam (cbd15fc01388046c027eb52b838764c3) C:\WINDOWS\system32\DRIVERS\Atusbcam.sys
09:22:28.0656 4912 AgilentUSBCam ( UnsignedFile.Multi.Generic ) - warning
09:22:28.0656 4912 AgilentUSBCam - detected UnsignedFile.Multi.Generic (1)
09:22:28.0671 4912 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
09:22:28.0843 4912 agp440 - ok
09:22:28.0859 4912 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
09:22:29.0031 4912 agpCPQ - ok
09:22:29.0031 4912 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
09:22:29.0093 4912 Aha154x - ok
09:22:29.0109 4912 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
09:22:29.0234 4912 aic78u2 - ok
09:22:29.0250 4912 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
09:22:29.0375 4912 aic78xx - ok
09:22:29.0437 4912 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
09:22:29.0578 4912 Alerter - ok
09:22:29.0593 4912 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
09:22:29.0671 4912 ALG - ok
09:22:29.0671 4912 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
09:22:29.0843 4912 AliIde - ok
09:22:29.0859 4912 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
09:22:30.0000 4912 alim1541 - ok
09:22:30.0015 4912 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
09:22:30.0140 4912 amdagp - ok
09:22:30.0140 4912 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
09:22:30.0203 4912 amsint - ok
09:22:30.0328 4912 APC UPS Service (dc45ab27932447b598848b10650313c5) C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
09:22:30.0343 4912 APC UPS Service ( UnsignedFile.Multi.Generic ) - warning
09:22:30.0343 4912 APC UPS Service - detected UnsignedFile.Multi.Generic (1)
09:22:30.0390 4912 Apple Mobile Device (367592efca7ff8b4ce11ab6b0744e1e2) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
09:22:30.0406 4912 Apple Mobile Device - ok
09:22:30.0421 4912 AppMgmt - ok
09:22:30.0453 4912 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\drivers\ASC.SYS
09:22:30.0593 4912 asc - ok
09:22:30.0625 4912 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
09:22:30.0687 4912 asc3350p - ok
09:22:30.0687 4912 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
09:22:30.0828 4912 asc3550 - ok
09:22:30.0890 4912 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:22:30.0906 4912 aspnet_state - ok
09:22:30.0937 4912 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
09:22:30.0953 4912 aswFsBlk - ok
09:22:30.0984 4912 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
09:22:31.0000 4912 aswMon2 - ok
09:22:31.0015 4912 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
09:22:31.0046 4912 aswRdr - ok
09:22:31.0109 4912 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
09:22:31.0156 4912 aswSnx - ok
09:22:31.0187 4912 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
09:22:31.0203 4912 aswSP - ok
09:22:31.0234 4912 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
09:22:31.0250 4912 aswTdi - ok
09:22:31.0281 4912 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:22:31.0437 4912 AsyncMac - ok
09:22:31.0468 4912 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:22:31.0609 4912 atapi - ok
09:22:31.0609 4912 Atdisk - ok
09:22:31.0671 4912 Ati HotKey Poller (471087b5e1e01cc82604e81ea14781d8) C:\WINDOWS\system32\Ati2evxx.exe
09:22:31.0718 4912 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
09:22:31.0718 4912 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
09:22:31.0796 4912 ATI Smart (b979ba0120b6db757196a8e2e873fe3c) C:\WINDOWS\SYSTEM32\ati2sgag.exe
09:22:31.0859 4912 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
09:22:31.0859 4912 ATI Smart - detected UnsignedFile.Multi.Generic (1)
09:22:32.0171 4912 ati2mtag (c0b86ecb324e50f6bbd529f9d5c6b24b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:22:32.0296 4912 ati2mtag ( UnsignedFile.Multi.Generic ) - warning
09:22:32.0296 4912 ati2mtag - detected UnsignedFile.Multi.Generic (1)
09:22:32.0484 4912 ATIAVAIW (fed003fd00011946b0e4f8fb7a8b4307) C:\WINDOWS\system32\DRIVERS\atinavt2.sys
09:22:32.0515 4912 ATIAVAIW - ok
09:22:32.0546 4912 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:22:32.0703 4912 Atmarpc - ok
09:22:32.0734 4912 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
09:22:32.0875 4912 AudioSrv - ok
09:22:32.0921 4912 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:22:33.0046 4912 audstub - ok
09:22:33.0218 4912 Automatic LiveUpdate Scheduler (b5d974c1fd078a68c7536c561b031d39) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
09:22:33.0250 4912 Automatic LiveUpdate Scheduler - ok
09:22:33.0343 4912 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:22:33.0359 4912 avast! Antivirus - ok
09:22:33.0406 4912 b57w2k (4826fcf97c47b361a2e2f68cd487a19e) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:22:33.0453 4912 b57w2k - ok
09:22:33.0468 4912 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys
09:22:33.0500 4912 BANTExt ( UnsignedFile.Multi.Generic ) - warning
09:22:33.0500 4912 BANTExt - detected UnsignedFile.Multi.Generic (1)
09:22:33.0500 4912 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:22:33.0687 4912 Beep - ok
09:22:33.0734 4912 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
09:22:33.0890 4912 BITS - ok
09:22:33.0937 4912 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe
09:22:33.0953 4912 Bonjour Service - ok
09:22:34.0000 4912 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
09:22:34.0187 4912 Browser - ok
09:22:34.0187 4912 bvrp_pci - ok
09:22:34.0281 4912 catchme - ok
09:22:34.0312 4912 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
09:22:34.0468 4912 cbidf - ok
09:22:34.0468 4912 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:22:34.0640 4912 cbidf2k - ok
09:22:34.0671 4912 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:22:34.0812 4912 CCDECODE - ok
09:22:34.0828 4912 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
09:22:34.0890 4912 cd20xrnt - ok
09:22:34.0906 4912 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:22:35.0046 4912 Cdaudio - ok
09:22:35.0062 4912 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:22:35.0187 4912 Cdfs - ok
09:22:35.0234 4912 Cdr4_xp (bf79e659c506674c0497cc9c61f1a165) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
09:22:35.0250 4912 Cdr4_xp ( UnsignedFile.Multi.Generic ) - warning
09:22:35.0250 4912 Cdr4_xp - detected UnsignedFile.Multi.Generic (1)
09:22:35.0250 4912 Cdralw2k (2c41cd49d82d5fd85c72d57b6ca25471) C:\WINDOWS\system32\drivers\Cdralw2k.sys
09:22:35.0265 4912 Cdralw2k ( UnsignedFile.Multi.Generic ) - warning
09:22:35.0265 4912 Cdralw2k - detected UnsignedFile.Multi.Generic (1)
09:22:35.0281 4912 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:22:35.0421 4912 Cdrom - ok
09:22:35.0437 4912 Changer - ok
09:22:35.0468 4912 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
09:22:35.0593 4912 CiSvc - ok
09:22:35.0625 4912 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
09:22:35.0750 4912 ClipSrv - ok
09:22:35.0921 4912 CLPSLS (be465a17fda2e79ed49053cbec7e9335) C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
09:22:35.0968 4912 CLPSLS - ok
09:22:36.0062 4912 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:22:36.0078 4912 clr_optimization_v2.0.50727_32 - ok
09:22:36.0234 4912 cmdAgent (43f37e8f60f3677e84c6afc70c784afd) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
09:22:36.0312 4912 cmdAgent - ok
09:22:36.0484 4912 cmdGuard (251f906328af49e7927a1ad12b543a2f) C:\WINDOWS\system32\DRIVERS\cmdguard.sys
09:22:36.0500 4912 cmdGuard - ok
09:22:36.0515 4912 cmdHlp (207f06d08afcdd3bbc801eab1a845cfb) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
09:22:36.0531 4912 cmdHlp - ok
09:22:36.0546 4912 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
09:22:36.0687 4912 CmdIde - ok
09:22:36.0703 4912 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:22:36.0843 4912 Compbatt - ok
09:22:36.0859 4912 COMSysApp - ok
09:22:36.0875 4912 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
09:22:37.0000 4912 Cpqarray - ok
09:22:37.0046 4912 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
09:22:37.0218 4912 CryptSvc - ok
09:22:37.0234 4912 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
09:22:37.0375 4912 dac2w2k - ok
09:22:37.0390 4912 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
09:22:37.0515 4912 dac960nt - ok
09:22:37.0562 4912 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
09:22:37.0609 4912 DcomLaunch - ok
09:22:37.0640 4912 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
09:22:37.0765 4912 Dhcp - ok
09:22:37.0781 4912 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:22:37.0906 4912 Disk - ok
09:22:37.0921 4912 dmadmin - ok
09:22:37.0953 4912 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
09:22:38.0093 4912 dmboot - ok
09:22:38.0109 4912 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
09:22:38.0250 4912 dmio - ok
09:22:38.0281 4912 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:22:38.0406 4912 dmload - ok
09:22:38.0437 4912 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
09:22:38.0562 4912 dmserver - ok
09:22:38.0593 4912 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:22:38.0781 4912 DMusic - ok
09:22:38.0812 4912 DMX3191 (4898050118b195dc157456da87a95046) C:\WINDOWS\System32\drivers\DMX3191.SYS
09:22:38.0843 4912 DMX3191 ( UnsignedFile.Multi.Generic ) - warning
09:22:38.0843 4912 DMX3191 - detected UnsignedFile.Multi.Generic (1)
09:22:38.0875 4912 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
09:22:38.0921 4912 Dnscache - ok
09:22:38.0937 4912 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
09:22:39.0093 4912 Dot3svc - ok
09:22:39.0109 4912 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
09:22:39.0250 4912 dpti2o - ok
09:22:39.0250 4912 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:22:39.0390 4912 drmkaud - ok
09:22:39.0390 4912 Drvnlhwdww - ok
09:22:39.0531 4912 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
09:22:39.0546 4912 DSBrokerService - ok
09:22:39.0625 4912 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
09:22:39.0640 4912 DSproct ( UnsignedFile.Multi.Generic ) - warning
09:22:39.0640 4912 DSproct - detected UnsignedFile.Multi.Generic (1)
09:22:39.0671 4912 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
09:22:39.0687 4912 dsunidrv - ok
09:22:39.0718 4912 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
09:22:39.0859 4912 E100B - ok
09:22:39.0890 4912 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
09:22:40.0046 4912 EapHost - ok
09:22:40.0078 4912 elagopro (7ec42ec12a4bac14bcca99fb06f2d125) C:\WINDOWS\system32\DRIVERS\elagopro.sys
09:22:40.0125 4912 elagopro - ok
09:22:40.0140 4912 elaunidr (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\elaunidr.sys
09:22:40.0171 4912 elaunidr - ok
09:22:40.0203 4912 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
09:22:40.0359 4912 ERSvc - ok
09:22:40.0406 4912 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
09:22:40.0437 4912 Eventlog - ok
09:22:40.0484 4912 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
09:22:40.0515 4912 EventSystem - ok
09:22:40.0546 4912 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:22:40.0671 4912 Fastfat - ok
09:22:40.0718 4912 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:22:40.0750 4912 FastUserSwitchingCompatibility - ok
09:22:40.0796 4912 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
09:22:40.0953 4912 Fax - ok
09:22:40.0984 4912 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
09:22:41.0109 4912 Fdc - ok
09:22:41.0156 4912 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
09:22:41.0281 4912 Fips - ok
09:22:41.0296 4912 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:22:41.0437 4912 Flpydisk - ok
09:22:41.0468 4912 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:22:41.0593 4912 FltMgr - ok
09:22:41.0625 4912 FlyUsb (8efa9bfc940d9eb9348d9dafb839fe25) C:\WINDOWS\system32\DRIVERS\FlyUsb.sys
09:22:41.0656 4912 FlyUsb - ok
09:22:41.0734 4912 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:22:41.0750 4912 FontCache3.0.0.0 - ok
09:22:41.0781 4912 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:22:41.0937 4912 Fs_Rec - ok
09:22:41.0984 4912 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:22:42.0109 4912 Ftdisk - ok
09:22:42.0156 4912 GEARAspiWDM (df6e37b27a9a1a498c6d9f29995b7a03) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
09:22:42.0171 4912 GEARAspiWDM - ok
09:22:42.0218 4912 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:22:42.0343 4912 Gpc - ok
09:22:42.0468 4912 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:22:42.0484 4912 gusvc - ok
09:22:42.0562 4912 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:22:42.0703 4912 helpsvc - ok
09:22:42.0734 4912 HidBatt (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
09:22:42.0859 4912 HidBatt - ok
09:22:42.0890 4912 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
09:22:43.0015 4912 HidServ - ok
09:22:43.0031 4912 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:22:43.0218 4912 HidUsb - ok
09:22:43.0250 4912 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
09:22:43.0390 4912 hkmsvc - ok
09:22:43.0390 4912 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
09:22:43.0515 4912 hpn - ok
09:22:43.0531 4912 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
09:22:43.0562 4912 HSFHWBS2 - ok
09:22:43.0625 4912 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
09:22:43.0687 4912 HSF_DP - ok
09:22:43.0734 4912 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
09:22:43.0765 4912 HTTP - ok
09:22:43.0812 4912 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
09:22:43.0968 4912 HTTPFilter - ok
09:22:44.0000 4912 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
09:22:44.0203 4912 i2omgmt - ok
09:22:44.0218 4912 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
09:22:44.0359 4912 i2omp - ok
09:22:44.0375 4912 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:22:44.0500 4912 i8042prt - ok
09:22:44.0625 4912 IAANTMon (3277cf101ae78c38b00702d688e37d44) C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
09:22:44.0625 4912 IAANTMon ( UnsignedFile.Multi.Generic ) - warning
09:22:44.0640 4912 IAANTMon - detected UnsignedFile.Multi.Generic (1)
09:22:44.0656 4912 iaStor (f26bfd48b1c314e0f23bf77acfa75940) C:\WINDOWS\system32\drivers\iaStor.sys
09:22:44.0687 4912 iaStor - ok
09:22:44.0812 4912 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:22:44.0828 4912 IDriverT ( UnsignedFile.Multi.Generic ) - warning
09:22:44.0828 4912 IDriverT - detected UnsignedFile.Multi.Generic (1)
09:22:44.0937 4912 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:22:45.0000 4912 idsvc - ok
09:22:45.0000 4912 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:22:45.0140 4912 Imapi - ok
09:22:45.0171 4912 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
09:22:45.0312 4912 ImapiService - ok
09:22:45.0343 4912 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
09:22:45.0468 4912 ini910u - ok
09:22:45.0500 4912 Inspect (c9953067b2c9e3d3dd44ec22d1e0815a) C:\WINDOWS\system32\DRIVERS\inspect.sys
09:22:45.0531 4912 Inspect - ok
09:22:45.0546 4912 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
09:22:45.0671 4912 IntelIde - ok
09:22:45.0718 4912 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:22:45.0890 4912 intelppm - ok
09:22:45.0937 4912 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:22:46.0093 4912 Ip6Fw - ok
09:22:46.0125 4912 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:22:46.0281 4912 IpFilterDriver - ok
09:22:46.0281 4912 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:22:46.0421 4912 IpInIp - ok
09:22:46.0437 4912 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:22:46.0562 4912 IpNat - ok
09:22:46.0578 4912 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:22:46.0718 4912 IPSec - ok
09:22:46.0718 4912 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:22:46.0796 4912 IRENUM - ok
09:22:46.0812 4912 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:22:46.0953 4912 isapnp - ok
09:22:47.0109 4912 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
09:22:47.0125 4912 JavaQuickStarterService - ok
09:22:47.0140 4912 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:22:47.0265 4912 Kbdclass - ok
09:22:47.0281 4912 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:22:47.0406 4912 kbdhid - ok
09:22:47.0453 4912 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:22:47.0578 4912 kmixer - ok
09:22:47.0593 4912 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
09:22:47.0625 4912 KSecDD - ok
09:22:47.0671 4912 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
09:22:47.0734 4912 lanmanserver - ok
09:22:47.0781 4912 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
09:22:47.0828 4912 lanmanworkstation - ok
09:22:47.0843 4912 lbrtfdc - ok
09:22:48.0359 4912 LeapFrog Connect Device Service (3c879d04bb6466e2853c3155b635cc45) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
09:22:48.0546 4912 LeapFrog Connect Device Service - ok
09:22:48.0750 4912 Leapfrog-USBLAN (5cffda921fe0c9e9ebde3150d3c81594) C:\WINDOWS\system32\DRIVERS\btblan.sys
09:22:48.0781 4912 Leapfrog-USBLAN - ok
09:22:49.0078 4912 LiveUpdate (a97eeb81f05bce3d7aa6c81f04ef39a4) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
09:22:49.0218 4912 LiveUpdate - ok
09:22:49.0312 4912 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
09:22:49.0515 4912 LmHosts - ok
09:22:49.0546 4912 LVUSBSta (a730fc8671a60666d6e877c544dd7cd4) C:\WINDOWS\system32\drivers\lvusbsta.sys
09:22:49.0578 4912 LVUSBSta - ok
09:22:49.0609 4912 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
09:22:49.0625 4912 MBAMSwissArmy - ok
09:22:49.0687 4912 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
09:22:49.0703 4912 McAfee SiteAdvisor Service - ok
09:22:49.0750 4912 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:22:49.0765 4912 mdmxsdk - ok
09:22:49.0828 4912 MemeoBackgroundService (206df2fa99f1568c65feb6ce9e07a372) C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe
09:22:49.0843 4912 MemeoBackgroundService - ok
09:22:49.0890 4912 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
09:22:50.0015 4912 Messenger - ok
09:22:50.0062 4912 MioNet (99119316d505ee8192d5d1a0485bf110) C:\Program Files\MioNet\MioNetManager.exe
09:22:50.0078 4912 MioNet ( UnsignedFile.Multi.Generic ) - warning
09:22:50.0078 4912 MioNet - detected UnsignedFile.Multi.Generic (1)
09:22:50.0093 4912 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:22:50.0218 4912 mnmdd - ok
09:22:50.0265 4912 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
09:22:50.0390 4912 mnmsrvc - ok
09:22:50.0421 4912 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
09:22:50.0546 4912 Modem - ok
09:22:50.0562 4912 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
09:22:50.0703 4912 MODEMCSA - ok
09:22:50.0718 4912 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:22:50.0859 4912 Mouclass - ok
09:22:50.0875 4912 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:22:51.0000 4912 MountMgr - ok
09:22:51.0062 4912 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:22:51.0078 4912 MozillaMaintenance - ok
09:22:51.0109 4912 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
09:22:51.0250 4912 MPE - ok
09:22:51.0265 4912 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
09:22:51.0390 4912 mraid35x - ok
09:22:51.0453 4912 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:22:51.0578 4912 MRxDAV - ok
09:22:51.0625 4912 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:22:51.0687 4912 MRxSmb - ok
09:22:51.0718 4912 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
09:22:51.0843 4912 MSDTC - ok
09:22:51.0859 4912 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:22:52.0000 4912 Msfs - ok
09:22:52.0000 4912 MSIServer - ok
09:22:52.0046 4912 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:22:52.0203 4912 MSKSSRV - ok
09:22:52.0218 4912 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:22:52.0359 4912 MSPCLOCK - ok
09:22:52.0375 4912 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:22:52.0578 4912 MSPQM - ok
09:22:52.0609 4912 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:22:52.0796 4912 mssmbios - ok
09:22:52.0812 4912 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
09:22:53.0015 4912 MSTEE - ok
09:22:53.0046 4912 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:22:53.0078 4912 Mup - ok
09:22:53.0109 4912 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:22:53.0312 4912 NABTSFEC - ok
09:22:53.0359 4912 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
09:22:53.0578 4912 napagent - ok
09:22:53.0609 4912 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:22:53.0828 4912 NDIS - ok
09:22:53.0843 4912 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:22:54.0046 4912 NdisIP - ok
09:22:54.0093 4912 NDISRD (31c97e19ad9bb0030349e55d42d5e5d1) C:\WINDOWS\system32\drivers\NDISRD.sys
09:22:54.0109 4912 NDISRD ( UnsignedFile.Multi.Generic ) - warning
09:22:54.0109 4912 NDISRD - detected UnsignedFile.Multi.Generic (1)
09:22:54.0140 4912 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:22:54.0187 4912 NdisTapi - ok
09:22:54.0218 4912 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:22:54.0421 4912 Ndisuio - ok
09:22:54.0437 4912 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:22:54.0671 4912 NdisWan - ok
09:22:54.0703 4912 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:22:54.0765 4912 NDProxy - ok
09:22:54.0828 4912 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:22:55.0093 4912 NetBIOS - ok
09:22:55.0140 4912 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:22:55.0343 4912 NetBT - ok
09:22:55.0375 4912 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
09:22:55.0578 4912 NetDDE - ok
09:22:55.0578 4912 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
09:22:55.0718 4912 NetDDEdsdm - ok
09:22:55.0750 4912 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:22:55.0906 4912 Netlogon - ok
09:22:55.0921 4912 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
09:22:56.0078 4912 Netman - ok
09:22:56.0171 4912 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:22:56.0187 4912 NetTcpPortSharing - ok
09:22:56.0218 4912 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
09:22:56.0250 4912 Nla - ok
09:22:56.0281 4912 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:22:56.0406 4912 Npfs - ok
09:22:56.0453 4912 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:22:56.0593 4912 Ntfs - ok
09:22:56.0593 4912 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:22:56.0734 4912 NtLmSsp - ok
09:22:56.0781 4912 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
09:22:56.0921 4912 NtmsSvc - ok
09:22:56.0968 4912 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:22:57.0093 4912 Null - ok
09:22:57.0203 4912 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:22:57.0406 4912 nv - ok
09:22:57.0593 4912 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:22:57.0703 4912 NwlnkFlt - ok
09:22:57.0718 4912 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:22:57.0843 4912 NwlnkFwd - ok
09:22:57.0890 4912 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
09:22:57.0906 4912 omci ( UnsignedFile.Multi.Generic ) - warning
09:22:57.0906 4912 omci - detected UnsignedFile.Multi.Generic (1)
09:22:57.0937 4912 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
09:22:58.0078 4912 Parport - ok
09:22:58.0093 4912 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:22:58.0250 4912 PartMgr - ok
09:22:58.0265 4912 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
09:22:58.0421 4912 ParVdm - ok
09:22:58.0468 4912 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\WINDOWS\system32\drivers\pavboot.sys
09:22:58.0484 4912 pavboot - ok
09:22:58.0500 4912 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
09:22:58.0640 4912 PCI - ok
09:22:58.0640 4912 PCIDump - ok
09:22:58.0687 4912 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:22:58.0796 4912 PCIIde - ok
09:22:58.0843 4912 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:22:58.0968 4912 Pcmcia - ok
09:22:59.0000 4912 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
09:22:59.0015 4912 pcouffin ( UnsignedFile.Multi.Generic ) - warning
09:22:59.0015 4912 pcouffin - detected UnsignedFile.Multi.Generic (1)
09:22:59.0015 4912 PDCOMP - ok
09:22:59.0031 4912 PDFRAME - ok
09:22:59.0031 4912 PDRELI - ok
09:22:59.0046 4912 PDRFRAME - ok
09:22:59.0062 4912 pepifilter (16bc447de474a9e125db39806714f1e1) C:\WINDOWS\system32\DRIVERS\lv302af.sys
09:22:59.0093 4912 pepifilter - ok
09:22:59.0093 4912 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
09:22:59.0218 4912 perc2 - ok
09:22:59.0234 4912 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
09:22:59.0359 4912 perc2hib - ok
09:22:59.0437 4912 PID_08A0 (7a31b09c7f037a1217b658465f19bbce) C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
09:22:59.0468 4912 PID_08A0 - ok
09:22:59.0515 4912 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
09:22:59.0546 4912 PlugPlay - ok
09:22:59.0593 4912 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:22:59.0718 4912 PolicyAgent - ok
09:22:59.0765 4912 PPSCAN (8ae536cf74546536f282d1fbce943324) C:\WINDOWS\system32\drivers\PPSCAN.sys
09:22:59.0765 4912 PPSCAN ( UnsignedFile.Multi.Generic ) - warning
09:22:59.0765 4912 PPSCAN - detected UnsignedFile.Multi.Generic (1)
09:22:59.0796 4912 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:22:59.0937 4912 PptpMiniport - ok
09:22:59.0937 4912 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:23:00.0140 4912 ProtectedStorage - ok
09:23:00.0156 4912 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:23:00.0312 4912 PSched - ok
09:23:00.0453 4912 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
09:23:00.0468 4912 PSI_SVC_2 - ok
09:23:00.0531 4912 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:23:00.0640 4912 Ptilink - ok
09:23:00.0656 4912 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:23:00.0687 4912 PxHelp20 - ok
09:23:00.0703 4912 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
09:23:00.0828 4912 ql1080 - ok
09:23:00.0828 4912 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
09:23:00.0984 4912 Ql10wnt - ok
09:23:01.0000 4912 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
09:23:01.0171 4912 ql12160 - ok
09:23:01.0171 4912 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
09:23:01.0312 4912 ql1240 - ok
09:23:01.0328 4912 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
09:23:01.0437 4912 ql1280 - ok
09:23:01.0484 4912 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:23:01.0609 4912 RasAcd - ok
09:23:01.0640 4912 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
09:23:01.0765 4912 RasAuto - ok
09:23:01.0781 4912 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:23:01.0906 4912 Rasl2tp - ok
09:23:01.0953 4912 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
09:23:02.0078 4912 RasMan - ok
09:23:02.0093 4912 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:23:02.0218 4912 RasPppoe - ok
09:23:02.0218 4912 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:23:02.0343 4912 Raspti - ok
09:23:02.0375 4912 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:23:02.0531 4912 Rdbss - ok
09:23:02.0546 4912 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:23:02.0671 4912 RDPCDD - ok
09:23:02.0718 4912 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:23:02.0843 4912 rdpdr - ok
09:23:02.0875 4912 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
09:23:02.0921 4912 RDPWD - ok
09:23:02.0953 4912 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
09:23:03.0078 4912 RDSessMgr - ok
09:23:03.0093 4912 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:23:03.0234 4912 redbook - ok
09:23:03.0281 4912 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
09:23:03.0406 4912 RemoteAccess - ok
09:23:03.0437 4912 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
09:23:03.0484 4912 RimUsb - ok
09:23:03.0500 4912 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
09:23:03.0625 4912 RpcLocator - ok
09:23:03.0687 4912 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
09:23:03.0718 4912 RpcSs - ok
09:23:03.0750 4912 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
09:23:03.0890 4912 RSVP - ok
09:23:03.0906 4912 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:23:04.0031 4912 SamSs - ok
09:23:04.0062 4912 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
09:23:04.0250 4912 SCardSvr - ok
09:23:04.0296 4912 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
09:23:04.0437 4912 Schedule - ok
09:23:04.0484 4912 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:23:04.0546 4912 Secdrv - ok
09:23:04.0593 4912 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
09:23:04.0718 4912 seclogon - ok
09:23:04.0781 4912 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
09:23:04.0843 4912 senfilt - ok
09:23:04.0875 4912 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
09:23:05.0031 4912 SENS - ok
09:23:05.0062 4912 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
09:23:05.0203 4912 serenum - ok
09:23:05.0218 4912 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
09:23:05.0421 4912 Serial - ok
09:23:05.0468 4912 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:23:05.0609 4912 Sfloppy - ok
09:23:05.0656 4912 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
09:23:05.0796 4912 SharedAccess - ok
09:23:05.0843 4912 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:23:05.0890 4912 ShellHWDetection - ok
09:23:05.0906 4912 Simbad - ok
09:23:05.0953 4912 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
09:23:06.0062 4912 sisagp - ok
09:23:06.0203 4912 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
09:23:06.0218 4912 SkypeUpdate - ok
09:23:06.0234 4912 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:23:06.0375 4912 SLIP - ok
09:23:06.0375 4912 SMPCLS - ok
09:23:06.0453 4912 smwdm (86c4d93b7b7818d066c52fdb03c6c921) C:\WINDOWS\system32\drivers\smwdm.sys
09:23:06.0468 4912 smwdm - ok
09:23:06.0484 4912 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
09:23:06.0546 4912 Sparrow - ok
09:23:06.0578 4912 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:23:06.0703 4912 splitter - ok
09:23:06.0750 4912 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
09:23:06.0781 4912 Spooler - ok
09:23:06.0828 4912 SQTECH905C (2831ce28570a3cc5c079a58a12878760) C:\WINDOWS\system32\Drivers\Capt905c.sys
09:23:06.0843 4912 SQTECH905C ( UnsignedFile.Multi.Generic ) - warning
09:23:06.0843 4912 SQTECH905C - detected UnsignedFile.Multi.Generic (1)
09:23:06.0859 4912 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
09:23:06.0921 4912 sr - ok
09:23:06.0968 4912 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
09:23:07.0046 4912 srservice - ok
09:23:07.0109 4912 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
09:23:07.0156 4912 Srv - ok
09:23:07.0187 4912 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
09:23:07.0265 4912 SSDPSRV - ok
09:23:07.0312 4912 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
09:23:07.0468 4912 stisvc - ok
09:23:07.0515 4912 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:23:07.0640 4912 streamip - ok
09:23:07.0687 4912 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:23:07.0812 4912 swenum - ok
09:23:07.0859 4912 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:23:07.0984 4912 swmidi - ok
09:23:07.0984 4912 SwPrv - ok
09:23:08.0187 4912 Symantec RemoteAssist (267c914667c94e5f47d342311c1c577f) C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
09:23:08.0203 4912 Symantec RemoteAssist - ok
09:23:08.0218 4912 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
09:23:08.0343 4912 symc810 - ok
09:23:08.0375 4912 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
09:23:08.0500 4912 symc8xx - ok
09:23:08.0515 4912 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
09:23:08.0640 4912 sym_hi - ok
09:23:08.0640 4912 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
09:23:08.0781 4912 sym_u3 - ok
09:23:08.0828 4912 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:23:08.0953 4912 sysaudio - ok
09:23:08.0984 4912 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
09:23:09.0109 4912 SysmonLog - ok
09:23:09.0140 4912 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
09:23:09.0281 4912 TapiSrv - ok
09:23:09.0343 4912 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:23:09.0359 4912 Tcpip - ok
09:23:09.0406 4912 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:23:09.0531 4912 TDPIPE - ok
09:23:09.0562 4912 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:23:09.0687 4912 TDTCP - ok
09:23:09.0703 4912 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:23:09.0828 4912 TermDD - ok
09:23:09.0859 4912 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
09:23:10.0000 4912 TermService - ok
09:23:10.0046 4912 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:23:10.0093 4912 Themes - ok
09:23:10.0109 4912 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
09:23:10.0250 4912 TosIde - ok
09:23:10.0296 4912 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
09:23:10.0437 4912 TrkWks - ok
09:23:10.0453 4912 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:23:10.0609 4912 Udfs - ok
09:23:10.0656 4912 UDNT (fd15d929b3a24c20b3b5341cae1f0552) C:\WINDOWS\system32\drivers\UDNT.sys
09:23:10.0687 4912 UDNT ( UnsignedFile.Multi.Generic ) - warning
09:23:10.0687 4912 UDNT - detected UnsignedFile.Multi.Generic (1)
09:23:10.0703 4912 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
09:23:10.0796 4912 ultra - ok
09:23:10.0859 4912 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:23:11.0000 4912 Update - ok
09:23:11.0031 4912 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
09:23:11.0125 4912 upnphost - ok
09:23:11.0140 4912 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
09:23:11.0281 4912 UPS - ok
09:23:11.0312 4912 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
09:23:11.0437 4912 usbaudio - ok
09:23:11.0468 4912 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:23:11.0593 4912 usbccgp - ok
09:23:11.0625 4912 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:23:11.0750 4912 usbehci - ok
09:23:11.0781 4912 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:23:11.0906 4912 usbhub - ok
09:23:11.0937 4912 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:23:12.0062 4912 usbprint - ok
09:23:12.0109 4912 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:23:12.0218 4912 usbscan - ok
09:23:12.0265 4912 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:23:12.0390 4912 USBSTOR - ok
09:23:12.0421 4912 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:23:12.0546 4912 usbuhci - ok
09:23:12.0578 4912 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
09:23:12.0703 4912 usbvideo - ok
09:23:12.0750 4912 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:23:12.0875 4912 VgaSave - ok
09:23:12.0875 4912 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
09:23:13.0000 4912 viaagp - ok
09:23:13.0031 4912 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
09:23:13.0203 4912 ViaIde - ok
09:23:13.0218 4912 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
09:23:13.0343 4912 VolSnap - ok
09:23:13.0375 4912 VPROEVENTMONITOR (e14b7ae35be1e97830d42ec191d0dea2) C:\WINDOWS\system32\drivers\VProEventMonitor.sys
09:23:13.0390 4912 VPROEVENTMONITOR - ok
09:23:13.0437 4912 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
09:23:13.0515 4912 VSS - ok
09:23:13.0546 4912 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
09:23:13.0671 4912 w32time - ok
09:23:13.0703 4912 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:23:13.0828 4912 Wanarp - ok
09:23:13.0828 4912 wanatw - ok
09:23:13.0843 4912 WDICA - ok
09:23:13.0875 4912 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:23:14.0000 4912 wdmaud - ok
09:23:14.0015 4912 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
09:23:14.0156 4912 WebClient - ok
09:23:14.0218 4912 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
09:23:14.0250 4912 winachsf - ok
09:23:14.0359 4912 WinDefend (f45dd1e1365d857dd08bc23563370d0e) C:\Program Files\Windows Defender\MsMpEng.exe
09:23:14.0375 4912 WinDefend - ok
09:23:14.0453 4912 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
09:23:14.0578 4912 winmgmt - ok
09:23:14.0609 4912 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\mspmsnsv.dll
09:23:14.0640 4912 WmdmPmSN - ok
09:23:14.0671 4912 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:23:14.0796 4912 WmiApSrv - ok
09:23:14.0859 4912 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
09:23:14.0906 4912 WMPNetworkSvc - ok
09:23:14.0953 4912 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
09:23:14.0984 4912 WpdUsb - ok
09:23:14.0984 4912 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:23:15.0109 4912 WS2IFSL - ok
09:23:15.0156 4912 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
09:23:15.0281 4912 wscsvc - ok
09:23:15.0312 4912 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:23:15.0437 4912 WSTCODEC - ok
09:23:15.0468 4912 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
09:23:15.0609 4912 wuauserv - ok
09:23:15.0640 4912 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:23:15.0671 4912 WudfPf - ok
09:23:15.0687 4912 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:23:15.0718 4912 WudfRd - ok
09:23:15.0734 4912 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
09:23:15.0765 4912 WudfSvc - ok
09:23:15.0828 4912 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
09:23:16.0062 4912 WZCSVC - ok
09:23:16.0109 4912 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
09:23:16.0296 4912 xmlprov - ok
09:23:16.0468 4912 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
09:23:16.0484 4912 YahooAUService - ok
09:23:16.0546 4912 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0
09:23:16.0671 4912 \Device\Harddisk0\DR0 - ok
09:23:16.0671 4912 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk1\DR1
09:23:16.0703 4912 \Device\Harddisk1\DR1 - ok
09:23:16.0734 4912 Boot (0x1200) (9386ead611f3b3fcecfb47fd6bfaf5fd) \Device\Harddisk0\DR0\Partition0
09:23:16.0734 4912 \Device\Harddisk0\DR0\Partition0 - ok
09:23:16.0734 4912 Boot (0x1200) (b1e27aa018409de6bfd73f8afb883a65) \Device\Harddisk1\DR1\Partition0
09:23:16.0734 4912 \Device\Harddisk1\DR1\Partition0 - ok
09:23:16.0734 4912 ============================================================
09:23:16.0734 4912 Scan finished
09:23:16.0734 4912 ============================================================
09:23:16.0750 3724 Detected object count: 21
09:23:16.0750 3724 Actual detected object count: 21
09:24:17.0703 3724 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0703 3724 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0703 3724 AEC671X ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0703 3724 AEC671X ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0703 3724 AgilentUSBCam ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0703 3724 AgilentUSBCam ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0703 3724 APC UPS Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0703 3724 APC UPS Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0703 3724 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0703 3724 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0703 3724 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0703 3724 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0703 3724 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0703 3724 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0703 3724 BANTExt ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0703 3724 BANTExt ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0718 3724 Cdr4_xp ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0718 3724 Cdr4_xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0718 3724 Cdralw2k ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0718 3724 Cdralw2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0718 3724 DMX3191 ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0718 3724 DMX3191 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0718 3724 DSproct ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0718 3724 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0718 3724 IAANTMon ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0718 3724 IAANTMon ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0718 3724 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0718 3724 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0718 3724 MioNet ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0718 3724 MioNet ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0718 3724 NDISRD ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0718 3724 NDISRD ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0718 3724 omci ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0718 3724 omci ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0734 3724 pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0734 3724 pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0734 3724 PPSCAN ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0734 3724 PPSCAN ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0734 3724 SQTECH905C ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0734 3724 SQTECH905C ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:24:17.0734 3724 UDNT ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:17.0734 3724 UDNT ( UnsignedFile.Multi.Generic ) - User select action: Skip


Seems I'm still having a bit of a slow computer and my graphics aren't displaying properly. Didn't have "Cure" for any files with this.
  • 0

#7
CompCav
Posted 10 May 2012 - 08:02 AM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1.

Re-Run aswMBR

Click Scan

On completion of the scanClick the Fix button. If the Fix button is not available click the Save Log button.

Posted Image

Save the log as before and post in your next reply


Step 2.

Please uninstall:

Viewpoint Media Player - Foistware that installs without user permission.




Step 3.

Note: If you have Malwarebytes 1.6 or higher installed please disable it for the duration of this fix as it may interfere with the successfully execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.


  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
DRV - (UDNT) -- C:\WINDOWS\System32\drivers\UDNT.SYS ()
O3 - HKLM\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No CLSID value found.
[2005/03/31 13:37:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/03/12 21:26:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/02/11 02:49:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{148D8B8A-8F96-4822-81EC-D510B626B7D5}


:files
ipconfig /flushdns /c


:reg


:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.


Step 4

Please post:

aswMBR fix log
OTL fix log


Please give me an update on the computer problems
  • 0

#8
bwhsify
Posted 10 May 2012 - 03:26 PM

bwhsify

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Unfortunately, I'm still unable to run the add/remove programs utility. Therefore I was unable to uninstall the viewpoint player. I went ahead and ran the fixes anyhow.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-09 22:37:23
-----------------------------
22:37:23.953 OS Version: Windows 5.1.2600 Service Pack 3
22:37:23.953 Number of processors: 2 586 0x403
22:37:23.953 ComputerName: TEAMWHEELS UserName: Ben
22:37:25.718 Initialize success
22:37:27.046 AVAST engine defs: 12050901
22:37:44.171 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
22:37:44.171 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
22:37:44.187 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
22:37:44.187 Disk 1 Vendor: WDC_WD32 15.0 Size: 305245MB BusType: 3
22:37:44.218 Disk 0 MBR read successfully
22:37:44.218 Disk 0 MBR scan
22:37:44.250 Disk 0 unknown MBR code
22:37:44.250 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 62 MB offset 63
22:37:44.265 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 148946 MB offset 128520
22:37:44.296 Disk 0 Partition 3 00 DB CP/M / CTOS MSWIN4.1 3616 MB offset 305170740
22:37:44.312 Disk 0 scanning sectors +312576705
22:37:44.390 Disk 0 scanning C:\WINDOWS\system32\drivers
22:37:56.953 File: C:\WINDOWS\system32\drivers\UDNT.SYS **INFECTED** Win32:Zeroot-B [Rtk]
22:37:58.968 Disk 0 trace - called modules:
22:37:58.984 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
22:37:58.984 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8bc5c128]
22:37:58.984 3 CLASSPNP.SYS[ba168fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8bc70030]
22:37:59.593 AVAST engine scan C:\WINDOWS
22:38:17.406 AVAST engine scan C:\WINDOWS\system32
22:41:14.343 AVAST engine scan C:\WINDOWS\system32\drivers
22:41:26.968 File: C:\WINDOWS\system32\drivers\UDNT.SYS **INFECTED** Win32:Zeroot-B [Rtk]
22:41:34.046 AVAST engine scan C:\Documents and Settings\Ben
23:40:42.406 AVAST engine scan C:\Documents and Settings\All Users
23:49:31.296 Scan finished successfully
00:36:36.281 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Ben\Desktop\MBR.dat"
00:36:36.328 The log file has been saved successfully to "C:\Documents and Settings\Ben\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-10 14:15:53
-----------------------------
14:15:53.343 OS Version: Windows 5.1.2600 Service Pack 3
14:15:53.343 Number of processors: 2 586 0x403
14:15:53.343 ComputerName: TEAMWHEELS UserName: Ben
14:15:54.671 Initialize success
14:15:55.781 AVAST engine defs: 12051000
14:15:57.312 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
14:15:57.312 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
14:15:57.312 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
14:15:57.312 Disk 1 Vendor: WDC_WD32 15.0 Size: 305245MB BusType: 3
14:15:57.343 Disk 0 MBR read successfully
14:15:57.343 Disk 0 MBR scan
14:15:57.390 Disk 0 unknown MBR code
14:15:57.390 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 62 MB offset 63
14:15:57.406 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 148946 MB offset 128520
14:15:57.437 Disk 0 Partition 3 00 DB CP/M / CTOS MSWIN4.1 3616 MB offset 305170740
14:15:57.437 Disk 0 scanning sectors +312576705
14:15:57.500 Disk 0 scanning C:\WINDOWS\system32\drivers
14:16:12.828 File: C:\WINDOWS\system32\drivers\UDNT.SYS **INFECTED** Win32:Zeroot-B [Rtk]
14:16:14.593 Disk 0 trace - called modules:
14:16:14.609 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
14:16:14.609 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8bc7e030]
14:16:14.609 3 CLASSPNP.SYS[ba168fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8b7a7030]
14:16:15.203 AVAST engine scan C:\WINDOWS
14:16:40.781 AVAST engine scan C:\WINDOWS\system32
14:19:35.062 AVAST engine scan C:\WINDOWS\system32\drivers
14:19:49.812 File: C:\WINDOWS\system32\drivers\UDNT.SYS **INFECTED** Win32:Zeroot-B [Rtk]
14:19:56.625 AVAST engine scan C:\Documents and Settings\Ben
15:45:36.375 AVAST engine scan C:\Documents and Settings\All Users
16:18:16.484 Scan finished successfully
16:50:20.078 Fixing ... C:\WINDOWS\system32\drivers\UDNT.SYS
16:50:21.375 Fix error: 2
16:50:44.109 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Ben\Desktop\MBR.dat"
16:50:44.187 The log file has been saved successfully to "C:\Documents and Settings\Ben\Desktop\aswMBR.txt"


Unfortunatetly, the computer crashed when I restarted and I was unable to find the OTL log. However, it did appear to say that at least the UDNT program was removed successfully.
  • 0

#9
CompCav
Posted 10 May 2012 - 03:32 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Rerun the existing OTL
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.txt
  • Post OTL.txt

  • 0

#10
bwhsify
Posted 11 May 2012 - 04:47 AM

bwhsify

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Here is the latest OTL logfile:

OTL logfile created on: 5/10/2012 8:10:28 PM - Run 4
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\Ben\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.78 Gb Available Physical Memory | 39.27% Memory free
3.35 Gb Paging File | 2.14 Gb Available in Paging File | 63.99% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.46 Gb Total Space | 12.28 Gb Free Space | 8.44% Space Free | Partition Type: NTFS
Drive D: | 7.56 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive X: | 928.30 Gb Total Space | 259.43 Gb Free Space | 27.95% Space Free | Partition Type: NTFS
Drive Z: | 928.30 Gb Total Space | 259.43 Gb Free Space | 27.95% Space Free | Partition Type: NTFS

Computer Name: TEAMWHEELS | User Name: Ben | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Ben\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe (COMODO)
PRC - C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
PRC - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel)
PRC - C:\Program Files\WD\WD Anywhere Backup\MemeoBackup.exe (Memeo Inc.)
PRC - C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe (Memeo)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe (Copernic Inc.)
PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe (Linksys, a Division of Cisco Systems, Inc.)
PRC - C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe (American Power Conversion Corporation)
PRC - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)
PRC - C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Eraser\eraser.exe (-)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\12051000\algo.dll ()
MOD - C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\db1d2470de43ffcb6f562277208d56e5\System.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\56e433394df8d44e43690a855e403555\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3ec4a3f74cb80c9b9581d778e8645b2c\Microsoft.VisualBasic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d96906db18e87ffe2e08f6cda7e2be0f\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\8d886cdc2ca5f0ff97cd1afe8773bb6e\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\Socket\Adaptor.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\GuiListener\export.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\Socket\Export.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\RemoteDesktop\Export.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\RemoteDesktop\ShHook.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\CRF\export.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\EventMonitor\export.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\Components\Core\EventMonitor\EventMonitor.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\CLPS_RES.dll ()
MOD - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLANG.dll ()
MOD - C:\WINDOWS\SYSTEM32\quartz.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll ()
MOD - C:\Program Files\LeapFrog\LeapFrog Connect\QtGui4.dll ()
MOD - C:\Program Files\LeapFrog\LeapFrog Connect\QtCore4.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Shared\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Dashboard\2.0.3693.42559__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Runtime\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Dashboard\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Runtime\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Shared\2.0.3693.42556__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Shared\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Dashboard\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Runtime\2.0.3693.42553__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Runtime\2.0.3693.42556__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3693.42559__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.3693.42553__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Program Files\Yahoo!\Messenger\yui.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Program Files\WD\WD Anywhere Backup\sqlite3.dll ()
MOD - c:\Program Files\McAfee\SiteAdvisor\mcfrmwk.dll ()
MOD - c:\Program Files\McAfee\SiteAdvisor\cntscan.dll ()
MOD - c:\Program Files\McAfee\SiteAdvisor\apengine.dll ()
MOD - C:\WINDOWS\SYSTEM32\Primomonnt.dll ()
MOD - C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll ()
MOD - C:\Program Files\Copernic Desktop Search 2\DesktopSearchSystem203000018.dll ()


========== Win32 Services (SafeList) ==========

SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (CLPSLS) -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO)
SRV - (LeapFrog Connect Device Service) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)
SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (MemeoBackgroundService) -- C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe (Memeo)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (aawservice) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SRV - (MioNet) -- C:\Program Files\MioNet\MioNetManager.exe ()
SRV - (Symantec RemoteAssist) -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (Symantec, Inc.)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (Automatic LiveUpdate Scheduler) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
SRV - (PSI_SVC_2) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (APC UPS Service) -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)
SRV - (IAANTMon) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe (Intel Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (wanatw) WAN Miniport (ATW) -- system32\DRIVERS\wanatw4.sys File not found
DRV - (SMPCLS) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Drvnlhwdww) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\DOCUME~1\Ben\LOCALS~1\Temp\catchme.sys File not found
DRV - (bvrp_pci) -- File not found
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (Leapfrog-USBLAN) -- C:\WINDOWS\SYSTEM32\DRIVERS\btblan.sys (Belcarra Technologies)
DRV - (Inspect) -- C:\WINDOWS\SYSTEM32\DRIVERS\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdhlp.sys (COMODO)
DRV - (cmdGuard) -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdGuard.sys (COMODO)
DRV - (ati2mtag) -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (pavboot) -- C:\WINDOWS\SYSTEM32\DRIVERS\pavboot.sys (Panda Security, S.L.)
DRV - (FlyUsb) -- C:\WINDOWS\SYSTEM32\DRIVERS\FlyUsb.sys (LeapFrog)
DRV - (NDISRD) -- C:\WINDOWS\System32\drivers\ndisrd.sys (NT Kernel Resources)
DRV - (ATIAVAIW) -- C:\WINDOWS\SYSTEM32\DRIVERS\atinavt2.sys (ATI Technologies Inc.)
DRV - (MPE) -- C:\WINDOWS\SYSTEM32\DRIVERS\MPE.sys (Microsoft Corporation)
DRV - (BANTExt) -- C:\WINDOWS\SYSTEM32\DRIVERS\BANTExt.sys ()
DRV - (VPROEVENTMONITOR) -- C:\WINDOWS\SYSTEM32\DRIVERS\vproeventmonitor.sys (Symantec Corporation)
DRV - (SQTECH905C) -- C:\WINDOWS\SYSTEM32\DRIVERS\Capt905c.sys (Service & Quality Technology.)
DRV - (elagopro) -- C:\WINDOWS\SYSTEM32\DRIVERS\elagopro.sys (Gteko Ltd.)
DRV - (elaunidr) -- C:\WINDOWS\SYSTEM32\DRIVERS\elaunidr.sys (Gteko Ltd.)
DRV - (dsunidrv) -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys (Gteko Ltd.)
DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Sonic Solutions)
DRV - (PID_08A0) QuickCam IM(PID_08A0) -- C:\WINDOWS\SYSTEM32\DRIVERS\LV302AV.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\WINDOWS\SYSTEM32\DRIVERS\lv302af.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\SYSTEM32\DRIVERS\LVUSBSta.sys (Logitech Inc.)
DRV - (senfilt) -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys (Creative Technology Ltd.)
DRV - (b57w2k) -- C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys (Broadcom Corporation)
DRV - (HSFHWBS2) -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (omci) -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys (Dell Computer Corporation)
DRV - (AgilentUSBCam) -- C:\WINDOWS\SYSTEM32\DRIVERS\Atusbcam.sys (Agilent Technologies)
DRV - (DMX3191) -- C:\WINDOWS\SYSTEM32\DRIVERS\dmx3191.sys (Microsoft Corporation)
DRV - (AEC671X) -- C:\WINDOWS\SYSTEM32\DRIVERS\aec671x.sys (Acard Technology Corp.)
DRV - (PPSCAN) -- C:\WINDOWS\System32\drivers\PPSCAN.SYS (Shuttle Technology.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\..\SearchScopes\{1A91E3AD-D911-4F76-8B75-9EC2A54F81B8}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.1: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.8.1: C:\Documents and Settings\Ben\Local Settings\Application Data\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/04/28 05:40:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/10 09:24:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/02/05 09:13:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/28 05:26:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/28 18:53:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\components [2012/04/28 23:19:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files\plugins [2012/04/28 18:53:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{86D92CB0-3EB2-4979-AD43-DF0341807D7F}: C:\Program Files\Copernic Desktop Search 2\FirefoxToolbar\ [2008/03/14 01:18:08 | 000,000,000 | ---D | M]

[2011/04/09 10:21:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Extensions
[2011/04/09 10:21:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/03/16 18:03:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Extensions\[email protected]
[2012/05/05 16:48:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions
[2011/12/09 00:56:53 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2010/02/07 14:57:30 | 000,000,000 | ---D | M] (ANTHEM) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{07b2a769-ed19-4483-87ce-c643914c9626}
[2011/03/30 12:19:34 | 000,000,000 | ---D | M] ("Malware Search") -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}
[2011/07/10 10:45:15 | 000,000,000 | ---D | M] (Delicious Bookmarks) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2011/03/08 13:17:59 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009/05/02 16:26:21 | 000,000,000 | ---D | M] ("W3v8 for Firefox") -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{7DA90D46-1B69-4cc5-9ACE-CB64D8D85B00}
[2009/07/06 15:25:36 | 000,000,000 | ---D | M] (Update Notifier) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
[2010/04/10 10:57:29 | 000,000,000 | ---D | M] (Gradient iCool) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2009/11/14 01:01:30 | 000,000,000 | ---D | M] (KidZui) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\[email protected]
[2012/02/24 23:24:15 | 000,000,000 | ---D | M] (Foxdie) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\[email protected]
[2010/08/20 11:42:29 | 000,000,000 | ---D | M] (Foxdie for Firefox) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\[email protected]
[2010/02/28 17:20:07 | 000,000,000 | ---D | M] (Linky) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\[email protected]
[2005/12/19 15:56:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\temp
[2011/05/19 09:23:50 | 000,000,000 | ---D | M] (2conv.com Toolbar) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\[email protected]
[2010/10/02 19:54:50 | 000,000,000 | ---D | M] ("UnPlug") -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\unplug@compunach(2)
[2005/08/22 00:46:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\kc99aec0.default\extensions\x
[2011/12/06 19:57:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/04/14 00:55:51 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/04/28 05:26:26 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/05/11 17:57:56 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2005/12/05 22:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npmozax.dll
[2005/04/27 16:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npracplug.dll
[2005/11/15 15:28:00 | 000,266,240 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2010/01/13 18:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012/02/12 11:45:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/09/22 10:11:18 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/02/12 11:45:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/05/10 17:00:24 | 000,000,098 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Copernic Desktop Search 2) - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand203000018.dll (Copernic Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\..\Toolbar\WebBrowser: (Copernic Desktop Search 2) - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand203000018.dll (Copernic Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe (COMODO)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MioNet] C:\Program Files\MioNet\MioNetLauncher.exe ()
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [Standby] C:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Thunderbird] C:\Program Files\thunderbird.exe (Mozilla Messaging)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WD Anywhere Backup] C:\Program Files\WD\WD Anywhere Backup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006..\Run: [Copernic Desktop Search 2] C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe (Copernic Inc.)
O4 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006..\Run: [EasyLinkAdvisor] C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe (Linksys, a Division of Cisco Systems, Inc.)
O4 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe (-)
O4 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\APC UPS Status.lnk = C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe (American Power Conversion Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\COMODO Firewall Pro.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O4 - Startup: C:\Documents and Settings\Ben\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Ben\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-568151950-2823069611-3313978389-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Ben\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43AC3B09-2B11-45C1-B65F-BF4EFF2DDEAB}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\WINDOWS\SYSTEM32\guard32.dll) - C:\WINDOWS\SYSTEM32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Ben\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ben\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/07/29 22:56:49 | 000,000,037 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/10/15 19:26:27 | 000,000,048 | RH-- | M] () - D:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009/12/12 16:55:56 | 000,000,000 | ---D | M] - Z:\Automatic for the People -- [ NTFS ]
O34 - HKLM BootExecute: (pgdfgsvc C 1)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/10 17:05:02 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/05/10 16:59:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/10 09:19:53 | 002,075,184 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Ben\Desktop\tdsskiller.exe
[2012/05/10 06:32:04 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/05/10 06:28:08 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/05/10 06:28:08 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/05/10 06:28:08 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/05/10 06:28:08 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/05/10 06:27:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/05/10 06:27:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/05/10 06:19:59 | 004,489,176 | R--- | C] (Swearware) -- C:\Documents and Settings\Ben\Desktop\ComboFix.exe
[2012/05/09 22:36:38 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Ben\Desktop\aswMBR.exe
[2012/05/09 19:14:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
[2012/05/09 00:53:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Start Menu\Programs\FriendFinder
[2012/05/09 00:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\FriendFinder
[2012/05/04 15:31:30 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
[2012/05/04 15:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft
[2012/05/04 15:13:33 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
[2012/05/04 07:42:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.b74ef164.temp
[2012/05/04 07:42:02 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft.96db388c.temp
[2012/04/28 23:17:52 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Program Files\D3DCompiler_43.dll
[2012/04/28 23:17:42 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Program Files\d3dx9_43.dll
[2012/04/28 23:17:40 | 000,000,000 | ---D | C] -- C:\Program Files\distribution
[2012/04/28 23:17:36 | 000,596,952 | ---- | C] (Mozilla Foundation) -- C:\Program Files\gkmedias.dll
[2012/04/28 23:17:35 | 000,109,528 | ---- | C] (Mozilla Foundation) -- C:\Program Files\libEGL.dll
[2012/04/28 23:17:34 | 000,465,880 | ---- | C] (Mozilla Foundation) -- C:\Program Files\libGLESv2.dll
[2012/04/28 23:17:32 | 000,016,344 | ---- | C] (Mozilla Foundation) -- C:\Program Files\mozalloc.dll
[2012/04/28 23:17:31 | 000,033,240 | ---- | C] (Mozilla Foundation) -- C:\Program Files\mozglue.dll
[2012/04/28 23:17:29 | 000,531,416 | ---- | C] (sqlite.org) -- C:\Program Files\mozsqlite3.dll
[2012/04/28 23:17:28 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcm80.dll
[2012/04/28 23:17:27 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr80.dll
[2012/04/28 23:17:27 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp80.dll
[2012/04/28 23:17:10 | 000,016,856 | ---- | C] (Mozilla Corporation) -- C:\Program Files\plugin-container.exe
[2012/04/28 23:17:09 | 000,000,000 | ---D | C] -- C:\Program Files\searchplugins
[2012/04/28 23:17:00 | 016,792,536 | ---- | C] (Mozilla Foundation) -- C:\Program Files\xul.dll
[2012/04/28 05:28:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012/04/28 05:27:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/04/14 00:54:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/04/14 00:54:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011/04/09 10:19:46 | 000,018,904 | ---- | C] (Mozilla Foundation) -- C:\Program Files\WSEnable.exe
[2011/04/09 10:19:43 | 000,125,912 | ---- | C] (Mozilla Foundation) -- C:\Program Files\crashreporter.exe
[2010/06/29 15:32:10 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Ben\Application Data\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2012/05/10 19:46:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/10 17:35:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2012/05/10 17:35:02 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-568151950-2823069611-3313978389-1006.job
[2012/05/10 17:35:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-568151950-2823069611-3313978389-1007.job
[2012/05/10 17:31:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2012/05/10 17:31:00 | 2145,554,432 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/10 17:26:46 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2012/05/10 17:00:24 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\Hosts
[2012/05/10 16:50:44 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\MBR.dat
[2012/05/10 14:14:05 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-568151950-2823069611-3313978389-1006.job
[2012/05/10 09:19:54 | 002,075,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Ben\Desktop\tdsskiller.exe
[2012/05/10 06:32:14 | 000,000,327 | RHS- | M] () -- C:\BOOT.INI
[2012/05/10 06:20:14 | 004,489,176 | R--- | M] (Swearware) -- C:\Documents and Settings\Ben\Desktop\ComboFix.exe
[2012/05/10 02:07:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/05/09 22:37:10 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Ben\Desktop\aswMBR.exe
[2012/05/09 19:14:09 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/05/09 06:48:19 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Disk Cleanup.job
[2012/05/09 00:53:44 | 000,002,036 | ---- | M] () -- C:\Documents and Settings\Ben\Application Data\Microsoft\Internet Explorer\Quick Launch\FriendFinder Messenger v4.1.lnk
[2012/05/07 13:19:39 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash
[2012/05/07 13:07:58 | 000,009,449 | ---- | M] () -- C:\Program Files\updates.xml
[2012/05/07 13:07:57 | 000,000,057 | ---- | M] () -- C:\Program Files\active-update.xml
[2012/05/07 13:06:17 | 000,002,061 | ---- | M] () -- C:\Program Files\application.ini
[2012/05/07 13:06:12 | 000,000,478 | ---- | M] () -- C:\Program Files\freebl3.chk
[2012/05/07 13:06:02 | 001,952,728 | ---- | M] () -- C:\Program Files\mozjs.dll
[2012/05/07 13:06:00 | 000,531,416 | ---- | M] (sqlite.org) -- C:\Program Files\mozsqlite3.dll
[2012/05/07 13:05:59 | 000,162,776 | ---- | M] () -- C:\Program Files\nsldap32v60.dll
[2012/05/07 13:05:57 | 000,021,976 | ---- | M] () -- C:\Program Files\nsldappr32v60.dll
[2012/05/07 13:05:55 | 000,017,368 | ---- | M] () -- C:\Program Files\nsldif32v60.dll
[2012/05/07 13:05:43 | 000,000,478 | ---- | M] () -- C:\Program Files\nssdbm3.chk
[2012/05/07 13:05:37 | 008,306,077 | ---- | M] () -- C:\Program Files\omni.ja
[2012/05/07 13:05:35 | 000,000,140 | ---- | M] () -- C:\Program Files\platform.ini
[2012/05/07 13:05:30 | 000,002,136 | ---- | M] () -- C:\Program Files\precomplete
[2012/05/07 13:05:29 | 000,000,478 | ---- | M] () -- C:\Program Files\softokn3.chk
[2012/05/07 12:51:55 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/05/04 15:34:10 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
[2012/05/04 15:12:31 | 032,157,120 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\WOW-4.0.0.12911-enUS-Trial.exe
[2012/05/04 07:42:13 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk.5d7140b5.temp
[2012/05/04 05:28:51 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-568151950-2823069611-3313978389-1007.job
[2012/04/28 23:17:48 | 000,007,669 | ---- | M] () -- C:\Program Files\blocklist.xml
[2012/04/28 23:17:44 | 000,003,803 | ---- | M] () -- C:\Program Files\crashreporter.ini
[2012/04/28 23:17:10 | 000,018,968 | ---- | M] () -- C:\Program Files\removed-files
[2012/04/28 23:17:06 | 000,000,715 | ---- | M] () -- C:\Program Files\updater.ini
[2012/04/28 18:53:07 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/04/28 05:41:18 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/04/14 12:04:40 | 000,000,006 | ---- | M] () -- C:\Program Files\update.locale
[2012/04/11 10:12:10 | 000,443,202 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2012/04/11 10:12:10 | 000,072,276 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2012/04/11 10:01:29 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

========== Files Created - No Company Name ==========

[2012/05/10 06:32:14 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/05/10 06:32:11 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/05/10 06:28:08 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/05/10 06:28:08 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/05/10 06:28:08 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/05/10 06:28:08 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/05/10 06:28:08 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/05/10 00:36:36 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\MBR.dat
[2012/05/09 00:53:44 | 000,002,036 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\Microsoft\Internet Explorer\Quick Launch\FriendFinder Messenger v4.1.lnk
[2012/05/07 13:07:57 | 000,009,449 | ---- | C] () -- C:\Program Files\updates.xml
[2012/05/07 13:07:55 | 000,000,057 | ---- | C] () -- C:\Program Files\active-update.xml
[2012/05/04 15:13:34 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2012/05/04 15:11:38 | 032,157,120 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\WOW-4.0.0.12911-enUS-Trial.exe
[2012/05/04 07:42:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk.5d7140b5.temp
[2012/04/28 23:20:05 | 000,001,448 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012/04/28 23:17:29 | 001,952,728 | ---- | C] () -- C:\Program Files\mozjs.dll
[2012/04/28 23:17:15 | 008,306,077 | ---- | C] () -- C:\Program Files\omni.ja
[2012/04/28 23:17:10 | 000,002,136 | ---- | C] () -- C:\Program Files\precomplete
[2012/04/28 05:24:35 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2011/12/06 22:22:31 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\$_hpcst$.hpc
[2011/09/06 23:12:58 | 000,018,968 | ---- | C] () -- C:\Program Files\removed-files
[2011/05/18 19:32:55 | 000,000,848 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2011/05/08 19:53:13 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/04/09 10:20:04 | 000,000,715 | ---- | C] () -- C:\Program Files\updater.ini
[2011/04/09 10:20:04 | 000,000,006 | ---- | C] () -- C:\Program Files\update.locale
[2011/04/09 10:19:45 | 000,000,140 | ---- | C] () -- C:\Program Files\platform.ini
[2011/04/09 10:19:44 | 000,162,776 | ---- | C] () -- C:\Program Files\nsldap32v60.dll
[2011/04/09 10:19:44 | 000,021,976 | ---- | C] () -- C:\Program Files\nsldappr32v60.dll
[2011/04/09 10:19:44 | 000,017,368 | ---- | C] () -- C:\Program Files\nsldif32v60.dll
[2011/04/09 10:19:44 | 000,000,478 | ---- | C] () -- C:\Program Files\nssdbm3.chk
[2011/04/09 10:19:43 | 000,007,669 | ---- | C] () -- C:\Program Files\blocklist.xml
[2011/04/09 10:19:43 | 000,003,803 | ---- | C] () -- C:\Program Files\crashreporter.ini
[2011/04/09 10:19:43 | 000,002,061 | ---- | C] () -- C:\Program Files\application.ini
[2010/10/06 00:22:19 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/09/22 18:21:04 | 007,313,968 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/16 16:18:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2010/06/29 15:32:11 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\pcouffin.cat
[2010/06/29 15:32:10 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\pcouffin.inf

========== LOP Check ==========

[2010/07/17 17:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adventure Workshop
[2005/06/08 21:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Authentium
[2011/04/02 13:00:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2008/12/01 10:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2006/03/23 15:00:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/01/11 20:22:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2011/12/06 21:22:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CPA_VA
[2009/02/11 02:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2010/01/23 12:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/09/20 22:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2011/05/18 19:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2008/03/11 09:42:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IsolatedStorage
[2009/07/27 15:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leapfrog
[2008/03/12 02:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2009/06/06 18:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2005/04/15 08:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2008/12/01 01:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2005/04/15 20:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS
[2009/09/20 12:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2008/05/08 09:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Shockwave
[2009/12/26 14:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SimCity Societies
[2010/05/21 22:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive
[2008/01/30 21:39:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/18 19:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2008/03/02 21:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Aim
[2009/12/22 21:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\AnvSoft
[2009/05/26 20:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Atari
[2009/06/28 11:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Auslogics
[2011/07/14 11:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Azureus
[2007/08/21 13:14:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Business Logic
[2009/06/11 19:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\CallingID
[2011/05/01 17:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\DivoGames
[2012/05/10 17:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Dropbox
[2011/08/06 19:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Free Labs
[2008/11/11 15:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Hemera
[2009/04/22 20:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\ICAClient
[2009/09/25 07:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\iWin
[2009/05/25 19:53:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\JAM Software
[2010/02/13 17:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\KidZui
[2008/11/03 22:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\KompoZer
[2005/04/16 13:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Leadertech
[2012/02/08 03:38:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\MioNet
[2011/04/20 22:54:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\MusE
[2007/04/25 21:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\MusicIP
[2006/08/26 00:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Musicmatch
[2008/12/01 01:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\NCH Swift Sound
[2010/07/04 09:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Outertech
[2006/08/29 12:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\PlayFirst
[2010/06/26 15:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Red Alert 3 Demo
[2009/12/07 15:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\SecondLife
[2005/12/31 17:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Snapfish
[2010/05/21 22:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Sports Interactive
[2010/01/27 22:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Stellarium
[2010/07/04 09:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\SuperNZB
[2010/05/04 17:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\The Creative Assembly
[2011/04/09 10:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Thunderbird
[2010/04/10 22:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Ubisoft
[2011/05/18 20:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Ulead Systems
[2008/12/18 01:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Uniblue
[2010/03/16 18:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Vivox
[2010/06/30 12:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Vso
[2009/06/06 18:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\WD
[2006/06/29 21:26:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\WeatherBug
[2010/01/29 20:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\wsInspector
[2009/11/29 15:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/04/11 21:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\Aim
[2010/10/06 15:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\Azureus
[2009/06/04 14:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\CallingID
[2012/01/11 20:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\Canon
[2006/01/26 21:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\DeductionPro 2005-06
[2011/12/10 16:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\Dropbox
[2006/01/11 21:37:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\ICAClient
[2005/11/09 21:22:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\Leadertech
[2009/07/17 19:56:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\MioNet
[2005/04/24 20:39:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\Netscape
[2005/12/31 17:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\Snapfish
[2011/04/18 07:36:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\Thunderbird
[2009/06/14 20:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\WD
[2007/08/16 14:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary\Application Data\WeatherBug
[2010/09/12 13:32:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Max\Application Data\Azureus
[2010/09/11 23:40:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Max\Application Data\Thunderbird
[2010/09/11 23:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Max\Application Data\WD
[2010/10/02 19:54:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam\Application Data\Azureus
[2010/09/26 13:05:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam\Application Data\KidZui
[2009/07/12 19:30:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam\Application Data\MioNet
[2007/08/28 18:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam\Application Data\Thunderbird
[2009/07/02 17:34:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam\Application Data\WD
[2012/05/09 06:48:19 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Disk Cleanup.job
[2012/05/10 02:07:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#11
CompCav
Posted 11 May 2012 - 05:17 AM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
How is the computer performing?

Has the speed improved?
  • 0

#12
bwhsify
Posted 11 May 2012 - 12:29 PM

bwhsify

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Yes, the speed has improved. However, it appears the graphics issues have become worse. It does look like the add/remove programs utility is working again though.
  • 0

#13
CompCav
Posted 11 May 2012 - 12:40 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Please describe the graphics issue and what is worse.
  • 0

#14
bwhsify
Posted 11 May 2012 - 05:27 PM

bwhsify

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Well, when I load a game or other application using 3d graphics, it starts out okay. Quickly, however, it begins to show many flashing squares. The squares multiply, flash faster and faster until eventually the computer crashes. I've checked the drivers and they are the latest for the raedon 800x graphics card.....perhaps it's a hardware problem?
  • 0

#15
CompCav
Posted 11 May 2012 - 06:12 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
We will do some hardware checking after this:


Step 1.
Run MalwareByte's
  • If an update is found, have it download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.


Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.


Step 2.

Run ESET Online Scan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on: Posted Image

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow Add-On/Active X to install.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.


Step 3.

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 4.

Please post:


mbam log
eset log
security check log

Please give me an update on how your computer is doing!
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP